Dell iDRAC7 Скачать руководство пользователя страница 125

Страница: 125 / 252

Prerequisites for Using Active Directory Authentication for iDRAC7
Supported Active Directory Authentication Mechanisms

Prerequisites for Using Active Directory Authentication for iDRAC7

To use the Active Directory authentication feature of iDRAC7, make sure that you have:

•

Deployed an Active Directory infrastructure. See the Microsoft website for more information.

•

Integrated PKI into the Active Directory infrastructure. iDRAC7 uses the standard Public Key Infrastructure (PKI)

mechanism to authenticate securely into the Active Directory. See the Microsoft website for more information.

•

Enabled the Secure Socket Layer (SSL) on all domain controllers that iDRAC7 connects to for authenticating to all

the domain controllers.

Содержание iDRAC7

Страница 1: ...Integrated Dell Remote Access Controller 7 iDRAC7 Version 1 50 50 User s Guide ...

Страница 2: ...henom and AMD Sempron are trademarks of Advanced Micro Devices Inc Microsoft Windows Windows Server Internet Explorer MS DOS Windows Vista and Active Directory are either trademarks or registered trademarks of Microsoft Corporation in the United States and or other countries Red Hat and Red Hat Enterprise Linux are registered trademarks of Red Hat Inc in the United States and or other countries No...

Страница 3: ...ogging Into iDRAC7 as a Local User Using Smart Card 30 Logging Into iDRAC7 as an Active Directory User Using Smart Card 31 Logging into iDRAC7 Using Single Sign on 31 Logging into iDRAC7 SSO Using iDRAC7 Web Interface 31 Logging into iDRAC7 SSO Using CMC Web Interface 32 Accessing iDRAC7 Using Remote RACADM 32 Validating CA Certificate To Use Remote RACADM on Linux 32 Accessing iDRAC7 Using Local ...

Страница 4: ...ing Localized Versions of Web Interface 51 Updating Device Firmware 51 Downloading Device Firmware 53 Updating Firmware Using iDRAC7 Web Interface 53 Updating Device Firmware Using RACADM 56 Scheduling Automatic Firmware Updates 56 Updating Firmware Using CMC Web Interface 58 Updating Firmware Using DUP 58 Updating Firmware Using Remote RACADM 58 Updating Firmware Using Lifecycle Controller Remote...

Страница 5: ...C Server Using iDRAC Web Interface 74 Configuring VNC Server Using RACADM 74 Setting Up VNC Viewer With SSL Encryption 74 Setting Up VNC Viewer Without SSL Encryption 75 Configuring Front Panel Display 75 Configuring LCD Setting 75 Configuring System ID LED Setting 76 Configuring Time Zone and NTP 77 Configuring Time Zone and NTP Using iDRAC Web Interface 77 Configuring Time Zone and NTP Using RAC...

Страница 6: ...istorical Temperature Data Using RACADM 97 Inventory and Monitoring Storage Devices 97 Monitoring Storage Device Using Web Interface 97 Monitoring Storage Device Using RACADM 98 Inventory and Monitoring Network Devices 98 Monitoring Network Devices Using Web Interface 98 Monitoring Network Devices Using RACADM 98 Enabling or Disabling I O Identity Optimization 98 Inventory and Monitoring FC HBA De...

Страница 7: ...er Accounts and Privileges 121 Configuring Local Users 121 Configuring Local Users Using iDRAC7 Web Interface 121 Configuring Local Users Using RACADM 122 Configuring Active Directory Users 124 Prerequisites for Using Active Directory Authentication for iDRAC7 125 Supported Active Directory Authentication Mechanisms 126 Standard Schema Active Directory Overview 127 Configuring Standard Schema Acti...

Страница 8: ...lerts Using Web Interface 151 Enabling or Disabling Alerts Using RACADM 152 Enabling or Disabling Alerts Using iDRAC Settings Utility 152 Filtering Alerts 152 Filtering Alerts Using iDRAC7 Web Interface 152 Filtering Alerts Using RACADM 153 Setting Event Alerts 153 Setting Event Alerts Using Web Interface 153 Setting Event Alerts Using RACADM 153 Setting Alert Recurrence Event 154 Setting Alert Re...

Страница 9: ...ap Policy 169 Configuring Power Supply Options 170 Configuring Power Supply Options Using Web Interface 170 Configuring Power Supply Options Using RACADM 170 Configuring Power Supply Options Using iDRAC Settings Utility 171 Enabling or Disabling Power Button 171 12 Configuring and Using Virtual Console 173 Supported Screen Resolutions and Refresh Rates 173 Configuring Web Browsers to Use Virtual C...

Страница 10: ...apping Virtual Drive 189 Unmapping Virtual Drive 191 Setting Boot Order Through BIOS 191 Enabling Boot Once for Virtual Media 191 14 Installing and Using VMCLI Utility 193 Installing VMCLI 193 Running VMCLI Utility 193 VMCLI Syntax 193 VMCLI Commands to Access Virtual Media 194 VMCLI Operating System Shell Options 194 15 Managing vFlash SD Card 197 Configuring vFlash SD Card 197 Viewing vFlash SD ...

Страница 11: ...ions 218 Co existence of OpenManage Server Administrator and iDRAC Service Module 218 Using iDRAC Service Module From iDRAC Web Interface 218 Using iDRAC Service Module From RACADM 219 18 Deploying Operating Systems 221 Deploying Operating System Using VMCLI 221 Deploying Operating System Using Remote File Share 222 Managing Remote File Share 223 Configuring Remote File Share Using Web Interface 2...

Страница 12: ...efault Settings Using iDRAC7 Web Interface 233 Resetting iDRAC7 to Factory Default Settings Using iDRAC Settings Utility 233 20 Frequently Asked Questions 235 System Event Log 235 Network Security 235 Active Directory 236 Single Sign On 238 Smart Card Login 239 Virtual Console 239 Virtual Media 242 vFlash SD Card 244 SNMP Authentication 244 Storage Devices 245 RACADM 245 Miscellaneous 246 21 Use C...

Страница 13: ...S Using Attached Virtual Media and Remote File Share 251 Managing Rack Density 251 Installing New Electronic License 252 Applying I O Identity Configuration Settings for Multiple Network Cards in Single Host System Reboot 252 ...

Страница 14: ...14 ...

Страница 15: ... default for 200 500 series servers iDRAC7 Express available by default on all 600 and higher series of rack or tower servers and all blade servers iDRAC7 Enterprise available on all server models For more information see the iDRAC7 Overview and Feature Guide available at dell com support manuals Benefits of Using iDRAC7 With Lifecycle Controller The benefits include Increased Availability Early n...

Страница 16: ...re information see Chassis Management Controller User s Guide available at dell com support manuals Deployment Manage vFlash SD card partitions Configure front panel display settings Launch Lifecycle Controller which allows you to configure and update BIOS and supported network and storage adapters Manage iDRAC7 network settings Configure and use virtual console and virtual media Deploy operating ...

Страница 17: ...ession time out configuration in seconds Configurable IP ports for HTTP HTTPS SSH Telnet Virtual Console and Virtual Media NOTE Telnet does not support SSL encryption and is disabled by default Secure Shell SSH that uses an encrypted transport layer for higher security Login failure limits per IP address with login blocking from that IP address when the limit is exceeded Limited IP address range f...

Страница 18: ...ity CA Generate Tech Support Report similar to Dell System E support Tool report Display the following information for storage devices Sector size that the physical disks and virtual disks uses to store data Wear out level or remaining life of the Solid State Drive SSD connected to a PERC T10 Protection Information PI capable drives supported by the controllers T10 PI capability for physical disks...

Страница 19: ...s attached to an email that is sent after requesting it from the technical support center Self service portal A link to the Self Service Portal is available from iDRAC7 Click this link to open the licensing Self Service Portal on the internet Currently you can use the License Self Service Portal to retrieve licenses that were purchased with the server You must contact the sales representative or t...

Страница 20: ...fter Replacing Motherboard You can use the Local iDRAC7 Enterprise License Installation Tool if you have recently replaced the motherboard and need to reinstall the iDRAC7 Enterprise license locally with no network connectivity and activate the dedicated NIC This utility installs a 30 day trial iDRAC7 Enterprise license and allows you to reset the iDRAC to change from shared NIC to dedicated NIC F...

Страница 21: ... No Yes Yes Yes Connectivity Shared or Failover Network Modes rack and tower servers only Yes Yes No Yes Dedicated NIC No No Yes 2 Yes 2 6 DNS Yes Yes Yes Yes VLAN Tagging Yes Yes Yes Yes IPv4 Yes Yes Yes Yes IPv6 No Yes Yes Yes Dynamic DNS No Yes Yes Yes Security and Authentication Role based authority Yes Yes Yes Yes Local Users Yes Yes Yes Yes Directory Services Active Directory and Generic LDA...

Страница 22: ...es Yes Backup Server Profile No No No Yes Parts Replacement 8 No Yes Yes Yes Network Time Protocol NTP No Yes Yes Yes Scheduled Updates No No No Yes VNC Server No No No Yes Monitoring and Power Sensor monitoring and alerting Yes Yes Yes Yes Device Monitoring No Yes Yes Yes Storage Monitoring No Yes Yes Yes Individual CPU and memory sensors Yes Yes Yes Yes E mail Alerts No Yes Yes Yes Historical Po...

Страница 23: ...2 during boot and then click iDRAC Settings on the System Setup Main Menu page iDRAC7 Web Interface Use the iDRAC7 Web interface to manage iDRAC7 and monitor the managed system The browser connects to the Web server through the HTTPS port Data streams are encrypted using 128 bit SSL to provide privacy and integrity Any connection to the HTTP port is redirected to HTTPS Administrators can upload th...

Страница 24: ...or higher security The SSH service is enabled by default on iDRAC7 The SSH service can be disabled in iDRAC7 iDRAC7 only supports SSH version 2 with DSA and the RSA host key algorithm A unique 1024 bit DSA and 1024 bit RSA host key is generated when you power up iDRAC7 for the first time IPMITool Use the IPMITool to access the remote system s basic management features through iDRAC7 The interface ...

Страница 25: ...F Web site dmtf org standards profiles iDRAC7 Port Information The following ports are required to remotely access iDRAC7 through firewalls These are the default ports iDRAC7 listens to for connections Optionally you can modify most of the ports To do this see Configuring Services Table 4 Ports iDRAC7 Listens for Connections Port Number Function 22 SSH 23 Telnet 80 HTTP 443 HTTPS 623 RMCP RMCP 161...

Страница 26: ...Software Support Matrix provides information about the various Dell systems the operating systems supported by these systems and the Dell OpenManage components that can be installed on these systems The iDRAC Service Module Installation Guide provides information to install the iDRAC Service Module The Dell OpenManage Server Administrator Installation Guide contains instructions to help you instal...

Страница 27: ... support 2 Select your support category 3 Verify your country or region in the Choose a Country Region drop down menu at the top of page 4 Select the appropriate service or support link based on your need Accessing Documents From Dell Support Site You can access the required documents in one of the following ways From the following links For all Systems Management documents dell com softwaresecuri...

Страница 28: ...rprise System Management Remote Enterprise System Management Serviceability Tools To view the document click the required product version Using search engines as follows Type the name and version of the document in the Search box 28 ...

Страница 29: ...LDAP openDS Novell eDir and Fedora based directory services are supported and characters are not allowed in the user name To log in to iDRAC7 as local user Active Directory user or LDAP user 1 Open a supported Web browser 2 In the Address field type https iDRAC7 IP address and press Enter NOTE If the default HTTPS port number port 443 was changed enter https iDRAC7 IP address port number where iDR...

Страница 30: ...t Card Logging Into iDRAC7 as an Active Directory User Using Smart Card Logging Into iDRAC7 as a Local User Using Smart Card Before you log in as a local user using Smart Card make sure to Upload user smart card certificate and the trusted Certificate Authority CA certificate to iDRAC7 Enable smart card logon The iDRAC7 Web interface displays the smart card logon page for users who are configured ...

Страница 31: ...rt Card NOTE If the default HTTPS port number port 443 is changed type https IP address port number where IP address is the iDRAC7 IP address and port number is the HTTPS port number 2 Insert the Smart Card and click Login The PIN pop up is displayed 3 Enter the PIN and click Submit You are logged in to iDRAC7 with your Active Directory credentials NOTE If the smart card user is present in Active ...

Страница 32: ...g Remote RACADM You can use remote RACADM to access iDRAC7 using RACADM utility For more information see the RACADM Reference Guide for iDRAC7 and CMC available at dell com support manuals If the management station has not stored the iDRAC7 s SSL certificate in its default certificate storage a warning message is displayed when you run the RACADM command However the command is executed successfull...

Страница 33: ...ntication You can log into the iDRAC7 over SSH without entering a password You can also send a single RACADM command as a command line argument to the SSH application The command line options behave similar to remote RACADM since the session ends after the command is completed For example Logging in ssh username domain or ssh username IP_address where IP_address is the IP address of the iDRAC7 Sen...

Страница 34: ...ssage Changing Default Login Password Using Web Interface When you log in to iDRAC7 Web interface if the Default Password Warning page is displayed you can change the password To do this 1 Select the Change Default Password option 2 In the New Password field enter the new password The maximum characters for the password are 20 The characters are masked The following characters are supported 0 9 A ...

Страница 35: ...g message after logging in to iDRAC 1 Go to Overview iDRAC Settings User Authentication Local Users The Users page is displayed 2 In the Default Password Warning section select Enable and then click Apply to enable the display of the Default Password Warning page when you log in to iDRAC7 Else select Disable Alternatively if this feature is enabled and you do not want to display the warning messag...

Страница 36: ...36 ...

Страница 37: ...teway and subnet mask for iDRAC7 You can enable Auto discovery or DHCP when you place an order for the server There is no charge to enable either of these features Only one setting is possible Related Links Setting Up iDRAC7 IP Address Setting Up Managed System Updating Device Firmware Rolling Back Device Firmware Setting Up Management Station Configuring Supported Web Browsers Setting Up iDRAC7 I...

Страница 38: ...nks Setting Up iDRAC IP Using iDRAC Settings Utility Setting Up iDRAC7 IP Using CMC Web Interface Enabling Auto discovery Configuring Servers and Server Components Using Auto Config Setting Up iDRAC IP Using iDRAC Settings Utility To set up the iDRAC7 IP address 1 Turn on the managed system 2 Press F2 during Power on Self test POST 3 In the System Setup Main Menu page click iDRAC Settings The iDRA...

Страница 39: ...not use LOM for iDRAC7 communication 3 From the Failover Network drop down menu select one of the remaining LOMs If a network fails the traffic is routed through the failover network NOTE If you have selected Dedicated in NIC Selection drop down menu the option is grayed out For example to route the iDRAC7 network traffic through LOM2 when LOM1 is down select LOM1 for NIC Selection and LOM2 for Fa...

Страница 40: ...tatic IP Address 1 box enter the static IPv6 address 4 In the Static Prefix Length box enter a value between 0 and 128 5 In the Static Gateway box enter the gateway address 6 If you are using DHCP enable DHCPv6 to obtain DNS Server addresses to obtain Primary and Secondary DNS server addresses from DHCPv6 server Else select Disabled and do the following In the Static Preferred DNS Server box enter...

Страница 41: ...on about auto discovery see the Lifecycle Controller Remote Services User s Guide available at dell com support manuals Auto discovery works with a static IP DHCP DNS server or the default DNS host name discovers the provisioning server If DNS is specified the provisioning server IP is retrieved from DNS and the DHCP settings are not required If the provisioning server is specified discovery is sk...

Страница 42: ...OTE You can enable Auto Config only if DHCPv4 and the Enable IPv4 options are enabled Auto Config and auto discovery features are mutually exclusive You must disable auto discovery for the Auto Config feature to work If all the Dell PowerEdge servers in the DHCP server pool are of the same Model type and number then a single xml file config xml is required This is the default XML file name You can...

Страница 43: ...on myname l 10 35 175 88 xmlfiles f dhcpProv xml u root p calvin where l is the location of the Remote File Share and f is the file name in the string along with the credentials to the Remote File Share In this example root and calvin are the username and password to the RFS The DHCP Option 60 identifies and associates a DHCP client with a particular vendor Any DHCP server configured to take actio...

Страница 44: ...e Advanced tab 12 From the Vendor class drop down menu select iDRAC The 060iDRAC appears in the Available Options column 13 Select 060iDRAC option 14 Enter the string value that must be sent to the iDRAC along with a standard DHCP provided IP address The string value will help in importing the correct XML configuration file For the option s DATA entry String Value setting use a text parameter that...

Страница 45: ...v4 options are enabled and Auto discovery is disabled To enable Auto Config 1 In the iDRAC7 Web interface go to Overview iDRAC Settings Network The Network page is displayed 2 In the Auto Config section select one of the following options to enable Auto Config Enable Once Configures the component only once using the XML file referenced by the DHCP server After this Auto Config is disabled Enable O...

Страница 46: ...t station make sure that the management station is in the same network as iDRAC7 For example Blade servers The management station must be on the same network as CMC For more information on isolating CMC network from the managed system s network see Chassis Management Controller User s Guide available at dell com support manuals Rack and tower servers Set the iDRAC7 NIC to LOM1 and make sure that t...

Страница 47: ...elp 3 Click Apply The system location details is saved in iDRAC7 Setting Up Managed System Location Using RACADM To specify the system location details use the System Location group objects For more information see the RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manuals Setting Up Managed System Location Using iDRAC Settings Utility To specify the system lo...

Страница 48: ...haust Temperature in C Allows the system fan speeds to change such that the exhaust temperature does not exceed 50 C It uses several discrete exhaust temperature sensors with fan speed control and power management to make sure that maximum exhaust temperatures are maintained at 50 C or lower at the rear of a server Fan Speed Offset Default None Specify the fan speed offset when increased thermal m...

Страница 49: ... Do not prompt for client certificate selection when no certificates or only one certificate exists Enable Launching programs and files in an IFRAME Enable Open files based on content not file extension Enable Software channel permissions Low safety Submit non encrypted form data Enable Use Pop up Blocker Disable Under Scripting Active scripting Enable Allow paste operations via script Enable Scri...

Страница 50: ... LAN settings click LAN Settings 10 If the Use a proxy server box is selected select the Bypass proxy server for local addresses box 11 Click OK twice 12 Close and restart your browser to make sure all changes take effect Related Links Viewing Localized Versions of Web Interface Adding iDRAC7 to the List of Trusted Domains Disabling Whitelist Feature in Firefox Adding iDRAC7 to the List of Trusted...

Страница 51: ...et and the Value changes to false 4 In the Preferences Name column locate xpinstall enabled Make sure that Value is true If not double click xpinstall enabled to set Value to true Viewing Localized Versions of Web Interface iDRAC7 Web interface is supported in the following languages English en us French fr German de Spanish es Japanese ja Simplified Chinese zh cn The ISO identifiers in parenthese...

Страница 52: ...work share Connecting to the FTP site or a network repository that contains a catalog of available updates You can create custom repositories using Repository Manager For more information see Repository Manager User s Guide iDRAC7 automatically provides a difference between the BIOS and the firmware that is installed on the server and the repository location or FTP site All applicable updates cont...

Страница 53: ...pdates Updating Firmware Using CMC Web Interface Updating Firmware Using DUP Updating Firmware Using Remote RACADM Updating Firmware Using Lifecycle Controller Remote Services Downloading Device Firmware The image file format that you download depends on the method of update iDRAC7 Web interface Download the binary image packaged as a self extracting archive The default firmware image file is firm...

Страница 54: ...mware file is available for selection The check box for the earlier firmware image files is disabled When you click Install Install and Reboot or Install Next Reboot the message Updating Job Queue is displayed 6 Click Job Queue to display the Job Queue page where you can view and manage the staged firmware updates or click OK to refresh the current page and view the status of the firmware update N...

Страница 55: ...Job Queue to display the Job Queue page where you can view and manage the staged firmware updates or click OK to refresh the current page and view the status of the firmware update Related Links Updating Device Firmware Viewing and Managing Staged Updates Downloading Device Firmware Scheduling Automatic Firmware Updates Updating Firmware Using FTP You can directly connect to the Dell FTP site or a...

Страница 56: ...CMC available at dell com support manuals Examples To generate a comparison report using an update repository racadm update f catalog xml l 192 168 1 1 u test p passwd verifycatalog To perform all applicable updates from an update repository using myfile xml as a catalog file and perform a graceful reboot racadm update f myfile xml b graceful l 192 168 1 1 u test p passwd To perform all applicable...

Страница 57: ...Schedule section specify the start time for the firmware update and the frequency of the updates daily weekly or monthly For information about the fields see the iDRAC7 Online Help 8 Click Schedule Update The next scheduled job is created in the job queue Five minutes after the first instance of the recurring job starts the job for the next time period is created Scheduling Automatic Firmware Upda...

Страница 58: ...and start the Windows Management Instrumentation WMI service if your system is running Windows operating system NOTE While updating the iDRAC7 firmware using the DUP utility in Linux if you see error messages such as usb 5 2 device descriptor read 64 error 71 displayed on the console ignore them If the system has ESX hypervisor installed then for the DUP file to run make sure that the usbarbitrato...

Страница 59: ...f scheduled jobs using iDRAC Web interface go to Overview Server Job Queue The Job Queue page displays the status of jobs in the Lifecycle Controller job queue For information about the displayed fields see the iDRAC7 Online Help To delete job s select the job s and click Delete The page is refreshed and the selected job is removed from the Lifecycle Controller job queue You can delete all the job...

Страница 60: ...rface To roll back device firmware 1 In the iDRAC7 Web interface go to Overview iDRAC Settings Update and Rollback Rollback The Rollback page displays the devices for which you can rollback the firmware You can view the device name associated devices currently installed firmware version and the available firmware rollback version 2 Select one or more devices for which you want to rollback the firm...

Страница 61: ...nventory For the device for which you want to rollback the firmware the Rollback Version must be Available Also make a note of the FQDD 2 Rollback the device firmware using racadm rollback FQDD For more information see RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manuals Rollback Firmware Using Lifecycle Controller For information see Lifecycle Controller Us...

Страница 62: ...onfiguration settings of those components The backup operation also includes the hard disk configuration data motherboard and replaced parts The backup creates a single file that you can save to a vFlash SD card or network share CIFS or NFS You can also enable and schedule periodic backups of the firmware and server configuration based on a certain day week or month Backup feature is licensed and ...

Страница 63: ... Inventory On Reboot CSIOR option is enabled Network Time Protocol NTP is enabled so that time drift does not affect the actual times of scheduled jobs running and when the next scheduled job is created To perform backup on a vFlash SD card A Dell supported vFlash SD card is inserted enabled and initialized vFlash SD card has enough space to store the backup file NOTE IPv6 address is not supported...

Страница 64: ...AC7 and CMC available at dell com support manuals Importing Server Profile You can use the back up image file to import restore the configuration and firmware for the same server or another server with identical configuration without rebooting the server Import feature is not licensed NOTE For the restore operation the system service tag and the service tag in the backup file must be identical The...

Страница 65: ...stem with the data from the backup image file 6 Click Import The import server profile operation is initiated Importing Server Profile Using RACADM To import the server profile using RACADM use systemconfig restore command For more information see the RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manuals Restore Operation Sequence The restore operation sequen...

Страница 66: ...66 ...

Страница 67: ...twork settings using iDRAC Settings utility during iDRAC7 IP address setup then ignore this step 3 Configure interfaces to access iDRAC7 4 Configure front panel display 5 Configure System Location if required 6 Configure time zone and Network Time Protocol NTP if required 7 Establish any of the following alternate communication methods to iDRAC7 IPMI or RAC serial IPMI serial over LAN IPMI over LA...

Страница 68: ...the properties see iDRAC7 Online Help Device type Hardware and firmware version Last firmware update RAC time Number of possible active sessions Number of current sessions LAN is enabled or disabled IPMI version User interface title bar information Network settings IPv4 Settings IPv6 Settings Viewing iDRAC7 Information Using RACADM To view iDRAC7 information using RACADM see getsysinfo or get subc...

Страница 69: ...cts Using getconfig command racadm getconfig g cfgLanNetworking Using get command racadm get iDRAC Nic To use DHCP to obtain an IP address use the following command to write the object cfgNicUseDhcp or DHCPEnable and enable this feature Using config command racadm config g cfgLanNetworking o cfgNicUseDHCP 1 Using set command racadm set iDRAC IPv4 DHCPEnable 1 The following is an example of how the...

Страница 70: ... address is prevented from establishing a session after the allowed number of failures have exceeded As login failures accumulate from a specific IP address they are registered by an internal counter When the user successfully logs in the failure history is cleared and the internal counter is reset NOTE When login attempts are prevented from the client IP address few SSH clients may display the me...

Страница 71: ...The following RACADM commands block all IP addresses except 192 168 0 57 Using config command racadm config g cfgRacTuning o cfgRacTuneIpRangeEnable 1 racadm config g cfgRacTuning o cfgRacTuneIpRangeAddr 192 168 0 57 racadm config g cfgRacTuning o cfgRacTuneIpRangeMask 255 255 255 255 Using set command racadm set iDRAC IPBlocking RangeEnable 1 racadm set iDRAC IPBlocking RangeAddr 192 168 0 57 rac...

Страница 72: ... and CMC available at dell com support manuals Configuring Services You can configure and enable the following services on iDRAC7 Local Configuration Disable access to iDRAC7 configuration from the host system using Local RACADM and iDRAC Settings utility Web Server Enable access to iDRAC7 Web interface If you disable the option use local RACADM to re enable the Web Server since disabling the Web ...

Страница 73: ...abling or Disabling HTTPs Redirection If you do not want automatic redirection from HTTP to HTTPs due to certificate warning issue with default iDRAC certificate or as a temporary setting for debugging purpose you can configure iDRAC such that redirection from http port default is 80 to https port default is 443 is disabled By default it is enabled You have to log out and log in to iDRAC for this ...

Страница 74: ...C client starts RFB handshake directly and a SSL handshake is not required During VNC client handshake RFB or SSL if another VNC session is active or if a Virtual Console session is open the new VNC client session is rejected After completion of the initial handshake VNC server disables Virtual Console and allows only Virtual Media After termination of the VNC session VNC server restores the origi...

Страница 75: ...n the VNC Server field The format is iDRAC IP address VNC port number For example if the iDRAC IP address is 192 168 0 120 and VNC port number is 5901 then enter 192 168 0 120 5901 Configuring Front Panel Display You can configure the front panel LCD and LED display for the managed system For rack and tower servers two types of front panels are available LCD front panel and System ID LED LED front...

Страница 76: ...C Settings Utility To configure the server LCD front panel display 1 In the iDRAC Settings utility go to Front Panel Security The iDRAC Settings Front Panel Security page is displayed 2 Enable or disable the power button 3 Specify the following Access to the front panel LCD message string System power units ambient temperature units and error display 4 Enable or disable the virtual console indicat...

Страница 77: ...ick Apply 3 To configure NTP enable NTP enter the NTP server addresses and then click Apply For information about the fields see iDRAC7 Online Help Configuring Time Zone and NTP Using RACADM To configure time zone and NTP using RACADM use the objects in the iDRAC Time and iDRAC NTPConfigGroup group with the set command For more information see the RACADM Command Line Reference Guide for iDRAC7 and...

Страница 78: ... see the RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manuals Setting First Boot Device Using Virtual Console You can select the device to boot from as the server is being viewed in the Virtual Console viewer before the server runs through its boot up sequence You can perform boot once to all the supported devices listed in Setting First Boot Device To set t...

Страница 79: ...boot or reset of the host operating system or iDRAC You can enable this channel using iDRAC Web interface RACADM or WS MAN post operating system environment iDRAC Settings utility pre operating system environment If the network configuration is changed through iDRAC Web interface you must wait for at least 10 seconds before enabling OS to iDRAC Pass through If you are using the XML configuration f...

Страница 80: ...BASE T 57800S QP rNDC 10G SFP 1G BASE T 57840 4x10G KR 57840 rNDC Intel i540 QP rNDC 10G BASE T 1G BASE T i350 QP rNDC 1G BASE T x520 i350 rNDC 1GB Qlogic QMD8262 Blade NDC In built LOM cards also support the OS to iDRAC pass through feature The following cards do not support the OS to iDRAC Pass through feature Intel 10 GB NDC Intel rNDC with two controllers 10G controllers does not support Qlogi...

Страница 81: ... installing RHEL 5 9 operating system the USB NIC pass through mode is in disabled state If it is enabled after the installation is complete the network interface corresponding to the USB NIC device is not active automatically You can do any of the following to make the USB NIC device active Configure the USB NIC interface using Network Manager tool Navigate to System Administrator Network Devices...

Страница 82: ... the server is connected in shared LOM mode then the OS IP Address field is disabled 4 If you select USB NIC as the pass through configuration enter the IP address of the USB NIC The default value is 169 254 0 1 It is recommended to use the default IP address However if this IP address conflicts with an IP address of other interfaces of the host system or the local network you must change it 5 Cli...

Страница 83: ...et it signed from a Certificate Authority SHA 2 certificates are also supported Smart Card login as a local or Active Directory user User certificate Trusted CA certificate User Certificate Export the smart card user certificate as Base64 encoded file using the card management software provided by the smart card vendor Trusted CA certificate This certificate is issued by a CA SHA 2 certificates ar...

Страница 84: ... the custom signing certificate is used You can download the custom signing certificate without the private key You can also delete an existing custom signing certificate After deleting the custom signing certificate iDRAC resets and auto generates a new self signed SSL certificate If a self signed certificate is regenerated then the trust must be re established between that iDRAC and the manageme...

Страница 85: ...mand or use the objects in the iDRAC Security group with the set command and then use the sslcsrgen command to generate the CSR For more information see the RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manuals Uploading Server Certificate After generating a CSR you can upload the signed SSL server certificate to the iDRAC7 firmware iDRAC7 resets after the ce...

Страница 86: ...ificate to sign the SSL certificate SHA 2 certificates are also supported Uploading Custom Signing Certificate Using Web Interface To upload the custom signing certificate using iDRAC7 Web interface 1 Go to Overview iDRAC Settings Network SSL The SSL page is displayed 2 Under Custom SSL Certificate Signing Certificate select Upload Custom SSL Certificate Signing Certificate and click Next The Uplo...

Страница 87: ...icate is deleted from iDRAC iDRAC resets to use the default self signed SSL certificate auto generated by the Web server iDRAC is not available during reset Deleting Custom SSL Certificate Signing Certificate Using RACADM To delete the custom SSL certificate signing certificate using RACADM use the sslcertdelete subcommand For more information see the RACADM Command Line Reference Guide for iDRAC7...

Страница 88: ...DRAC7 Configuration File The configuration file cfg can be Created Obtained from racadm getconfig f filename cfg command or racadm get f filename cfg Obtained from racadm getconfig f filename cfg command or racadm get f filename cfg and then edited For information about the getconfig and get commands see the RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manua...

Страница 89: ...eters may include characters in its string An escape character is not required You may want to generate a cfg from a racadm getconfig f filename cfg command and then perform a racadm config f filename cfg command to a different iDRAC7 without adding escape characters Example This is a comment cfgUserAdmin cfgUserAdminPageModemInitString Modem init not a comment All group entries must be surrounded...

Страница 90: ... comment the rest of this line is ignored cfgNicGateway 10 35 9 1 The command racadm config f myfile cfg parses the file and identifies any errors by line number A correct file updates the proper entries Additionally you can use the same getconfig command from the previous example to confirm the update Use this file to download company wide changes or to configure new systems over the network NOTE...

Страница 91: ...3 Click Apply NOTE If access is disabled you cannot use Server Administrator or IPMITool to perform iDRAC7 configurations However you can use IPMI Over LAN 91 ...

Страница 92: ...92 ...

Страница 93: ...tion preview the virtual console add and view work notes and quickly launch tasks such as power on or off power cycle view logs update and rollback firmware switch on or switch off the front panel LED and reset iDRAC7 To access the System Summary page go to Overview Server Properties Summary The System Summary page is displayed For more information see the iDRAC7 Online Help You can also view the ...

Страница 94: ...w minutes log in to iDRAC7 and navigate to the System Inventory page to view the details It may take up to five minutes for the information to be available depending on the hardware installed on the server NOTE CSIOR option is enabled by default Click Export to export the hardware inventory in an XML format and save it to a location of your choice Viewing Sensor Information The following sensors h...

Страница 95: ... operation to restore redundancy between two SD cards present in the IDSDM the IDSDM status is not displayed since the IDSDM sensors are powered off System Event Logs SEL for a write protected or corrupt SD card in the IDSDM module are not repeated until they are cleared by replacing the SD card with a writable or good SD card respectively Temperature Provides information about the system board in...

Страница 96: ...nlet temperature history even for systems that are not fresh air compliant Two temperature bands are tracked Warning band Consists of the duration a system has operated above the inlet temperature sensor warning threshold The system can operate in the warning band for 10 of the time for 12 months Critical band Consists of the duration a system has operated above the inlet temperature sensor critic...

Страница 97: ... using iDRAC7 Web interface or RACADM RAID controllers that include battery Enclosures that includes Enclosure Management Modules EMMs power supply fan probe and temperature probe Physical disks Virtual disks However WS MAN displays information for most of the storage devices in the system iDRAC7 inventories and monitors the PERC 8 series of RAID controllers that include H310 H710 H710P and H810 T...

Страница 98: ...nformation of the ports and supported partitions Link Status Properties Settings and Capabilities Receive and Transmit Statistics Related Links Enabling or Disabling I O Identity Optimization Monitoring Network Devices Using Web Interface To view the network device information using Web interface go to Overview Hardware Network Devices The Network Devices page is displayed For more information abo...

Страница 99: ...Identity attributes in the XML configuration file and import the file back to iDRAC For the list of I O Identity Optimization attributes that you can modify in the XML configuration file see the NIC Profile document available at delltechcenter com idrac NOTE Do not modify non I O Identity Optimization attributes Supported Cards for I O Identity Optimization The following table provides the cards t...

Страница 100: ...8 x Intel cards 15 0 x QLogic 82xx CNA 1 13 x 6 0 0 x Enabling or Disabling I O Identity Optimization Using Web Interface To enable or disable I O Identity Optimization 1 In the iDRAC Web interface go to Overview Hardware Network Devices The Network Devices Summary page is displayed 2 In the I O Identity Settings section select the I O Identity Optimization option to enable this feature To disable...

Страница 101: ...and optional mezzanine card port Fabrics to which the cards are connected Type of fabric Server assigned chassis assigned or remotely assigned MAC addresses To view the Flex Address information in iDRAC7 configure and enable the Flex Address feature in Chassis Management Controller CMC For more information see the Dell Chassis Management Controller User Guide available at dell com support manuals ...

Страница 102: ...the iDRAC7 sessions 1 In the iDRAC7 Web interface go to Overview iDRAC Settings Sessions The Sessions page displays the session ID username IP address and session type For more information about these properties see the iDRAC7 Online Help 2 To terminate the session under the Terminate column click the Trashcan icon for a session Terminating iDRAC7 Sessions Using RACADM You must have administrator ...

Страница 103: ...l Over LAN Intelligent Platform Management Bus protocol SSH Telnet IPMI IPMITool is installed and IPMI Serial Over LAN is enabled IPMI over LAN Intelligent Platform Management Bus protocol IPMI IPMITool is installed and IPMI Settings is enabled SMCLP SSH Telnet SMCLP SSH or Telnet on iDRAC7 is enabled Remote RACADM https Remote RACADM Remote RACADM is installed and enabled Firmware RACADM SSH Teln...

Страница 104: ...cable from the management station s serial port to the managed system s external serial connector 3 Make sure that the management station s terminal emulation software is configured for serial connection using any of the following Linux Minicom in an Xterm Hilgraeve s HyperTerminal Private Edition version 6 3 Based on where the managed system is in its boot process you can see either the POST scre...

Страница 105: ...only for iDRAC7 on rack and tower servers IPMI basic mode Supports a binary interface for program access such as the IPMI shell ipmish that is included with the Baseboard Management Utility BMU For example to print the System Event Log using ipmish via IPMI Basic mode run the following command ipmish com 1 baud 57600 flow cts u root p calvin sel get IPMI terminal mode Supports ASCII commands that ...

Страница 106: ...SerialBaudRate baud_rate Using set command racadm set iDRAC IPMISerial BaudRate baud_rate where baud_rate is 9600 19200 57600 or 115200 bps 3 Enable the IPMI serial hardware flow control Using config command racadm config g cfgIpmiSerial o cfgIpmiSerialFlowControl 1 Using set command racadm set iDRAC IPMISerial FlowControl 1 4 Set the IPMI serial channel minimum privilege level Using config comman...

Страница 107: ...Serial Interface communication and Serial Console on rack and tower servers Switching From Serial Console to RAC Serial To switch to RAC Serial Interface communication mode when in Serial Console Mode use the following key sequence Esc Shift 9 The key sequence directs you to the iDRAC Login prompt if the iDRAC is set to RAC Serial mode or to the Serial Connection mode where terminal commands can b...

Страница 108: ...ial Communication 4 Specify the following values Serial Communication On With Console Redirection Serial Port Address COM2 NOTE You can set the serial communication field to On with serial redirection via com1 if serial device2 in the serial port address field is also set to com1 External serial connector Serial device 2 Failsafe Baud Rate 115200 Remote Terminal Type VT100 VT220 Redirection After ...

Страница 109: ...minimum privilege level determines the minimum privilege to activate IPMI SOL For more information see the IPMI 2 0 specification 3 Update the IPMI SOL baud rate Using config command racadm config g cfgIpmiSol o cfgIpmiSolBaudRate baud_rate Using set command racadm set iDRAC IPMISol BaudRate baud_rate where baud_rate is 9600 19200 57600 or 115200 bps NOTE To redirect the serial console over LAN ma...

Страница 110: ...atagrams to port 623 The RMCP provides improved authentication data integrity checks encryption and the ability to carry multiple types of payloads while using IPMI 2 0 For more information see http ipmitool sourceforge net manpage html The RMCP uses an 40 character hexadecimal string characters 0 9 a f and A F encryption key for authentication The default value is a string of 40 zeros An RMCP con...

Страница 111: ... client WAN connection iDRAC7 The IPMI based SOL that uses SSH or Telnet protocol eliminates the need for an additional utility because the serial to network translation happens within iDRAC7 The SSH or Telnet console that you use must be able to interpret and respond to the data arriving from the managed systems s serial port The serial port usually attaches to a shell that emulates an ANSI or VT...

Страница 112: ...ed on the screen as soon as a SOL session is connected When the managed system is off it takes sometime to establish the SOL session NOTE You can use console com1 or console com2 to start SOL Reboot the server to establish the connection The console h com2 command displays the contents of the serial history buffer before waiting for input from the keyboard or new characters from the serial port Th...

Страница 113: ...OL session are based on the utility You can exit the utility only when a SOL session is completely terminated To disconnect a SOL session terminate the SOL session from the iDRAC7 command line console To quit SOL redirection press Enter Esc and then t The SOL session closes To quit a SOL session from Telnet on Linux press and hold Ctrl A Telnet prompt is displayed Enter quit to exit Telnet If a SO...

Страница 114: ...g config command racadm config g cfgIpmiLan o cfgIpmiLanPrivilegeLimit level Using set command racadm set iDRAC IPMILan PrivLimit level where level is one of the following 2 User 3 Operator or 4 Administrator 3 Set the IPMI LAN channel encryption key if required Using config command racadm config g cfgIpmiLan o cfgIpmiEncryptionKey key Using set command racadm set iDRAC IPMILan EncryptionKey key w...

Страница 115: ...nsole During Boot The following steps are specific to the Linux GRand Unified Bootloader GRUB Similar changes are required if a different boot loader is used NOTE When you configure the client VT100 emulation window set the window or application that is displaying the redirected Virtual Console to 25 rows x 80 columns to make sure the correct text displays Else some text screens may be garbled Edi...

Страница 116: ...ple shows a sample file with the new line inittab This file describes how the INIT process should set up the system in a certain run level Author Miquel van Smoorenburg Modified for RHS Linux by Marc Ewing and Donnie Barnes Default runlevel The runlevels used by RHS are 0 halt Do NOT set initdefault to this 1 Single user mode 2 Multiuser without NFS The same as 3 if you do not have networking 3 Fu...

Страница 117: ...the file etc securetty add a new line with the name of the serial tty for COM2 ttyS1 The following example shows a sample file with the new line NOTE Use the Break Key Sequence B to execute the Linux Magic SysRq key commands on serial console using IPMI Tool vc 1 vc 2 vc 3 vc 4 vc 5 vc 6 vc 7 vc 8 vc 9 vc 10 vc 11 tty1 tty2 tty3 tty4 tty5 tty6 tty7 tty8 tty9 tty10 tty11 ttyS1 Supported SSH Cryptog...

Страница 118: ...ng PuTTY Key Generator application for clients running Windows ssh keygen CLI for clients running Linux CAUTION This privilege is normally reserved for users who are members of the Administrator user group on iDRAC7 However users in the Custom user group can be assigned this privilege A user with this privilege can modify any user s configuration This includes creation or deletion of any user SSH ...

Страница 119: ...an SSH interface Before adding the public keys make sure that you view the keys if they are set up so that a key is not accidentally overwritten When adding new public keys make sure that the existing keys are not at the index where the new key is added iDRAC7 does not perform checks to make sure previous key s are deleted before a new key s are added When a new key is added it is usable if the SS...

Страница 120: ...yed with the key details Viewing SSH Keys Using RACADM To view the SSH keys run the following command Specific key racadm sshpkauth i 2 to 16 v k 1 to 4 All keys racadm sshpkauth i 2 to 16 v k all Deleting SSH Keys Before deleting the public keys make sure that you view the keys if they are set up so that a key is not accidentally deleted Deleting SSH Keys Using Web Interface To delete the SSH key...

Страница 121: ...n iDRAC7 user verify if any current users exist You can set user names passwords and roles with the privileges for these users The user names and passwords can be changed using any of the iDRAC7 secured interfaces that is Web interface RACADM or WS MAN You can also enable or disable SNMPv3 authentication for each user NOTE SNMPv3 feature is licensed and is available with iDRAC7 Enterprise license ...

Страница 122: ...t u username OR Type the following command once for each index 1 16 Using config command racadm getconfig g cfgUserAdmin i index Using get command racadm get iDRAC Users index UserName NOTE You can also type racadm getconfig f myfile cfg or racadm get f myfile cfg and view or edit the myfile cfg file which includes all iDRAC7 configuration parameters Several parameters and object IDs are displayed...

Страница 123: ...ble 1 racadm config g cfgUserAdmin i 3 o cfgUserAdminEnable 1 To verify use one of the following commands racadm getconfig u john racadm getconfig g cfgUserAdmin i 3 For more information on the RACADM commands see the RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manuals Enabling iDRAC7 User With Permissions To enable a user with specific administrative permi...

Страница 124: ...eration Privileges Administrator Administrator Login Configure Configure Users Logs System Control Access Virtual Console Access Virtual Media System Operations Debug Operator Power User Login Configure System Control Access Virtual Console Access Virtual Media System Operations Debug Read Only Guest User Login None None None Table 14 iDRAC7 User Privileges Current Generation Prior Generation Desc...

Страница 125: ...or the child domain controller that domain controller must have an SSL enabled certificate signed by the domain s CA If you are using Microsoft Enterprise Root CA to automatically assign all your domain controllers to an SSL certificate you must 1 Install the SSL certificate on each domain controller 2 Export the Domain Controller Root CA Certificate to iDRAC7 3 Import iDRAC7 Firmware SSL Certific...

Страница 126: ...hat CA is already in the domain controller s Trusted Root Certificate Authority list do not perform the steps in this section To import iDRAC7 firmware SSL certificate to all domain controller trusted certificate lists 1 Download iDRAC7 SSL certificate using the following RACADM command racadm sslcertdownload t 0x1 f RAC SSL certificate 2 On the domain controller open an MMC Console window and sel...

Страница 127: ...pecific iDRAC7 The role and the privilege level is defined on each iDRAC7and not in the Active Directory You can configure up to five role groups in each iDRAC7 Table reference no shows the default role group privileges Table 15 Default Role Group Privileges Role Groups Default Privilege Level Permissions Granted Bit Mask Role Group 1 None Login to iDRAC Configure iDRAC Configure Users Clear Logs ...

Страница 128: ...Schema Using iDRAC7 Web Interface NOTE For information about the various fields see the iDRAC7 Online Help 1 In the iDRAC7 Web interface go to Overview iDRAC Settings User Authentication Directory Services Microsoft Active Directory The Active Directory summary page is displayed 2 Click Configure Active Directory The Active Directory Configuration and Management Step 1 of 4 page is displayed 3 Opt...

Страница 129: ...omain controller racadm config g cfgActiveDirectory o cfgADGlobalCatalog1 fully qualified domain name or IP address of the domain controller racadm config g cfgActiveDirectory o cfgADGlobalCatalog2 fully qualified domain name or IP address of the domain controller racadm config g cfgActiveDirectory o cfgADGlobalCatalog3 fully qualified domain name or IP address of the domain controller Using set c...

Страница 130: ...rtupload t 0x2 f ADS root CA certificate NOTE If certificate validation is enabled specify the Domain Controller Server addresses and the Global Catalog FQDN Make sure that DNS is configured correctly under Overview iDRAC Settings Network Using the following RACADM command may be optional racadm sslcertdownload t 0x1 f RAC SSL certificate 2 If DHCP is enabled on iDRAC7 and you want to use the DNS ...

Страница 131: ...inkID range is 12070 to 12079 Overview of iDRAC7 Schema Extensions Dell has extended the schema to include an Association Device and Privilege property The Association property is used to link together the users or groups with a specific set of privileges to one or more iDRAC7 devices This model provides an administrator maximum flexibility over the different combinations of users iDRAC7 privilege...

Страница 132: ...ed as a product member of the Association Object When adding Universal Groups from separate domains create an Association Object with Universal Scope The Default Association objects created by the Dell Schema Extender Utility are Domain Local Groups and does not work with Universal Groups from other domains Users user groups or nested user groups from any domain can be added into the Association O...

Страница 133: ...3 Add iDRAC7 users and their privileges to Active Directory 4 Configure iDRAC7 Active Directory properties using iDRAC7 Web interface or RACADM Related Links Extended Schema Active Directory Overview Installing Dell Extension to the Active Directory Users and Computers Snap In Adding iDRAC7 Users and Privileges to Active Directory Configuring Active Directory With Extended Schema Using iDRAC7 Web ...

Страница 134: ...name of this file 1 In the Welcome screen click Next 2 Read and understand the warning and click Next 3 Select Use Current Log In Credentials or enter a user name and password with schema administrator rights 4 Click Next to run the Dell Schema Extender 5 Click Finish The schema is extended To verify the schema extension use the MMC and the Active Directory Schema Snap in to verify that the classe...

Страница 135: ...s dellProductMembers dellPrivilegeMember Table 19 dellRAC4Privileges Class OID 1 2 840 113556 1 8000 1280 1 1 1 3 Description Defines the privileges Authorization Rights for iDRAC7 Class Type Auxiliary Class SuperClasses None Attributes dellIsLoginUser dellIsCardConfigAdmin dellIsUserConfigAdmin dellIsLogClearAdmin dellIsServerResetUser dellIsConsoleRedirectUser dellIsVirtualMediaUser dellIsTestAl...

Страница 136: ...d Configuration rights on the device 1 2 840 113556 1 8000 1280 1 1 2 4 Boolean LDAPTYPE_BOOLEAN 1 3 6 1 4 1 1466 115 121 1 7 TRUE dellIsUserConfigAdmin TRUE if the user has User Configuration rights on the device 1 2 840 113556 1 8000 1280 1 1 2 5 Boolean LDAPTYPE_BOOLEAN 1 3 6 1 4 1 1466 115 121 1 7 TRUE delIsLogClearAdmin TRUE if the user has Log Clearing rights on the device 1 2 840 113556 1 8...

Страница 137: ...ctory Users and Computers Snap in so the administrator can manage iDRAC7 devices users and user groups iDRAC7 associations and iDRAC7 privileges When you install your systems management software using the Dell Systems Management Tools and Documentation DVD you can extend the Snap in by selecting the Active Directory Users and Computers Snap in option during the installation procedure See the Dell ...

Страница 138: ...s for the user or group Creating Association Object To create association object NOTE iDRAC7 association object is derived from the group and its scope is set to Domain Local 1 In the Console Root MMC window right click a container 2 Select New Dell Remote Management Object Advanced This New Object window is displayed 3 Enter a name for the new object and select Association Object 4 Select the sco...

Страница 139: ...enticating to an iDRAC7 device Only one privilege object can be added to an Association Object Adding iDRAC7 Devices or iDRAC7 Device Groups To add iDRAC7 devices or iDRAC7 device groups 1 Select the Products tab and click Add 2 Enter iDRAC7 devices or iDRAC7 device group name and click OK 3 In the Properties window click Apply and click OK 4 Click the Products tab to add one iDRAC7 device connect...

Страница 140: ...ified domain name or IP Address of the domain controller racadm config g cfgActiveDirectory o cfgADDomainController2 fully qualified domain name or IP Address of the domain controller racadm config g cfgActiveDirectory o cfgADDomainController3 fully qualified domain name or IP Address of the domain controller Using set command racadm set iDRAC ActiveDirectory Enable 1 racadm set iDRAC ActiveDirect...

Страница 141: ...rking o cfgDNSServer2 secondary DNS IP address Using set command racadm set iDRAC IPv4 DNSFromDHCP 0 racadm set iDRAC IPv4 DNSFromDHCP DNS1 primary DNS IP address racadm set iDRAC IPv4 DNSFromDHCP DNS2 secondary DNS IP address 4 If you want to configure a list of user domains so that you only need to enter the user name during log in to iDRAC7 Web interface enter the following command Using config...

Страница 142: ...be configured in iDRAC7 NOTE The Smart Card based Two Factor Authentication TFA and the Single Sign On SSO logins are not supported for generic LDAP Directory Service Related Links Configuring Generic LDAP Directory Service Using iDRAC7 Web Based Interface Configuring Generic LDAP Directory Service Using RACADM Configuring Generic LDAP Directory Service Using iDRAC7 Web Based Interface To configur...

Страница 143: ... verify whether your configuration is correct or to diagnose the problem with a failed LDAP log in Testing LDAP Directory Service Settings Using iDRAC7 Web Interface To test the LDAP directory service settings 1 In iDRAC7 Web Interface go to Overview iDRAC Settings User Authentication Directory Services Generic LDAP Directory Service The Generic LDAP Configuration and Management page displays the ...

Страница 144: ...144 ...

Страница 145: ...synchronize the time To do this see Configuring Time zone and NTP Register iDRAC7 as a computer in the Active Directory root domain Generate a keytab file using the ktpass tool To enable single sign on for Extended schema make sure that the Trust this user for delegation to any service Kerberos only option is selected on the Delegation tab for the keytab user This tab is available only after creat...

Страница 146: ...Windows Server Kerberos KDC service For more information on the ktpass utility see the Microsoft website at technet microsoft com en us library cc779157 WS 10 aspx Before generating a keytab file you must create an Active Directory user account for use with the mapuser option of the ktpass command Also you must have the same name as iDRAC7 DNS name to which you upload the generated keytab file To ...

Страница 147: ...In Internet Explorer navigate to Local Intranet and click Sites 2 Select the following options only Include all local intranet sites not listed on other zones Include all sites that bypass the proxy server 3 Click Advanced 4 Add all relative domain names that will be used for iDRAC7 instances that is part of the SSO configuration for example myhost example com 5 Click Close and click OK twice Conf...

Страница 148: ... Users Using RACADM In addition to the steps performed while configuring Active Directory to enable SSO run any of the following command Using config command racadm config g cfgActiveDirectory o cfgADSSOEnable 1 Using set command racadm set iDRAC ActiveDirectory SSOEnable 1 Configuring iDRAC7 Smart Card Login for Local Users To configure iDRAC7 local user for smart card login 1 Upload the smart ca...

Страница 149: ... Certificate Upload page is displayed 4 Browse and select the trusted CA certificate and click Apply Uploading Trusted CA Certificate For Smart Card Using RACADM To upload trusted CA certificate for smart card login use the usercertupload object For more information see the RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manuals Configuring iDRAC7 Smart Card Lo...

Страница 150: ... the Configure Smart Card Logon drop down menu select Enabled to enable smart card logon or select Enabled With Remote RACADM Else select Disabled For more information about the options see the iDRAC7 Online Help 3 Click Apply to apply the settings You are prompted for a Smart Card login during any subsequent logon attempts using the iDRAC7 Web interface Enabling or Disabling Smart Card Login Usin...

Страница 151: ...ystem log and or WS event settings 4 Enable event alerts and actions such as Send an email alert IPMI alert SNMP traps remote system logs operating system log or WS events to configured destinations Perform a reboot power off or power cycle the managed system Related Links Enabling or Disabling Alerts Filtering Alerts Setting Event Alerts Setting Alert Recurrence Event Configuring Email Alert SNMP...

Страница 152: ...lect Enabled to enable alert generation or event action Else select Disabled For more information about the options see iDRAC Settings Utility Online Help 3 Click Back click Finish and then click Yes The alert settings are configured Filtering Alerts You can filter alerts based on category and severity Related Links Enabling or Disabling Alerts Configuring Email Alert SNMP Trap or IPMI Trap Settin...

Страница 153: ...g the Web interface 1 Make sure that you have configured the e mail alert IPMI alert SNMP trap settings and or remote system log settings 2 Go to Overview Server Alerts The Alerts page is displayed 3 Under Alerts Results select one or all of the following alerts for the required events Email Alert SNMP Trap IPMI Alert Remote System Log OS Log WS Eventing 4 Click Apply The setting is saved 5 Under ...

Страница 154: ... and severity type s For more information see the iDRAC7 Online help 3 Click Apply The alert recurrence settings are saved Setting Alert Recurrence Events Using RACADM To set the alert recurrence event using RACADM use the eventfilters subcommand For more information see the RACADM Command Line Reference Guide for iDRAC7 and CMC Setting Event Actions You can set event actions such as perform a reb...

Страница 155: ...t Destinations Using Web Interface To configure alert destination settings using Web interface 1 Go to Overview Server Alerts SNMP and E mail Settings 2 Select the State option to enable an alert destination IPv4 address IPv6 address or Fully Qualified Domain Name FQDN to receive the traps You can specify up to eight destination addresses For more information about the options see the iDRAC7 Onlin...

Страница 156: ...ed racadm testtrap i index where index is the trap destination index to test For more information see the RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manuals Configuring IP Alert Destinations Using iDRAC Settings Utility You can configure alert destinations IPv4 IPv6 or FQDN using the iDRAC Settings utility To do this 1 In the iDRAC Settings utility go to A...

Страница 157: ...om 1 through 4 For example to enable email with index 4 enter the following command racadm config g cfgEmailAlert o cfgEmailAlertEnable i 4 1 Using set command racadm set iDRAC EmailAlert Enable index 1 where index is the email destination index 0 disables the email alert and 1 enables the alert The email destination index can be a value from 1 through 4 For example to enable email with index 4 en...

Страница 158: ... configured Configuring SMTP Email Server Address Settings Using RACADM To configure the SMTP email server use one of the following Using set command racadm set iDRAC RemoteHosts SMTPServerIPAddress SMTP E mail Server IP Address Using config command racadm config g cfgRemoteHosts o cfgRhostsSmtpServerIpAddr SMTP E mail Server IP Address Configuring WS Eventing The WS Eventing protocol is used for ...

Страница 159: ...tr DH Cert Mgmt DIS Auto Discovery ENC Storage Enclosr FAN Fan Event FSD Debug HWC Hardware Config IPA DRAC IP Change ITR Intrusion JCP Job Control LC Lifecycle Contr LIC Licensing LNK Link Status LOG Log event MEM Memory NDR NIC OS Driver NIC NIC Config OSD OS Deployment OSE OS Event PCI PCI Device PDR Physical Disk PR Part Exchange PST BIOS POST PSU Power Supply PSUA PSU Absent PWR Power Usage R...

Страница 160: ...Security Event SEL Sys Event Log SRD Software RAID SSD PCIe SSD STOR Storage SUP FW Update Job SWC Software Config SWU Software Change SYS System Info TMP Temperature TST Test Alert UEFI UEFI Event USR User Tracking VDR Virtual Disk VF vFlash SD card VFL vFlash Event VFLA vFlash Absent VLT Voltage VME Virtual Media VRM Virtual Console WRK Work Note 160 ...

Страница 161: ... SEL entry is also available in the LC log Viewing System Event Log Using Web Interface To view the SEL in iDRAC7 Web interface go to Overview Server Logs The System Event Log page displays a system health indicator a time stamp and a description for each event logged For more information see the iDRAC7 Online Help Click Save As to save the SEL to a location of your choice NOTE If you are using In...

Страница 162: ...ish and then click Yes Viewing Lifecycle Log Lifecycle Controller logs provide the history of changes related to components installed on a managed system It provides logs about events related to Storage Devices System events Network Devices Configuration Audit Updates Work notes When you log in or log out of iDRAC7 using any of the following interfaces the log in log out or log in failure events a...

Страница 163: ...omments are displayed in the Comment box Viewing Lifecycle Log Using RACADM To view Lifecycle logs use the lclog command For more information see the RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manuals Exporting Lifecycle Controller Logs You can export the entire Lifecycle Controller log active and archived entries in a single zipped XML file to a network s...

Страница 164: ...line Help Configuring Remote System Logging You can send lifecycle logs to a remote system Before doing this make sure that There is network connectivity between iDRAC7 and the remote system The remote system and iDRAC7 is on the same network Configuring Remote System Logging Using Web Interface To configure the remote syslog server settings 1 In the iDRAC7 Web interface go to Overview Server Logs...

Страница 165: ...165 ...

Страница 166: ...166 ...

Страница 167: ... Control Operations Power Capping Configuring Power Supply Options Enabling or Disabling Power Button Monitoring Power iDRAC7 monitors the power consumption in the system continuously and displays the following power values Power consumption warning and critical thresholds Cumulative power peak power and peak amperage values Power consumption over the last hour last day or last week Average minimu...

Страница 168: ...u can view the power threshold limits that covers the range of AC and DC power consumption that a system under heavy workload presents to the datacenter This is a licensed feature Power Capping in Blade Servers Before a blade server powers up iDRAC7 provides CMC with its power requirements It is higher than the actual power that the blade can consume and is calculated based on limited hardware inv...

Страница 169: ...ted power cap You can specify the value in Watts BTU hr or as a percentage of the recommended maximum power limit When setting the power cap threshold in BTU hr the conversion to Watts is rounded to the nearest integer When reading the power cap threshold back the Watts to BTU hr conversion is again rounded in this manner As a result the value written could be nominally different than the value re...

Страница 170: ...e pair of PSUs 1 1 or 2 2 as the primary PSU After Hot Spare is enabled PSUs can become active or go to sleep based on load If Hot Spare is enabled asymmetric electrical current sharing between the two PSUs is enabled One PSU is awake and provides the majority of the current the other PSU is in sleep mode and provides a small amount of the current This is often called 1 0 with two PSUs and hot spa...

Страница 171: ...Power Configuration page is displayed 2 Under Power Supply Options Enable or disable power supply redundancy Enable or disable hot spare Set the primary power supply unit Enable or disable power factor correction For more information about the options see the iDRAC Settings Utility Online Help 3 Click Back click Finish and then click Yes The power supply options are configured Enabling or Disablin...

Страница 172: ...172 ...

Страница 173: ... requests a Virtual Console session the first user is notified and is given the option to refuse access allow read only access or allow full shared access The second user is notified that another user has control The first user must respond within thirty seconds or else access is granted to the second user based on the default setting When two sessions are concurrently active the first user sees a...

Страница 174: ...icates on the managed system to avoid the pop ups that prompt you to verify the certificates 5 Install the compat libstdc 33 3 2 3 61 related package NOTE On Windows the compat libstdc 33 3 2 3 61 related package may be included in the NET framework package or the operating system package 6 If you are using MAC operating system select the Enable access for assistive devices option in the Universal...

Страница 175: ... the ActiveX control installation procedure accept the ActiveX control when Internet Explorer prompts you with a security warning Related Links Clearing Browser Cache Additional Settings for Windows Vista or Newer Microsoft Operating Systems Additional Settings for Windows Vista or Newer Microsoft Operating Systems The Internet Explorer browsers in Windows Vista or newer operating systems have an ...

Страница 176: ...va Versions To clear older versions of Java viewer in Windows or Linux do the following 1 At the command prompt run javaws viewer or javaws uninstall The Java Cache viewer is displayed 2 Delete the items titled iDRAC7 Virtual Console Client Importing CA Certificates to Management Station When you launch Virtual Console or Virtual Media prompts are displayed to verify the certificates If you have c...

Страница 177: ...tings user directory Configuring Virtual Console Before configuring the Virtual Console make sure that the management station is configured You can configure the virtual console using iDRAC7 Web interface or RACADM command line interface Related Links Configuring Web Browsers to Use Virtual Console Launching Virtual Console Configuring Virtual Console Using Web Interface To configure Virtual Conso...

Страница 178: ...ol panel General Network Settings and select Direct Connection If the Virtual Console is configured to use ActiveX plug in it may not launch the first time This is because of the slow network connection and the temporary credentials that Virtual Console uses to connect timeout is two minutes The ActiveX client plug in download time may exceed this time After the plug in is successfully downloaded ...

Страница 179: ...If Single Sign On is disabled and Local Active Directory LDAP or Smart Card login is enabled the corresponding Login page is displayed If Single Sign On is enabled the Virtual Console Viewer is launched and the Virtual Console page is displayed in the background NOTE Internet Explorer supports Local Active Directory LDAP Smart Card SC and Single Sign On SSO logins Firefox supports Local AD and SSO...

Страница 180: ...eo frames and improve the subsequent video quality do any of the following In the System Summary page under Virtual Console Preview section click Refresh In the Virtual Console Viewer under Performance tab set the slider to Maximum Video Quality Synchronizing Mouse Pointers When you connect to a managed system through the Virtual Console the mouse acceleration speed on the managed system may not s...

Страница 181: ...okes to server option to pass the management station s keystrokes to the managed system The behavior of the Pass all keystrokes to server feature depends on the Plug in type Java or ActiveX based on which Virtual Console session is launched For the Java client the native library must be loaded for Pass all keystrokes to server and Single Cursor mode to function If the native libraries are not load...

Страница 182: ...nd managed system However if Pass All Keys is enabled then the Start menu is opened only on the managed system and not on the management station When Pass All Keys is disabled the behavior depends on the key combinations pressed and the special combinations interpreted by the operating system on the management station Java Based Virtual Console Session Running on Linux Operating System The behavio...

Страница 183: ...ing on Windows Operating System The behavior of the pass all keystrokes to server feature in ActiveX based Virtual Console session running on Windows operating system is similar to the behavior explained for Java based Virtual Console session running on the Windows management station with the following exceptions When Pass All Keys is disabled pressing F1 launches the application Help on both mana...

Страница 184: ...184 ...

Страница 185: ... maximum of one available optical drive or one ISO image file The following figure shows a typical Virtual Media setup Virtual floppy media of iDRAC7 is not accessible from virtual machines Any connected Virtual Media emulates a physical device on the managed system On Windows based managed systems the Virtual Media drives are auto mounted if they are attached and configured with a drive letter On...

Страница 186: ... use Java or ActiveX plug in Related Links Configuring Web Browsers to Use Virtual Console Configuring Virtual Media Using iDRAC7 Web Interface To configure virtual media settings CAUTION Do not reset iDRAC7 when running a Virtual Media session Otherwise undesirable results may occur including data loss 1 In the iDRAC7 Web interface go to Overview Server Attached Media 2 Specify the required setti...

Страница 187: ...efore you access Virtual Media make sure to configure your Web browser s Virtual Media and RFS are mutually exclusive If the RFS connection is active and you attempt to launch the Virtual Media client the following error message is displayed Virtual Media is currently unavailable A Virtual Media or Remote File Share session is in use If the RFS connection is not active and you attempt to launch th...

Страница 188: ...e Hide empty drives in the Computer folder option and click OK To launch Virtual Media when Virtual Console is disabled 1 In the iDRAC7 Web Interface go to Overview Server Virtual Console The Virtual Console page is displayed 2 Click Launch Virtual Console The following message is displayed Virtual Console has been disabled Do you want to continue using Virtual Media redirection 3 Click OK The Vir...

Страница 189: ...e is moved or deleted then the corresponding entry for this folder in the Virtual Media menu does not work Therefore it is recommended not to move or delete the img file while the image is being used However the img file can be removed after the relevant entry is first deselected and then removed using Remove Image to remove the entry Viewing Virtual Device Details To view the virtual device detai...

Страница 190: ...removable disk and floppy disk it is IMG If the image is created in the default path Desktop when you select Map Removable Disk the created image is available for selection in the drop down menu If image is created in a different location when you select Map Removable Disk the created image is not available for selection in the drop down menu Click Browse to specify the image 4 Select Read only to...

Страница 191: ...th bootable media If required follow the on screen instructions to modify the boot order 5 Click OK navigate back to System BIOS Settings page and click Finish 6 Click Yes to save the changes and exit The managed system reboots The managed system attempts to boot from a bootable device based on the boot order If the virtual device is connected and a bootable media is present the system boots to th...

Страница 192: ...d press F2 during boot 4 Change the boot sequence to boot from the remote Virtual Media device 5 Reboot the server The managed system boots once from the Virtual Media Related Links Mapping Virtual Drive Configuring Virtual Media 192 ...

Страница 193: ...lling VMCLI The VMCLI utility is included in the Dell Systems Management Tools and Documentation DVD To install the VMCLI utility 1 Insert the Dell Systems Management Tools and Documentation DVD into the management station s DVD drive 2 Follow the on screen instructions to install DRAC tools 3 After successful install check install Dell SysMgt rac5 folder to make sure vmcli exe exists Similarly ch...

Страница 194: ...g table provides the VMCLI commands required for accessing different virtual media Table 27 VMCLI Commands Virtual Media Command Floppy drive vmcli r RAC IP or hostname u iDRAC7 user name p iDRAC7 user password f device name Bootable floppy or USB key image vmcli r iDRAC7 IP address iDRAC7 user name p iDRAC7 password f floppy img CD drive using f option vmcli r iDRAC7 IP address u iDRAC7 user name...

Страница 195: ...he foreground Use the operating system s command shell features for the utility to run in the background For example under a Linux operating system the ampersand character following the command causes the program to be spawned as a new background process This technique is useful in script programs as it allows the script to proceed after a new process is started for the VMCLI command otherwise the...

Страница 196: ...196 ...

Страница 197: ...s from supported file system types Supports img format for floppy iso format for CD DVD and both iso and img formats for Hard Disk emulation types Create bootable USB device s Boot once to an emulated USB device NOTE It is possible that a vFlash license may expire during a vFlash operation If it happens the on going vFlash operations complete normally Configuring vFlash SD Card Before configuring ...

Страница 198: ... The iDRAC Settings vFlash Media page displays the properties For information about the displayed properties see the iDRAC Settings Utility Online Help Enabling or Disabling vFlash Functionality You must enable the vFlash functionality to perform partition management Enabling or Disbaling vFlash Functionality Using Web Interface To enable or disable the vFlash functionality 1 In the iDRAC7 Web int...

Страница 199: ...vFlash SD Card The initialize operation reformats the SD card and configures the initial vFlash system information on the card Initializing vFlash SD Card Using Web Interface To initialize the vFlash SD card 1 In the iDRAC7 Web interface go to Overview Server vFlash The SD Card Properties page is displayed 2 Enable vFLASH and click Initialize All existing contents are removed and the card is refor...

Страница 200: ...iDRAC7 is reset the status of the last partition operation is lost Managing vFlash Partitions You can perform the following using the iDRAC7 Web interface or RACADM NOTE An administrator can perform all operations on the vFlash partitions Else you must have Access Virtual Media privilege to create delete format attach detach or copy the contents for the partition Creating an Empty Partition Creati...

Страница 201: ...ayed if The card is write protected The label name matches the label of an existing partition A non integer value is entered for the partition size the value exceeds the available space on the card or the partition size is greater than 4 GB An initialize operation is being performed on the card Creating an Empty Partition Using RACADM To create a 20 MB empty partition 1 Open a telnet SSH or Serial...

Страница 202: ...ceeds the available space on the card The image file does not exist or the image file extension is neither img nor iso An initialize operation is already being performed on the card Creating a Partition From an Image File Using RACADM To create a partition from an image file using RACADM 1 Open a telnet SSH or Serial console to the system and log in 2 Enter the command racadm vflashpartition creat...

Страница 203: ... is displayed listing the available partitions and related information for each partition For information on the partitions see the iDRAC7 Online Help Viewing Available Partitions Using RACADM To view the available partitions and their properties using RACADM 1 Open a Telnet SSH or Serial console to the system and log in 2 Enter the following commands To list all existing partitions and its proper...

Страница 204: ...g set command to change the read write state of the partition To change a read only partition to read write racadm set iDRAC vflashpartition index AccessType 1 To change a read write partition to read only racadm set iDRAC vflashpartition index AccessType 0 Using set command to specify the Emulation type racadm set iDRAC vflashpartition index EmulationType HDD Floppy or CD DVD Attaching or Detachi...

Страница 205: ... AttachState 1 To detach a partition racadm set iDRAC vflashpartition index AttachState 0 Operating System Behavior for Attached Partitions For Windows and Linux operating systems The operating system controls and assigns the drive letters to the attached partitions Read only partitions are read only drives in the operating system The operating system must support the file system of an attached pa...

Страница 206: ...e img or iso format to the Managed system where iDRAC7 is operated from Network location mapped to a management station Before downloading the partition contents make sure that You have Access Virtual Media privileges The vFlash functionality is enabled An initialize operation is not being performed on the card For a read write partition it must not be attached To download the contents of the vFla...

Страница 207: ...First Boot Device NOTE If the attached vFlash partition s are not listed in the First Boot Device drop down menu make sure that the BIOS is updated to the latest version Booting to a Partition Using RACADM To set a vFlash partition as the first boot device use cfgServerInfo For more information see the RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manuals NOT...

Страница 208: ...208 ...

Страница 209: ...ications describes the standard verbs and targets for various management task executions The SMCLP is hosted from the iDRAC7 controller firmware and supports Telnet SSH and serial based interfaces The iDRAC7 SMCLP interface is based on the SMCLP Specification Version 1 0 provided by the DMTF organization NOTE Information about the profiles extensions and MOFs are available at delltechcenter com an...

Страница 210: ...ble 28 SMCLP Verbs Verb Definition cd Navigates through the MAP using the shell set Sets a property to a specific value help Displays help for a specific target reset Resets the target show Displays the target properties verbs and subtargets start Turns on a target stop Shuts down a target exit Exits from the SMCLP shell session version Displays the version attributes of a target load Moves a bina...

Страница 211: ...sp1 capabilities1 acctmgtcap Account management service capabilities admin1 system1 sp1 capabilities1 rolemgtcap Local Role Based Management capabilities admin1 system1 sp1 capabilities PwrutilmgtCap1 Power utilization management capabilities admin1 system1 sp1 capabilities1 elecap1 Authentication capabilities admin1 system1 sp1 settings1 Service Processor settings collection admin1 system1 sp1 se...

Страница 212: ...lege1 CLP role privilege Related Links Running SMCLP Commands Usage Examples Navigating the MAP Address Space Objects that can be managed with SM CLP are represented by targets arranged in a hierarchical space called the Manageability Access Point MAP address space An address path specifies the path from the root of the address space to an object in the address space The root target is represented...

Страница 213: ... output option specifies one of four formats for the output of SM CLP verbs text clpcsv keyword and clpxml The default format is text and is the most readable output The clpcsv format is a comma separated values format suitable for loading into a spreadsheet program The keyword format outputs information as a list of keyword value pairs one per line The clpxml format is an XML document containing ...

Страница 214: ...he following commands at the SMCLP command prompt To view the SEL show system1 logs1 log1 The following output is displayed system1 logs1 log1 Targets Record1 Record2 Record3 Record4 Record5 Properties InstanceID IPMI BMC1 SEL Log MaxNumberOfRecords 512 CurrentNumberOfRecords 5 Name IPMI SEL EnabledState 2 OperationalState 2 HealthState 2 Caption IPMI SEL Description IPMI SEL ElementName IPMI SEL ...

Страница 215: ...wing output is displayed All records deleted successfully MAP Target Navigation The following examples show how to use the cd verb to navigate the MAP In all examples the initial default target is assumed to be Type the following commands at the SMCLP command prompt To navigate to the system target and reboot cd system1 reset The current default target is To navigate to the SEL target and display ...

Страница 216: ...216 ...

Страница 217: ...ns for the first time by default it enables the OS to iDRAC pass through channel in iDRAC If you disable this feature after installing the iDRAC Service Module then you must enable it manually in iDRAC If the OS to iDRAC pass through channel is enabled through LOM in iDRAC7 then you cannot use the iDRAC Service Module Installing iDRAC Service Module You can download and install the iDRAC Service M...

Страница 218: ...Server Administrator and the iDRAC Service Module can co exist and continue to function correctly and independently If you have enabled the monitoring features during the iDRAC Service Module installation then after the installation is complete if the iDRAC Service Module detects the presence of OpenManage Server Administrator it disables the set of monitoring features that overlap If OpenManage S...

Страница 219: ... is installed on the system Using iDRAC Service Module From RACADM To use the iDRAC Service Module from RACADM use the objects in the ServiceModule group For more information see the RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manuals 219 ...

Страница 220: ...220 ...

Страница 221: ...able image file in an industry standard format such as img or iso NOTE While creating the image file follow standard network based installation procedures and mark the deployment image as read only to make sure that each target system boots and executes the same deployment procedure Virtual Media status is in attach state vmdeploy script is installed on the management station Review this sample vm...

Страница 222: ...nd is terminated iDRAC7 ip file iDRAC7 IP address or the file containing the iDRAC7 IP address iDRAC7 user password or iDRAC7 passwd Password for the iDRAC7 user If iDRAC7 authentication fails an error message is displayed and the command is terminated c device name image file Path to an ISO9660 image of the operating system installation CD or DVD floppy device Path to the device containing the op...

Страница 223: ...ng system RFS and Virtual Media features are mutually exclusive If the Virtual Media client is not active and you attempt to establish an RFS connection the connection is established and the remote image is available to the host operating system If the Virtual Media client is active and you attempt to establish an RFS connection the following error message is displayed Virtual Media is detached or...

Страница 224: ...er credential information due to security reasons For Linux distributions this feature may require a manual mount command when operating at runlevel init 3 The syntax for the command is mount dev OS_specific_device user_defined_mount_point where user_defined_mount_point is any directory you choose to use for the mount similar to any mount command For RHEL the CD device iso virtual device is dev sc...

Страница 225: ... Virtual Media 1 Do one of the following Insert the operating system installation CD or DVD into the management station CD or DVD drive Attach the operating system image 2 Select the drive on the management station with the required image to map it 3 Use one of the following methods to boot to the required device Set the boot order to boot once from Virtual Floppy or Virtual CD DVD ISO using the i...

Страница 226: ...d click Finish 7 Click Yes to save the settings and press Esc to exit System Setup About IDSDM Internal Dual SD Module IDSDM is available only on applicable platforms IDSDM provides redundancy on the hypervisor SD card by using another SD card that mirrors the first SD card s content Either of the two SD cards can be the master For example if two new SD cards are installed in the IDSDM SD1 is acti...

Страница 227: ...cluded with Microsoft Windows or Linux based systems Using iDRAC7 Web interface you can access the network debugging tools To access Diagnostics Console 1 In the iDRAC7 Web interface go to Overview Server Troubleshooting Diagnostics 2 In the Command text box enter a command and click Submit For information about the commands see the iDRAC7 Online Help The results are displayed on the same page Sch...

Страница 228: ...agnostic job can be scheduled or run at one time A diagnostic job can complete successfully complete with error or is unsuccessful The diagnostic events including the results are recorded in Lifecycle Controller log You can retrieve the results of the last diagnostic execution using remote RACADM or WSMAN You can export the diagnostic results of the last completed diagnostics that were scheduled r...

Страница 229: ... is not available as it is stored in RAM and is deleted NOTE You must have Access Virtual Console or administrator privileges to playback the Boot Capture and Crash Capture videos To view the Boot Capture screen click Overview Server Troubleshooting Video Capture The Video Capture screen displays the video recordings For more information see the iDRAC7 Online Help Viewing Logs You can view System ...

Страница 230: ...e RACADM Command Line Reference Guide for iDRAC7 and CMC available at dell com support manuals Related Links Configuring LCD Setting Viewing System Front Panel LED Status To view the current system ID LED status in iDRAC7 Web interface go to Overview Hardware Front Panel The Live Front Panel Feed section displays the current front panel status Solid blue No errors present on the managed system Bli...

Страница 231: ...ns that came with the product Viewing System Health iDRAC7 and CMC for blade servers Web interfaces display the status for the following Batteries Fans Intrusion Power Supplies Removable Flash Media Temperatures Voltages CPU In iDRAC7 Web interface go to Overview Server System Summary Server Health section To view CPU health go to Overview Hardware CPU The system health indicators are Indicates a ...

Страница 232: ... Inventory On Reboot CSIOR are enabled You have Login and Server Control privileges To generate the Tech Support Report 1 In the iDRAC Web interface go to Overview Server Troubleshooting Tech Support Report The Tech Support Report page is displayed 2 Select one of the following Local to export the report to a location on the local system Network to export the report to a network share and specify ...

Страница 233: ...ory Default Settings Using iDRAC7 Web Interface To reset iDRAC7 to factory default settings using the iDRAC7 Web interface 1 Go to Overview Server Troubleshooting Diagnostics The Diagnostics Console page is displayed 2 Click Reset iDRAC to Default Settings The completion status is displayed in percentage iDRAC7 reboots and is restored to factory defaults The iDRAC7 IP is reset and is not accessibl...

Страница 234: ...234 ...

Страница 235: ...ownloadsmake sure that the following options are enabled Automatic prompting for file downloads if this option is available File download CAUTION To make sure that the computer used to access iDRAC7 is safe underMiscellaneous do not enable theLaunching applications and unsafe files option Network Security While accessing the iDRAC7 Web interface a security warning appears stating that the SSL cert...

Страница 236: ...logging in make sure that you use the correct user domain name and not the NetBIOS name If you have a local iDRAC7 user account log into iDRAC7 using the local credentials After logging in make sure that The Enable Active Directory option is selected on the Active Directory Configuration and Management page The DNS setting is correct on the iDRAC7 Networking configuration page The correct Active D...

Страница 237: ...rd schema and the users and role groups are from different domains Global Catalog Address es are required In this case you can use only Universal Group If you are using standard schema and all the users and role groups are in the same domain Global Catalog Address es are not required If you are using extended schema the Global Catalog Address is not used How does standard schema query work iDRAC7 ...

Страница 238: ...in clients have the updated GPO 4 At the command line type gpupdate force and delete the old key tab with klist purge command 5 After the GPO is updated create the new keytab 6 Upload the keytab to iDRAC7 You can now log in to iDRAC7 using SSO Why does SSO login fail with Active Directory users on Windows 7 and Windows Server 2008 R2 You must enable the encryption types for Windows 7 and Windows S...

Страница 239: ... CSPs are present on a particular client insert the smart card in the reader at the Windows logon Ctrl Alt Del screen and check if Windows detects the smart card and displays the PIN dialog box Incorrect Smart Card PIN Check if the smart card is locked due to too many attempts with an incorrect PIN In such cases contact the smart card issuer in the organization to get a new smart card Virtual Cons...

Страница 240: ...ake sure that the Single Cursor option under Tools in the iDRAC7 Virtual Console menu is selected on iDRAC7 Virtual Console client The default is two cursor mode Can a keyboard or mouse be used while installing a Microsoft operating system remotely through the Virtual Console No When you remotely install a supported Microsoft operating system on a system with Virtual Console enabled in the BIOS an...

Страница 241: ... ActiveX Controls Why is the Virtual Console Viewer window blank If you have Virtual Media privilege but not Virtual Console privilege you can start the viewer to access the virtual media feature but the managed server s console is not displayed Why doesn t the mouse synchronize in DOS when using Virtual Console The Dell BIOS is emulating the mouse driver as a PS 2 mouse By design the PS 2 mouse u...

Страница 242: ...may have an autostart feature In this case the firmware can time out and the connection is lost if the client system takes too long to read the CD If a connection is lost reconnect from the GUI and continue the previous operation If the Virtual Media configuration settings are changed in the iDRAC7 Web interface or through local RACADM commands any connected media is disconnected when the configur...

Страница 243: ...the device name that is given to the Virtual Floppy 5 Make sure that you are attached and connected to the virtual floppy drive 6 At the Linux prompt run the following command mount dev sdx mnt floppy where dev sdx is the device name found in step 4 and mnt floppy is the mount point To mount the virtual CD drive locate the device node that Linux assigns to the virtual CD drive To mount the virtual...

Страница 244: ...ilure message is displayed if the same drive is attached through the virtual media Simultaneous access to virtual floppy drives are not allowed Close the application used to view the drive contents before attempting to virtualize the drive What file system types are supported on the Virtual Floppy Drive The virtual floppy drive supports FAT16 or FAT32 file systems Why is an error message displayed...

Страница 245: ... the network mode is switched between Dedicated and Shared modes there is no ping response Clear the ARP table on your system Remote RACADM fails to connect to iDRAC7 from SUSE Linux Enterprise Server SLES 11 SP1 Make sure that the official openssl and libopenssl versions are installed Run the following command to install the RPM packages rpm ivh force filename where filename is the openssl or lib...

Страница 246: ... the check button How to find the CMC IP address related to the blade server From iDRAC7 Web interface Click Overview iDRAC Settings CMC The CMC Summary page displays the CMC IP address From the Virtual Console Select the Dell CMC console in the OSCAR to log in to CMC through a local serial connection CMC RACADM commands can be issued from this connection See the RACADM Command Line Reference Guid...

Страница 247: ...e and password You must restore iDRAC7 to its default settings For more information see Resetting iDRAC7 to Factory Default Settings How to change the name of the slot for the system in a chassis 1 Log in to CMC Web interface and go to Chassis Servers Setup 2 Enter the new name for the slot in the row for your server and click Apply iDRAC7 on blade server is not responding during boot Remove and r...

Страница 248: ...248 ...

Страница 249: ...e host name and then perform the following operations using iDRAC Web interface from your management station Server s LED status Blinking amber or Solid amber Front Panel LCD status or error message Amber LCD or error message Operating system image is seen in the Virtual Console If you can see the image reset the system warm boot and log in again If you are able to log in the issue is fixed Last c...

Страница 250: ... and Exporting Lifecycle Log and System Event Log To view and export lifecycle log and system event log SEL 1 In iDRAC7 Web interface go to Overview Server Logs to view SEL and Overview Server Logs Lifecycle Log to view lifecycle log NOTE The SEL is also recorded in the lifecycle log Using the filtering options to view the SEL 2 Export the SEL or lifecycle log in the XML format to an external loca...

Страница 251: ...ver s Remote Console and Mounting a USB Drive To launch the remote console and mount a USB drive 1 Connect a USB flash drive with the required image to the management station 2 Use one the following methods to launch virtual console through the iDRAC7 Web Interface Go to Overview Server Virtual Console and click Launch Virtual Console Go to Overview Server Properties and click Launch under Virtual...

Страница 252: ...nfiguration Settings for Multiple Network Cards in Single Host System Reboot If you have multiple network cards in a server that is part of a Storage Area Network SAN environment and you want to apply different virtual addresses initiator and target configuration settings to those cards use the I O Identity Optimization feature to reduce the time in configuring the settings To do this 1 Make sure ...

Результаты поиска

Содержание iDRAC7

Отзывы:

Похожие инструкции для iDRAC7

Бренды по названию

Популярные бренды

Dell iDRAC7, Руководство пользователя

Результаты поиска

Содержание iDRAC7

Отзывы:

Похожие инструкции для iDRAC7

Бренды по названию

Популярные бренды