Integrated Dell Remote Access Controller 8
(iDRAC8) and iDRAC7
v2.20.20.20 User's Guide
Notes, cautions, and warnings
NOTE: A NOTE indicates important information that helps you make better use of your computer.
CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you
how to avoid the problem.
WARNING: A WARNING indicates a potential for property damage, personal injury, or death.
Copyright © 2015 Dell Inc. All rights reserved. This product is protected by U.S. and international copyright and
intellectual property laws. Dell™ and the Dell logo are trademarks of Dell Inc. in the United States and/or other
jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.
2015 - 09
Rev. A00
Contents
1 Overview...............................................................................................................16
Benefits of using iDRAC with Lifecycle Controller.............................................................................16
Key features..........................................................................................................................................17
New in this release..............................................................................................................................20
How to use this user's guide...............................................................................................................20
Supported web browsers....................................................................................................................20
Managing licenses ..............................................................................................................................20
Types of licenses...........................................................................................................................20
Methods for acquiring licenses..................................................................................................... 21
License operations.........................................................................................................................21
Licensed features in iDRAC7 and iDRAC8..........................................................................................22
Interfaces and protocols to access iDRAC........................................................................................ 29
iDRAC port information...................................................................................................................... 32
Other documents you may need....................................................................................................... 33
Social media reference....................................................................................................................... 34
Contacting Dell................................................................................................................................... 34
Accessing documents from Dell support site....................................................................................34
2 Logging in to iDRAC...........................................................................................36
Logging in to iDRAC as local user, Active Directory user, or LDAP user.......................................... 36
Logging in to iDRAC using a smart card............................................................................................ 37
Logging in to iDRAC as a local user using a smart card.............................................................. 37
Logging in to iDRAC as an Active Directory user using a smart card......................................... 38
Logging in to iDRAC using Single Sign-On .......................................................................................39
Logging in to iDRAC SSO using iDRAC web interface.................................................................39
Logging in to iDRAC SSO using CMC web interface...................................................................39
Accessing iDRAC using remote RACADM..........................................................................................39
Validating CA certificate to use remote RACADM on Linux........................................................40
Accessing iDRAC using local RACADM..............................................................................................40
Accessing iDRAC using firmware RACADM.......................................................................................40
Accessing iDRAC using SMCLP.......................................................................................................... 40
Logging in to iDRAC using public key authentication.......................................................................40
Multiple iDRAC sessions......................................................................................................................41
Changing default login password.......................................................................................................41
Changing default login password using web interface............................................................... 42
Changing default login password using RACADM.......................................................................42
Changing default login password using iDRAC settings utility................................................... 42
Enabling or disabling default password warning message .............................................................. 42
3
Enabling or disabling default password warning message using web interface........................ 42
Enabling or disabling warning message to change default login password using RACADM.... 43
Invalid password credentials...............................................................................................................43
3 Setting up managed system and management station...............................45
Setting up iDRAC IP address...............................................................................................................45
Setting up iDRAC IP using iDRAC settings utility......................................................................... 46
Setting up iDRAC IP using CMC web interface............................................................................49
Enabling provisioning server.........................................................................................................50
Configuring servers and server components using Auto Config................................................ 51
Using hash passwords for improved security...............................................................................57
Setting up management station......................................................................................................... 58
Accessing iDRAC remotely........................................................................................................... 58
Setting up managed system............................................................................................................... 59
Modifying local administrator account settings...........................................................................59
Setting up managed system location...........................................................................................59
Optimizing system performance and power consumption........................................................60
Configuring supported web browsers............................................................................................... 66
Adding iDRAC to the list of trusted domains............................................................................... 68
Disabling whitelist feature in Firefox............................................................................................ 68
Viewing localized versions of web interface................................................................................69
Updating device firmware.................................................................................................................. 69
Downloading device firmware...................................................................................................... 71
Updating firmware using iDRAC web interface............................................................................72
Updating device firmware using RACADM...................................................................................76
Scheduling automatic firmware updates..................................................................................... 76
Updating firmware using CMC web interface..............................................................................78
Updating firmware using DUP...................................................................................................... 78
Updating firmware using remote RACADM................................................................................. 78
Updating firmware using Lifecycle Controller Remote Services.................................................79
Updating CMC firmware from iDRAC...........................................................................................79
Viewing and managing staged updates.............................................................................................80
Viewing and managing staged updates using iDRAC web interface..........................................80
Viewing and managing staged updates using RACADM............................................................. 80
Rolling back device firmware............................................................................................................. 80
Rollback firmware using iDRAC web interface.............................................................................81
Rollback firmware using CMC web interface...............................................................................82
Rollback firmware using RACADM............................................................................................... 82
Rollback firmware using Lifecycle Controller..............................................................................82
Rollback firmware using Lifecycle Controller-Remote Services.................................................82
Recovering iDRAC.........................................................................................................................82
Using TFTP server..........................................................................................................................83
4
Backing up server profile.................................................................................................................... 83
Backing up server profile using iDRAC web interface.................................................................84
Backing up server profile using RACADM.................................................................................... 84
Scheduling automatic backup server profile............................................................................... 84
Importing server profile...................................................................................................................... 85
Importing server profile using iDRAC web interface................................................................... 86
Importing server profile using RACADM.......................................................................................87
Restore operation sequence.........................................................................................................87
Monitoring iDRAC using other Systems Management tools.............................................................87
4 Configuring iDRAC.............................................................................................88
Viewing iDRAC information................................................................................................................89
Viewing iDRAC information using web interface........................................................................ 89
Viewing iDRAC information using RACADM................................................................................89
Modifying network settings................................................................................................................ 89
Modifying network settings using web interface.........................................................................90
Modifying network settings using local RACADM....................................................................... 90
Configuring IP filtering.................................................................................................................. 91
Configuring services........................................................................................................................... 92
Configuring services using web interface....................................................................................93
Configuring services using RACADM........................................................................................... 93
Enabling or disabling HTTPs redirection......................................................................................94
Using VNC client to manage remote server......................................................................................94
Configuring VNC server using iDRAC web interface...................................................................95
Configuring VNC server using RACADM......................................................................................95
Setting up VNC viewer with SSL encryption................................................................................ 95
Setting up VNC viewer without SSL encryption...........................................................................95
Configuring front panel display..........................................................................................................96
Configuring LCD setting............................................................................................................... 96
Configuring system ID LED setting...............................................................................................97
Configuring time zone and NTP........................................................................................................ 98
Configuring time zone and NTP using iDRAC web interface..................................................... 98
Configuring time zone and NTP using RACADM.........................................................................98
Setting first boot device......................................................................................................................98
Setting first boot device using web interface.............................................................................. 99
Setting first boot device using RACADM......................................................................................99
Setting first boot device using virtual console.............................................................................99
Enabling last crash screen............................................................................................................ 99
Enabling or disabling OS to iDRAC Pass-through...........................................................................100
Supported cards for OS to iDRAC Pass-through ...................................................................... 101
Supported operating systems for USB NIC................................................................................ 101
Enabling or disabling OS to iDRAC Pass-through using web interface....................................104
5
Enabling or disabling OS to iDRAC Pass-through using RACADM........................................... 104
Enabling or disabling OS to iDRAC Pass-through using iDRAC settings utility........................104
Obtaining certificates........................................................................................................................105
SSL server certificates................................................................................................................. 106
Generating a new certificate signing request............................................................................ 107
Uploading server certificate........................................................................................................107
Viewing server certificate............................................................................................................108
Uploading custom signing certificate........................................................................................ 109
Downloading custom SSL certificate signing certificate ..........................................................109
Deleting custom SSL certificate signing certificate....................................................................110
Configuring multiple iDRACs using RACADM..................................................................................110
Creating an iDRAC configuration file.......................................................................................... 111
Parsing rules.................................................................................................................................112
Modifying the iDRAC IP address..................................................................................................113
Disabling access to modify iDRAC configuration settings on host system.................................... 114
5 Viewing iDRAC and managed system information.....................................115
Viewing managed system health and properties............................................................................. 115
Viewing system inventory..................................................................................................................115
Viewing sensor information.............................................................................................................. 116
Monitoring performance index of CPU, memory, and I/O modules.............................................. 118
Monitoring performance index for of CPU, memory, and I/O modules using web
interface.......................................................................................................................................120
Monitoring performance index for of CPU, memory, and I/O modules using RACADM........ 120
Checking the system for fresh air compliance................................................................................120
Viewing historical temperature data................................................................................................ 120
Viewing historical temperature data using iDRAC web interface..............................................121
Viewing historical temperature data using RACADM................................................................. 121
Configuring warning threshold for inlet temperature............................................................... 122
Viewing network interfaces available on host OS............................................................................122
Viewing network interfaces available on host OS using web interface.................................... 122
Viewing network interfaces available on host OS using RACADM............................................123
Viewing FlexAddress mezzanine card fabric connections.............................................................. 123
Viewing or terminating iDRAC sessions........................................................................................... 124
Terminating iDRAC sessions using web interface......................................................................124
Terminating iDRAC sessions using RACADM.............................................................................124
6 Setting up iDRAC communication................................................................ 125
Communicating with iDRAC through serial connection using DB99 cable.................................. 126
Configuring BIOS for serial connection......................................................................................127
Enabling RAC serial connection..................................................................................................127
Enabling IPMI serial connection basic and terminal modes......................................................127
6
Switching between RAC serial and serial console while using DB9 cable..................................... 130
Switching from serial console to RAC serial.............................................................................. 130
Switching from RAC serial to serial console.............................................................................. 130
Communicating with iDRAC using IPMI SOL.................................................................................. 130
Configuring BIOS for serial connection......................................................................................131
Configuring iDRAC to use SOL....................................................................................................131
Enabling supported protocol...................................................................................................... 132
Communicating with iDRAC using IPMI over LAN.......................................................................... 136
Configuring IPMI over LAN using web interface........................................................................136
Configuring IPMI over LAN using iDRAC settings utility............................................................ 137
Configuring IPMI over LAN using RACADM................................................................................137
Enabling or disabling remote RACADM............................................................................................137
Enabling or disabling remote RACADM using web interface.................................................... 137
Enabling or disabling remote RACADM using RACADM............................................................138
Disabling local RACADM...................................................................................................................138
Enabling IPMI on managed system.................................................................................................. 138
Configuring Linux for serial console during boot............................................................................138
Enabling login to the virtual console after boot........................................................................ 139
Supported SSH cryptography schemes............................................................................................141
Using public key authentication for SSH.................................................................................... 141
7 Configuring user accounts and privileges................................................... 145
Configuring local users.....................................................................................................................145
Configuring local users using iDRAC web interface..................................................................145
Configuring local users using RACADM.....................................................................................146
Configuring Active Directory users.................................................................................................. 148
Prerequisites for using Active Directory authentication for iDRAC...........................................149
Supported Active Directory authentication mechanisms.......................................................... 151
Standard schema Active Directory overview..............................................................................151
Configuring Standard schema Active Directory.........................................................................153
Extended schema Active Directory overview.............................................................................156
Configuring Extended schema Active Directory........................................................................158
Testing Active Directory settings................................................................................................168
Configuring generic LDAP users...................................................................................................... 168
Configuring generic LDAP directory service using iDRAC web-based interface.....................169
Configuring generic LDAP directory service using RACADM....................................................170
Testing LDAP directory service settings..................................................................................... 170
8 Configuring iDRAC for Single Sign-On or smart card login..................... 171
Prerequisites for Active Directory Single Sign-On or smart card login........................................... 171
Registering iDRAC as a computer in Active Directory root domain..........................................172
Generating Kerberos keytab file..................................................................................................172
7
Creating Active Directory objects and providing privileges.......................................................173
Configuring the browser to enable Active Directory SSO......................................................... 173
Configuring iDRAC SSO login for Active Directory users................................................................174
Configuring iDRAC SSO login for Active Directory users using web interface.........................174
Configuring iDRAC SSO login for Active Directory users using RACADM................................ 174
Configuring iDRAC smart card login for local users........................................................................174
Uploading smart card user certificate.........................................................................................175
Uploading trusted CA certificate for smart card........................................................................ 175
Configuring iDRAC smart card login for Active Directory users..................................................... 176
Enabling or disabling smart card login............................................................................................. 176
Enabling or disabling smart card login using web interface...................................................... 177
Enabling or disabling smart card login using RACADM..............................................................177
Enabling or disabling smart card login using iDRAC settings utility.......................................... 177
9 Configuring iDRAC to send alerts................................................................. 178
Enabling or disabling alerts............................................................................................................... 178
Enabling or disabling alerts using web interface........................................................................179
Enabling or disabling alerts using RACADM............................................................................... 179
Enabling or disabling alerts using iDRAC settings utility............................................................179
Filtering alerts ................................................................................................................................... 179
Filtering alerts using iDRAC web interface................................................................................. 179
Filtering alerts using RACADM....................................................................................................180
Setting event alerts........................................................................................................................... 180
Setting event alerts using web interface.................................................................................... 180
Setting event alerts using RACADM............................................................................................ 181
Setting alert recurrence event...........................................................................................................181
Setting alert recurrence events using iDRAC web interface......................................................181
Setting alert recurrence events using RACADM.........................................................................181
Setting event actions......................................................................................................................... 181
Setting event actions using web interface..................................................................................181
Setting event actions using RACADM.........................................................................................182
Configuring email alert, SNMP trap, or IPMI trap settings...............................................................182
Configuring IP alert destinations................................................................................................ 182
Configuring email alert settings..................................................................................................184
Configuring WS Eventing..................................................................................................................186
Monitoring chassis events................................................................................................................ 186
Monitoring chassis events using the iDRAC web interface....................................................... 187
Monitoring chassis events using RACADM.................................................................................187
Alerts message IDs............................................................................................................................ 187
10 Managing logs................................................................................................. 191
Viewing System Event Log................................................................................................................ 191
8
Viewing System Event Log using web interface.........................................................................191
Viewing System Event Log using RACADM................................................................................ 191
Viewing System Event Log using iDRAC settings utility.............................................................192
Viewing Lifecycle log ....................................................................................................................... 192
Viewing Lifecycle log using web interface.................................................................................193
Viewing Lifecycle log using RACADM........................................................................................ 193
Exporting Lifecycle Controller logs..................................................................................................193
Exporting Lifecycle Controller logs using web interface...........................................................194
Exporting Lifecycle Controller logs using RACADM..................................................................194
Adding work notes............................................................................................................................194
Configuring remote system logging................................................................................................ 194
Configuring remote system logging using web interface.........................................................194
Configuring remote system logging using RACADM................................................................ 195
11 Monitoring and managing power................................................................196
Monitoring power............................................................................................................................. 196
Monitoring power using web interface...................................................................................... 197
Monitoring power using RACADM..............................................................................................197
Setting warning threshold for power consumption........................................................................ 197
Setting warning threshold for power consumption using web interface................................. 197
Executing power control operations................................................................................................197
Executing power control operations using web interface........................................................ 198
Executing power control operations using RACADM................................................................198
Power capping.................................................................................................................................. 198
Power capping in Blade servers..................................................................................................198
Viewing and configuring power cap policy............................................................................... 198
Configuring power supply options..................................................................................................200
Configuring power supply options using web interface...........................................................200
Configuring power supply options using RACADM...................................................................201
Configuring power supply options using iDRAC settings utility............................................... 201
Enabling or disabling power button.................................................................................................201
12 Inventorying, monitoring, and configuring network devices............... 202
Inventorying and monitoring network devices............................................................................... 202
Monitoring network devices using web interface..................................................................... 202
Monitoring network devices using RACADM.............................................................................202
Inventorying and monitoring FC HBA devices................................................................................ 203
Monitoring FC HBA devices using web interface...................................................................... 203
Monitoring FC HBA devices using RACADM..............................................................................203
Dynamic configuration of virtual addresses, initiator, and storage target settings....................... 203
Supported cards for I/O Identity Optimization......................................................................... 204
Supported BIOS version for I/O Identity Optimization............................................................. 205
9
Supported NIC firmware versions for I/O Identity Optimization..............................................206
Virtual/Flex Address and Persistence Policy behavior when iDRAC is set to Flex Address
mode or Console mode.............................................................................................................206
System behavior for FlexAddress and I/O Identity.................................................................... 208
Enabling or disabling I/O Identity Optimization........................................................................208
Configuring persistence policy settings.................................................................................... 209
13 Managing storage devices............................................................................ 213
Understanding RAID concepts......................................................................................................... 214
What is RAID?...............................................................................................................................215
Organizing data storage for availability and performance........................................................ 216
Choosing RAID levels ................................................................................................................. 216
Comparing RAID level performance.......................................................................................... 223
Supported controllers.......................................................................................................................225
Supported RAID controllers........................................................................................................225
Supported non-RAID controllers............................................................................................... 225
Supported enclosures.......................................................................................................................225
Summary of supported features for storage devices...................................................................... 225
Inventorying and monitoring storage devices.................................................................................228
Monitoring storage devices using web interface.......................................................................228
Monitoring storage devices using RACADM..............................................................................229
Monitoring backplane using iDRAC settings utility....................................................................229
Viewing storage device topology.....................................................................................................229
Managing physical disks................................................................................................................... 229
Assigning or unassigning physical disk as global hot spare...................................................... 230
Converting a physical disk to RAID or non-RAID mode............................................................231
Managing virtual disks.......................................................................................................................232
Creating virtual disks...................................................................................................................232
Editing virtual disk cache policies...............................................................................................234
Deleting virtual disks................................................................................................................... 235
Checking virtual disk consistency.............................................................................................. 235
Initializing virtual disks.................................................................................................................235
Encrypting virtual disks............................................................................................................... 236
Assigning or unassigning dedicated hot spares.........................................................................237
Managing virtual disks using web interface................................................................................237
Managing virtual disks using RACADM.......................................................................................238
Managing controllers........................................................................................................................238
Configuring controller properties.............................................................................................. 239
Importing or auto importing foreign configuration.................................................................. 242
Clearing foreign configuration...................................................................................................244
Resetting controller configuration.............................................................................................244
Switching the controller mode...................................................................................................245
10
12 Gbps SAS HBA adapter operations........................................................................................246
Monitoring predictive failure analysis on drives.........................................................................247
Controller operations in non-RAID (HBA) mode.......................................................................247
Running RAID configuration jobs on multiple storage controllers.......................................... 248
Managing PCIe SSDs........................................................................................................................ 248
Inventorying and monitoring PCIe SSDs................................................................................... 249
Preparing to remove PCIe SSD...................................................................................................250
Erasing PCIe SSD device data..................................................................................................... 251
Managing enclosures or backplanes................................................................................................252
Configuring backplane mode.....................................................................................................253
Viewing universal slots................................................................................................................255
Setting SGPIO mode................................................................................................................... 255
Choosing operation mode to apply settings...................................................................................256
Choosing operation mode using web interface........................................................................256
Choosing operation mode using RACADM............................................................................... 257
Viewing and applying pending operations.......................................................................................257
Viewing, applying, or deleting pending operations using web interface..................................257
Viewing and applying pending operations using RACADM...................................................... 258
Storage devices — apply operation scenarios.................................................................................259
Case 1: selected an apply operation (apply now, at next reboot, or at scheduled time)
and there are no existing pending operations Case 2: selected an apply operation (apply
now, at next reboot, or at scheduled time) and there are existing pending operations
Case 3: selected add to pending operations and there are no existing pending
operationsCase 4: selected add to pending operations and there are prior existing
pending operations.....................................................................................................................259
Blinking or unblinking component LEDs.........................................................................................260
Blinking or unblinking component LEDs using web interface..................................................260
Blinking or unblinking component LEDs using RACADM..........................................................261
14 Configuring and using virtual console.......................................................262
Supported screen resolutions and refresh rates............................................................................. 262
Configuring web browsers to use virtual console...........................................................................263
Configuring the web browser to use Java plug-in....................................................................263
Configuring IE to use ActiveX plug-in........................................................................................264
Importing CA certificates to management station....................................................................266
Configuring virtual console.............................................................................................................. 267
Configuring virtual console using web interface.......................................................................267
Configuring virtual console using RACADM.............................................................................. 267
Previewing virtual console................................................................................................................267
Launching virtual console.................................................................................................................267
Launching virtual console using web interface.........................................................................268
Launching virtual console using a URL......................................................................................269
11
Disabling warning messages while launching virtual console or virtual media using Java
or ActiveX plug-in....................................................................................................................... 269
Using virtual console viewer.............................................................................................................270
Synchronizing mouse pointers...................................................................................................270
Passing all keystrokes through virtual console...........................................................................271
15 Managing virtual media.................................................................................275
Supported drives and devices...........................................................................................................276
Configuring virtual media................................................................................................................. 276
Configuring virtual media using iDRAC web interface.............................................................. 276
Configuring virtual media using RACADM..................................................................................277
Configuring virtual media using iDRAC settings utility.............................................................. 277
Attached media state and system response...............................................................................277
Accessing virtual media.....................................................................................................................277
Launching virtual media using virtual console...........................................................................278
Launching virtual media without using virtual console.............................................................278
Adding virtual media images.......................................................................................................279
Viewing virtual device details......................................................................................................279
Resetting USB..............................................................................................................................280
Mapping virtual drive.................................................................................................................. 280
Unmapping virtual drive..............................................................................................................281
Setting boot order through BIOS..................................................................................................... 281
Enabling boot once for virtual media.............................................................................................. 282
16 Installing and using VMCLI utility............................................................... 283
Installing VMCLI................................................................................................................................ 283
Running VMCLI utility....................................................................................................................... 283
VMCLI syntax.................................................................................................................................... 284
VMCLI commands to access virtual media ...............................................................................284
VMCLI operating system shell options ......................................................................................285
17 Managing vFlash SD card..............................................................................286
Configuring vFlash SD card..............................................................................................................286
Viewing vFlash SD card properties............................................................................................. 287
Enabling or disabling vFlash functionality..................................................................................287
Initializing vFlash SD card........................................................................................................... 288
Getting the last status using RACADM.......................................................................................289
Managing vFlash partitions...............................................................................................................289
Creating an empty partition....................................................................................................... 290
Creating a partition using an image file......................................................................................291
Formatting a partition................................................................................................................. 292
Viewing available partitions........................................................................................................ 292
12
Modifying a partition...................................................................................................................293
Attaching or detaching partitions...............................................................................................294
Deleting existing partitions......................................................................................................... 295
Downloading partition contents................................................................................................ 295
Booting to a partition..................................................................................................................296
18 Using SMCLP................................................................................................... 297
System management capabilities using SMCLP.............................................................................. 297
Running SMCLP commands............................................................................................................ 298
iDRAC SMCLP syntax........................................................................................................................298
Navigating the map address space...................................................................................................301
Using show verb................................................................................................................................301
Using the -display option............................................................................................................301
Using the -level option...............................................................................................................302
Using the -output option........................................................................................................... 302
Usage examples................................................................................................................................302
Server power management........................................................................................................302
SEL management........................................................................................................................303
Map target navigation.................................................................................................................305
19 Using iDRAC Service Module....................................................................... 306
Installing iDRAC Service Module......................................................................................................306
Supported operating systems for iDRAC Service Module.............................................................. 306
iDRAC Service Module monitoring features....................................................................................306
Operating system information................................................................................................... 307
Replicate Lifecycle logs to OS log..............................................................................................307
Automatic system recovery options.......................................................................................... 307
Windows Management Instrumentation providers...................................................................308
Coexistence of OpenManage Server Administrator and iDRAC Service Module.................... 309
Using iDRAC Service Module from iDRAC web interface...............................................................309
Using iDRAC Service Module from RACADM.................................................................................. 310
20 Using USB port for server management.....................................................311
Accessing iDRAC interface over direct USB connection................................................................. 311
Configuring iDRAC using server configuration profile on USB device........................................... 312
Configuring USB management port settings............................................................................. 312
Importing server configuration profile from USB device ..........................................................314
21 Using iDRAC Quick Sync............................................................................... 317
Configuring iDRAC Quick Sync........................................................................................................ 318
Configuring iDRAC Quick Sync settings using web interface...................................................318
Configuring iDRAC Quick Sync settings using RACADM.......................................................... 318
13
Configuring iDRAC Quick Sync settings using iDRAC settings utility....................................... 319
Using mobile device to view iDRAC information.............................................................................319
22 Deploying operating systems...................................................................... 320
Deploying operating system using VMCLI.......................................................................................320
Deploying operating system using remote file share...................................................................... 321
Managing remote file share........................................................................................................322
Configuring remote file share using web interface...................................................................323
Configuring remote file share using RACADM.......................................................................... 324
Deploying operating system using virtual media............................................................................ 324
Installing operating system from multiple disks........................................................................ 325
Deploying embedded operating system on SD card...................................................................... 325
Enabling SD module and redundancy in BIOS.......................................................................... 325
23 Troubleshooting managed system using iDRAC......................................327
Using diagnostic console..................................................................................................................327
Scheduling remote automated diagnostics...............................................................................328
Scheduling remote automated diagnostics using RACADM.....................................................329
Viewing post codes...........................................................................................................................329
Viewing boot and crash capture videos.......................................................................................... 329
Configuring video capture settings............................................................................................329
Viewing logs......................................................................................................................................330
Viewing last system crash screen.................................................................................................... 330
Viewing front panel status................................................................................................................330
Viewing system front panel LCD status..................................................................................... 330
Viewing system front panel LED status...................................................................................... 331
Hardware trouble indicators............................................................................................................. 331
Viewing system health......................................................................................................................332
Generating Technical Support Report............................................................................................. 332
Generating Technical Support Report automatically................................................................333
Generating Technical Support Report manually....................................................................... 334
Checking server status screen for error messages......................................................................... 336
Restarting iDRAC...............................................................................................................................336
Resetting iDRAC using iDRAC web interface.............................................................................336
Resetting iDRAC using RACADM................................................................................................336
Erasing system and user data...........................................................................................................336
Resetting iDRAC to factory default settings.....................................................................................337
Resetting iDRAC to factory default settings using iDRAC web interface..................................337
Resetting iDRAC to factory default settings using iDRAC settings utility..................................337
24 Frequently asked questions......................................................................... 338
System Event Log..............................................................................................................................338
14
Network security...............................................................................................................................339
Active Directory................................................................................................................................ 339
Single Sign-On..................................................................................................................................342
Smart card login................................................................................................................................343
Virtual console.................................................................................................................................. 343
Virtual media..................................................................................................................................... 347
vFlash SD card...................................................................................................................................350
SNMP authentication........................................................................................................................350
Storage devices.................................................................................................................................350
iDRAC Service Module......................................................................................................................350
RACADM............................................................................................................................................353
Miscellaneous....................................................................................................................................354
25 Use case scenarios......................................................................................... 357
Troubleshooting an inaccessible managed system.........................................................................357
Obtaining system information and assess system health............................................................... 358
Setting up alerts and configuring email alerts................................................................................. 358
Viewing and exporting Lifecycle log and System Event Log.......................................................... 358
Interfaces to update iDRAC firmware.............................................................................................. 358
Performing graceful shutdown........................................................................................................ 359
Creating new administrator user account.......................................................................................359
Launching server's remote console and mounting a USB drive.....................................................359
Installing bare metal OS using attached virtual media and remote file share................................359
Managing rack density......................................................................................................................360
Installing new electronic license......................................................................................................360
Applying I/O Identity configuration settings for multiple network cards in single host system
reboot ...............................................................................................................................................360
15
1
Overview
The Integrated Dell Remote Access Controller (iDRAC) is designed to make server administrators more
productive and improve the overall availability of Dell servers. iDRAC alerts administrators to server issues,
helps them perform remote server management, and reduces the need for physical access to the server.
iDRAC with Lifecycle Controller technology is part of a larger data center solution that helps keep
business critical applications and workloads available always. The technology allows administrators to
deploy, monitor, manage, configure, update, troubleshoot and remediate Dell servers from any location,
and without the use of agents. It accomplishes this regardless of operating system or hypervisor presence
or state.
Several products work with the iDRAC and Lifecycle Controller to simplify and streamline IT operations,
such as:
• Dell Management plug-in for VMware vCenter
• Dell Repository Manager
• Dell Management Packs for Microsoft System Center Operations Manager (SCOM) and Microsoft
System Center Configuration Manager (SCCM)
• BMC Bladelogic
• Dell OpenManage Essentials
• Dell OpenManage Power Center
The iDRAC is available in the following variants:
• Basic Management with IPMI (available by default for 200-500 series servers)
• iDRAC Express (available by default on all 600 and higher series of rack or tower servers, and all blade
servers)
• iDRAC Enterprise (available on all server models)
For more information, see the iDRAC Overview and Feature Guide available at dell.com/support/
manuals.
Benefits of using iDRAC with Lifecycle Controller
The benefits include:
• Increased Availability — Early notification of potential or actual failures that help prevent a server
failure or reduce recovery time after failure.
• Improved Productivity and Lower Total Cost of Ownership (TCO) — Extending the reach of
administrators to larger numbers of distant servers can make IT staff more productive while driving
down operational costs such as travel.
16
• Secure Environment — By providing secure access to remote servers, administrators can perform
critical management functions while maintaining server and network security.
• Enhanced Embedded Management through Lifecycle Controller – Lifecycle Controller provides
deployment and simplified serviceability through Lifecycle Controller GUI for local deployment and
Remote Services (WS-Management) interfaces for remote deployment integrated with Dell
OpenManage Essentials and partner consoles.
For more information on Lifecycle Controller GUI, see Lifecycle Controller User’s Guide and for remote
services, see Lifecycle Controller Remote Services User’s Guide available at dell.com/idracmanuals.
Key features
The key features in iDRAC include:
NOTE: Some of the features are available only with iDRAC Enterprise license. For information on the
features available for a license, see Managing licenses.
Inventory and Monitoring
• View managed server health.
• Inventory and monitor network adapters and storage subsystem (PERC and direct attached storage)
without any operating system agents.
• View and export system inventory.
• View sensor information such as temperature, voltage, and intrusion.
• Monitor CPU state, processor automatic throttling, and predictive failure.
• View memory information.
• Monitor and control power usage.
• Support for SNMPv3 gets and alerts.
• For blade servers: launch Chassis Management Controller (CMC) web interface, view CMC
information, and WWN/MAC addresses.
NOTE: CMC provides access to iDRAC through the M1000E Chassis LCD panel and local
console connections. For more information, see Chassis Management Controller User’s Guide
available at dell.com/support/manuals.
• View network interfaces available on host operating systems.
• View inventory and monitor information and configure basic iDRAC settings using iDRAC Quick Sync
feature and a mobile device.
Deployment
• Manage vFlash SD card partitions.
• Configure front panel display settings.
• Manage iDRAC network settings.
• Configure and use virtual console and virtual media.
• Deploy operating systems using remote file share, virtual media, and VMCLI.
• Enable auto-discovery.
• Perform server configuration using the export or import XML profile feature through RACADM and
WS-MAN. For more information, see the Lifecycle Controller Remote Services Quick Start Guide.
• Configure persistence policy for virtual addresses, initiator, and storage targets.
• Remotely configure storage devices attached to the system at run-time.
17
• Perform the following operations for storage devices:
– Physical disks: Assign or unassign physical disk as a global hot spare.
– Virtual disks:
* Create virtual disks.
* Edit virtual disks cache policies.
* Check virtual disk consistency.
* Initialize virtual disks.
* Encrypt virtual disks.
* Assign or unassign dedicated hot spare.
* Delete virtual disks.
– Controllers:
* Configure controller properties.
* Import or auto-import foreign configuration.
* Clear foreign configuration.
* Reset controller configuration.
* Create or change security keys.
– PCIe SSD devices:
* Inventory and remotely monitor the health of PCIe SSD devices in the server.
* Prepare the PCIe SSD to be removed.
* Securely erase the data.
– Set the backplane mode (unified or split mode).
– Blink or unblink component LEDs.
– Apply the device settings immediately, at next system reboot, at a scheduled time, or as a pending
operation to be applied as a batch as part of the single job.
Update
• Manage iDRAC licenses.
• Update BIOS and device firmware for devices supported by Lifecycle Controller.
• Update or rollback iDRAC firmware and Lifecycle Controller firmware using a single firmware image.
• Manage staged updates.
• Back up and restore server profile.
• Access iDRAC interface over direct USB connection.
• Configure iDRAC using Server Configuration Profiles on USB device.
Maintenance and Troubleshooting
• Perform power-related operations and monitor power consumption.
• Optimize system performance and power consumption by modifying the thermal settings.
• No dependency on OpenManage Server Administrator for generation of alerts.
• Log event data: Lifecycle and RAC logs.
• Set email alerts, IPMI alerts, remote system logs, WS eventing logs, and SNMP traps (v1, v2c, and v3)
for events and improved email alert notification.
• Capture last system crash image.
18
• View boot and crash capture videos.
• Out-of-band monitor and alert the performance index of CPU, memory, and I/O modules.
• Configure warning threshold for inlet temperature and power consumption.
• Use iDRAC Service Module to:
– View operating system information.
– Replicate Lifecycle Controller logs to operating system logs.
– Automatic system recovery options.
– Populate Windows Management Instrumentation (WMI) information.
– Integrate with Technical Support Report. This is applicable only if iDRAC Service Module Version
2.0 or later is installed. For more information, see Generating Tech Support Report.
– Prepare to remove NVMe PCIe SSD. For more information, see Preparing to remove PCIe SSD.
• Generate technical support report in the following ways:
– Automatic — Using iDRAC Service Module that automatically invokes the OS Collector tool.
– Manual — Using OS Collector tool.
Secure Connectivity
Securing access to critical network resources is a priority. iDRAC implements a range of security features
that includes:
• Custom signing certificate for Secure Socket Layer (SSL) certificate.
• Signed firmware updates.
• User authentication through Microsoft Active Directory, generic Lightweight Directory Access
Protocol (LDAP) Directory Service, or locally administered user IDs and passwords.
• Two-factor authentication using the Smart–Card logon feature. The two-factor authentication is
based on the physical smart card and the smart card PIN.
• Single Sign-On and Public Key Authentication.
• Role-based authorization, to configure specific privileges for each user.
• SNMPv3 authentication for user accounts stored locally in the iDRAC. It is recommended to use this,
but it is disabled by default.
• User ID and password configuration.
• Default login password modification.
• Set user passwords and BIOS passwords using one-way hash format for improved security.
• SMCLP and web interfaces that support 128 bit and 40-bit encryption (for countries where 128 bit is
not acceptable), using the SSL 3.0 standard.
• Session time-out configuration (in seconds).
• Configurable IP ports (for HTTP, HTTPS, SSH, Telnet, Virtual Console, and Virtual Media).
NOTE: Telnet does not support SSL encryption and is disabled by default.
• Secure Shell (SSH) that uses an encrypted transport layer for higher security.
• Login failure limits per IP address, with login blocking from that IP address when the limit is exceeded.
• Limited IP address range for clients connecting to iDRAC.
• Dedicated Gigabit Ethernet adapter available on rack and tower servers (additional hardware may be
required).
19
New in this release
• Support for monitoring and inventorying Half-Height Half-Length (HHHL) PCIe SSD cards.
• Support for updating firmware on SAS hard drives and solid-state drives (SSD).
• Support for NoReboot option when applying server configuration profile.
• Added support for System.ThermalSettings.ThirdPartyPCIFanResponse attribute to enable
or disable the automatic fan speed feature when a third-party PCI card is inserted in the system.
How to use this user's guide
The contents of this User's Guide enable you to perform the tasks by using:
• iDRAC web interface — Only the task-related information is provided here. For information about the
fields and options, see the iDRAC Online Help that you can access from the web interface.
• RACADM — The RACADM command or the object that you must use is provided here. For more
information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/
idracmanuals.
• iDRAC Settings Utility — Only the task-related information is provided here. For information about the
fields and options, see the iDRAC Settings Utility Online Help that you can access when you click Help
in the iDRAC Settings GUI (press <F2> during boot, and then click iDRAC Settings on the System
Setup Main Menu page).
Supported web browsers
iDRAC is supported on the following browsers:
• Internet Explorer
• Mozilla Firefox
• Google Chrome
• Safari
For the list of versions, see the iDRAC8 Release Notes available at dell.com/idracmanuals.
Managing licenses
iDRAC features are available based on the purchased license (Basic Management, iDRAC Express, or
iDRAC Enterprise). Only licensed features are available in the interfaces that allow you to configure or use
iDRAC. For example, iDRAC Web interface, RACADM, WS-MAN, OpenManage Server Administrator, and
so on. Some features, such as dedicated NIC or vFlash requires iDRAC ports card. This is optional on
200-500 series servers.
iDRAC license management and firmware update functionality is available through iDRAC Web interface
and RACADM.
Types of licenses
The types of licenses offered are:
20
• 30 day evaluation and extension — The license expires after 30 days and can be extended for 30 days.
Evaluation licenses are duration based, and the timer runs when power is applied to the system.
• Perpetual — The license is bound to the service tag and is permanent.
Methods for acquiring licenses
Use any of the following methods to acquire the licenses:
• Email — License is attached to an email that is sent after requesting it from the technical support
center.
• Self-service portal — A link to the Self-Service Portal is available from iDRAC. Click this link to open
the licensing Self-Service Portal on the Internet. Currently, you can use the License Self-Service Portal
to retrieve licenses that were purchased with the server. You must contact the sales representative or
technical support to buy a new or upgrade license. For more information, see the online help for the
self-service portal page.
• Point-of-sale — License is acquired while placing the order for a system.
License operations
Before you perform the license management tasks, make sure to acquire the licenses. For more
information, see the Overview and Feature Guide available at dell.com/support/manuals.
NOTE: If you have purchased a system with all the licenses pre-installed, then license management
is not required.
You can perform the following licensing operations using iDRAC, RACADM, WS-MAN, and Lifecycle
Controller-Remote Services for one-to-one license management, and Dell License Manager for one-tomany license management:
• View — View the current license information.
• Import — After acquiring the license, store the license in a local storage and import it into iDRAC using
one of the supported interfaces. The license is imported if it passes the validation checks.
NOTE: For a few features, a system restart is required to enable the features.
• Export — Export the installed license into an external storage device for backup or to reinstall it again
after a part or motherboard replacement. The file name and format of the exported license is
<EntitlementID>.xml.
• Delete — Delete the license that is assigned to a component if the component is missing. After the
license is deleted, it is not stored in iDRAC and the base product functions are enabled.
• Replace — Replace the license to extend an evaluation license, change a license type such as an
evaluation license with a purchased license, or extend an expired license.
– An evaluation license may be replaced with an upgraded evaluation license or with a purchased
license.
– A purchased license may be replaced with an updated license or with an upgraded license.
• Learn More — Learn more about an installed license, or the licenses available for a component
installed in the server.
NOTE: For the Learn More option to display the correct page, make sure that *.dell.com is
added to the list of Trusted Sites in the Security Settings. For more information, see the Internet
Explorer help documentation.
For one-to-many license deployment, you can use Dell License Manager. For more information, see the
Dell License Manager User’s Guide available at dell.com/support/manuals.
21
Importing license after replacing motherboard
You can use the Local iDRAC Enterprise License Installation Tool if you have recently replaced the
motherboard and need to reinstall the iDRAC Enterprise license locally (with no network connectivity)
and activate the dedicated NIC. This utility installs a 30-day trial iDRAC Enterprise license and allows you
to reset the iDRAC to change from shared NIC to dedicated NIC.
For more information about this utility and to download this tool, click here.
License component state or condition and available operations
The following table provides the list of license operations available based on the license state or
condition.
Table 1. License operations based on state and condition
License/
Component
state or
condition
Nonadministrator
login
Active license Yes Yes Yes Yes Yes
Expired license No Yes Yes Yes Yes
License
installed but
component
missing
NOTE: In the iDRAC Web interface, on the Licenses page, expand the device to view the Replace
option in the drop-down menu.
Import Export Delete Replace Learn More
No No No No Yes
No Yes Yes No Yes
Managing licenses using iDRAC web interface
To manage the licenses using the iDRAC web interface, go to Overview → Server → Licenses.
The Licensing page displays the licenses that are associated to devices, or the licenses that are installed
but the device is not present in the system. For more information on importing, exporting, deleting, or
replacing a license, see the iDRAC Online Help.
Managing licenses using RACADM
To manage licenses using RACADM, use the license subcommand. For more information, see the iDRAC
RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
Licensed features in iDRAC7 and iDRAC8
The following table lists the iDRAC7 and iDRAC8 features that are enabled based on the license
purchased:
22
Feature Basic
Mana
geme
nt
(iDRA
iDRAC
8 Basic
iDRAC
7
Expres
s
iDRAC
8
Expres
s
iDRAC
7
Expre
ss for
Blades
iDRAC8
Express
for Blades
iDRAC7
Enterprise
iDRAC8
Enterprise
C7)
Interfaces / Standards
IPMI 2.0 Yes Yes Yes Yes Yes Yes Yes Yes
DCMI 1.5 No Yes No Yes No Yes No Yes
Web-based GUI No Yes Yes Yes Yes Yes Yes Yes
Racadm
No Yes Yes Yes Yes Yes Yes Yes
command line
(local/remote)
SMASH-CLP (SSH-
No Yes Yes Yes Yes Yes Yes Yes
only)
Telnet No Yes Yes Yes Yes Yes Yes Yes
SSH No Yes Yes Yes Yes Yes Yes Yes
WS-MAN Yes Yes Yes Yes Yes Yes Yes Yes
Network Time
No No Yes Yes Yes Yes Yes Yes
Protocol
Connectivity
Shared NIC (LOM) Yes Yes Yes Yes N/A N/A Yes Yes
Dedicated NIC
2
No Yes No Yes Yes Yes Yes Yes
VLAN tagging Yes Yes Yes Yes Yes Yes Yes Yes
IPv4 Yes Yes Yes Yes Yes Yes Yes Yes
1
IPv6 No Yes Yes Yes Yes Yes Yes Yes
DHCP No Yes No Yes No Yes No Yes
Dynamic DNS No Yes Yes Yes Yes Yes Yes Yes
OS pass-through No Yes No Yes No Yes No Yes
Front panel USB No Yes No Yes No Yes No Yes
Security
23
Feature Basic
Mana
geme
nt
(iDRA
iDRAC
8 Basic
iDRAC
7
Expres
s
iDRAC
8
Expres
s
iDRAC
7
Expre
ss for
Blades
iDRAC8
Express
for Blades
iDRAC7
Enterprise
iDRAC8
Enterprise
C7)
Role-based
Yes Yes Yes Yes Yes Yes Yes Yes
authority
Local users Yes Yes Yes Yes Yes Yes Yes Yes
SSL encryption Yes Yes Yes Yes Yes Yes Yes Yes
IP blocking No No No Yes No Yes No Yes
Directory services
No No No No No No Yes Yes
(AD, LDAP)
Two-factor
No No No No No No Yes Yes
authentication
(smart card)
Single sign-On
No No No Yes No Yes Yes Yes
(kerberos)
PK authentication
No No No Yes No Yes No Yes
(for SSH)
Remote Presence
Power control Yes
4
Yes Yes Yes Yes Yes Yes Yes
Boot control No Yes No Yes No Yes No Yes
Serial-over-LAN Yes Yes Yes Yes Yes Yes Yes Yes
Virtual Media No No No No Yes Yes Yes Yes
Virtual Folders No No No No No No Yes Yes
Remote File Share No No No No No No Yes Yes
Virtual Console No No No No Single
user
VNC connection
No No No No No No Yes Yes
to OS
Quality/bandwidth
No No No No No Yes No Yes
control
24
Single user Yes 6 users
Feature Basic
Mana
geme
nt
(iDRA
C7)
Virtual Console
No No No No No No No Yes
collaboration (up
to six
simultaneous
users)
iDRAC
8 Basic
iDRAC
7
Expres
s
iDRAC
8
Expres
s
iDRAC
7
Expre
ss for
Blades
iDRAC8
Express
for Blades
iDRAC7
Enterprise
iDRAC8
Enterprise
Virtual Console
No No No No No No Yes Yes
chat
Virtual Flash
No No No No No No Yes Yes
partitions
Power and Thermal
Automatic power
No Yes No Yes No Yes No Yes
on after loss
Real-time power
Yes Yes Yes Yes Yes Yes Yes Yes
meter
Power thresholds
No No No Yes No Yes No Yes
and alerts
(includes
headroom)
Real-time power
No No Yes Yes Yes Yes Yes Yes
graphing
Historical power
Yes No Yes Yes Yes Yes Yes Yes
counters
Power capping No No No No No No Yes Yes
1,2
Power Center
integration
Temperature
monitoring
Temperature
graphing
Health Monitoring
Full agent-free
monitoring
No No No No No No No Yes
No Yes No Yes No Yes No Yes
No No No Yes No Yes No Yes
No Yes No Yes No Yes No Yes
25
Feature Basic
Mana
geme
nt
(iDRA
C7)
Predictive failure
No Yes No Yes No Yes No Yes
monitoring
iDRAC
8 Basic
iDRAC
7
Expres
s
iDRAC
8
Expres
s
iDRAC
7
Expre
ss for
Blades
iDRAC8
Express
for Blades
iDRAC7
Enterprise
iDRAC8
Enterprise
SNMPv1, v2, and
No Yes Yes Yes Yes Yes Yes Yes
v3 (traps and gets)
Email Alerting No No Yes Yes Yes Yes Yes Yes
Configurable
No Yes No Yes No Yes No Yes
thresholds
Fan monitoring No Yes No Yes No Yes No Yes
Power Supply
No Yes Yes Yes Yes Yes Yes Yes
monitoring
Memory
No Yes No Yes No Yes No Yes
monitoring
CPU monitoring No Yes No Yes No Yes No Yes
RAID monitoring No Yes No Yes No Yes No Yes
NIC monitoring No Yes No Yes No Yes No Yes
HD monitoring
No Yes No Yes No Yes No Yes
(enclosure)
Out of Band
No No No No No No No Yes
Performance
Monitoring
Update
Remote agent-
Yes
3
Yes Yes Yes Yes Yes Yes Yes
free update
Embedded update
No Yes No Yes No Yes No Yes
tools
Sync with
No No No No No No Yes Yes
repository
(scheduled
updates)
Auto-update No No No No No No No Yes
26
Feature Basic
Mana
geme
nt
(iDRA
C7)
Deployment and Configuration
iDRAC
8 Basic
iDRAC
7
Expres
s
iDRAC
8
Expres
s
iDRAC
7
Expre
ss for
Blades
iDRAC8
Express
for Blades
iDRAC7
Enterprise
iDRAC8
Enterprise
Embedded OS
deployment tools
Embedded
configuration
tools (iDRAC
Settings Utility)
Embedded
configuration
wizards (Lifecycle
Controller
wizards)
Auto-Discovery No Yes Yes Yes Yes Yes Yes Yes
Remote OS
deployment
Embedded driver
pack
Full configuration
inventory
Inventory export No Yes No Yes No Yes No Yes
No Yes No Yes No Yes No Yes
No Yes No Yes No Yes No Yes
No Yes No Yes No Yes No Yes
No No No Yes No Yes No Yes
No Yes No Yes No Yes No Yes
No Yes No Yes No Yes No Yes
Remote
configuration
Zero-touch
configuration
System Retire/
Repurpose
Diagnostics, Service, and Logging
Embedded
diagnostic tools
Part Replacement No Yes Yes Yes Yes Yes Yes Yes
No Yes Yes Yes Yes Yes Yes Yes
No No No No No No No Yes
No Yes No Yes No Yes No Yes
Yes Yes Yes Yes Yes Yes Yes Yes
27
Feature Basic
Mana
geme
nt
(iDRA
C7)
Server
No No No No No No Yes Yes
Configuration
Backup
iDRAC
8 Basic
iDRAC
7
Expres
s
iDRAC
8
Expres
s
iDRAC
7
Expre
ss for
Blades
iDRAC8
Express
for Blades
iDRAC7
Enterprise
iDRAC8
Enterprise
Server
No No No No No No Yes Yes
Configuration
Restore
Easy Restore
No Yes No Yes No Yes No Yes
(system
configuration)
Health LED / LCD No Yes No Yes No Yes No Yes
Quick Sync
No Yes No Yes No N/A No Yes
(require NFC
bezel)
iDRAC Direct
No Yes No Yes No Yes No Yes
(front USB
management
port)
iDRAC Service
No Yes Yes Yes Yes Yes Yes Yes
Module (iSM)
Embedded Tech
No Yes Yes Yes Yes Yes Yes Yes
Support Report
Crash screen
capture
5
No No Yes Yes Yes Yes Yes Yes
Crash video
capture
5
No No No No No No Yes Yes
Boot capture No No No No No No Yes Yes
Manual reset for
No Yes No Yes No Yes No Yes
iDRAC
Virtual NMI No Yes No Yes No Yes No Yes
OS watchdog No Yes No Yes No Yes No Yes
Embedded Health
No Yes No Yes No Yes No Yes
Report
28
Feature Basic
Mana
geme
nt
(iDRA
C7)
System Event Log No Yes Yes Yes Yes Yes Yes Yes
Lifecycle Log No Yes No Yes No Yes No Yes
Work notes No Yes No Yes No Yes No Yes
Remote Syslog No No No No No No Yes Yes
iDRAC
8 Basic
iDRAC
7
Expres
s
iDRAC
8
Expres
s
iDRAC
7
Expre
ss for
Blades
iDRAC8
Express
for Blades
iDRAC7
Enterprise
iDRAC8
Enterprise
License
management
[1] 500 series and lower rack and tower servers require a hardware card to enable this feature; this
hardware is offered at additional cost.
[2] Requires vFlash SD card media.
[3] Remote agent-free update feature is available only using IPMI.
[4] Available only using IPMI.
[5] Requires OMSA agent on target server.
No Yes No Yes No Yes No Yes
Interfaces and protocols to access iDRAC
The following table lists the interfaces to access iDRAC.
NOTE: Using more than one interface at the same time may generate unexpected results.
Table 2. Interfaces and protocols to access iDRAC
Interface or
Protocol
iDRAC Settings
Utility
Description
Use the iDRAC Settings utility to perform pre-OS operations. It has a subset of the
features that are available in iDRAC web interface along with other features.
iDRAC web
Interface
To access iDRAC Settings utility, press <F2> during boot and then click iDRAC
Settings on the System Setup Main Menu page.
Use the iDRAC web interface to manage iDRAC and monitor the managed system.
The browser connects to the web server through the HTTPS port. Data streams are
encrypted using 128-bit SSL to provide privacy and integrity. Any connection to the
HTTP port is redirected to HTTPS. Administrators can upload their own SSL
certificate through an SSL CSR generation process to secure the web server. The
default HTTP and HTTPS ports can be changed. The user access is based on user
privileges.
29
Interface or
Protocol
RACADM Use this command-line utility to perform iDRAC and server management. You can
Description
use RACADM locally and remotely.
• Local RACADM command-line interface runs on the managed systems that
have Server Administrator installed. Local RACADM communicates with iDRAC
through its in-band IPMI host interface. Since it is installed on the local
managed system, users are required to log in to the operating system to run
this utility. A user must have a full administrator privilege or be a root user to
use this utility.
• Remote RACADM is a client utility that runs on a management station. It uses
the out-of-band network interface to run RACADM commands on the
managed system and uses the HTTPs channel. The –r option runs the RACADM
command over a network.
• Firmware RACADM is accessible by logging in to iDRAC using SSH or telnet.
You can run the firmware RACADM commands without specifying the iDRAC
IP, user name, or password.
• You do not have to specify the iDRAC IP, user name, or password to run the
firmware RACADM commands. After you enter the RACADM prompt, you can
directly run the commands without the racadm prefix.
Server LCD Panel/
Chassis LCD Panel
CMC web Interface In addition to monitoring and managing the chassis, use the CMC web interface
Lifecycle Controller Use Lifecycle Controller to perform iDRAC configurations. To access Lifecycle
Use the LCD on the server front panel to:
• View alerts, iDRAC IP or MAC address, user programmable strings.
• Set DHCP
• Configure iDRAC static IP settings.
For blade servers, the LCD is on the chassis front panel and is shared between all
the blades.
To reset iDRAC without rebooting the server, press and hold the System
Identification button for 16 seconds.
to:
• View the status of a managed system
• Update iDRAC firmware
• Configure iDRAC network settings
• Log in to iDRAC web interface
• Start, stop, or reset the managed system
• Update BIOS, PERC, and supported network adapters
Controller, press <F10> during boot and go to System Setup → Advanced
Hardware Configuration
Controller User’s Guide available at dell.com/idracmanuals.
→ iDRAC Settings. For more information, see Lifecycle
Telnet Use Telnet to access iDRAC where you can run RACADM and SMCLP commands.
For details about RACADM, see iDRAC RACADM Command Line Interface
Reference Guide available at dell.com/idracmanuals. For details about SMCLP, see
Using SMCLP.
NOTE: Telnet is not a secure protocol and is disabled by default. Telnet
transmits all data, including passwords in plain text. When transmitting
sensitive information, use the SSH interface.
30
Interface or
Protocol
SSH Use SSH to run RACADM and SMCLP commands. It provides the same capabilities
IPMITool Use the IPMITool to access the remote system’s basic management features
VMCLI Use the Virtual Media Command Line Interface (VMCLI) to access a remote media
SMCLP Use Server Management Workgroup Server Management-Command Line Protocol
WS-MAN The LC-Remote Service is based on the WS-Management protocol to do one-to-
Description
as the Telnet console using an encrypted transport layer for higher security. The
SSH service is enabled by default on iDRAC. The SSH service can be disabled in
iDRAC. iDRAC only supports SSH version 2 with DSA and the RSA host key
algorithm. A unique 1024-bit DSA and 1024-bit RSA host key is generated when
you power-up iDRAC for the first time.
through iDRAC. The interface includes local IPMI, IPMI over LAN, IPMI over Serial,
and Serial over LAN. For more information on IPMITool, see the Dell OpenManage
Baseboard Management Controller Utilities User’s Guide at dell.com/
idracmanuals.
NOTE: IPMI version 1.5 is not supported.
through the management station and deploy operating systems on multiple
managed systems.
(SMCLP) to perform systems management tasks. This is available through SSH or
Telnet. For more information about SMCLP, see Using SMCLP.
many systems management tasks. You must use WS-MAN client such as WinRM
client (Windows) or the OpenWSMAN client (Linux) to use the LC-Remote Services
functionality. You can also use Power Shell and Python to script to the WS-MAN
interface.
Web Services for Management (WS-Management) are a Simple Object Access
Protocol (SOAP)–based protocol used for systems management. iDRAC uses WS–
Management to convey Distributed Management Task Force (DMTF) Common
Information Model (CIM)–based management information. The CIM information
defines the semantics and information types that can be modified in a managed
system. The data available through WS-Management is provided by iDRAC
instrumentation interface mapped to the DMTF profiles and extension profiles.
For more information, see the following:
• Lifecycle Controller-Remote Services User’s Guide available at dell.com/
idracmanuals.
• Lifecycle Controller Integration Best Practices Guide available at dell.com/
support/manuals.
• Lifecycle Controller page on Dell TechCenter — delltechcenter.com/page/
Lifecycle+Controller
• Lifecycle Controller WS-Management Script Center — delltechcenter.com/
page/Scripting+the+Dell+Lifecycle+Controller
• MOFs and Profiles — delltechcenter.com/page/DCIM.Library
• DTMF website — dmtf.org/standards/profiles/
31
iDRAC port information
The following ports are required to remotely access iDRAC through firewalls. These are the default ports
iDRAC listens to for connections. Optionally, you can modify most of the ports. To do this, see
Configuring services.
Table 3. Ports idrac listens for connections
Port Number Function
22* SSH
23* Telnet
80* HTTP
443* HTTPS
623 RMCP/RMCP+
161* SNMP
5900* Virtual Console keyboard and mouse redirection, Virtual Media, Virtual Folders,
and Remote File Share
5901 VNC
When VNC feature is enabled, the port 5901 opens.
* Configurable port
The following table lists the ports that iDRAC uses as a client.
Table 4. Ports idrac uses as client
Port Number Function
25* SMTP
53 DNS
68 DHCP-assigned IP address
69 TFTP
162* SNMP trap
445 Common Internet File System (CIFS)
636 LDAP Over SSL (LDAPS)
2049 Network File System (NFS)
32
Port Number Function
123 Network Time Protocol (NTP)
3269 LDAPS for global catalog (GC)
* Configurable port
Other documents you may need
In addition to this guide, the following documents available on the Dell Support website at dell.com/
support/manuals provide additional information about the setup and operation of iDRAC in your system.
• The iDRAC Online Help provides detailed information about the fields available on the iDRAC web
interface and the descriptions for the same. You can access the online help after you install iDRAC.
• The iDRAC8 RACADM Command Line Interface Reference Guide provides information about the
RACADM sub-commands, supported interfaces, and iDRAC property database groups and object
definitions.
• The iDRAC RACADM Support Matrix provides the list of sub commands and objects that are applicable
for a particular iDRAC version.
• The Systems Management Overview Guide provides brief information about the various software
available to perform systems management tasks.
• The Dell Lifecycle Controller Graphical User Interface For 12th and 13th Generation Dell PowerEdge
Servers User’s Guide provides information on using Lifecycle Controller Graphical User Interface
(GUI).
• The Dell Lifecycle Controller Remote Services For 12th and 13th Generation Dell PowerEdge Servers
Quick Start Guide provides an overview of the Remote Services capabilities, information on getting
started with Remote Services, Lifecycle Controller API, and provides references to various resources
on Dell TechCenter.
• The Dell Remote Access Configuration Tool User’s Guide provides information on how to use the tool
to discover iDRAC IP addresses in your network and perform one-to-many firmware updates and
active directory configurations for the discovered IP addresses.
• The Dell Systems Software Support Matrix provides information about the various Dell systems, the
operating systems supported by these systems, and the Dell OpenManage components that can be
installed on these systems.
• The iDRAC Service Module Installation Guide provides information to install the iDRAC Service
Module.
• The Dell OpenManage Server Administrator Installation Guide contains instructions to help you install
Dell OpenManage Server Administrator.
• The Dell OpenManage Management Station Software Installation Guide contains instructions to help
you install Dell OpenManage management station software that includes Baseboard Management
Utility, DRAC Tools, and Active Directory Snap-In.
• The Dell OpenManage Baseboard Management Controller Management Utilities User’s Guide has
information about the IPMI interface.
• The Release Notes provides last-minute updates to the system or documentation or advanced
technical reference material intended for experienced users or technicians.
• The Glossary provides information about the terms used in this document.
The following system documents are available to provide more information:
• The safety instructions that came with your system provide important safety and regulatory
information. For additional regulatory information, see the Regulatory Compliance home page at
33
dell.com/regulatory_compliance. Warranty information may be included within this document or as
a separate document.
• The Rack Installation Instructions included with your rack solution describe how to install your system
into a rack.
• The Getting Started Guide provides an overview of system features, setting up your system, and
technical specifications.
• The Owner’s Manual provides information about system features and describes how to troubleshoot
the system and install or replace system components.
Related Tasks
Contacting Dell
Accessing documents from Dell support site
Social media reference
To know more about the product, best practices, and information about Dell solutions and services, you
can access the social media platforms such as Dell TechCenter. You can access blogs, forums,
whitepapers, how-to videos, and so on from the iDRAC wiki page at www.delltechcenter.com/idrac.
For iDRAC and other related firmware documents, see dell.com/esmmanuals.
Contacting Dell
NOTE: If you do not have an active Internet connection, you can find contact information on your
purchase invoice, packing slip, bill, or Dell product catalog.
Dell provides several online and telephone-based support and service options. Availability varies by
country and product, and some services may not be available in your area. To contact Dell for sales,
technical support, or customer service issues:
1. Go to dell.com/support.
2. Select your support category.
3. Verify your country or region in the Choose a Country/Region drop-down list at the bottom of the
page.
4. Select the appropriate service or support link based on your need.
Accessing documents from Dell support site
You can access the required documents in one of the following ways:
• Using the following links:
– For all Enterprise Systems Management documents — Dell.com/SoftwareSecurityManuals
– For OpenManage documents — Dell.com/OpenManageManuals
– For Remote Enterprise Systems Management documents — Dell.com/esmmanuals
– For OpenManage Connections Enterprise Systems Management documents — Dell.com/
OMConnectionsEnterpriseSystemsManagement
– For Serviceability Tools documents — Dell.com/ServiceabilityTools
– For OpenManage Connections Client Systems Management documents — Dell.com/
DellClientCommandSuiteManuals
• From the Dell Support site:
34
a. Go to Dell.com/Support/Home.
b. Under Select a product section, click Software & Security.
c. In the Software & Security group box, click the required link from the following:
– Enterprise Systems Management
– Remote Enterprise Systems Management
– Serviceability Tools
– Dell Client Command Suite
– Connections Client Systems Management
d. To view a document, click the required product version.
• Using search engines:
– Type the name and version of the document in the search box.
35
2
Logging in to iDRAC
You can log in to iDRAC as an iDRAC user, as a Microsoft Active Directory user, or as a Lightweight
Directory Access Protocol (LDAP) user. The default user name and password is root and calvin,
respectively. You can also log in using Single Sign-On or Smart Card.
NOTE: You must have Login to iDRAC privilege to log in to iDRAC.
Related Tasks
Logging in to iDRAC as local user, Active Directory user, or LDAP user
Logging in to iDRAC using a smart card
Logging in to iDRAC using Single Sign-On
Changing default login password
Logging in to iDRAC as local user, Active Directory user, or LDAP user
Before you log in to iDRAC using the web interface, make sure that you have configured a supported web
browser and the user account is created with the required privileges.
NOTE: The user name is not case-sensitive for an Active Directory user. The password is casesensitive for all users.
NOTE: In addition to Active Directory, openLDAP, openDS, Novell eDir, and Fedora-based directory
services are supported.
To log in to iDRAC as local user, Active Directory user, or LDAP user:
1. Open a supported web browser.
2. In the Address field, type https://[iDRAC-IP-address] and press <Enter>.
NOTE: If the default HTTPS port number (port 443) was changed, enter: https://[iDRACIP-address]:[port-number] where, [iDRAC-IP-address] is the iDRAC IPv4 or IPv6
address and
The Login page is displayed.
3. For a local user:
• In the Username and Password fields, enter your iDRAC user name and password.
• From the Domain drop-down menu, select This iDRAC.
4. For an Active Directory user, in the Username and Password fields, enter the Active Directory user
name and password. If you have specified the domain name as a part of the username, select This
iDRAC from the drop-down menu. The format of the user name can be: <domain>\<username>,
<domain>/<username>, or <user>@<domain>.
For example, dell.com\john_doe, or JOHN_DOE@DELL.COM.
36
[port-number] is the HTTPS port number.
If the domain is not specified in the user name, select the Active Directory domain from the Domain
drop-down menu.
5. For an LDAP user, in the Username and Password fields, enter your LDAP user name and password.
Domain name is not required for LDAP login. By default, This iDRAC is selected in the drop-down
menu.
6. Click Submit. You are logged in to iDRAC with the required user privileges.
If you log in with Configure Users privileges and the default account credentials, and if the default
password warning feature is enabled, the Default Password Warning page is displayed allowing you
to easily change the password.
Related Concepts
Configuring user accounts and privileges
Changing default login password
Related Tasks
Configuring supported web browsers
Logging in to iDRAC using a smart card
You can log in to iDRAC using a smart card. Smart cards provide Two Factor Authentication (TFA) that
provides two layers of security:
• Physical smart card device.
• Secret code such as, a password or a PIN.
Users must verify their credentials using the smart card and the PIN.
Related Tasks
Logging in to iDRAC as a local user using a smart card
Logging in to iDRAC as an Active Directory user using a smart card
Logging in to iDRAC as a local user using a smart card
Before you log in as a local user using Smart Card, make sure to:
• Upload user smart card certificate and the trusted Certificate Authority (CA) certificate to iDRAC
• Enable smart card logon.
The iDRAC web interface displays the smart card logon page for users who are configured to use the
smart card.
NOTE: Depending on the browser settings, you are prompted to download and install the smart
card reader ActiveX plug-in when using this feature for the first time.
To log in to iDRAC as a local user using smart card:
1. Access the iDRAC web interface using the link https://[IP address].
The iDRAC Login page is displayed prompting you to insert the smart card.
37
NOTE: If the default HTTPS port number (port 443) has been changed, type: https://[IP
address]:[port number] where, [IP address] is the IP address for the iDRAC and
[port number] is the HTTPS port number.
2. Insert the Smart Card into the reader and click Login.
A prompt is displayed for the Smart Card’s PIN. A password in not required.
3. Enter the Smart Card PIN for local Smart Card users.
You are logged in to the iDRAC.
NOTE: If you are a local user for whom Enable CRL check for Smart Card Logon is enabled,
iDRAC attempts to download the CRL and checks the CRL for the user's certificate. The login
fails if the certificate is listed as revoked in the CRL or if the CRL cannot be downloaded for
some reason.
Related Concepts
Enabling or disabling smart card login
Related Tasks
Configuring iDRAC smart card login for local users
Logging in to iDRAC as an Active Directory user using a smart card
Before you log in as an Active Directory user using Smart Card, make sure to:
• Upload a Trusted Certificate Authority (CA) certificate (CA-signed Active Directory certificate) to
iDRAC.
• Configure the DNS server.
• Enable Active Directory login.
• Enable Smart Card login.
To log in to iDRAC as an Active Directory user using smart card:
1. Log in to iDRAC using the link https://[IP address].
The iDRAC Login page is displayed prompting you to insert the Smart Card.
NOTE: If the default HTTPS port number (port 443) is changed, type: https://[IP
address]:[port number]
number] is the HTTPS port number.
2. Insert the Smart Card and click Login.
The PIN pop-up is displayed.
3. Enter the PIN and click Submit.
You are logged in to iDRAC with your Active Directory credentials.
NOTE:
If the smart card user is present in Active Directory, an Active Directory password is not required.
Related Concepts
Enabling or disabling smart card login
Related Tasks
Configuring iDRAC smart card login for Active Directory users
where, [IP address] is the iDRAC IP address and [port
38
Logging in to iDRAC using Single Sign-On
When Single Sign-On (SSO) is enabled, you can log in to iDRAC without entering your domain user
authentication credentials, such as user name and password.
Related Concepts
Configuring iDRAC SSO login for Active Directory users
Logging in to iDRAC SSO using iDRAC web interface
Before logging in to iDRAC using Single Sign-On, make sure that:
• You have logged in to your system using a valid Active Directory user account.
• Single Sign-On option is enabled during Active Directory configuration.
To log in to iDRAC using web interface:
1. Log in to your management station using a valid Active Directory account.
2. In a web browser, type https://[FQDN address]
NOTE: If the default HTTPS port number (port 443) has been changed, type: https://[FQDN
address]:[port number]
(iDRACdnsname.domain. name) and [port number] is the HTTPS port number.
NOTE: If you use IP address instead of FQDN, SSO fails.
iDRAC logs you in with appropriate Microsoft Active Directory privileges, using your credentials that
were cached in the operating system when you logged in using a valid Active Directory account.
where, [FQDN address] is the iDRAC FQDN
Logging in to iDRAC SSO using CMC web interface
Using the SSO feature, you can launch iDRAC web interface from CMC web interface. A CMC user has
the CMC user privileges when launching iDRAC from CMC. If the user account is present in CMC and not
in iDRAC, the user can still launch iDRAC from CMC.
If iDRAC network LAN is disabled (LAN Enabled = No), SSO is not available.
If the server is removed from the chassis, iDRAC IP address is changed, or there is a problem in iDRAC
network connection, the option to Launch iDRAC is grayed-out in the CMC web interface.
For more information, see the Chassis Management Controller User’s Guide available at dell.com/
support/manuals.
Accessing iDRAC using remote RACADM
You can use remote RACADM to access iDRAC using RACADM utility.
For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at
dell.com/idracmanuals.
If the management station has not stored the iDRAC’s SSL certificate in its default certificate storage, a
warning message is displayed when you run the RACADM command. However, the command is
executed successfully.
39
NOTE: The iDRAC certificate is the certificate iDRAC sends to the RACADM client to establish the
secure session. This certificate is either issued by a CA or self-signed. In either case, if the
management station does not recognize the CA or signing authority, a warning is displayed.
Related Tasks
Validating CA certificate to use remote RACADM on Linux
Validating CA certificate to use remote RACADM on Linux
Before running remote RACADM commands, validate the CA certificate that is used for secure
communications.
To validate the certificate for using remote RACADM:
1. Convert the certificate in DER format to PEM format (using openssl command-line tool):
openssl x509 -inform pem -in [yourdownloadedderformatcert.crt] –outform pem
-out [outcertfileinpemformat.pem] –text
2. Find the location of the default CA certificate bundle on the management station. For example, for
RHEL5 64 bit, it is
3. Append the PEM formatted CA certificate to the management station CA certificate.
For example, use the cat command: cat testcacert.pem >> cert.pem
4. Generate and upload the server certificate to iDRAC.
/etc/pki/tls/cert.pem.
Accessing iDRAC using local RACADM
For information to access iDRAC using local RACADM, see the iDRAC RACADM Command Line Interface
Reference Guide
available at dell.com/idracmanuals.
Accessing iDRAC using firmware RACADM
You can use SSH or Telnet interfaces to access iDRAC and run firmware RACADM commands. For more
information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/
idracmanuals.
Accessing iDRAC using SMCLP
SMCLP is the default command line prompt when you log in to iDRAC using Telnet or SSH. For more
information, see
Using SMCLP.
Logging in to iDRAC using public key authentication
You can log into the iDRAC over SSH without entering a password. You can also send a single RACADM
command as a command line argument to the SSH application. The command line options behave
similar to remote RACADM since the session ends after the command is completed.
For example:
Logging in:
ssh username@<domain>
40
or
ssh username@<IP_address>
where IP_address is the IP address of the iDRAC.
Sending RACADM commands:
ssh username@<domain> racadm getversion
ssh username@<domain> racadm getsel
Related Concepts
Using public key authentication for SSH
Multiple iDRAC sessions
The following table provides the list of multiple iDRAC sessions that are possible using the various
interfaces.
Table 5. Multiple idrac sessions
Interface Number of Sessions
iDRAC Web Interface 6
Remote RACADM 4
Firmware RACADM / SMCLP SSH - 2
Telnet - 2
Serial - 1
Changing default login password
The warning message that allows you to change the default password is displayed if:
• You log in to iDRAC with Configure User privilege.
• Default password warning feature is enabled.
• Credentials for any currently enabled account are root/calvin.
A warning message is also displayed when you log in to iDRAC using SSH, Telnet, remote RACADM, or
the Web interface. For Web interface, SSH, and Telnet, a single warning message is displayed for each
session. For remote RACADM, the warning message is displayed for each command.
Related Tasks
Enabling or disabling default password warning message
41
Changing default login password using web interface
When you log in to iDRAC Web interface, if the Default Password Warning page is displayed, you can
change the password. To do this:
1. Select the Change Default Password option.
2. In the New Password field, enter the new password.
The maximum characters for the password are 20. The characters are masked. The following
characters are supported:
• 0-9
• A-Z
• a-z
• Special characters: +, &, ?, >, -, }, |, ., !, (, ', ,, _,[, ", @, #, ), *, ;, $, ], /, §, %, =, <, :, {, I, \
3. In the Confirm Password field, enter the password again.
4. Click Continue. The new password is configured and you are logged in to iDRAC.
NOTE: Continue is enabled only if the passwords entered in the New Password and Confirm
Password fields match.
For information about the other fields, see the iDRAC Online Help.
Changing default login password using RACADM
To change the password, run the following RACADM command:
racadm set iDRAC.Users.<index>.Password <Password>
where, <index> is a value from 1 to 16 (indicates the user account) and <password> is the new user—
defined password.
For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide.
Changing default login password using iDRAC settings utility
To change the default login password using iDRAC Settings Utility:
1. In the iDRAC Settings utility, go to User Configuration.
The iDRAC Settings.User Configuration page is displayed.
2. In the Change Password field, enter the new password.
3. Click Back, click Finish, and then click Yes.
The details are saved.
Enabling or disabling default password warning message
You can enable or disable the display of the default password warning message. To do this, you must
have Configure Users privilege.
Enabling or disabling default password warning message using web interface
To enable or disable the display of the default password warning message after logging in to iDRAC:
1. Go to Overview → iDRAC Settings → User Authentication → Local Users.
42
The Users page is displayed.
2. In the Default Password Warning section, select Enable, and then click Apply to enable the display
of the Default Password Warning page when you log in to iDRAC. Else, select Disable.
Alternatively, if this feature is enabled and you do not want to display the warning message for
subsequent log-ins, on the Default Password Warning page, select the Do not show this warning
again option, and then click Apply.
Enabling or disabling warning message to change default login password using RACADM
To enable the display of the warning message to change the default login password using RACADM, use
idrac.tuning.DefaultCredentialWarning object. For more information, see the iDRAC RACADM
Command Line Interface Reference Guide
available at dell.com/idracmanuals.
Invalid password credentials
To provide security against unauthorized users and denial of service (DoS) attack, iDRAC provides the
following before blocking the IP and SNMP traps (if enabled):
• Series of sign-in errors and alerts
• Increased time intervals with each sequential incorrect login attempt
• Log entries
NOTE: The sign-errors and alerts, increased time interval for each incorrect login, and log entries
are available using any of the iDRAC interfaces such as web interface, Telnet, SSH, Remote
RACADM, WS-MAN, and VMCLI.
Table 6. iDRAC web interface behavior with incorrect login attempts
Login
attempts
First
incorrect
login
Second
incorrect
login
Third
incorrect
login
Each
additional
incorrect
login
Blocking
(seconds)
0 No None No
30 Yes
60 Yes
60 Yes
Error
logged
(USR000
34)
GUI display message SNMP alert (if
• RAC0212: Login failed. Verify that
username and password is correct.
Login delayed for 30 seconds.
• Try again button is disabled for 30 seconds.
• RAC0212: Login failed. Verify that
username and password is correct.
Login delayed for 60 seconds.
• Try again button is disabled for 60 seconds.
• RAC0212: Login failed. Verify that
username and password is correct.
Login delayed for 60 seconds.
• Try again button is disabled for 60 seconds.
enabled)
Yes
Yes
Yes
43
NOTE: After a 24–hour period, the counters are reset and the above restrictions are applied.
44
3
Setting up managed system and management station
To perform out-of-band systems management using iDRAC, you must configure iDRAC for remote
accessibility, set up the management station and managed system, and configure the supported web
browsers.
NOTE: In case of blade servers, install CMC and I/O modules in the chassis and physically install the
system in the chassis before performing the configurations.
Both iDRAC Express and iDRAC Enterprise ship from the factory with a default static IP address. However,
Dell also offers two options:
• Provisioning Server — Use this option if you have a provisioning server installed in the data center
environment. A provisioning server manages and automates the deployment or upgrade of an
operating system and application for a Dell PowerEdge server. By enabling the Provisioning Server
option, the servers, upon first boot, search for a provisioning server to take control and begin the
automated deployment or upgrade process.
• DHCP — Use this option if you have a Dynamic Host Configuration Protocol (DHCP) server installed in
the data center environment or if you are using iDRAC Auto Config or OpenManage Essentials
Configuration Manager to automate server provisioning. The DHCP server automatically assigns the IP
address, gateway, and subnet mask for iDRAC.
You can enable Provisioning Server or DHCP when you place an order for the server. There is no charge
to enable either of these features. However, only one setting is possible.
Related Concepts
Setting up iDRAC IP address
Setting up managed system
Updating device firmware
Rolling back device firmware
Related Tasks
Setting up management station
Configuring supported web browsers
Setting up iDRAC IP address
You must configure the initial network settings based on your network infrastructure to enable the
communication to and from iDRAC. You can set up the IP address using one of the following interfaces:
• iDRAC Settings utility
• Lifecycle Controller (see Lifecycle Controller User’s Guide)
• Dell Deployment Toolkit (see Dell Deployment Toolkit User’s Guide)
45
• Chassis or Server LCD panel (see the system’s Hardware Owner’s Manual)
NOTE: In case of blade servers, you can configure the network setting using the Chassis LCD
panel only during initial configuration of CMC. After the chassis is deployed, you cannot
reconfigure iDRAC using the Chassis LCD panel.
• CMC Web interface (see Dell Chassis Management Controller Firmware User’s Guide)
In case of rack and tower servers, you can set up the IP address or use the default iDRAC IP address
192.168.0.120 to configure initial network settings, including setting up DHCP or the static IP for iDRAC.
In case of blade servers, the iDRAC network interface is disabled by default.
After you configure iDRAC IP address:
• Make sure to change the default user name and password after setting up the iDRAC IP address.
• Access it through any of the following interfaces:
– iDRAC Web interface using a supported browser (Internet Explorer, Firefox, Chrome, or Safari)
– Secure Shell (SSH) — Requires a client such as PuTTY on Windows. SSH is available by default in
most of the Linux systems and hence does not require a client.
– Telnet (must be enabled, since it is disabled by default)
– IPMITool (uses IPMI command) or shell prompt (requires Dell customized installer in Windows or
Linux, available from Systems Management Documentation and Tools DVD or support.dell.com)
Related Tasks
Setting up iDRAC IP using iDRAC settings utility
Setting up iDRAC IP using CMC web interface
Enabling provisioning server
Configuring servers and server components using Auto Config
Setting up iDRAC IP using iDRAC settings utility
To set up the iDRAC IP address:
1. Turn on the managed system.
2. Press <F2> during Power-on Self-test (POST).
3. In the System Setup Main Menu page, click iDRAC Settings.
The iDRAC Settings page is displayed.
4. Click Network.
The Network page is displayed.
5. Specify the following settings:
• Network Settings
• Common Settings
• IPv4 Settings
• IPv6 Settings
• IPMI Settings
• VLAN Settings
6. Click Back, click Finish, and then click Yes.
The network information is saved and the system reboots.
Related Tasks
Network settings
46
Common settings
IPv4 settings
IPv6 settings
IPMI settings
VLAN settings
Network settings
To configure the Network Settings:
NOTE: For information about the options, see the iDRAC Settings Utility Online Help.
1. Under Enable NIC, select the Enabled option.
2. From the NIC Selection drop-down menu, select one of the following ports based on the network
requirement:
• Dedicated — Enables the remote access device to use the dedicated network interface available
on the Remote Access Controller (RAC). This interface is not shared with the host operating
system and routes the management traffic to a separate physical network, enabling it to be
separated from the application traffic.
This option implies that iDRAC's dedicated network port routes its traffic separately from the
server's LOM or NIC ports. About managing network traffic, the Dedicated option allows iDRAC to
be assigned an IP address from the same subnet or different subnet in comparison to the IP
addresses assigned to the Host LOM or NICs.
NOTE: In blade servers, the Dedicated option is displayed as Chassis (Dedicated).
• LOM1
• LOM2
• LOM3
• LOM4
NOTE: In the case of rack and tower servers, two LOM options (LOM1 and LOM2) or all four
LOM options are available depending on the server model. In blade servers with two NDC ports,
two LOM options (LOM1 and LOM2) are available and on server with four NDC ports, all four
LOM options are available.
NOTE: Shared LOM is not supported on the following bNDCs if they are used in a full — height
server with two NDCs because they do not support hardware arbitration:
• Intel 2P X520–k bNDC 10 G
• Emulex OCM14102–N6–D bNDC 10 Gb
• Emulex OCm14102-U4-D bNDC 10 Gb
• Emulex OCm14102-U2-D bNDC 10 Gb
• QLogic QMD8262–k DP bNDC 10 G
3. From the Failover Network drop-down menu, select one of the remaining LOMs. If a network fails,
the traffic is routed through the failover network.
For example, to route the iDRAC network traffic through LOM2 when LOM1 is down, select LOM1 for
NIC Selection and LOM2 for Failover Network.
NOTE: If you have selected Dedicated in NIC Selection drop-down menu, the option is
grayed-out.
47
NOTE: Failover is not supported on shared LOM for the following Emulex rNDCs and bNDCs:
• Emulex OCM14104-UX-D rNDC 10 Gbx
• Emulex OCM14104-U1-D rNDC 10 Gb
• Emulex OCM14104-N1-D rNDC 10 Gb
• Emulex OCM14104B-N1-D rNDC 10 Gb
• Emulex OCM14102-U2-D bNDC 10 Gb
• Emulex OCM14102-U4-D bNDC 10 Gb
• Emulex OCM14102-N6-D bNDC 10 Gb
NOTE: On PowerEdge FM120x4 servers, Failover Network is not supported for the chassis sled
configurations. For more information about the chassis sled configurations, see the Chassis
Management Controller (CMC) User’s Guide available at dell.com/idracmanuals.
NOTE: On PowerEdge FM120x4 servers, while configuring the Enhanced Network Adapter
Isolation, ensure that LOM2 is disabled on the host system and is not selected for iDRAC NIC.
For more information about the chassis sled configurations, see the Chassis Management
Controller (CMC) User’s Guide available at dell.com/idracmanuals.
4. Under Auto Negotiation, select On if iDRAC must automatically set the duplex mode and network
speed. This option is available only for dedicated mode. If enabled, iDRAC sets the network speed to
10, 100, or 1000 Mbps based on the network speed.
5. Under Network Speed, select either 10 Mbps or 100 Mbps.
NOTE: You cannot manually set the Network Speed to 1000 Mbps. This option is available only
if Auto Negotiation option is enabled.
6. Under Duplex Mode, select Half Duplex or Full Duplex option.
NOTE: If you enable Auto Negotiation, this option is grayed-out.
Common settings
If network infrastructure has DNS server, register iDRAC on the DNS. These are the initial settings
requirements for advanced features such as Directory services—–Active Directory or LDAP, Single Sign
On, and smart card.
To register iDRAC:
1. Enable Register DRAC on DNS.
2. Enter the DNS DRAC Name.
3. Select Auto Config Domain Name to automatically acquire domain name from DHCP. Else, provide
DNS Domain Name.
the
IPv4 settings
To configure the IPv4 settings:
1. Select Enabled option under Enable IPv4 .
2. Select Enabled option under Enable DHCP , so that DHCP can automatically assign the IP address,
gateway, and subnet mask to iDRAC. Else, select Disabled and enter the values for:
• Static IP Address
• Static Gateway
• Static Subnet Mask
48
3. Optionally, enable Use DHCP to obtain DNS server address, so that the DHCP server can assign the
Static Preferred DNS Server and Static Alternate DNS Server. Else, enter the IP addresses for Static
Preferred DNS Server and Static Alternate DNS Server.
IPv6 settings
Alternately, based on the infrastructure setup, you can use IPv6 address protocol.
To configure the IPv6 settings:
1. Select Enabled option under Enable IPv6.
2. For the DHCPv6 server to automatically assign the IP address, gateway, and subnet mask to iDRAC,
select Enabled option under Enable Auto-configuration. If enabled, the static values are disabled.
Else, proceed to the next step to configure using the static IP address.
3. In the Static IP Address 1 box, enter the static IPv6 address.
4. In the Static Prefix Length box, enter a value between 0 and 128.
5. In the Static Gateway box, enter the gateway address.
6. If you are using DHCP, enable DHCPv6 to obtain DNS Server addresses to obtain Primary and
Secondary DNS server addresses from DHCPv6 server. Else, select
• In the Static Preferred DNS Server box, enter the static DNS server IPv6 address.
• In the Static Alternate DNS Server box, enter the static alternate DNS server.
Disabled and do the following:
IPMI settings
To enable the IPMI Settings:
1. Under Enable IPMI Over LAN, select Enabled.
2. Under Channel Privilege Limit, select Administrator, Operator, or User.
3. In the Encryption Key box, enter the encryption key in the format 0 to 40 hexadecimal characters
(without any blanks characters.) The default value is all zeros.
VLAN settings
You can configure iDRAC into the VLAN infrastructure.
To configure VLAN settings, perform the following steps:
NOTE: On blade servers that are set as Chassis (Dedicated), the VLAN settings are read-only and
can be changed only using CMC. If the server is set in shared mode, you can configure VLAN
settings in shared mode in iDRAC.
1. Under Enable VLAN ID, select Enabled.
2. In the VLAN ID box, enter a valid number from 1 to 4094.
3. In the Priority box, enter a number from 0 to 7 to set the priority of the VLAN ID.
NOTE: After enabling VLAN, the iDRAC IP is not accessible for sometime.
Setting up iDRAC IP using CMC web interface
To set up the iDRAC IP address using CMC Web interface:
NOTE: You must have Chassis Configuration Administrator privilege to set up iDRAC network
settings from CMC.
1. Log in to CMC Web interface.
2. Go to Server Overview → Setup → iDRAC.
49
The Deploy iDRAC page is displayed.
3. Under iDRAC Network Settings, select Enable LAN and other network parameters as per
requirements. For more information, see CMC online help.
4. For additional network settings specific to each blade server, go to Server Overview → <server
name>
.
The Server Status page is displayed.
5. Click Launch iDRAC and go to Overview → iDRAC Settings → Network.
6. In the Network page, specify the following settings:
• Network Settings
• Common Settings
• IPV4 Settings
• IPV6 Settings
• IPMI Settings
• VLAN Settings
NOTE: For more information, see iDRAC Online Help.
7. To save the network information, click Apply.
For more information, see the Chassis Management Controller User’s Guide available at dell.com/
support/manuals.
Enabling provisioning server
The Provisioning Server feature allows newly installed servers to automatically discover the remote
management console that hosts the provisioning server. The provisioning server provides custom
administrative user credentials to iDRAC, so that the unprovisioned server can be discovered and
managed from the management console. For more information about provisioning server, see the
Lifecycle Controller Remote Services User’s Guide available at dell.com/idracmanuals.
Provisioning server works with a static IP address. DHCP, DNS server, or the default DNS host name
discovers the provisioning server. If DNS is specified, the provisioning server IP is retrieved from DNS and
the DHCP settings are not required. If the provisioning server is specified, discovery is skipped so neither
DHCP nor DNS is required.
You can enable the Provisioning Server feature using iDRAC Settings Utility or using Lifecycle Controller.
For information on using Lifecycle Controller, see Lifecycle Controller User’s Guide available at dell.com/
idracmanuals.
If the Provisioning Server feature is not enabled on the factory-shipped system, the default administrator
account (user name as root and password as calvin) is enabled. Before enabling Provisioning Server, make
sure to disable this administrator account. If the Provisioning Server feature in Lifecycle Controller is
enabled, all the iDRAC user accounts are disabled until the provisioning server is discovered.
To enable provisioning server using iDRAC Settings utility:
1. Turn on the managed system.
2. During POST, press <F2 >, and go to iDRAC Settings → Remote Enablement.
The iDRAC Settings Remote Enablement page is displayed.
3. Enable auto-discovery, enter the provisioning server IP address, and click Back.
50
NOTE: Specifying the provisioning server IP is optional. If it is not set, it is discovered using
DHCP or DNS settings (step 7).
4. Click Network.
The iDRAC Settings Network page is displayed.
5. Enable NIC.
6. Enable IPv4.
NOTE: IPv6 is not supported for auto-discovery.
7. Enable DHCP and get the domain name, DNS server address, and DNS domain name from DHCP.
NOTE: Step 7 is optional if the provisioning server IP address (step 3) is provided.
Configuring servers and server components using Auto Config
The Auto Config feature configures and provisions all the components in a server (example, BIOS, iDRAC,
and PERC) in a single operation by automatically importing a Server Configuration Profile (SCP) XML file
containing all configurable parameters. The DHCP server that assigns the IP address also provides the
details for accessing the SCP file.
SCP files are created by configuring a “gold configuration” server and exporting the server configuration
to a shared location (CIFS or NFS) that is accessible by the DHCP server and the iDRAC of the server
being configured. The SCP file name can be based on the service tag or model number of the target
server or can be given a generic name. The DHCP server uses a DHCP server option to specify the SCP
file name (optionally), SCP file location, and the user credentials to access the file location.
When the iDRAC obtains an IP address from the DHCP server that is configured for Auto Config, iDRAC
uses the SCP to configure the server’s devices. Auto Config is invoked only after the iDRAC gets its IP
address from the DHCP server. If it does not get a response or an IP address from the DHCP server, then
Auto Config is not invoked.
NOTE:
• You can enable Auto Config only if DHCPv4 and the Enable IPv4 options are enabled.
• Auto Config and auto discovery features are mutually exclusive. You must disable auto discovery
for the Auto Config feature to work.
• The Auto Config feature is disabled after a server has carried out an Auto Config operation. For
more information on enabling Auto Config, see Enabling Auto Config using RACADM.
If all the Dell PowerEdge servers in the DHCP server pool are of the same model type and number, then a
single SCP file (config.xml) is required. config.xml is the default SCP file name.
You can configure individual servers requiring different configuration files mapped using individual server
Service Tags or server models. In an environment that has different servers with specific requirements,
you can use different SCP file names to distinguish each server or server type. For example, if there are
two server models to configure — PowerEdge R730s and PowerEdge R530s, use two SCP files, R730config.xml and R530-config.xml.
NOTE: On systems with iDRAC version 2.20.20.20 and later if the filename parameter is not present
in DHCP option 60, the iDRAC server configuration agent automatically generates the configuration
filename using the server Service Tag, model number, or the default filename — config.xml.
The iDRAC server configuration agent uses the rules in the following sequence to determine which SCP
file on the file share to apply for each iDRAC or PowerEdge server:
51
1. The filename specified in DHCP option 60.
2. <ServiceTag>-config.xml — If a filename is not specified in DHCP option 60, use the system Service
Tag to uniquely identify the SCP file for the system. For example, CDVH7R1-config.xml
3. <Model number>-config.xml — If the option 60 filename is not specified and the <Service Tag>config.xml file is not found, then use the system model number as the basis for the SCP file name to
use. For example, R520-config.xml.
4. config.xml — If the option 60 filename, service tag-based, and model number — based files are not
available, use the default config.xml file.
NOTE: If none of these files are on the network share, then the server configuration profile import
job is marked as failed for file not found.
Related Concepts
Auto Config sequence
DHCP options
Related Tasks
Enabling Auto Config using iDRAC web interface
Enabling Auto Config using RACADM
Auto Config sequence
1. Create or modify the SCP file that configures the attributes of Dell servers.
2. Place the SCP file in a share location that is accessible by the DHCP server and all the Dell servers
that are assigned IP address from the DHCP server.
3. Specify the SCP file location in vendor-option 43 field of DHCP server.
4. The iDRAC as part of acquiring IP address advertises vendor class identifier iDRAC. (Option 60)
5. The DHCP server matches the vendor class to the vendor option in the dhcpd.conf file and sends the
SCP file location and, if specified the SCP file name to the iDRAC.
6. The iDRAC processes the SCP file and configures all the attributes listed in the file
DHCP options
DHCPv4 allows many globally defined parameters to be passed to the DHCP clients. Each parameter is
known as a DHCP option. Each option is identified with an option tag, which is a 1-byte value. Option
tags 0 and 255 are reserved for padding and end of options, respectively. All other values are available for
defining options.
The DHCP Option 43 is used to send information from the DHCP server to the DHCP client. The option is
defined as a text string. This text string is set to contain the values of the XML filename, share location and
the credentials to access the location. For example,
option myname code 43 = text;
subnet 192. 168.0.0 netmask 255.255.255.0 {
# default gateway
option routers 192.168.0.1;
option subnet-mask 255.255.255.0;
option nis-domain "domain.org";
option domain-name "domain.org";
option domain-name-servers 192.168.1.1;
option time-offset -18000; #Eastern Standard Time
option vendor-class-identifier "iDRAC";
set vendor-string = option vendor-class-identifier;
option myname "-f system_config.xml -i 192.168.0.130 -u
cifs -s 2 -d 0 -t 500";
52
user -p password -n
where, -i is the location of the Remote File Share and –f is the file name in the string along with the
credentials to the Remote File Share.
The DHCP Option 60 identifies and associates a DHCP client with a particular vendor. Any DHCP server
configured to take action based on a client’s vendor ID should have Option 60 and Option 43 configured.
With Dell PowerEdge servers, the iDRAC identifies itself with vendor ID: iDRAC. Therefore, you must add a
new ‘Vendor Class’ and create a ‘scope option’ under it for ‘code 60,’ and then enable the new scope
option for the DHCP server.
Related Tasks
Configuring option 43 on Windows
Configuring option 60 on Windows
Configuring option 43 and option 60 on Linux
Configuring option 43 on Windows
To configure option 43 on Windows:
1. On the DHCP server, go to Start → Administration Tools → DHCP to open the DHCP server
administration tool.
2. Find the server and expand all items under it.
3. Right-click on Scope Options and select Configure Options.
The Scope Options dialog box is displayed.
4. Scroll down and select 043 Vendor Specific Info.
5. In the Data Entry field, click anywhere in the area under ASCII and enter the IP address of the server
that has the share location, which contains the XML configuration file.
The value appears as you type it under the ASCII, but it also appears in binary to the left.
6. Click OK to save the configuration.
Configuring option 60 on Windows
To configure option 60 on Windows:
1. On the DHCP server, go to Start → Administration Tools → DHCP to open the DHCP server
administration tool.
2. Find the server and expand the items under it.
3. Right-click on IPv4 and choose Define Vendor Classes.
4. Click Add.
A dialog box with the following fields is displayed:
• Display name:
• Description:
• ID: Binary: ASCII:
5. In the Display name: field, type iDRAC.
6. In the Description: field, type Vendor Class.
7. Click in the ASCII: section and type iDRAC.
8. Click OK and then Close.
9. On the DHCP window, right-click IPv4 and selectSet Predefined Options.
10. From the Option class drop-down menu, select iDRAC (created in step 4) and click Add.
11. In the Option Type dialog box, enter the following information:
• Name — iDRAC
53
• Data Type — String
• Code — 060
• Description — Dell vendor class identifier
12. Click OK to return to the DHCP window.
13. Expand all items under the server name, right-click Scope Options and select Configure Options.
14. Click the Advanced tab.
15. From the Vendor class drop-down menu, select iDRAC. The 060 iDRAC is displayed in the Available
Options column.
16. Select 060 iDRAC option.
17. Enter the string value that must be sent to the iDRAC (along with a standard DHCP provided IP
address). The string value helps in importing the correct SCP file.
For the option’s DATA entry, String Value setting, use a text parameter that has the following letter
options and values:
• Filename (–f) — Indicates the name of the exported Server Configuration Profile XML file.
Specifying this filename is optional with iDRAC version 2.20.20.20 or later.
NOTE: For more information on file naming rules, see Configuring servers and server
components using Auto Config.
• Sharename (-n) — Indicates the name of the network share.
• ShareType (-s) — Indicates the share type. 0 indicates NFS and 2 indicates CIFS.
• IPAddress (-i) — Indicates the IP address of the file share.
NOTE: Sharename (-n), ShareType (-s), and IPAddress (-i) are required attributes that must
be passed.
• Username (-u) — Indicates the user name required to access the network share. This information
is required only for CIFS.
• Password (-p) — Indicates the password required to access the network share. This information is
required only for CIFS.
• ShutdownType (-d) — Indicates the mode of shutdown. 0 indicates Graceful shutdown and 1
indicates Forced shutdown.
NOTE: The default setting is 0.
• Timetowait (-t) — Indicates the time the host system waits before shutting down. The default
setting is 300.
• EndHostPowerState (-e) — Indicates the power state of the host. 0 indicates OFF and 1 indicates
ON. The default setting is 1.
NOTE: ShutdownType (-d), Timetowait (-t), and EndHostPowerState (-e) are optional
attributes.
NOTE: On DHCP servers running Windows the operating system with iDRAC version prior to
2.20.20.20, make sure that you add a space before the (–f).
NFS: -f system_config.xml -i 192.168.1.101 -n /nfs_share -s 0 -d 1
CIFS: -f system_config.xml -i 192.168.1.101 -n cifs_share -s 2 -u <USERNAME> -p <PASSWORD> -d 1
-t 400
54
Configuring option 43 and option 60 on Linux
Update the /etc/dhcpd.conf file. The steps to configure the options are similar to the steps for Windows:
1. Set aside a block or pool of addresses that this DHCP server can allocate.
2. Set the option 43 and use the name vendor class identifier for option 60.
option myname code 43 = text;
subnet 192.168.0.0 netmask 255.255.0.0 {
#default gateway
option routers 192.168.0.1;
option subnet-mask 255.255.255.0;
option nis-domain "domain.org";
option domain-name "domain.org";
option domain-name-servers 192.168.1.1;
option time-offset -18000; # Eastern Standard Time
option vendor-class-identifier "iDRAC";
set vendor-string = option vendor-class-identifier;
option myname "-f system_config.xml -i 192.168.0.130 -u user -p
password -n cifs -s 2 -d 0 -t 500";
range dynamic-bootp 192.168.0.128 192.168.0.254;
default-lease-time 21600;
max-lease-time 43200;
}
}
The following are the required and optional parameters that must be passed in the vendor class
identifier string:
• Filename (–f) — Indicates the name of the exported Server Configuration Profile XML file.
Specifying the filename is optional with iDRAC version 2.20.20.20 or later.
NOTE: For more information on file naming rules, see Configuring servers and server
components using Auto Config.
• Sharename (-n) — Indicates the name of the network share.
• ShareType (-s) — Indicates the share type. 0 indicates NFS and 2 indicates CIFS.
• IPAddress (-i) — Indicates the IP address of the file share.
NOTE: Sharename (-n), ShareType (-s), and IPAddress (-i) are required attributes that must
be passed.
• Username (-u) — Indicates the user name required to access the network share. This information
is required only for CIFS.
• Password (-p) — Indicates the password required to access the network share. This information is
required only for CIFS.
NOTE: Example for Linux NFS and CIFS share:
– NFS: -f system_config.xml -i 192.168.0.130 -n /nfs -s 0 -d 0 -t 500
– CIFS: -f system_config.xml -i 192.168.0.130 -n sambashare/config_files -s 2 -u user -p
password -d 1 -t 400
Ensure that you use NFS2 or NFS3 for NFS network share
• ShutdownType (-d) — Indicates the mode of shutdown. 0 indicates Graceful shutdown and 1
indicates Forced shutdown.
NOTE: The default setting is 0.
• Timetowait (-t) — Indicates the time the host system waits before shutting down. The default
setting is 300.
55
• EndHostPowerState (-e) — Indicates the power state of the host. 0 indicates OFF and 1 indicates
ON. The default setting is 1.
NOTE: ShutdownType (-d), Timetowait (-t), and EndHostPowerState (-e) are optional
attributes.
The following is an example of a static DHCP reservation from a dhcpd.conf file:
host my_host {
hardware ethernet b8:2a:72:fb:e6:56;
fixed-address 192.168.0.211;
option host-name "my_host";
option myname " -f r630_raid.xml -i 192.168.0.1 -n /nfs -s 0 -d 0 -t 300";
}
NOTE: After editing the dhcpd.conf file, make sure to restart the dhcpd service in order to apply
the changes.
Prerequisites before enabling Auto Config
Before enabling the Auto config feature, make sure that following are already set:
• Supported network share (NFS or CIFS) is available on the same subnet as the iDRAC and DHCP
server. Test the network share to ensure that it can be accessed and that the firewall and user
permissions are set correctly.
• Server configuration profile is exported to the network share. Also, make sure that the necessary
changes in the XML file are complete so that proper settings can be applied when the Auto Config
process is initiated.
• DHCP server is set and the DHCP configuration is updated as required for iDRAC to call the server and
initiate the Auto Config feature.
Enabling Auto Config using iDRAC web interface
Make sure that DHCPv4 and the Enable IPv4 options are enabled and Auto-discovery is disabled.
To enable Auto Config:
1. In the iDRAC web interface, go to Overview → iDRAC Settings → Network.
The Network page is displayed.
2. In the Auto Config section, select one of the following options from the Enable DHCP Provisioning
drop-down menu:
• Enable Once — Configures the component only once using the XML file referenced by the DHCP
server. After this, Auto Config is disabled.
• Enable once after reset — After the iDRAC is reset, configures the components only once using
the XML file referenced by the DHCP server. After this, Auto Config is disabled.
• Disable — Disables the Auto Config feature.
3. Click Apply to apply the setting.
The network page automatically refreshes.
Enabling Auto Config using RACADM
To enable Auto Config feature using RACADM, use the iDRAC.NIC.AutoConfig object. For more
information, see the iDRAC8 RACADM Command Line Interface Reference Guide.
56
NOTE: For more information on the Auto Config feature, see the Zero-Touch Bare Metal Server
Provisioning using Dell iDRAC with Lifecycle Controller Auto Config white paper available at the
delltechcenter.com/idrac.
Using hash passwords for improved security
On PowerEdge servers with version 2.xx.xx.xx, you can set user passwords and BIOS passwords using a
one-way hash format. The user authentication mechanism is not affected (except for SNMPv3 and IPMI)
and you can provide the password in plain text format.
With the new password hash feature:
• You can generate your own SHA256 hashes to set iDRAC user passwords and BIOS passwords. This
allows you to have the SHA256 values in the server configuration profile, RACADM, and WSMAN.
When you provide the SHA256 password values, you cannot authenticate through SNMPv3 and IPMI.
• You can set up a template server including all the iDRAC user accounts and BIOS passwords using the
current plain text mechanism. After the server is set up, you can export the server configuration profile
with the password that has hash values. The export includes the hash values required for SNMPv3 and
IPMI authentication.
NOTE: When downgrading a Dell 12th generation PowerEdge server from version 2.xx.xx.xx to
1.xx.xx, if the server is set with hash authentication, then you will not be able to log in to any
interface unless the password is set to default.
You can generate the hash password with and without Salt using SHA256.
You must have Server Control privileges to include and export hash passwords.
If access to all accounts is lost, use iDRAC Settings Utility or local RACADM and perform reset iDRAC to
default task.
If the iDRAC user account’s password is set with the SHA256 password hash only and not the other
hashes (SHA1v3Key or MD5v3Key), then authentication through SNMP v3 and IPMI is not available.
Hash password using RACADM
Use the following objects with the set racadm sub command to set hash passwords:
• iDRAC.Users.SHA256Password
• iDRAC.Users.SHA256PasswordSalt
Use the following command to include the hash password in the exported server configuration profile:
racadm get -f <file name> -l <NFS / CIFS share> -u <username> -p <password> -t
<filetype> --includePH
You must set the Salt attribute when the associated hash is set.
NOTE: The attributes are not applicable to the INI configuration file.
Hash password in server configuration profile
The new hash passwords can be optionally exported in the server configuration profile.
57
When importing server configuration profile, you can uncomment the existing password attribute or the
new password hash attribute(s). If both are uncommented an error is generated and the password is not
set. A commented attribute is not applied during an import.
Generating hash password without SNMPv3 and IPMI authentication
To generate hash password without SNMPv3 and IPMI authentication:
1. For iDRAC user accounts, you must salt the password using SHA256.
When you salt the password, a 16 byte binary string is appended. The Salt is required to be 16 bytes
long, if provided.
2. Provide hash value and salt in the imported server configuration profile, RACADM commands, or
WSMAN.
3. After setting the password, the normal plain text password authentication works except that SNMP v3
and IPMI authentication fails for iDRAC user accounts that had passwords updated with hash.
Setting up management station
A management station is a computer used for accessing iDRAC interfaces to remotely monitor and
manage the PowerEdge server(s).
To set up the management station:
1. Install a supported operating system. For more information, see the release notes.
2. Install and configure a supported Web browser (Internet Explorer, Firefox, Chrome, or Safari).
3. Install the latest Java Runtime Environment (JRE) (required if Java plug-in type is used to access
iDRAC using a Web browser).
4. From the Dell Systems Management Tools and Documentation DVD, install Remote RACADM and
VMCLI from the SYSMGMT folder. Else, run
and other OpenManage software. For more information about RACADM, see iDRAC8 RACADM
Command Line Interface Reference Guide available at dell.com/idracmanuals..
5. Install the following based on the requirement:
• Telnet
• SSH client
• TFTP
• Dell OpenManage Essentials
Setup on the DVD to install Remote RACADM by default
Related Concepts
Installing and using VMCLI utility
Related Tasks
Configuring supported web browsers
Accessing iDRAC remotely
To remotely access iDRAC Web interface from a management station, make sure that the management
station is in the same network as iDRAC. For example:
• Blade servers — The management station must be on the same network as CMC. For more
information on isolating CMC network from the managed system’s network, see Chassis Management
Controller User’s Guide available at dell.com/support/manuals.
• Rack and tower servers — Set the iDRAC NIC to Dedicated or LOM1 and make sure that the
management station is on the same network as iDRAC.
58
To access the managed system’s console from a management station, use Virtual Console through
iDRAC Web interface.
Related Concepts
Launching virtual console
Related Tasks
Network settings
Setting up managed system
If you need to run local RACADM or enable Last Crash Screen capture, install the following from the Dell
Systems Management Tools and Documentation DVD:
• Local RACADM
• Server Administrator
For more information about Server Administrator, see Dell OpenManage Server Administrator User’s
Guide available at dell.com/support/manuals.
Related Tasks
Modifying local administrator account settings
Modifying local administrator account settings
After setting the iDRAC IP address, you can modify the local administrator account settings (that is, user
2) using the iDRAC Settings utility. To do this:
1. In the iDRAC Settings utility, go to User Configuration.
The iDRAC Settings User Configuration page is displayed.
2. Specify the details for User Name, LAN User Privilege, Serial Port User Privilege, and Change
Password.
For information about the options, see the iDRAC Settings Utility Online Help.
3. Click Back, click Finish, and then click Yes.
The local administrator account settings are configured.
Setting up managed system location
You can specify the location details of the managed system in the data center using the iDRAC Web
interface or iDRAC Settings utility.
Setting up managed system location using web interface
To specify the system location details:
1. In the iDRAC web interface, go to Overview → Server → Properties → Details.
The System Details page is displayed.
2. Under System Location, enter the location details of the managed system in the data center.
For information about the options, see the iDRAC Online Help.
3. Click Apply. The system location details are saved in iDRAC.
59
Setting up managed system location using RACADM
To specify the system location details, use the System.Location group objects. For more information,
see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
Setting up managed system location using iDRAC settings utility
To specify the system location details:
1. In the iDRAC Settings utility, go to System Location.
The iDRAC Settings System Location page is displayed.
2. Enter the location details of the managed system in the data center. For information about the
options, see the
3. Click Back, click Finish, and then click Yes.
The details are saved.
iDRAC Settings Utility Online Help.
Optimizing system performance and power consumption
The power required to cool a server can contribute a significant amount to the overall system power.
Thermal control is the active management of system cooling through fan speed and system power
management to make sure that the system is reliable while minimizing system power consumption,
airflow, and system acoustic output. You can adjust the thermal control settings and optimize against the
system performance and performance-per-Watt requirements.
Using the iDRAC Web interface, RACADM, or the iDRAC Settings Utility, you can change the following
thermal settings:
• Optimize for performance
• Optimize for minimum power
• Set the maximum air exhaust temperature
• Increase airflow through a fan offset, if required
• Increase airflow through increasing minimum fan speed
Modifying thermal settings using iDRAC web interface
To modify the thermal settings:
1. In the iDRAC Web interface, go to Overview → Hardware → Fans → Setup.
The Fan Setup page is displayed.
2. Specify the following:
• Thermal Profile — Select the thermal profile:
– Default Thermal Profile Settings — Implies that the thermal algorithm uses the same system
profile settings that is defined under
Settings page.
By default, this is set to Default Thermal Profile Settings. You can also select a custom algorithm,
which is independent of the BIOS profile. The options available are:
– Maximum Performance (Performance Optimized) :
* Reduced probability of memory or CPU throttling.
60
System BIOS → System BIOS Settings.System Profile
* Increased probability of turbo mode activation.
* Generally, higher fan speeds at idle and stress loads.
– Minimum Power (Performance per Watt Optimized):
* Optimized for lowest system power consumption based on optimum fan power state.
* Generally, lower fan speeds at idle and stress loads.
NOTE: Selecting Maximum Performance or Minimum Power, overrides thermal settings
associated to System Profile setting under System BIOS → System BIOS Settings.System
Profile Settings page.
• Maximum Exhaust Temperature Limit — From the drop-down menu, select the maximum
exhaust air temperature. The values are displayed based on the system.
The default value is Default, 70°C (158 °F).
This option allows the system fans speeds to change such that the exhaust temperature does not
exceed the selected exhaust temperature limit. This cannot always be guaranteed under all
system operating conditions due to dependency on system load and system cooling capability.
• Fan Speed Offset — Selecting this option allows additional cooling to the server. In case
hardware is added (example, new PCIe cards), it may require additional cooling. A fan speed
offset causes fan speeds to increase (by the offset % value) over baseline fan speeds calculated by
the Thermal Control algorithm. Possible values are:
– Low Fan Speed — Drives fan speeds to a moderate fan speed.
– Medium Fan Speed — Drives fan speeds close to medium.
– High Fan Speed — Drives fan speeds close to full speed.
– Max Fan Speed — Drives fan speeds to full speed.
– Off — Fan speed offset is set to off. This is the default value. When set to off, the percentage
does not display. The default fan speed is applied with no offset. Conversely, the maximum
setting will result in all fans running at maximum speed.
The fan speed offset is dynamic and based on the system. The fan speed increase for each offset
is displayed next to each option.
The fan speed offset increases all fan speeds by the same percentage. Fan speeds may increase
beyond the offset speeds based on individual component cooling needs. The overall system
power consumption is expected to increase.
Fan speed offset allows you to increase the system fan speed with four incremental steps. These
steps are equally divided between the typical baseline speed and the maximum speed of the
server system fans. Some hardware configurations results in higher baseline fan speeds, which
results in offsets other than the maximum offset to achieve maximum speed.
The most common usage scenario is non-standard PCIe adapter cooling. However, the feature
can be used to increase system cooling for other purposes.
• Minimum Fan Speed in PWM (% of Max) — Select this option to fine tune the fan speed. Using
this option, you can set a higher baseline system fan speed or increase the system fan speed if
other custom fan speed options are not resulting in the required higher fan speeds.
– Default — Sets minimum fan speed to default value as determined by the system cooling
algorithm.
– Custom — Enter the percentage value.
61
The allowable range for minimum fan speed PWM is dynamic based on the system configuration.
The first value is the idle speed and the second value is the configuration max (which may or may
not be 100% based on system configuration).
System fans can run higher than this speed as per thermal requirements of the system but not
lower than the defined minimum speed. For example, setting Minimum Fan Speed at 35% limits
the fan speed to never go lower than 35% PWM.
NOTE: 0% PWM does not indicate fan is off. It is the lowest fan speed that the fan can
achieve.
The settings are persistent, which means that once they are set and applied, they do not
automatically change to the default setting during system reboot, power cycling, iDRAC, or BIOS
updates. A few Dell servers may or may not support some or all of these custom user cooling
options. If the options are not supported, they are not displayed or you cannot provide a custom
value.
3. Click Apply to apply the settings.
The following message is displayed:
It is recommended to reboot the system when a thermal profile change has
been made. This is to ensure all power and thermal settings are activated.
Click Reboot Later or Reboot Now.
NOTE: You must reboot the system for the settings to take effect.
Modifying thermal settings using RACADM
To modify the thermal settings, use the objects in the system.thermalsettings group with the set sub
command as provided in the following table.
Object Description Usage Example
AirExhaustT
emp
Allows you to set the
maximum air exhaust
temperature limit.
Set to any of the
following values
(based on the
system):
• 0 — Indicates
40°C
• 1 — Indicates
45°C
• 2 — Indicates
50°C
• 3 — Indicates
55°C
• 4 — Indicates
60°C
• 255 —
Indicates 70°C
(default)
To check the existing setting on the
system:
racadm get
system.thermalsettings.AirE
xhaustTemp
The output is:
AirExhaustTemp=70
This means that the system is set to
limit the air exhaust temperature to
70°C.
To set the exhaust temperature
limit to 60°C:
racadm set
system.thermalsettings.AirE
xhaustTemp 4
The output is:
Object value modified
successfully.
62
Object Description Usage Example
If a system does not support a
particular air exhaust temperature
limit, then when you run the
following command:
racadm set
system.thermalsettings.AirE
xhaustTemp 0
The following error message is
displayed:
ERROR: RAC947: Invalid
object value specified.
Make sure to specify the value
depending on the type of object.
For more information, see RACADM
help.
To set the limit to the default value:
racadm set
system.thermalsettings.AirE
xhaustTemp 255
FanSpeedHig
hOffsetVal
FanSpeedLow
OffsetVal
FanSpeedMax
OffsetVal
• Getting this variable reads
the fan speed offset value
in %PWM for High Fan
Speed Offset setting.
• This value depends on
the system.
• Use FanSpeedOffset
object to set this value
using index value 1.
• Getting this variable reads
the fan speed offset value
in %PWM for Low Fan
Speed Offset setting.
• This value depends on
the system.
• Use FanSpeedOffset
object to set this value
using index value 0.
• Getting this variable reads
the fan speed offset value
in %PWM for Max Fan
Speed Offset setting.
• This value depends on
the system.
Values from 0-100
Values from 0-100
Values from 0-100
racadm get
system.thermalsettings
FanSpeedHighOffsetVal
This returns a value such as “66”.
This means that when you use the
following command, it applies a fan
speed offset of High (66% PWM)
over the baseline fan speed
racadm set
system.thermalsettings
FanSpeedOffset 1
racadm get
system.thermalsettings
FanSpeedLowOffsetVal
This returns a value such as “23”.
This means that when you use the
following command, it applies a fan
speed offset of Low (23% PWM)
over baseline fan speed
racadm set
system.thermalsettings
FanSpeedOffset 0
racadm get
system.thermalsettings
FanSpeedMaxOffsetVal
63
Object Description Usage Example
• Use FanSpeedOffset to
set this value using index
value 3
This returns a value such as “100”.
This means that when you use the
following command, it applies a fan
speed offset of Max (meaning full
speed, 100% PWM). In most cases,
this offset results in fan speeds
increasing to full speed.
racadm set
system.thermalsettings
FanSpeedOffset 3
FanSpeedMed
iumOffsetVa
l
FanSpeedOff
set
• Getting this variable reads
the fan speed offset value
in %PWM for Medium Fan
Speed Offset setting.
• This value depends on
the system.
• Use FanSpeedOffset
object to set this value
using index value 2
• Using this object with get
command displays the
existing Fan Speed Offset
value.
• Using this object with set
command allows setting
the required fan speed
offset value.
• The index value decides
the offset that is applied
and the
FanSpeedLowOffsetVa
l,
FanSpeedMaxOffsetVa
l,
FanSpeedHighOffsetV
, and
al
FanSpeedMediumOffse
tVal objects (defined
earlier) are the values at
which the offsets are
applied.
Values from 0-100
Values are:
• 0 — Low Fan
Speed
• 1 — High Fan
Speed
• 2 — Medium
Fan Speed
• 3 — Max Fan
Speed
• 255 — None
racadm get
system.thermalsettings
FanSpeedMediumOffsetVal
This returns a value such as “47”.
This means that when you use the
following command, it applies a fan
speed offset of Medium (47% PWM)
over baseline fan speed
racadm set
system.thermalsettings
FanSpeedOffset 2
To view the existing setting:
racadm get
system.thermalsettings.FanS
peedOffset
To set the fan speed offset to High
value (as defined in
FanSpeedHighOffsetVal)
racadm set
system.thermalsettings.FanS
peedOffset 1
MFSMaximumL
imit
64
Read Maximum limit for MFS
Values from 1 —
100
To display the highest value that
can be set using
MinimumFanSpeed option:
racadm get
system.thermalsettings.MFSM
aximumLimit
Object Description Usage Example
MFSMinimumL
imit
Read Minimum limit for MFS
Values from 0 to
MFSMaximumLimi
t
To display the lowest value that can
be set using MinimumFanSpeed
option.
MinimumFanS
peed
ThermalProf
ile
• Allows configuring the
Minimum Fan speed that
is required for the system
to operate.
• It defines the baseline
(floor) value for fan speed
and system allows fans to
go lower than this
defined fan speed value.
• This value is %PWM value
for fan speed.
• Allows you to specify the
Thermal Base Algorithm.
• Allows you to set the
system profile as required
for thermal behavior
associated to the profile.
Default is 255
(means None)
Values from
MFSMinimumLimi
t to
MFSMaximumLimi
t
When get
command reports
255, it means user
configured offset
is not applied.
Values:
• 0 — Auto
• 1 — Maximum
performance
• 2 — Minimum
Power
racadm get
system.thermalsettings.MFSM
inimumLimit
To make sure that the system
minimum speed does not decrease
lower than 45% PWM (45 must be a
value between MFSMinimumLimit
to MFSMaximumLimit):
racadm set
system.thermalsettings.Mini
mumFanSpeed 45
To view the existing thermal profile
setting:
racadm get
system.thermalsettings.Ther
malProfile
To set the thermal profile to
Maximum Performance:
racadm set
system.thermalsettings.Ther
malProfile 1
ThirdPartyP
CIFanRespon
se
• Thermal overrides for
third-party PCI cards.
• Allows you to disable or
enable the default system
fan response for detected
third-party PCI cards.
• You can confirm the
presence of third-party
PCI card by viewing the
message ID PCI3018 in
the Lifecycle Controller
log.
Values:
• 0 — Enabled
• 1 — Disabled
NOTE: The
default value
is 0.
Modifying thermal settings using iDRAC settings utility
To modify the thermal settings:
1. In the iDRAC Settings utility, go to Thermal.
The iDRAC Settings Thermal page is displayed.
2. Specify the following:
• Thermal Profile
• Maximum Exhaust Temperature Limit
To disable any default fan speed
response set for a detected thirdparty PCI card: racadm set
system.thermalsettings.Thir
dPartyPCIFanResponse 1
65
• Fan Speed Offset
• Minimum Fan Speed
For information about the fields, see the Modifying thermal settings using web interface.
The settings are persistent, which means that once they are set and applied, they do not
automatically change to the default setting during system reboot, power cycling, iDRAC, or BIOS
updates. A few Dell servers may or may not support some or all of these custom user cooling
options. If the options are not supported, they are not displayed or you cannot provide a custom
value.
3. Click Back, click Finish, and then click Yes.
The thermal settings are configured.
Configuring supported web browsers
iDRAC is supported on Internet Explorer, Mozilla Firefox, Google Chrome, and Safari Web browsers. For
information about the versions, see the Release Notes available at dell.com/idracmanuals.
If you are connecting to iDRAC Web interface from a management station that connects to the Internet
through a proxy server, you must configure the Web browser to access the Internet from through this
server. This section provides information to configure Internet Explorer.
To configure the Internet Explorer Web browser:
1. Set IE to Run As Administrator.
2. In the Web browser, go to Tools → Internet Options → Security → Local Network.
3. Click Custom Level, select Medium-Low, and click Reset. Click OK to confirm. Click Custom Level
to open the dialog.
4. Scroll down to the section labeled ActiveX controls and plug-ins and set the following:
NOTE: The settings in the Medium-Low state depend on the IE version.
• Automatic prompting for ActiveX controls: Enable
• Binary and script behaviors: Enable
• Download signed ActiveX controls: Prompt
• Initialize and script ActiveX controls not marked as safe: Prompt
• Run ActiveX controls and plug-ins: Enable
• Script ActiveX controls marked safe for scripting: Enable
Under Downloads:
• Automatic prompting for file downloads: Enable
• File download: Enable
• Font download: Enable
Under Miscellaneous:
• Allow META-REFRESH: Enable
• Allow scripting of Internet Explorer Web browser control: Enable
• Allow script-initiated windows without size or position constraints: Enable
• Do not prompt for client certificate selection when no certificates or only one certificate exists:
Enable
66
• Launching programs and files in an IFRAME: Enable
• Open files based on content, not file extension: Enable
• Software channel permissions: Low safety
• Submit non-encrypted form data: Enable
• Use Pop-up Blocker: Disable
Under Scripting:
• Active scripting: Enable
• Allow paste operations via script: Enable
• Scripting of Java applets: Enable
5. Go to Tools → Internet Options → Advanced.
6. Under Browsing:
• Always send URLs as UTF-8: selected
• Disable script debugging (Internet Explorer): selected
• Disable script debugging: (Other): selected
• Display a notification about every script error: cleared
• Enable Install On demand (Other): selected
• Enable page transitions: selected
• Enable third-party browser extensions: selected
• Reuse windows for launching shortcuts: cleared
Under HTTP 1.1 settings:
• Use HTTP 1.1: selected
• Use HTTP 1.1 through proxy connections: selected
Under Java (Sun):
• Use JRE 1.6.x_yz: selected (optional; version may differ)
Under Multimedia:
• Enable automatic image resizing: selected
• Play animations in Web pages: selected
• Play videos in Web pages: selected
• Show pictures: selected
Under Security:
• Check for publishers' certificate revocation: cleared
• Check for signatures on downloaded programs: selected
• Use SSL 2.0: cleared
• Use SSL 3.0: selected
• Use TLS 1.0: selected
• Warn about invalid site certificates: selected
• Warn if changing between secure and not secure mode: selected
• Warn if forms submittal is being redirected: selected
67
NOTE: To modify the settings, it is recommended that you learn and understand the
consequences. For example, if you block pop-ups, parts of iDRAC Web interface may not
function properly.
7. Click Apply, and then click OK.
8. Click the Connections tab.
9. Under Local Area Network (LAN) settings, click LAN Settings.
10. If you are using IE9 and IPv6 address to access iDRAC, clear the Use automatic configuration script
option.
11. If the Use a proxy server box is selected, select the Bypass proxy server for local addresses box.
12. Click OK twice.
13. Close and restart your browser to make sure all changes take effect.
NOTE: When you log in to iDRAC Web interface using Internet Explorer 9.x, sometimes
contents in few pages are not shown properly. To resolve this, press <F12>. In the Internet
Explorer 9 Debug window, select Document Mode as Internet Explorer 7. The browser
refreshes and the iDRAC Login page is displayed.
Related Concepts
Viewing localized versions of web interface
Related Tasks
Adding iDRAC to the list of trusted domains
Disabling whitelist feature in Firefox
Adding iDRAC to the list of trusted domains
When you access iDRAC Web interface, you are prompted to add iDRAC IP address to the list of trusted
domains if the IP address is missing from the list. When completed, click Refresh or relaunch the Web
browser to establish a connection to iDRAC web interface.
On some operating systems, Internet Explorer (IE) 8 may not prompt you to add iDRAC IP address to the
list of trusted domains if the IP address is missing from the list.
NOTE: When connecting to the iDRAC Web interface with a certificate the browser does not trust,
the browser's certificate error warning may display a second time after you acknowledge the first
warning. This is the expected behavior to for security.
To add iDRAC IP address to the list of trusted domains in IE8, do the following:
1. Select Tools → Internet Options → Security → Trusted sites → Sites.
2. Enter iDRAC IP address to the Add this website to the zone.
3. Click Add, click OK, and then click Close.
4. Click OK and then refresh your browser.
Disabling whitelist feature in Firefox
Firefox has a "whitelist" security feature that requires user permission to install plug-ins for each distinct
site that hosts a plug-in. If enabled, the whitelist feature requires you to install a Virtual Console viewer for
each iDRAC you visit, even though the viewer versions are identical.
To disable the whitelist feature and avoid unnecessary plug-in installations, perform the following steps:
1. Open a Firefox Web browser window.
2. In the address field, enter about:config and press <Enter>.
68
3. In the Preference Name column, locate and double-click xpinstall.whitelist.required.
The values for Preference Name, Status, Type, and Value change to bold text. The Status value
changes to user set and the Value changes to false.
4. In the Preferences Name column, locate xpinstall.enabled.
Make sure that Value is true. If not, double-click xpinstall.enabled to set Value to true.
Viewing localized versions of web interface
iDRAC web interface is supported in the following languages:
• English (en-us)
• French (fr)
• German (de)
• Spanish (es)
• Japanese (ja)
• Simplified Chinese (zh-cn)
The ISO identifiers in parentheses denote the supported language variants. For some supported
languages, resizing the browser window to 1024 pixels wide is required to view all features.
iDRAC Web interface is designed to work with localized keyboards for the supported language variants.
Some features of iDRAC Web interface, such as Virtual Console, may require additional steps to access
certain functions or letters. Other keyboards are not supported and may cause unexpected problems.
NOTE: See the browser documentation on how to configure or setup different languages and view
localized versions of iDRAC Web interface.
Updating device firmware
Using iDRAC, you can update the iDRAC, BIOS, and all device firmware that is supported through
Lifecycle Controller update such as:
• Lifecycle Controller
• Diagnostics
• Operating System Driver Pack
• Network Interface Card (NIC)
• RAID Controller
• Power Supply Unit (PSU)
• PCIe Solid-State Drives (SSDs)
• SAS Hard drives
You must upload the required firmware to iDRAC. After the upload is complete, the current version of the
firmware installed on the device and the version being applied is displayed. If the firmware being
uploaded is not valid, an error message is displayed. Updates that do not require a reboot are applied
immediately. Updates that require a system reboot are staged and committed to run on the next system
reboot. Only one system reboot is required to perform all updates.
After the firmware is updated, the System Inventory page displays the updated firmware version and logs
are recorded.
The supported firmware image file types are:
69
• .exe — Windows-based Dell Update Package (DUP)
• .d7 — Contains both iDRAC and Lifecycle Controller firmware.
For files with .exe extension, you must have System Control privilege. The Remote Firmware Update
licensed feature and Lifecycle Controller must be enabled.
For files with .d7 extension, you must have Configure privilege.
NOTE: You can directly upgrade to firmware version 2.10.10.10 from 2.xx.xx.xx on a 13th generation
PowerEdge server and from 1.5x.5x or 1.6x.6x on a 12th generation PowerEdge server.
NOTE: After upgrading the iDRAC firmware, you may notice a difference in the time stamp
displayed in the Lifecycle Controller log until the iDRAC time is reset using NTP. The Lifecycle log
displays the BIOS time until the iDRAC time is reset.
You can perform firmware updates using the following methods:
• Using a firmware image file on a local system or on a network share.
• Connecting to the FTP, TFTP, or HTTP site or a network repository that contains a catalog of available
updates. You can create custom repositories using the Dell Repository Manager. For more
information, see Dell Repository Manager Data Center User's Guide. iDRAC automatically provides a
difference between the BIOS and the firmware that is installed on the server and the repository
location or FTP site. All applicable updates contained in the repository are applied to the system. This
feature is available with iDRAC Enterprise license.
• Scheduling recurring automated firmware updates using the catalog file in the FTP site or the network
repository location.
The following table provides information on whether a system restart is required or not when firmware is
updated for a particular component.
NOTE: When multiple firmware updates are applied through out-of-band methods, the updates are
ordered in the most efficient possible manner to reduce unnecessary system restart.
Table 7. Firmware update — supported components
Component Name Firmware Rollback
Supported? (Yes or
No)
Out-of-band —
System Restart
Required?
In-band — System
Restart Required?
Lifecycle
Controller GUI
— Restart
Required?
Diagnostics No No No No
OS Driver Pack No No No No
Lifecycle Controller No No No Yes
BIOS Yes Yes Yes Yes
RAID Controller Yes Yes Yes Yes
Backplanes Yes Yes Yes Yes
Enclosures Yes Yes No Yes
NIC Yes Yes Yes Yes
iDRAC Yes **No *No *No
Power Supply Unit Yes Yes Yes Yes
70
Component Name Firmware Rollback
Supported? (Yes or
No)
CPLD No Yes Yes Yes
FC Cards Yes Yes Yes Yes
PCIe SSD No No No No
SAS Hard drives No Yes Yes No
* Indicates that though a system restart is not required, iDRAC must be restarted to apply the updates.
iDRAC communication and monitoring may temporarily be interrupted.
** When iDRAC is updated from version 1.30.30 or later, a system restart is not necessary. However,
firmware versions of iDRAC earlier than 1.30.30 require a system restart when applied using the out-ofband interfaces.
Related Concepts
Downloading device firmware
Related Tasks
Updating single device firmware
Updating firmware using repository
Updating firmware using FTP
Updating device firmware using TFTP
Updating device firmware using HTTP
Updating device firmware using RACADM
Scheduling automatic firmware updates
Updating firmware using CMC web interface
Updating firmware using DUP
Updating firmware using remote RACADM
Updating firmware using Lifecycle Controller Remote Services
Out-of-band —
System Restart
Required?
In-band — System
Restart Required?
Lifecycle
Controller GUI
— Restart
Required?
Downloading device firmware
The image file format that you download depends on the method of update:
• iDRAC Web interface — Download the binary image packaged as a self-extracting archive. The default
firmware image file is firmimg.d7.
NOTE: The same file format is used to recover iDRAC using CMC Web interface.
• Managed System — Download the operating system-specific Dell Update Package (DUP). The file
extensions are .bin for Linux Operating systems and .exe for Windows operating systems.
• Lifecycle Controller — Download the latest catalog file and DUPs and use the Platform Update feature
in Lifecycle Controller to update the device firmware. For more information about Platform Update,
see Lifecycle Controller User’s Guide available at dell.com/idracmanuals.
71
Updating firmware using iDRAC web interface
You can update the device firmware using firmware images available on the local system, from a
repository on a network share (CIFS or NFS), or from FTP.
Updating single device firmware
Before updating the firmware using single device update method, make sure that you have downloaded
the firmware image to a location on the local system.
NOTE: Ensure that the file name for the single component DUP does not have any blank space.
To update single device firmware using iDRAC web interface:
1. Go to Overview → iDRAC Settings → Update and Rollback.
The Firmware Update page is displayed.
2. On the Update tab, select Local as the File Location.
3. Click Browse, select the firmware image file for the required component, and then click Upload.
4. After the upload is complete, the Update Details section displays each firmware file uploaded to
iDRAC and its status.
If the firmware image file is valid and was successfully uploaded, the Contents column displays a
icon next to the firmware image file name. Expand the name to view the Device Name, Current, and
Available firmware version information.
5. Select the required firmware file to be updated and do one of the following:
• For firmware images that do not require a host system reboot, click Install. For example, iDRAC
firmware file.
• For firmware images that require a host system reboot, click Install and Reboot or Install Next
Reboot.
• To cancel the firmware update, click Cancel.
When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job
Queue is displayed.
6. Click Job Queue to display the Job Queue page, where you can view and manage the staged
firmware updates or click
NOTE: If you navigate away from the page without committing the updates, an error message
is displayed and all the uploaded content is lost.
Related Concepts
Updating device firmware
Viewing and managing staged updates
Downloading device firmware
OK to refresh the current page and view the status of the firmware update.
Updating firmware using repository
You can perform multiple firmware updates by specifying a network share containing a valid repository of
DUPs and a catalog describing the available DUPs. When iDRAC connects to the network share location
and checks for available updates, a comparison report is generated that lists all available updates. You can
then select and apply the required updates contained in the repository to the system.
Before performing an update using the repository, make sure that:
72
• A repository containing Windows-based update packages (DUPs) and a catalog file is created in the
network share (CIFS or NFS). If a user-defined catalog file is not available, by default Catalog.xml is
used.
• Lifecycle Controller is enabled.
• You have Server Control privilege to update firmware for devices other than iDRAC.
To update device firmware using a repository:
1. In the iDRAC web interface, go to Overview → iDRAC Settings → Update and Rollback.
The Firmware Update page is displayed.
2. On the Update tab, select Network Share as the File Location.
3. In the Catalog Location section, enter the network setting details.
While specifying the network share settings, it is recommended to avoid special characters for user
name and password or percent encode the special characters.
For information about the fields, see the iDRAC Online Help.
4. Click Check for Update.
The Update Details section displays a comparison report showing the current firmware versions and
the firmware versions available in the repository.
NOTE: Any update in the repository that is not applicable to the system or the installed
hardware or not supported is not included in the comparison report.
5. Select the required updates and do one of the following:
• For firmware images that do not require a host system reboot, click Install. For example, .d7
firmware file.
• For firmware images that require a host system reboot, click Install and Reboot or Install Next
Reboot.
• To cancel the firmware update, click Cancel.
When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job
Queue is displayed.
6. Click Job Queue to display the Job Queue page, where you can view and manage the staged
firmware updates or click
Related Concepts
Updating device firmware
Viewing and managing staged updates
Downloading device firmware
Scheduling automatic firmware updates
OK to refresh the current page and view the status of the firmware update.
Updating firmware using FTP
You can directly connect to the Dell FTP site or any other FTP site from iDRAC to perform the firmware
updates. You can use the Windows-based update packages (DUPs) and a catalog file available on the FTP
site instead of creating custom repositories.
Before performing an update using the repository, make sure that:
• Lifecycle Controller is enabled.
• You have Server Control privilege to update firmware for devices other than iDRAC.
73
To update device firmware using FTP:
1. In the iDRAC web interface, go to Overview → iDRAC Settings → Update and Rollback.
The Firmware Update page is displayed.
2. On the Update tab, select FTP as the File Location.
3. In the FTP Server Settings section, enter the FTP details.
For information about the fields, see the iDRAC Online Help.
4. Click Check for Update.
5. After the upload is complete, the Update Details section displays a comparison report showing the
current firmware versions and the firmware versions available in the repository.
NOTE: Any update in the repository that is not applicable to the system or the installed
hardware or is not supported is not included in the comparison report.
6. Select the required updates and do one of the following:
• For firmware images that do not require a host system reboot, click Install. For example, .d7
firmware file.
• For firmware images that require a host system reboot, click Install and Reboot or Install Next
Reboot.
• To cancel the firmware update, click Cancel.
When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job
Queue is displayed.
7. Click Job Queue to display the Job Queue page, where you can view and manage the staged
firmware updates or click OK to refresh the current page and view the status of the firmware update.
Related Concepts
Updating device firmware
Viewing and managing staged updates
Downloading device firmware
Scheduling automatic firmware updates
Updating device firmware using TFTP
You can directly connect to the TFTP site from iDRAC to perform the firmware updates. You can use the
Windows-based update packages (DUPs) and a catalog file available on the TFTP site instead of creating
custom repositories.
Before performing an update, make sure that:
• Lifecycle Controller is enabled.
• You have Server Control privilege to update firmware for devices other than iDRAC.
To update device firmware using TFTP:
1. In the iDRAC web interface, go to Overview → iDRAC Settings → Update and Rollback.
The Firmware Update page is displayed.
2. On the Update tab, select TFTP as the File Location.
3. In the TFTP Server Settings section, enter the TFTP details.
For information about the fields, see the iDRAC Online Help.
4. Click Check for Update.
5. After the upload is complete, the Update Details section displays a comparison report showing the
current firmware versions and the firmware versions available in the repository.
74
NOTE: Any update in the repository that is not applicable to the system or the installed
hardware or is not supported is not included in the comparison report.
6. Select the required updates and do one of the following:
• For firmware images that do not require a host system reboot, click Install. For example, .d7
firmware file.
• For firmware images that require a host system reboot, click Install and Reboot or Install Next
Reboot.
• To cancel the firmware update, click Cancel.
When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job
Queue is displayed.
7. Click Job Queue to display the Job Queue page, where you can view and manage the staged
firmware updates or click OK to refresh the current page and view the status of the firmware update.
Related Concepts
Downloading device firmware
Updating device firmware
Viewing and managing staged updates
Downloading device firmware
Scheduling automatic firmware updates
Updating device firmware using HTTP
You can directly connect to the HTTP site from iDRAC to perform the firmware updates. You can use the
Windows-based update packages (DUPs) and a catalog file available on the HTTP site instead of creating
custom repositories.
Before performing an update using the repository, make sure that:
• Lifecycle Controller is enabled.
• You have Server Control privilege to update firmware for devices other than iDRAC.
To update device firmware using HTTP:
1. In the iDRAC web interface, go to Overview → iDRAC Settings → Update and Rollback.
The Firmware Update page is displayed.
2. On the Update tab, select HTTP as the File Location.
3. In the HTTP Server Settings section, enter the HTTP details.
For information about the fields, see the iDRAC Online Help.
4. Click Check for Update.
5. After the upload is complete, the Update Details section displays a comparison report showing the
current firmware versions and the firmware versions available in the repository.
NOTE: Any update in the repository that is not applicable to the system or the installed
hardware or is not supported is not included in the comparison report.
6. Select the required updates and do one of the following:
• For firmware images that do not require a host system reboot, click Install. For example, .d7
firmware file.
• For firmware images that require a host system reboot, click Install and Reboot or Install Next
Reboot.
• To cancel the firmware update, click Cancel.
75
When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job
Queue is displayed.
7. Click Job Queue to display the Job Queue page, where you can view and manage the staged
firmware updates or click
Enter the tasks the user should do after finishing this task (optional).
Related Concepts
Downloading device firmware
Updating device firmware
Viewing and managing staged updates
Downloading device firmware
Scheduling automatic firmware updates
OK to refresh the current page and view the status of the firmware update.
Updating device firmware using RACADM
To update device firmware using RACADM, use the update subcommand. For more information, see the
RACADM Reference Guide for iDRAC and CMC available at dell.com/idracmanuals.
Examples:
• To generate a comparison report using an update repository:
racadm update –f catalog.xml –l //192.168.1.1 –u test –p passwd -verifycatalog
• To perform all applicable updates from an update repository using myfile.xml as a catalog file and
perform a graceful reboot:
racadm update –f “myfile.xml” –b “graceful” –l //192.168.1.1 –u test –p
passwd
• To perform all applicable updates from an FTP update repository using Catalog.xml as a catalog file:
racadm update –f “Catalog.xml” –t FTP –e 192.168.1.20/Repository/Catalog
Scheduling automatic firmware updates
You can create a periodic recurring schedule for iDRAC to check for new firmware updates. At the
scheduled day and time, iDRAC connects to the specified network share (CIFS or NFS) or the FTP, checks
for new updates and applies or stages all applicable updates. A log file on the remote server contains
information about server access and staged firmware updates.
Automatic updates are available only with the iDRAC Enterprise license.
You can schedule automatic firmware updates using the iDRAC web interface or RACADM.
NOTE: IPv6 address is not supported for scheduling automatic firmware updates.
Related Concepts
Downloading device firmware
Updating device firmware
Viewing and managing staged updates
Scheduling automatic firmware update using web interface
To schedule automatic firmware update using web Interface:
76
NOTE: Do not create the next scheduled occurrence of an automatic update job if a job is already
Scheduled. It overwrites the current scheduled job.
1. In the iDRAC web interface, go to Overview → iDRAC Settings → Update and Rollback.
The Firmware Update page is displayed.
2. Click the Automatic Update tab.
3. Select the Enable Automatic Update option.
4. Select any of the following options to specify if a system reboot is required after the updates are
staged:
• Schedule Updates — Stage the firmware updates but do not reboot the server.
• Schedule Updates and reboot Server — Enables server reboot after the firmware updates are
staged.
5. Select any of the following to specify the location of the firmware images:
• Network — Use the catalog file from a network share (CIFS or NFS). Enter the network share
location details.
NOTE: While specifying the network share settings, it is recommended to avoid special
characters for user name and password or percent encode the special characters.
• FTP — Use the catalog file from the FTP site. Enter the FTP site details.
6. Based on the selection in step 5, enter the network settings or the FTP settings.
For information about the fields, see the iDRAC Online Help.
7. In the Update Window Schedule section, specify the start time for the firmware update and the
frequency of the updates (daily, weekly, or monthly).
For information about the fields, see the iDRAC Online Help.
8. Click Schedule Update.
The next scheduled job is created in the job queue. Five minutes after the first instance of the
recurring job starts, the job for the next time period is created.
Scheduling automatic firmware update using RACADM
To schedule automatic firmware update, use the following commands:
• To enable automatic firmware update:
racadm set lifecycleController.lcattributes.AutoUpdate.Enable 1
• To view the status of automatic firmware update:
racadm get lifecycleController.lcattributes.AutoUpdate
• To schedule the start time and frequency of the firmware update:
racadm AutoUpdateScheduler create -u username –p password –l <location> [-f
catalogfilename -pu <proxyuser> -pp<proxypassword> -po <proxy port> -pt
<proxytype>] -time < hh:mm> [-dom < 1 – 28,L,’*’> -wom <1-4,L,’*’> -dow <sunsat,’*’>] -rp <1-366> -a <applyserverReboot (1-enabled | 0-disabled)>
For example,
– To automatically update firmware using a CIFS share:
racadm AutoUpdateScheduler create -u admin -p pwd -l //1.2.3.4/CIFS-share
–f cat.xml -time 14:30 -wom 1 -dow sun -rp 5 -a 1
– To automatically update firmware using FTP:
racadm AutoUpdateScheduler create -u admin -p pwd -l ftp.mytest.com -pu
puser –pp puser –po 8080 –pt http –f cat.xml -time 14:30 -wom 1 -dow sun rp 5 -a 1
77
• To view the current firmware update schedule:
racadm AutoUpdateScheduler view
• To disable automatic firmware update:
racadm set lifecycleController.lcattributes.AutoUpdate.Enable 0
• To clear the schedule details:
racadm AutoUpdateScheduler clear
Updating firmware using CMC web interface
You can update iDRAC firmware for blade servers using the CMC Web interface.
To update iDRAC firmware using the CMC Web interface:
1. Log in to CMC Web interface.
2. Go to Server → Overview → <server name>.
The Server Status page is displayed.
3. Click Launch iDRAC Web interface and perform iDRAC Firmware Update.
Related Concepts
Updating device firmware
Downloading device firmware
Updating firmware using iDRAC web interface
Updating firmware using DUP
Before you update firmware using Dell Update Package (DUP), make sure to:
• Install and enable the IPMI and managed system drivers.
• Enable and start the Windows Management Instrumentation (WMI) service if your system is running
Windows operating system,
NOTE: While updating the iDRAC firmware using the DUP utility in Linux, if you see error
messages such as usb 5-2: device descriptor read/64, error -71 displayed on the
console, ignore them.
• If the system has ESX hypervisor installed, then for the DUP file to run, make sure that the
"usbarbitrator" service is stopped using command: service usbarbitrator stop
To update iDRAC using DUP:
1. Download the DUP based on the installed operating system and run it on the managed system.
2. Run the DUP.
The firmware is updated. A system restart is not required after firmware update is complete.
Updating firmware using remote RACADM
To update using remote RACADM:
1. Download the firmware image to the TFTP or FTP server. For example, C:\downloads\firmimg.d7
2. Run the following RACADM command:
TFTP server:
• Using fwupdate command: racadm -r <iDRAC IP address> -u <username> -p
<password> fwupdate -g -u -a <path>
78
where path is the location on the TFTP server where firmimg.d7 is stored.
• Using update command: racadm -r <iDRAC IP address> -u <username> -p
<password> update —f <filename>
FTP server:
• Using fwupdate command: racadm -r <iDRAC IP address> -u <username> -p
<password> fwupdate –f <ftpsrever IP> <ftpserver username> <ftpserver
password> –d <path>
where path is the location on the FTP server where firmimg.d7 is stored.
• Using update command: racadm -r <iDRAC IP address> -u <username> -p
<password> update —f <filename>
For more information, see fwupdate command in the iDRAC8 RACADM Command Line Interface
Reference Guide available at dell.com/idracmanuals.
Updating firmware using Lifecycle Controller Remote Services
For information to update the firmware using Lifecycle Controller–Remote Services, see Lifecycle
Controller Remote Services Quick Start Guide available at dell.com/idracmanuals.
Updating CMC firmware from iDRAC
In the PowerEdge FX2/FX2s chassis, you can update the firmware for the Chassis Management Controller
and any component that can be updated by CMC and shared by the servers from iDRAC.
Before applying the update, make sure that:
• Servers are not allowed to power-up by CMC.
• Chassis with LCD must display a message indicating “update is in-progress”.
• Chassis without LCD must indicate the update progress using LED blinking pattern.
• During the update, chassis action power commands are disabled.
The updates for components such as Programmable System-on-Chip (PSoC) of IOM that requires all the
servers to be idle, the update is applied on the next chassis power-up cycle.
CMC settings to update CMC firmware from iDRAC
In the PowerEdge FX2/FX2s chassis, before performing the firmware update from iDRAC for CMC and its
shared components, do the following:
1. Launch the CMC Web interface
2. Navigate to Chassis Overview → Setup → General.
3. From the Chassis Management at Server Mode drop-down menu, select Manage and Monitor, and
the click Apply.
iDRAC settings to update CMC firmware
In the PowerEdge FX2/FX2s chassis, before updating the firmware for CMC and its shared components
from iDRAC, do the following settings in iDRAC:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Update and Rollback → Settings
The Chassis Management Controller Firmware Update Settings page is displayed.
2. For Allow CMC Updates Through OS and Lifecycle Controller, select Enabled to enable CMC
firmware update from iDRAC.
79
3. Under Current CMC Setting, make sure that Chassis Management at Server Mode option displays
Manage and Monitor. You can set this in CMC.
Viewing and managing staged updates
You can view and delete the scheduled jobs including configuration and update jobs. This is a licensed
feature. All jobs queued to run during the next reboot can be deleted.
Related Tasks
Updating device firmware
Viewing and managing staged updates using iDRAC web interface
To view the list of scheduled jobs using iDRAC web interface, go to Overview → Server → Job Queue.
The Job Queue page displays the status of jobs in the Lifecycle Controller job queue. For information
about the displayed fields, see the
To delete job(s), select the job(s) and click Delete. The page is refreshed and the selected job is removed
from the Lifecycle Controller job queue. You can delete all the jobs queued to run during the next reboot.
You cannot delete active jobs, that is, jobs with the status Running or Downloading.
You must have Server Control privilege to delete jobs.
Viewing and managing staged updates using RACADM
To view the staged updates using RACADM, use jobqueue subcommand. For more information, see the
iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
iDRAC Online Help.
Rolling back device firmware
You can roll back the firmware for iDRAC or any device that is supported by Lifecycle Controller even if
the upgrade was previously performed using another interface. For example, if the firmware was
upgraded using the Lifecycle Controller GUI, you can roll back the firmware using the iDRAC web
interface. You can perform firmware rollback for multiple devices with one system reboot.
On Dell’s 13th generation of PowerEdge servers that have a single iDRAC and Lifecycle Controller
firmware, rolling back the iDRAC firmware also rolls back the Lifecycle Controller firmware. However, on
a 12th generation of PowerEdge server with firmware version 2.xx.xx.xx, rolling back iDRAC to a previous
version such as 1.xx.xx does not roll back the Lifecycle Controller firmware version. It is recommended
that you roll back Lifecycle Controller to a previous version after rolling back iDRAC.
NOTE: On a 12th generation of PowerEdge server with firmware version 2.10.10.10, you cannot roll
back Lifecycle Controller to 1.xx.xx without rolling back iDRAC. You must roll back iDRAC first to
1.xx.xx version and only then can you roll back Lifecycle Controller.
You can perform firmware rollback for the following components:
• iDRAC with Lifecycle Controller
• BIOS
• Network Interface Card (NIC)
• Power Supply Unit (PSU)
• RAID Controller
80
• Backplane
NOTE: You cannot perform firmware rollback for Diagnostics, Driver Packs, and CPLD.
NOTE: Firmware version 1.xx.xx is not supported on a 13th generation PowerEdge system.
Before rolling back the firmware, make sure that:
• You have Configure privilege to roll back iDRAC firmware.
• You have Server Control privilege and have enabled Lifecycle Controller to roll back firmware for any
other device other than the iDRAC.
• Change the NIC mode to Dedicated if the mode is set as Shared LOM.
You can roll back the firmware to the previously installed version using any of the following methods:
• iDRAC web interface
• CMC web interface
• RACADM CLI (iDRAC and CMC)
• Lifecycle Controller
• Lifecycle Controller-Remote Services
Related Tasks
Rollback firmware using iDRAC web interface
Rollback firmware using CMC web interface
Rollback firmware using RACADM
Rollback firmware using Lifecycle Controller
Rollback firmware using Lifecycle Controller-Remote Services
Rollback firmware using iDRAC web interface
To roll back device firmware:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Update and Rollback → Rollback.
The Rollback page displays the devices for which you can rollback the firmware. You can view the
device name, associated devices, currently installed firmware version, and the available firmware
rollback version.
2. Select one or more devices for which you want to rollback the firmware.
3. Based on the selected devices, click Install and Reboot or Install Next Reboot. If only iDRAC is
selected, then click
When you click Install and Reboot or Install Next Reboot, the message “Updating Job Queue” is
displayed.
4. Click Job Queue.
The Job Queue page is displayed, where you can view and manage the staged firmware updates.
NOTE:
• While in rollback mode, the rollback process continues in the background even if you
navigate away from this page.
• If iDRAC configuration is reset to default values, the iDRAC IP address is reset to
192.168.0.120. You can access iDRAC using this IP, or reconfigure the iDRAC address using
local RACADM or F2 (remote RACADM requires network access).
Install.
81
An error message appears if:
• You do not have Server Control privilege to rollback any firmware other than the iDRAC or
Configure privilege to rollback iDRAC firmware.
• Firmware rollback is already in-progress in another session.
• Updates are staged to run or already in running state.
If Lifecycle Controller is disabled or in recovery state and you try to perform a firmware rollback for
any device other than iDRAC, an appropriate warning message is displayed along with steps to
enable Lifecycle Controller.
Rollback firmware using CMC web interface
To roll back using the CMC Web interface:
1. Log in to CMC Web interface.
2. Go to Server Overview → <server name>.
The Server Status page is displayed.
3. Click Launch iDRAC and perform device firmware rollback as mentioned in the Rollback firmware
using idrac web interface section.
Rollback firmware using RACADM
To rollback device firmware using racadm:
1. Check the rollback status and the FQDD using the swinventory command:
racadm swinventory
For the device for which you want to rollback the firmware, the Rollback Version must be
Available. Also, make a note of the FQDD.
2. Rollback the device firmware using:
racadm rollback <FQDD>
For more information, see iDRAC8 RACADM Command Line Interface Reference Guide available at
dell.com/idracmanuals.
Rollback firmware using Lifecycle Controller
For information, see Lifecycle Controller User’s Guide available at dell.com/idracmanuals.
Rollback firmware using Lifecycle Controller-Remote Services
For information, see Lifecycle Controller Remote Services Quick Start Guide available at dell.com/
idracmanuals.
Recovering iDRAC
iDRAC supports two operating system images to make sure a bootable iDRAC. In the event of an
unforeseen catastrophic error and you lose both boot paths:
• iDRAC bootloader detects that there is no bootable image.
• System Health and Identify LED is flashed at ~1/2 second rate. (LED is located on the back of a rack
and tower servers and on the front of a blade server.)
82
• Bootloader is now polling the SD card slot.
• Format an SD card with FAT using a Windows operating system, or EXT3 using a Linux operating
system.
• Copy firmimg.d7 to the SD card.
• Insert the SD card into the server.
• Bootloader detects the SD card, turns the flashing LED to solid amber, reads the firmimg.d7,
reprograms iDRAC, and then reboots iDRAC.
Using TFTP server
You can use Trivial File Transfer Protocol (TFTP) server to upgrade or downgrade iDRAC firmware or
install certificates. It is used in SM-CLP and RACADM command-line interfaces to transfer files to and
from iDRAC. The TFTP server must be accessible using an iDRAC IP address or DNS name.
NOTE: If you use iDRAC web interface to transfer certificates and update firmware, TFTP server is
not required.
You can use the netstat -a command on Windows or Linux operating systems to see if a TFTP server
is running. The default port for TFTP is 69. If TFTP server is not running, do one of the following:
• Find another computer on the network running a TFTP service.
• Install a TFTP server on the operating system.
Backing up server profile
You can back up the system configuration, including the installed firmware images on various
components such as BIOS, RAID, NIC, iDRAC, Lifecycle Controller, and Network Daughter Cards (NDCs)
and the configuration settings of those components. The backup operation also includes the hard disk
configuration data, motherboard, and replaced parts. The backup creates a single file that you can save to
a vFlash SD card or network share (CIFS or NFS).
You can also enable and schedule periodic backups of the firmware and server configuration based on a
certain day, week, or month.
Backup feature is licensed and is available with iDRAC Enterprise license.
NOTE: In 13th generation servers, this feature is automatically enabled.
Before performing a backup operation, make sure that:
• Collect System Inventory On Reboot (CSIOR) option is enabled. If CSIOR is disabled and if you initiate
a backup operation, the following message is displayed:
System Inventory with iDRAC may be stale,start CSIOR for updated inventory
• To perform backup on a vFlash SD card:
– A Dell supported vFlash SD card is inserted, enabled, and initialized.
– vFlash SD card has enough space to store the backup file.
The backup file contains encrypted user sensitive data, configuration information, and firmware images
that you can use for import server profile operation.
Backup events are recorded in the Lifecycle Log.
83
Related Concepts
Scheduling automatic backup server profile
Importing server profile
Backing up server profile using iDRAC web interface
To back up the server profile using iDRAC Web interface:
1. Go to Overview → iDRAC Settings → Server Profile.
The Backup and Export Server Profile page is displayed.
2. Select one of the following to save the backup file image:
• Network to save the backup file image on a CIFS or NFS share.
• vFlash to save the backup file image on the vFlash card.
3. Enter the backup file name and encryption passphrase (optional).
4. If Network is selected as the file location, enter the network settings.
NOTE: While specifying the network share settings, it is recommended to avoid special
characters for user name and password or percent encode the special characters.
For information about the fields, see the iDRAC Online Help.
5. Click Backup Now.
The backup operation is initiated and you can view the status on the Job Queue page. After a
successful operation, the backup file is created in the specified location.
Backing up server profile using RACADM
To back up the server profile using RACADM, use systemconfig backup subcommand. For more
information, see the
idracmanuals.
iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/
Scheduling automatic backup server profile
You can enable and schedule periodic backups of the firmware and server configuration based on a
certain day, week, or month.
Before scheduling automatic backup server profile operation, make sure that:
• Lifecycle Controller and Collect System Inventory On Reboot (CSIOR) option is enabled.
• Network Time Protocol (NTP) is enabled so that time drift does not affect the actual times of
scheduled jobs running and when the next scheduled job is created.
• To perform backup on a vFlash SD card:
– A Dell supported vFlash SD card is inserted, enabled, and initialized.
– vFlash SD card has enough space to store the backup file.
NOTE: IPv6 address is not supported for scheduling automatic backup server profile.
Scheduling automatic backup server profile using web interface
To schedule automatic backup server profile:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Server Profile.
84
The Backup and Export Server Profile page is displayed.
2. Click the Automatic Backup tab.
3. Select the Enable Automatic Backup option.
4. Select one of the following to save the backup file image:
• Network to save the backup file image on a CIFS or NFS share.
• vFlash to save the backup file image on the vFlash card.
5. Enter the backup file name and encryption passphrase (optional).
6. If Network is selected as the file location, enter the network settings.
NOTE: While specifying the network share settings, it is recommended to avoid special
characters for user name and password or percent encode the special characters.
For information about the fields, see the iDRAC Online Help
7. In the Backup Window Schedule section, specify the backup operation start time and frequency of
the operation (daily, weekly, or monthly).
For information about the fields, see the iDRAC Online Help.
8. Click Schedule Backup.
A recurring job is represented in the job queue with a start date and time of the next scheduled
backup operation. Five minutes after the first instance of the recurring job starts, the job for the next
time period is created. The backup server profile operation is performed at the scheduled date and
time.
Scheduling automatic backup server profile using RACADM
To enable automatic backup use the command:
racadm set lifecyclecontroller.lcattributes.autobackup Enabled
To schedule a backup server profile operation:
racadm systemconfig backup –f <filename> <target> [-n <passphrase>] -time
<hh:mm> -dom <1-28,L,’*’> -dow<*,Sun-Sat> -wom <1-4, L,’*’> -rp <1-366>-mb
<Max Backups>
To view the current backup schedule:
racadm systemconfig getbackupscheduler
To disable automatic backup use the command:
racadm set LifeCycleController.lcattributes.autobackup Disabled
To clear the backup schedule:
racadm systemconfig clearbackupscheduler
For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at
dell.com/idracmanuals.
Importing server profile
You can use the backup image file to import (restore) the configuration and firmware for the same server
without rebooting the server.
In 13th generation servers, this feature automates the entire motherboard replacement process. After
replacing the motherboard and reinstalling the memory, HDDs, and other hardware, a special boot
85
screen is displayed that provides an option to restore all saved configuration, Service Tag and license
settings, and diagnostic programs. The iDRAC on the new motherboard reads this information and
restores the saved configuration.
Import feature is not licensed.
NOTE: For the restore operation, the system Service Tag and the Service Tag in the backup file must
be identical. The restore operation applies to all system components that are same and present in
the same location (example, in the same slot) as captured in the backup file. If components are
different or not in the same location, they are not modified and restore failures is logged to the
Lifecycle Log.
Before performing an import operation, make sure that Lifecycle Controller is enabled. If Lifecycle
Controller is disabled, and if you initiate the import operation, the following message is displayed:
Lifecycle Controller is not enabled, cannot create Configuration job.
When the import is in-progress, if you initiate an import operation again, the following error message is
displayed:
Restore is already running
Import events are recorded in the Lifecycle Log.
Related Tasks
Restore operation sequence
Importing server profile using iDRAC web interface
To import the server profile using iDRAC web interface:
1. Go to Overview → iDRAC Settings → Server Profile → Import.
The Import Server Profile page is displayed.
2. Select one of the following to specify the location of the backup file:
• Network
• vFlash
3. Enter the backup file name and decryption passphrase (optional).
4. If Network is selected as the file location, enter the network settings.
NOTE: While specifying the network share settings, it is recommended to avoid special
characters for user name and password or percent encode the special characters.
For information about the fields, see the iDRAC Online Help.
5. Select one of the following for Virtual disks configuration and hard disk data:
• Preserve - Preserves the RAID level, virtual disk, controller attributes, and hard disk data in the
system and restores the system to a previously known state using the backup image file.
• Delete and Replace - Deletes and replaces the RAID level, virtual disk, controller attributes, and
hard disk configuration information in the system with the data from the backup image file.
6. Click Import.
The import server profile operation is initiated.
86
Importing server profile using RACADM
To import the server profile using RACADM, use systemconfig restore command. For more information,
see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
Restore operation sequence
The restore operation sequence is:
1. Host system shuts down.
2. Backup file information is used to restore the Lifecycle Controller.
3. Host system turns on.
4. Firmware and configuration restore process for the devices is completed.
5. Host system shuts down.
6. iDRAC firmware and configuration restore process is completed.
7. iDRAC restarts.
8. Restored host system turns on to resume normal operation.
Monitoring iDRAC using other Systems Management tools
You can discover and monitor iDRAC using Dell Management Console or Dell OpenManage Essentials.
You can also use Dell Remote Access Configuration Tool (DRACT) to discover iDRACs, update firmware,
and set up Active Directory. For more information, see the respective user’s guides.
87
4
Configuring iDRAC
iDRAC enables you to configure iDRAC properties, set up users, and set up alerts to perform remote
management tasks.
Before you configure iDRAC, make sure that the iDRAC network settings and a supported browser is
configured, and the required licenses are updated. For more information about the licensable feature in
iDRAC, see Managing licenses.
You can configure iDRAC using:
• iDRAC Web Interface
• RACADM
• Remote Services (see Lifecycle Controller Remote Services User’s Guide)
• IPMITool (see Baseboard Management Controller Management Utilities User’s Guide)
To configure iDRAC:
1. Log in to iDRAC.
2. Modify the network settings if required.
NOTE: If you have configured iDRAC network settings, using iDRAC Settings utility during
iDRAC IP address setup, then ignore this step.
3. Configure interfaces to access iDRAC.
4. Configure front panel display.
5. Configure System Location if required.
6. Configure time zone and Network Time Protocol (NTP) if required.
7. Establish any of the following alternate communication methods to iDRAC:
• IPMI or RAC serial
• IPMI serial over LAN
• IPMI over LAN
• SSH or Telnet client
8. Obtain the required certificates.
9. Add and configure iDRAC users with privileges.
10. Configure and enable e-mail alerts, SNMP traps, or IPMI alerts.
11. Set the power cap policy if required.
12. Enable the Last Crash Screen.
13. Configure virtual console and virtual media if required.
14. Configure vFlash SD card if required.
15. Set the first boot device if required.
16. Set the OS to iDRAC Pass-through if required.
Related Concepts
Logging in to iDRAC
88
Modifying network settings
Configuring services
Configuring front panel display
Setting up managed system location
Configuring time zone and NTP
Setting up iDRAC communication
Configuring user accounts and privileges
Monitoring and managing power
Enabling last crash screen
Configuring and using virtual console
Managing virtual media
Managing vFlash SD card
Setting first boot device
Enabling or disabling OS to iDRAC Pass-through
Related Tasks
Configuring iDRAC to send alerts
Viewing iDRAC information
You can view the basic properties of iDRAC.
Viewing iDRAC information using web interface
In the iDRAC Web interface, go to Overview → iDRAC Settings → Properties to view the following
information related to iDRAC. For information about the properties, see iDRAC Online Help.
• Hardware and firmware version
• Last firmware update
• RAC time
• IPMI version
• User interface title bar information
• Network settings
• IPv4 Settings
• IPv6 Settings
Viewing iDRAC information using RACADM
To view iDRAC information using RACADM, see getsysinfo or get subcommand details provided in the
iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
Modifying network settings
After configuring the iDRAC network settings using the iDRAC Settings utility, you can also modify the
settings through the iDRAC Web interface, RACADM, Lifecycle Controller, Dell Deployment Toolkit, and
Server Administrator (after booting to the operating system). For more information on the tools and
privilege settings, see the respective user’s guides.
89
To modify the network settings using iDRAC Web interface or RACADM, you must have Configure
privileges.
NOTE: Changing the network settings may terminate the current network connections to iDRAC.
Modifying network settings using web interface
To modify the iDRAC network settings:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network.
The Network page is displayed.
2. Specify the network settings, common settings, IPv4, IPv6, IPMI, and/or VLAN settings as per your
requirement and click
If you select Auto Dedicated NIC under Network Settings, when the iDRAC has its NIC Selection as
shared LOM (1, 2, 3, or 4) and a link is detected on the iDRAC dedicated NIC, the iDRAC changes its
NIC selection to use the dedicated NIC. If no link is detected on the dedicated NIC, then the iDRAC
uses the shared LOM. The switch from shared to dedicated time-out is five seconds and from
dedicated to shared is 30 seconds. You can configure this time-out value using RACADM or WSMAN.
For information about the various fields, see the iDRAC Online Help.
Apply.
Modifying network settings using local RACADM
To generate a list of available network properties, type the following:
NOTE: You can use either getconfig and config commands or get and set commands with the
RACADM objects.
• Using getconfig command: racadm getconfig -g cfgLanNetworking
• Using get command: racadm get iDRAC.Nic
To use DHCP to obtain an IP address, use the following command to write the object cfgNicUseDhcp or
DHCPEnable and enable this feature:
• Using config command: racadm config -g cfgLanNetworking -o cfgNicUseDHCP 1
• Using set command: racadm set iDRAC.IPv4.DHCPEnable 1
The following is an example of how the command may be used to configure the required LAN network
properties:
• Using config command:
racadm config -g cfgLanNetworking -o cfgNicEnable 1
racadm config -g cfgLanNetworking -o cfgNicIpAddress 192.168.0.120
racadm config -g cfgLanNetworking -o cfgNicNetmask 255.255.255.0
racadm config -g cfgLanNetworking -o cfgNicGateway 192.168.0.120
racadm config -g cfgLanNetworking -o cfgNicUseDHCP 0
racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 0
racadm config -g cfgLanNetworking -o cfgDNSServer1 192.168.0.5
racadm config -g cfgLanNetworking -o cfgDNSServer2 192.168.0.6
racadm config -g cfgLanNetworking -o cfgDNSRegisterRac 1
racadm config -g cfgLanNetworking -o cfgDNSRacName RAC-EK00002
racadm config -g cfgLanNetworking -o cfgDNSDomainNameFromDHCP 0
racadm config -g cfgLanNetworking -o cfgDNSDomainName MYDOMAIN
90
• Using set command:
racadm set iDRAC.Nic.Enable 1
racadm set iDRAC.IPv4.Address 192.168.0.120
racadm set iDRAC.IPv4.Netmask 255.255.255.0
racadm set iDRAC.IPv4.Gateway 192.168.0.120
racadm set iDRAC.IPv4.DHCPEnable 0
racadm set iDRAC.IPv4.DNSFromDHCP 0
racadm set iDRAC.IPv4.DNS1 192.168.0.5
racadm set iDRAC.IPv4.DNS2 192.168.0.6
racadm set iDRAC.Nic.DNSRegister 1
racadm set iDRAC.Nic.DNSRacName RAC-EK00002
racadm set iDRAC.Nic.DNSDomainFromDHCP 0
racadm set iDRAC.Nic.DNSDomainName MYDOMAIN
NOTE: If cfgNicEnable or iDRAC.Nic.Enable is set to 0, the iDRAC LAN is disabled even if DHCP is
enabled.
Configuring IP filtering
In addition to user authentication, use the following options to provide additional security while
accessing iDRAC:
• IP filtering limits the IP address range of the clients accessing iDRAC. It compares the IP address of an
incoming login to the specified range and allows iDRAC access only from a management station
whose IP address is within the range. All other login requests are denied.
• When repeated login failures occur from a particular IP address, it prevents the address from logging
in to iDRAC for a preselected time span. If you unsuccessfully log in up to two times, you are allowed
to log in again only after 30 seconds. If you unsuccessfully log in more than two times, you are
allowed to log in again only after 60 seconds.
As login failures accumulate from a specific IP address, they are registered by an internal counter. When
the user successfully logs in, the failure history is cleared and the internal counter is reset.
NOTE: When login attempts are prevented from the client IP address, few SSH clients may display
the message: ssh exchange identification: Connection closed by remote host.
NOTE: If you are using Dell Deployment Toolkit (DTK), see the Dell Deployment Toolkit User’s Guide
for the privileges.
Configure IP filtering using iDRAC web interface
You must have Configure privilege to perform these steps.
To configure IP filtering:
1. In iDRAC Web interface, go to Overview → iDRAC Settings → Network → Network.
The Network page is displayed.
2. Click Advanced Settings.
The Network Security page is displayed.
3. Specify the IP filtering settings.
For more information about the options, see iDRAC Online Help.
4. Click Apply to save the settings.
Configuring IP filtering using RACADM
You must have Configure privilege to perform these steps.
To configure IP filtering, use the following RACADM objects:
91
• With config command:
– cfgRacTuneIpRangeEnable
– cfgRacTuneIpRangeAddr
– cfgRacTuneIpRangeMask
• With set command, use the objects in the iDRAC.IPBlocking group:
– RangeEnable
– RangeAddr
– RangeMask
The cfgRacTuneIpRangeMask or the RangeMask property is applied to both the incoming IP address and
to the cfgRacTuneIpRangeAddr or RangeAddr property. If the results are identical, the incoming login
request is allowed to access iDRAC. Logging in from IP addresses outside this range results in an error.
The login proceeds if the following expression equals zero:
• Using legacy syntax: cfgRacTuneIpRangeMask & (<incoming-IP-address> ^
cfgRacTuneIpRangeAddr)
• Using new syntax: RangeMask & (<incoming-IP-address> ^ RangeAddr)
where, & is the bitwise AND of the quantities and ^ is the bitwise exclusive-OR.
Examples for IP Filtering
• The following RACADM commands block all IP addresses except 192.168.0.57:
– Using config command:
racadm config -g cfgRacTuning -o cfgRacTuneIpRangeEnable 1
racadm config -g cfgRacTuning -o cfgRacTuneIpRangeAddr 192.168.0.57
racadm config -g cfgRacTuning -o cfgRacTuneIpRangeMask 255.255.255.255
– Using set command:
racadm set iDRAC.IPBlocking.RangeEnable 1
racadm set iDRAC.IPBlocking.RangeAddr 192.168.0.57
racadm set iDRAC.IPBlocking.RangeMask 255.255.255.255
• To restrict logins to a set of four adjacent IP addresses (for example, 192.168.0.212 through
192.168.0.215), select all but the lowest two bits in the mask:
– Using set command:
racadm set iDRAC.IPBlocking.RangeEnable 1
racadm set iDRAC.IPBlocking.RangeAddr 192.168.0.212
racadm set iDRAC.IPBlocking.RangeMask 255.255.255.252
The last byte of the range mask is set to 252, the decimal equivalent of 11111100b.
For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/
idracmanuals.
Configuring services
You can configure and enable the following services on iDRAC:
• Local Configuration — Disable access to iDRAC configuration (from the host system) using Local
RACADM and iDRAC Settings utility.
92
• Web Server — Enable access to iDRAC Web interface. If you disable the option, use local RACADM to
re-enable the Web Server, since disabling the Web Server also disables remote RACADM.
• SSH — Access iDRAC through firmware RACADM.
• Telnet — Access iDRAC through firmware RACADM
• Remote RACADM — Remotely access iDRAC.
• SNMP Agent — Enables support for SNMP queries (GET, GETNEXT, and GETBULK operations) in
iDRAC.
• Automated System Recovery Agent — Enable Last System Crash Screen.
• VNC Server — Enable VNC server with or without SSL encryption.
Configuring services using web interface
To configure the services using iDRAC Web interface:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network → Services.
The Services page is displayed.
2. Specify the required information and click Apply.
For information about the various settings, see the iDRAC Online Help.
Configuring services using RACADM
To enable and configure the various services using RACADM:
• Use the following objects with the config command:
– cfgRacTuneLocalConfigDisable
– cfgRacTuneCtrlEConfigDisable
– cfgSerialSshEnable
– cfgRacTuneSshPort
– cfgSsnMgtSshIdleTimeout
– cfgSerialTelnetEnable
– cfgRacTuneTelnetPort
– cfgSsnMgtTelnetIdleTimeout
– cfgRacTuneWebserverEnable
– cfgSsnMgtWebserverTimeout
– cfgRacTuneHttpPort
– cfgRacTuneHttpsPort
– cfgRacTuneRemoteRacadmEnable
– cfgSsnMgtRacadmTimeout
– cfgOobSnmpAgentEnable
– cfgOobSnmpAgentCommunity
• Use the objects in the following object groups with the set command:
– iDRAC.LocalSecurity
– iDRAC.LocalSecurity
– iDRAC.SSH
– iDRAC.Webserver
93
– iDRAC.Telnet
– iDRAC.Racadm
– iDRAC.SNMP
For more information about these objects, see iDRAC8 RACADM Command Line Interface Reference
Guide available at dell.com/idracmanuals.
Enabling or disabling HTTPs redirection
If you do not want automatic redirection from HTTP to HTTPs due to certificate warning issue with
default iDRAC certificate or as a temporary setting for debugging purpose, you can configure iDRAC such
that redirection from http port (default is 80) to https port (default is 443) is disabled. By default, it is
enabled. You have to log out and log in to iDRAC for this setting to take effect. When you disable this
feature, a warning message is displayed.
You must have Configure iDRAC privilege to enable or disable HTTPs redirection.
An event is recorded in the Lifecycle Controller log file when this feature is enabled or disabled.
To disable the HTTP to HTTPs redirection:
racadm set iDRAC.Webserver.HttpsRedirection Disabled
To enable HTTP to HTTPs redirection:
racadm set iDRAC.Webserver.HttpsRedirection Enabled
To view the status of the HTTP to HTTPs redirection:
racadm get iDRAC.Webserver.HttpsRedirection
Using VNC client to manage remote server
You can use a standard open VNC client to manage the remote server using both desktop and mobile
devices such as Dell Wyse PocketCloud. When servers in data centers stop functioning, the iDRAC or the
operating system sends an alert to the console on the management station. The console sends an email
or SMS to a mobile device with required information and launches VNC viewer application on the
management station. This VNC viewer can connect to OS/Hypervisor on the server and provide access to
keyboard, video and mouse of the host server to perform the necessary remediation. Before launching
the VNC client, you must enable the VNC server and configure the VNC server settings in iDRAC such as
password, VNC port number, SSL encryption, and the time out value. You can configure these settings
using iDRAC Web interface or RACADM.
NOTE: VNC feature is licensed and is available in the iDRAC Enterprise license.
You can choose from many VNC applications or Desktop clients such as the ones from RealVNC or Dell
Wyse PocketCloud.
Only one VNC client session can be active at a time.
If a VNC session is active, you can only launch the Virtual Media using Launch Virtual Console and not the
Virtual Console Viewer.
If video encryption is disabled, the VNC client starts RFB handshake directly, and a SSL handshake is not
required. During VNC client handshake (RFB or SSL), if another VNC session is active or if a Virtual
Console session is open, the new VNC client session is rejected. After completion of the initial handshake,
94
VNC server disables Virtual Console and allows only Virtual Media. After termination of the VNC session,
VNC server restores the original state of Virtual Console (enabled or disabled).
NOTE:
• When iDRAC NIC is in shared mode and the host system is power cycled, the network
connection is lost for a few seconds. During this time, if you perform any action in the active
VNC client, the VNC session may close. You must wait for timeout (value configured for the VNC
Server settings in the Services page in iDRAC Web interface) and then re-establish the VNC
connection.
• If the VNC client window is minimized for more than 60 seconds, the client window closes. You
must open a new VNC session. If you maximize the VNC client window within 60 seconds, you
can continue to use it.
Configuring VNC server using iDRAC web interface
To configure the VNC server settings:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network → Services.
The Services page is displayed.
2. In the VNC Server section, enable the VNC server, specify the password, port number, and enable or
disable SSL encryption.
For information about the fields, see the iDRAC Online Help.
3. Click Apply.
The VNC server is configured.
Configuring VNC server using RACADM
To configure the VNC server, use the VNCserver object with the set command. For more information,
see the
iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
Setting up VNC viewer with SSL encryption
While configuring the VNC server settings in iDRAC, if the SSL Encryption option was enabled, then the
SSL tunnel application must be used along with the VNC Viewer to establish the SSL encrypted
connection with iDRAC VNC server.
NOTE: Most of the VNC clients do not have built-in SSL encryption support.
To configure the SSL tunnel application:
1. Configure SSL tunnel to accept connection on <localhost>:<localport number>. For example,
127.0.0.1:5930.
2. Configure SSL tunnel to connect to <iDRAC IP address>:<VNC server port Number>. For
example, 192.168.0.120:5901.
3. Start the tunnel application.
To establish connection with the iDRAC VNC server over the SSL encrypted channel, connect the
VNC viewer to the localhost (link local IP address) and the local port number (127.0.0.1:<local port
number>).
Setting up VNC viewer without SSL encryption
In general, all Remote Frame Buffer (RFB) compliant VNC Viewers connect to the VNC server using the
iDRAC IP address and port number that is configured for the VNC server. If the SSL encryption option is
95
disabled when configuring the VNC server settings in iDRAC, then to connect to the VNC Viewer do the
following:
In the VNC Viewer dialog box, enter the iDRAC IP address and the VNC port number in the VNC Server
field.
The format is <iDRAC IP address:VNC port number>
For example, if the iDRAC IP address is 192.168.0.120 and VNC port number is 5901, then enter
192.168.0.120:5901.
Configuring front panel display
You can configure the front panel LCD and LED display for the managed system.
For rack and tower servers, two types of front panels are available:
• LCD front panel and System ID LED
• LED front panel and System ID LED
For blade servers, only the System ID LED is available on the server front panel since the blade chassis has
the LCD.
Related Concepts
Configuring LCD setting
Configuring system ID LED setting
Configuring LCD setting
You can set and display a default string such as iDRAC name, IP, and so on or a user-defined string on the
LCD front panel of the managed system.
Configuring LCD setting using web interface
To configure the server LCD front panel display:
1. In iDRAC Web interface, go to Overview → Hardware → Front Panel.
2. In LCD Settings section, from the Set Home Message drop-down menu, select any of the following:
• Service Tag (default)
• Asset Tag
• DRAC MAC Address
• DRAC IPv4 Address
• DRAC IPv6 Address
• System Power
• Ambient Temperature
• System Model
• Host Name
• User Defined
• None
If you select User Defined, enter the required message in the text box.
96
If you select None, home message is not displayed on the server LCD front panel.
3. Enable Virtual Console indication (optional). If enabled, the Live Front Panel Feed section and the
LCD panel on the server displays the Virtual console session active message when there is
an active Virtual Console session.
4. Click Apply.
The server LCD front panel displays the configured home message.
Configuring LCD setting using RACADM
To configure the server LCD front panel display, use the objects in the System.LCD group. For more
information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/
idracmanuals.
Configuring LCD setting using iDRAC settings utility
To configure the server LCD front panel display:
1. In the iDRAC Settings utility, go to Front Panel Security.
The iDRAC Settings.Front Panel Security page is displayed.
2. Enable or disable the power button.
3. Specify the following:
• Access to the front panel
• LCD message string
• System power units, ambient temperature units, and error display
4. Enable or disable the virtual console indication.
For information about the options, see the iDRAC Settings Utility Online Help.
5. Click Back, click Finish, and then click Yes.
Configuring system ID LED setting
To identify a server, enable or disable System ID LED blinking on the managed system.
Configuring system ID LED setting using web interface
To configure the System ID LED display:
1. In iDRAC Web interface, go to Overview → Hardware → Front Panel. The Front Panel page is
displayed.
2. In System ID LED Settings section, select any of the following options to enable or disable LED
blinking:
• Blink Off
• Blink On
• Blink On 1 Day Timeout
• Blink On 1 Week Timeout
• Blink On 1 Month Timeout
3. Click Apply.
The LED blinking on the front panel is configured.
Configuring system ID LED setting using RACADM
To configure system ID LED, use the setled command. For more information, see the iDRAC8 RACADM
Command Line Interface Reference Guide available at dell.com/idracmanuals.
97
Configuring time zone and NTP
You can configure the time zone on iDRAC and synchronize the iDRAC time using Network Time
Protocol (NTP) instead of BIOS or host system times.
You must have Configure privilege to configure time zone or NTP settings.
Configuring time zone and NTP using iDRAC web interface
To configure time zone and NTP using iDRAC web interface:
1. Go to Overview → iDRAC Settings → Properties → Settings.
The Time zone and NTP page is displayed.
2. To configure the time zone, from the Time Zone drop-down menu, select the required time zone,
and then click Apply.
3. To configure NTP, enable NTP, enter the NTP server addresses, and then click Apply.
For information about the fields, see iDRAC Online Help.
Configuring time zone and NTP using RACADM
To configure time zone and NTP using RACADM, use the objects in the iDRAC.Time and
iDRAC.NTPConfigGroup group with the set command. For more information, see the iDRAC8 RACADM
Command Line Interface Reference Guide available at dell.com/idracmanuals.
Setting first boot device
You can set the first boot device for the next boot only or for all subsequent reboots. Based on this
selection, you can set the first boot device for the system. The system boots from the selected device on
the next and subsequent reboots and remains as the first boot device in the BIOS boot order, until it is
changed again either from the iDRAC Web interface or from the BIOS boot sequence. You can set the
first boot device to one of the following:
• Normal Boot
• PXE
• BIOS Setup
• Local Floppy/Primary Removable Media
• Local CD/DVD
• Hard Drive
• Virtual Floppy
• Virtual CD/DVD/ISO
• Local SD Card
• vFlash
• Lifecycle Controller
• BIOS Boot Manager
98
NOTE:
• BIOS Setup (F2), Lifecycle Controller (F10), BIOS Boot Manager (F11) only support boot once
enabled.
• Virtual Console does not support permanent boot configuration. It is always boot once.
• The first boot device setting in iDRAC Web Interface overrides the System BIOS boot settings.
Setting first boot device using web interface
To set the first boot device using iDRAC Web interface:
1. Go to Overview → Server → Setup → First Boot Device.
The First Boot Device page is displayed.
2. Select the required first boot device from the drop-down list, and click Apply.
The system boots from the selected device for subsequent reboots.
3. To boot from the selected device only once on the next boot, select Boot Once. Thereafter, the
system boots from the first boot device in the BIOS boot order.
For more information about the options, see the iDRAC Online Help.
Setting first boot device using RACADM
• To set the first boot device, use the cfgServerFirstBootDevice object.
• To enable boot once for a device, use the cfgServerBootOnce object.
For more information about these objects, see the iDRAC8 RACADM Command Line Interface Reference
Guide available at dell.com/idracmanuals.
Setting first boot device using virtual console
You can select the device to boot from as the server is being viewed in the Virtual Console viewer before
the server runs through its boot-up sequence. You can perform boot once to all the supported devices
listed in Setting first boot device.
To set the first boot device using Virtual Console:
1. Launch Virtual Console.
2. In the Virtual Console Viewer, from the Next Boot menu, set the required device as the first boot
device.
Enabling last crash screen
To troubleshoot the cause of managed system crash, you can capture the system crash image using
iDRAC.
To enable the last crash screen:
1. From the Dell Systems Management Tools and Documentation DVD, install Server Administrator on
the managed system.
For more information, see the Dell OpenManage Server Administrator Installation Guide at dell.com/
support/manuals.
2. In the Windows startup and recovery window, make sure that the automatic reboot option is not
selected.
For more information, see Windows documentation.
99
3. Use Server Administrator to enable the Auto Recovery timer, set the Auto Recovery action to Reset,
Power Off, or Power Cycle, and set the timer in seconds (a value between 60 - 480).
For more information, see the Dell OpenManage Server Administrator Installation Guide at dell.com/
support/manuals.
4. Enable the Auto Shutdown and Recovery (ASR) option using one of the following:
• Server Administrator — See Dell OpenManage Server Administrator User’s Guide at dell.com/
support/manuals.
• Local RACADM — Use the command:
racadm config -g cfgRacTuning -o cfgRacTuneAsrEnable 1
5. Enable Automated System Recovery Agent. To do this, go to Overview → iDRAC Settings →
Network → Services, select Enabled and click Apply.
Enabling or disabling OS to iDRAC Pass-through
In servers that have Network Daughter Card (NDC) or embedded LAN On Motherboard (LOM) devices,
you can enable the OS to iDRAC Pass-through feature that provides a high-speed bi-directional in-band
communication between iDRAC and the host operating system through a shared LOM (rack or tower
servers), a dedicated NIC (rack, tower, or blade servers), or through the USB NIC. This feature is available
for iDRAC Enterprise license.
When enabled through dedicated NIC, you can launch the browser in the host operating system and then
access the iDRAC Web interface. The dedicated NIC for the blade servers is through the Chassis
Management Controller.
Switching between dedicated NIC or shared LOM does not require a reboot or reset of the host operating
system or iDRAC.
You can enable this channel using:
• iDRAC Web interface
• RACADM or WS-MAN (post operating system environment)
• iDRAC Settings utility (pre-operating system environment)
If the network configuration is changed through iDRAC Web interface, you must wait for at least 10
seconds before enabling OS to iDRAC Pass-through.
If you are using the XML configuration file through RACADM or WS-MAN and if the network settings are
changed in this file, then you must wait for 15 seconds to either enable OS to iDRAC Pass-through
feature or set the OS Host IP address.
Before enabling OS to iDRAC Pass-through, make sure that:
• iDRAC is configured to use dedicated NIC or shared mode (that is, NIC selection is assigned to one of
the LOMs).
• Host operating system and iDRAC are in the same subnet and same VLAN.
• Host operating system IP address is configured.
• A card that supports OS to iDRAC pass-through capability is installed.
• You have Configure privilege.
When you enable this feature:
100
Loading...