Page 1
Integrated Dell Remote Access Controller 8
(iDRAC8)
Version 2.00.00.00 User's Guide
Page 2
Notes, Cautions, and Warnings
NOTE: A NOTE indicates important information that helps you make better use of your computer.
CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you
how to avoid the problem.
WARNING: A WARNING indicates a potential for property damage, personal injury, or death.
Copyright © 2014 Dell Inc. All rights reserved. This product is protected by U.S. and international copyright and
intellectual property laws. Dell™ and the Dell logo are trademarks of Dell Inc. in the United States and/or other
jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.
2014 - 09
Rev. A00
Page 3
Contents
1 Overview...............................................................................................................16
Benefits of Using iDRAC With Lifecycle Controller............................................................................16
Key Features.........................................................................................................................................17
New In This Release............................................................................................................................ 19
How To Use This User's Guide............................................................................................................21
Supported Web Browsers....................................................................................................................21
Managing Licenses ............................................................................................................................. 21
Types of Licenses...........................................................................................................................21
Acquiring Licenses.........................................................................................................................21
License Operations........................................................................................................................22
Licensable Features In iDRAC8...........................................................................................................23
Interfaces and Protocols to Access iDRAC........................................................................................28
iDRAC Port Information.......................................................................................................................31
Other Documents You May Need...................................................................................................... 32
Social Media Reference.......................................................................................................................33
Contacting Dell................................................................................................................................... 33
Accessing documents from Dell support site....................................................................................33
2 Logging into iDRAC............................................................................................35
Logging into iDRAC as Local User, Active Directory User, or LDAP User.........................................35
Logging into iDRAC Using Smart Card...............................................................................................36
Logging Into iDRAC as a Local User Using Smart Card...............................................................36
Logging Into iDRAC as an Active Directory User Using Smart Card........................................... 37
Logging into iDRAC Using Single Sign-on ........................................................................................ 37
Logging into iDRAC SSO Using iDRAC Web Interface.................................................................37
Logging into iDRAC SSO Using CMC Web Interface...................................................................38
Accessing iDRAC Using Remote RACADM........................................................................................ 38
Validating CA Certificate To Use Remote RACADM on Linux.....................................................38
Accessing iDRAC Using Local RACADM............................................................................................ 39
Accessing iDRAC Using Firmware RACADM......................................................................................39
Accessing iDRAC Using SMCLP..........................................................................................................39
Logging in to iDRAC Using Public Key Authentication......................................................................39
Multiple iDRAC Sessions.....................................................................................................................40
Changing Default Login Password.....................................................................................................40
Changing Default Login Password Using Web Interface............................................................ 40
Changing Default Login Password Using RACADM.....................................................................41
Changing Default Login Password Using iDRAC Settings Utility.................................................41
Enabling or Disabling Default Password Warning Message ............................................................. 41
Page 4
Enabling or Disabling Default Password Warning Message Using Web Interface......................41
Enabling or Disabling Warning Message to Change Default Login Password Using
RACADM.........................................................................................................................................41
3 Setting Up Managed System and Management Station..............................42
Setting Up iDRAC IP Address..............................................................................................................42
Setting Up iDRAC IP Using iDRAC Settings Utility........................................................................43
Setting Up iDRAC IP Using CMC Web Interface.......................................................................... 46
Enabling Auto-discovery...............................................................................................................46
Configuring Servers and Server Components Using Auto Config.............................................. 47
Using Hash Passwords for Improved Security..............................................................................51
Setting Up Management Station.........................................................................................................52
Accessing iDRAC Remotely.......................................................................................................... 52
Setting Up Managed System...............................................................................................................53
Modifying Local Administrator Account Settings.........................................................................53
Setting Up Managed System Location......................................................................................... 53
Optimizing System Performance and Power Consumption.......................................................54
Configuring Supported Web Browsers.............................................................................................. 60
Adding iDRAC to the List of Trusted Domains.............................................................................62
Disabling Whitelist Feature in Firefox........................................................................................... 62
Viewing Localized Versions of Web Interface..............................................................................62
Updating Device Firmware................................................................................................................. 63
Downloading Device Firmware.................................................................................................... 65
Updating Firmware Using iDRAC Web Interface..........................................................................65
Updating Device Firmware Using RACADM.................................................................................69
Scheduling Automatic Firmware Updates....................................................................................70
Updating Firmware Using CMC Web Interface............................................................................ 71
Updating Firmware Using DUP......................................................................................................71
Updating Firmware Using Remote RACADM............................................................................... 72
Updating Firmware Using Lifecycle Controller Remote Services................................................72
Viewing and Managing Staged Updates.............................................................................................72
Viewing and Managing Staged Updates Using iDRAC Web interface.........................................73
Viewing and Managing Staged Updates Using RACADM.............................................................73
Rolling Back Device Firmware............................................................................................................ 73
Rollback Firmware Using iDRAC Web Interface...........................................................................74
Rollback Firmware Using CMC Web Interface.............................................................................74
Rollback Firmware Using RACADM...............................................................................................75
Rollback Firmware Using Lifecycle Controller............................................................................. 75
Rollback Firmware Using Lifecycle Controller-Remote Services................................................75
Recovering iDRAC......................................................................................................................... 75
Using TFTP Server..........................................................................................................................75
Backing Up Server Profile....................................................................................................................76
Page 5
Backing Up Server Profile Using iDRAC Web Interface............................................................... 76
Backing Up Server Profile Using RACADM................................................................................... 77
Scheduling Automatic Backup Server Profile............................................................................... 77
Importing Server Profile......................................................................................................................78
Importing Server Profile Using iDRAC Web Interface..................................................................79
Importing Server Profile Using RACADM......................................................................................79
Restore Operation Sequence........................................................................................................79
Monitoring iDRAC Using Other Systems Management Tools.......................................................... 80
4 Configuring iDRAC.............................................................................................81
Viewing iDRAC Information................................................................................................................82
Viewing iDRAC Information Using Web Interface....................................................................... 82
Viewing iDRAC Information Using RACADM............................................................................... 82
Modifying Network Settings............................................................................................................... 82
Modifying Network Settings Using Web Interface.......................................................................83
Modifying Network Settings Using Local RACADM.....................................................................83
Configuring IP Filtering................................................................................................................. 84
Configuring Services...........................................................................................................................85
Configuring Services Using Web Interface.................................................................................. 86
Configuring Services Using RACADM.......................................................................................... 86
Enabling or Disabling HTTPs Redirection.....................................................................................87
Using VNC Client to Manage Remote Server.....................................................................................87
Configuring VNC Server Using iDRAC Web Interface................................................................. 88
Configuring VNC Server Using RACADM.....................................................................................88
Setting Up VNC Viewer With SSL Encryption...............................................................................88
Setting Up VNC Viewer Without SSL Encryption.........................................................................88
Configuring Front Panel Display.........................................................................................................89
Configuring LCD Setting...............................................................................................................89
Configuring System ID LED Setting..............................................................................................90
Configuring Time Zone and NTP........................................................................................................91
Configuring Time Zone and NTP Using iDRAC Web Interface....................................................91
Configuring Time Zone and NTP Using RACADM....................................................................... 91
Setting First Boot Device.....................................................................................................................91
Setting First Boot Device Using Web Interface............................................................................ 92
Setting First Boot Device Using RACADM.................................................................................... 92
Setting First Boot Device Using Virtual Console..........................................................................92
Enabling Last Crash Screen...........................................................................................................92
Enabling or Disabling OS to iDRAC Pass-through.............................................................................93
Supported Cards for OS to iDRAC Pass-through ....................................................................... 94
Supported Operating Systems for USB NIC.................................................................................94
Enabling or Disabling OS to iDRAC Pass-through Using Web Interface.................................... 96
Enabling or Disabling OS to iDRAC Pass-through Using RACADM............................................ 97
Page 6
Enabling or Disabling OS to iDRAC Pass-through Using iDRAC Settings Utility........................ 97
Obtaining Certificates......................................................................................................................... 97
SSL Server Certificates.................................................................................................................. 98
Generating a New Certificate Signing Request............................................................................99
Uploading Server Certificate.......................................................................................................100
Viewing Server Certificate........................................................................................................... 101
Uploading Custom Signing Certificate....................................................................................... 101
Downloading Custom SSL Certificate Signing Certificate ........................................................102
Deleting Custom SSL Certificate Signing Certificate.................................................................102
Configuring Multiple iDRACs Using RACADM................................................................................. 103
Creating an iDRAC Configuration File........................................................................................104
Parsing Rules............................................................................................................................... 105
Modifying the iDRAC IP Address.................................................................................................106
Disabling Access to Modify iDRAC Configuration Settings on Host System..................................106
5 Viewing iDRAC and Managed System Information....................................108
Viewing Managed System Health and Properties............................................................................108
Viewing System Inventory................................................................................................................ 108
Viewing Sensor Information............................................................................................................. 109
Monitoring Performance Index of CPU, Memory, and I/O Modules............................................... 111
Monitoring Performance Index for of CPU, Memory, and I/O Modules Using Web
Interface....................................................................................................................................... 112
Monitoring Performance Index for of CPU, Memory, and I/O Modules Using RACADM.........113
Checking the System for Fresh Air Compliance...............................................................................113
Viewing Historical Temperature Data...............................................................................................113
Viewing Historical Temperature Data Using iDRAC Web Interface...........................................114
Viewing Historical Temperature Data Using RACADM.............................................................. 114
Configuring Warning Threshold for Inlet Temperature............................................................. 114
Viewing Network Interfaces Available On Host OS..........................................................................115
Viewing Network Interfaces Available on Host OS Using Web Interface..................................115
Viewing Network Interfaces Available on Host OS Using RACADM..........................................115
Viewing FlexAddress Mezzanine Card Fabric Connections.............................................................116
Viewing or Terminating iDRAC Sessions.......................................................................................... 116
Terminating iDRAC Sessions Using Web Interface.....................................................................116
Terminating iDRAC Sessions Using RACADM.............................................................................117
6 Setting Up iDRAC Communication............................................................... 118
Communicating With iDRAC Through Serial Connection Using DB9 Cable..................................119
Configuring BIOS For Serial Connection................................................................................... 120
Enabling RAC Serial Connection................................................................................................ 120
Enabling IPMI Serial Connection Basic and Terminal Modes....................................................120
Switching Between RAC Serial and Serial Console While Using DB9 Cable.................................. 122
Page 7
Switching From Serial Console to RAC Serial............................................................................ 123
Switching From RAC Serial to Serial Console............................................................................ 123
Communicating With iDRAC Using IPMI SOL..................................................................................123
Configuring BIOS For Serial Connection....................................................................................123
Configuring iDRAC to Use SOL...................................................................................................124
Enabling Supported Protocol......................................................................................................125
Communicating With iDRAC Using IPMI Over LAN.........................................................................129
Configuring IPMI Over LAN Using Web Interface......................................................................129
Configuring IPMI Over LAN Using iDRAC Settings Utility..........................................................129
Configuring IPMI Over LAN Using RACADM..............................................................................130
Enabling or Disabling Remote RACADM..........................................................................................130
Enabling or Disabling Remote RACADM Using Web Interface................................................. 130
Enabling or Disabling Remote RACADM Using RACADM......................................................... 130
Disabling Local RACADM...................................................................................................................131
Enabling IPMI on Managed System...................................................................................................131
Configuring Linux for Serial Console During Boot...........................................................................131
Enabling Login to the Virtual Console After Boot......................................................................132
Supported SSH Cryptography Schemes...........................................................................................133
Using Public Key Authentication For SSH...................................................................................134
7 Configuring User Accounts and Privileges.................................................. 138
Configuring Local Users................................................................................................................... 138
Configuring Local Users Using iDRAC Web Interface............................................................... 138
Configuring Local Users Using RACADM................................................................................... 139
Configuring Active Directory Users.................................................................................................. 141
Prerequisites for Using Active Directory Authentication for iDRAC..........................................142
Supported Active Directory Authentication Mechanisms......................................................... 144
Standard Schema Active Directory Overview............................................................................ 144
Configuring Standard Schema Active Directory........................................................................ 146
Extended Schema Active Directory Overview........................................................................... 149
Configuring Extended Schema Active Directory........................................................................151
Testing Active Directory Settings................................................................................................ 161
Configuring Generic LDAP Users..................................................................................................... 162
Configuring Generic LDAP Directory Service Using iDRAC Web-Based Interface.................. 162
Configuring Generic LDAP Directory Service Using RACADM..................................................163
Testing LDAP Directory Service Settings....................................................................................163
8 Configuring iDRAC for Single Sign-On or Smart Card Login...................165
Prerequisites for Active Directory Single Sign-On or Smart Card Login........................................ 165
Registering iDRAC as a Computer in Active Directory Root Domain.......................................166
Generating Kerberos Keytab File................................................................................................ 166
Creating Active Directory Objects and Providing Privileges......................................................167
Page 8
Configuring Browser to Enable Active Directory SSO............................................................... 167
Configuring iDRAC SSO Login for Active Directory Users.............................................................. 168
Configuring iDRAC SSO Login for Active Directory Users Using Web Interface......................168
Configuring iDRAC SSO Login for Active Directory Users Using RACADM..............................168
Configuring iDRAC Smart Card Login for Local Users....................................................................168
Uploading Smart Card User Certificate......................................................................................169
Uploading Trusted CA Certificate For Smart Card.....................................................................169
Configuring iDRAC Smart Card Login for Active Directory Users...................................................170
Enabling or Disabling Smart Card Login.......................................................................................... 170
Enabling or Disabling Smart Card Login Using Web Interface...................................................171
Enabling or Disabling Smart Card Login Using RACADM...........................................................171
Enabling or Disabling Smart Card Login Using iDRAC Settings Utility.......................................171
9 Configuring iDRAC to Send Alerts.................................................................172
Enabling or Disabling Alerts.............................................................................................................. 172
Enabling or Disabling Alerts Using Web Interface......................................................................172
Enabling or Disabling Alerts Using RACADM..............................................................................173
Enabling or Disabling Alerts Using iDRAC Settings Utility..........................................................173
Filtering Alerts ................................................................................................................................... 173
Filtering Alerts Using iDRAC Web Interface................................................................................173
Filtering Alerts Using RACADM....................................................................................................174
Setting Event Alerts............................................................................................................................174
Setting Event Alerts Using Web Interface................................................................................... 174
Setting Event Alerts Using RACADM........................................................................................... 174
Setting Alert Recurrence Event......................................................................................................... 175
Setting Alert Recurrence Events Using iDRAC Web Interface................................................... 175
Setting Alert Recurrence Events Using RACADM.......................................................................175
Setting Event Actions.........................................................................................................................175
Setting Event Actions Using Web Interface................................................................................ 175
Setting Event Actions Using RACADM........................................................................................ 175
Configuring Email Alert, SNMP Trap, or IPMI Trap Settings............................................................ 176
Configuring IP Alert Destinations................................................................................................176
Configuring Email Alert Settings................................................................................................. 178
Configuring WS Eventing..................................................................................................................180
Alerts Message IDs............................................................................................................................ 180
10 Managing Logs................................................................................................184
Viewing System Event Log................................................................................................................184
Viewing System Event Log Using Web Interface....................................................................... 184
Viewing System Event Log Using RACADM............................................................................... 184
Viewing System Event Log Using iDRAC Settings Utility........................................................... 185
Viewing Lifecycle Log ...................................................................................................................... 185
Page 9
Viewing Lifecycle Log Using Web Interface...............................................................................186
Viewing Lifecycle Log Using RACADM.......................................................................................186
Exporting Lifecycle Controller Logs.................................................................................................186
Exporting Lifecycle Controller Logs Using Web Interface........................................................ 186
Exporting Lifecycle Controller Logs Using RACADM.................................................................187
Adding Work Notes........................................................................................................................... 187
Configuring Remote System Logging.............................................................................................. 187
Configuring Remote System Logging Using Web Interface......................................................187
Configuring Remote System Logging Using RACADM............................................................. 188
11 Monitoring and Managing Power................................................................189
Monitoring Power............................................................................................................................. 189
Monitoring Power Using Web Interface.....................................................................................189
Monitoring Power Using RACADM.............................................................................................190
Setting Warning Threshold for Power Consumption......................................................................190
Setting Warning Threshold for Power Consumption Using Web Interface............................. 190
Executing Power Control Operations..............................................................................................190
Executing Power Control Operations Using Web Interface..................................................... 190
Executing Power Control Operations Using RACADM.............................................................. 191
Power Capping.................................................................................................................................. 191
Power Capping in Blade Servers................................................................................................. 191
Viewing and Configuring Power Cap Policy...............................................................................191
Configuring Power Supply Options..................................................................................................193
Configuring Power Supply Options Using Web Interface......................................................... 193
Configuring Power Supply Options Using RACADM................................................................. 193
Configuring Power Supply Options Using iDRAC Settings Utility.............................................194
Enabling or Disabling Power Button................................................................................................ 194
12 Inventory, Monitoring, and Configuring Network Devices....................195
Inventory and Monitoring Network Devices....................................................................................195
Monitoring Network Devices Using Web Interface................................................................... 195
Monitoring Network Devices Using RACADM............................................................................195
Inventory and Monitoring FC HBA Devices..................................................................................... 196
Monitoring FC HBA Devices Using Web Interface.....................................................................196
Monitoring FC HBA Devices Using RACADM.............................................................................196
Dynamic Configuration of Virtual Addresses, Initiator, and Storage Target Settings.....................196
Supported Cards for I/O Identity Optimization..........................................................................197
Supported BIOS Version for I/O Identity Optimization............................................................. 198
Supported NIC Firmware Versions for I/O Identity Optimization.............................................198
Enabling or Disabling I/O Identity Optimization........................................................................198
Configuring Persistence Policy Settings.....................................................................................199
Page 10
13 Managing Storage Devices........................................................................... 203
Understanding RAID Concepts........................................................................................................204
What Is RAID?..............................................................................................................................205
Organizing Data Storage For Availability And Performance..................................................... 206
Choosing RAID Levels ............................................................................................................... 206
Comparing RAID Level Performance..........................................................................................213
Supported Controllers.......................................................................................................................215
Supported RAID Controllers........................................................................................................215
Supported Non-RAID Controllers...............................................................................................215
Supported Enclosures....................................................................................................................... 215
Summary of Supported Features for Storage Devices.....................................................................215
Inventory and Monitoring Storage Devices......................................................................................218
Monitoring Storage Device Using Web Interface.......................................................................218
Monitoring Storage Device Using RACADM...............................................................................219
Monitoring Backplane Using iDRAC Settings Utility.................................................................. 219
Viewing Storage Device Topology................................................................................................... 219
Managing Physical Disks................................................................................................................... 219
Assigning or Unassigning Physical Disk as Global Hot spare.................................................... 219
Convert To RAID Capable Disk.................................................................................................. 220
Convert To Non-RAID Disk.........................................................................................................221
Managing Virtual Disks...................................................................................................................... 221
Creating Virtual Disks.................................................................................................................. 221
Editing Virtual Disk Cache Policies.............................................................................................223
Deleting Virtual Disks..................................................................................................................224
Checking Virtual Disk Consistency.............................................................................................224
Initializing Virtual Disks............................................................................................................... 225
Encrypting Virtual Disks.............................................................................................................. 226
Assigning or Unassigning Dedicated Hot Spares.......................................................................226
Managing Virtual Disks Using Web Interface............................................................................. 226
Managing Virtual Disks Using RACADM..................................................................................... 227
Managing Controllers....................................................................................................................... 227
Configuring Controller Properties..............................................................................................228
Importing or Auto Importing Foreign Configuration.................................................................231
Clearing Foreign Configuration..................................................................................................232
Resetting Controller Configuration............................................................................................233
12Gbps SAS HBA Adapter Operations........................................................................................234
Monitoring Predictive Failure Analysis On Drives...................................................................... 234
Controller Operations in Non-RAID (HBA) Mode......................................................................235
Running RAID Configuration Jobs On Multiple Storage Controllers........................................235
Managing PCIe SSDs.........................................................................................................................235
Inventory and Monitoring PCIe SSDs.........................................................................................236
Page 11
Preparing to Remove PCIe SSD..................................................................................................237
Erasing PCIe SSD Device Data....................................................................................................238
Managing Enclosures or Backplanes............................................................................................... 239
Configuring Backplane Mode.................................................................................................... 240
Viewing Universal Slots...............................................................................................................242
Setting SGPIO Mode................................................................................................................... 243
Choosing Operation Mode to Apply Settings..................................................................................243
Choosing Operation Mode Using Web Interface...................................................................... 243
Choosing Operation Mode Using RACADM..............................................................................244
Viewing and Applying Pending Operations..................................................................................... 244
Viewing, Applying, or Deleting Pending Operations Using Web Interface...............................244
Viewing and Applying Pending Operations Using RACADM.....................................................245
Storage Devices — Apply Operation Scenarios...............................................................................246
Case 1: Selected an Apply Operation (Apply Now, At Next Reboot, or At Scheduled Time)
and there are no existing pending operations Case 2: Selected an Apply Operation (Apply
Now, At Next Reboot, or At Scheduled Time) and there are existing pending operations
Case 3: Selected Add to Pending Operations and there are no existing pending
operationsCase 4: Selected Add to Pending Operations and there are prior existing
pending operations.....................................................................................................................246
Blinking or Unblinking Component LEDs........................................................................................ 247
Blinking or Unblinking Component LEDs Using Web Interface................................................247
Blinking or Unblinking Component LEDs Using RACADM....................................................... 248
14 Configuring and Using Virtual Console.....................................................249
Supported Screen Resolutions and Refresh Rates..........................................................................249
Configuring Web Browsers to Use Virtual Console........................................................................ 250
Configuring Web Browser to Use Java Plug-in.........................................................................250
Configuring IE to Use ActiveX Plug-in........................................................................................251
Importing CA Certificates to Management Station................................................................... 253
Configuring Virtual Console.............................................................................................................253
Configuring Virtual Console Using Web Interface.................................................................... 254
Configuring Virtual Console Using RACADM............................................................................ 254
Previewing Virtual Console.............................................................................................................. 254
Launching Virtual Console............................................................................................................... 254
Launching Virtual Console Using Web Interface.......................................................................255
Launching Virtual Console Using URL....................................................................................... 256
Disabling Warning Messages While Launching Virtual Console Or Virtual Media Using
Java or ActiveX Plug-in...............................................................................................................256
Using Virtual Console Viewer...........................................................................................................256
Synchronizing Mouse Pointers................................................................................................... 257
Passing All Keystrokes Through Virtual Console....................................................................... 258
Page 12
15 Managing Virtual Media.................................................................................261
Supported Drives and Devices......................................................................................................... 262
Configuring Virtual Media.................................................................................................................262
Configuring Virtual Media Using iDRAC Web Interface.............................................................262
Configuring Virtual Media Using RACADM................................................................................ 263
Configuring Virtual Media Using iDRAC Settings Utility............................................................ 263
Attached Media State and System Response.............................................................................263
Accessing Virtual Media....................................................................................................................263
Launching Virtual Media Using Virtual Console........................................................................ 264
Launching Virtual Media Without Using Virtual Console.......................................................... 264
Adding Virtual Media Images......................................................................................................265
Viewing Virtual Device Details....................................................................................................265
Resetting USB..............................................................................................................................266
Mapping Virtual Drive................................................................................................................. 266
Unmapping Virtual Drive.............................................................................................................267
Setting Boot Order Through BIOS................................................................................................... 267
Enabling Boot Once for Virtual Media............................................................................................. 268
16 Installing and Using VMCLI Utility.............................................................. 269
Installing VMCLI................................................................................................................................ 269
Running VMCLI Utility.......................................................................................................................269
VMCLI Syntax.................................................................................................................................... 270
VMCLI Commands to Access Virtual Media ............................................................................. 270
VMCLI Operating System Shell Options .................................................................................... 271
17 Managing vFlash SD Card..............................................................................272
Configuring vFlash SD Card..............................................................................................................272
Viewing vFlash SD Card Properties.............................................................................................272
Enabling or Disabling vFlash Functionality.................................................................................273
Initializing vFlash SD Card...........................................................................................................274
Getting the Last Status Using RACADM......................................................................................275
Managing vFlash Partitions............................................................................................................... 275
Creating an Empty Partition........................................................................................................276
Creating a Partition Using an Image File.................................................................................... 277
Formatting a Partition................................................................................................................. 278
Viewing Available Partitions........................................................................................................278
Modifying a Partition................................................................................................................... 279
Attaching or Detaching Partitions..............................................................................................280
Deleting Existing Partitions......................................................................................................... 281
Downloading Partition Contents................................................................................................281
Booting to a Partition..................................................................................................................282
Page 13
18 Using SMCLP................................................................................................... 283
System Management Capabilities Using SMCLP.............................................................................283
Running SMCLP Commands............................................................................................................283
iDRAC SMCLP Syntax....................................................................................................................... 284
Navigating the MAP Address Space..................................................................................................287
Using Show Verb...............................................................................................................................287
Using the -display Option...........................................................................................................287
Using the -level Option.............................................................................................................. 288
Using the -output Option...........................................................................................................288
Usage Examples................................................................................................................................288
Server Power Management........................................................................................................288
SEL Management........................................................................................................................ 289
MAP Target Navigation................................................................................................................291
19 Using iDRAC Service Module....................................................................... 292
Installing iDRAC Service Module......................................................................................................292
Supported Operating Systems for iDRAC Service Module..............................................................292
iDRAC Service Module Monitoring Features................................................................................... 292
Operating System Information...................................................................................................293
Replicate Lifecycle Logs to OS Log............................................................................................293
Automatic System Recovery Options........................................................................................ 293
WMI Management Providers...................................................................................................... 293
Co-existence of OpenManage Server Administrator and iDRAC Service Module...................295
Using iDRAC Service Module From iDRAC Web Interface..............................................................295
Using iDRAC Service Module From RACADM..................................................................................295
20 Using USB Port for Server Management....................................................296
Accessing iDRAC Interface over Direct USB Connection...............................................................296
Configuring iDRAC Using Server Configuration Profile on USB Device.........................................297
Configuring USB Management Port Settings.............................................................................297
Importing Server Configuration Profile From USB Device .......................................................299
21 Using iDRAC Quick Sync...............................................................................302
Configuring iDRAC Quick Sync........................................................................................................303
Configuring iDRAC Quick Sync Settings Using Web Interface.................................................303
Configuring iDRAC Quick Sync Settings Using RACADM......................................................... 303
Configuring iDRAC Quick Sync Settings Using iDRAC Settings Utility.....................................303
Using Mobile Device to View iDRAC Information...........................................................................304
22 Deploying Operating Systems.....................................................................305
Deploying Operating System Using VMCLI .................................................................................... 305
Page 14
Deploying Operating System Using Remote File Share..................................................................306
Managing Remote File Share......................................................................................................307
Configuring Remote File Share Using Web Interface............................................................... 308
Configuring Remote File Share Using RACADM........................................................................309
Deploying Operating System Using Virtual Media.......................................................................... 309
Installing Operating System From Multiple Disks...................................................................... 310
Deploying Embedded Operating System On SD Card....................................................................310
Enabling SD Module and Redundancy in BIOS..........................................................................310
23 Troubleshooting Managed System Using iDRAC..................................... 312
Using Diagnostic Console.................................................................................................................312
Scheduling Remote Automated Diagnostics............................................................................. 312
Scheduling Remote Automated Diagnostics Using RACADM...................................................313
Viewing Post Codes.......................................................................................................................... 314
Viewing Boot and Crash Capture Videos.........................................................................................314
Configuring Video Capture Settings...........................................................................................314
Viewing Logs......................................................................................................................................315
Viewing Last System Crash Screen...................................................................................................315
Viewing Front Panel Status............................................................................................................... 315
Viewing System Front Panel LCD Status.................................................................................... 315
Viewing System Front Panel LED Status.....................................................................................316
Hardware Trouble Indicators............................................................................................................316
Viewing System Health......................................................................................................................317
Generating Technical Support Report..............................................................................................317
Generating Technical Support Report Automatically................................................................318
Generating Technical Support Report Manually........................................................................319
Checking Server Status Screen for Error Messages.........................................................................321
Restarting iDRAC............................................................................................................................... 321
Resetting iDRAC Using iDRAC Web Interface............................................................................ 321
Resetting iDRAC Using RACADM................................................................................................321
Erasing System and User Data.......................................................................................................... 321
Resetting iDRAC to Factory Default Settings...................................................................................322
Resetting iDRAC to Factory Default Settings Using iDRAC Web Interface...............................322
Resetting iDRAC to Factory Default Settings Using iDRAC Settings Utility.............................. 322
24 Frequently Asked Questions........................................................................ 323
System Event Log..............................................................................................................................323
Network Security...............................................................................................................................323
Active Directory................................................................................................................................ 324
Single Sign-On.................................................................................................................................. 327
Smart Card Login..............................................................................................................................328
Virtual Console..................................................................................................................................328
Page 15
Virtual Media......................................................................................................................................332
vFlash SD Card.................................................................................................................................. 334
SNMP Authentication........................................................................................................................335
Storage Devices................................................................................................................................ 335
iDRAC Service Module......................................................................................................................335
RACADM............................................................................................................................................ 337
Miscellaneous................................................................................................................................... 338
25 Use Case Scenarios........................................................................................ 341
Troubleshooting An Inaccessible Managed System........................................................................341
Obtaining System Information and Assess System Health............................................................. 342
Setting Up Alerts and Configuring Email Alerts............................................................................... 342
Viewing and Exporting Lifecycle Log and System Event Log......................................................... 342
Interfaces to Update iDRAC Firmware.............................................................................................342
Performing Graceful Shutdown....................................................................................................... 343
Creating New Administrator User Account..................................................................................... 343
Launching Server's Remote Console and Mounting a USB Drive.................................................. 343
Installing Bare Metal OS Using Attached Virtual Media and Remote File Share.............................343
Managing Rack Density.................................................................................................................... 344
Installing New Electronic License.................................................................................................... 344
Applying I/O Identity Configuration Settings for Multiple Network Cards in Single Host
System Reboot .................................................................................................................................344
Page 16
1
Overview
The Integrated Dell Remote Access Controller (iDRAC) is designed to make server administrators more
productive and improve the overall availability of Dell servers. iDRAC alerts administrators to server issues,
helps them perform remote server management, and reduces the need for physical access to the server.
iDRAC with Lifecycle controller technology is part of a larger datacenter solution that helps keep business
critical applications and workloads available at all times. The technology allows administrators to deploy,
monitor, manage, configure, update, troubleshoot and remediate Dell servers from any location, and
without the use of agents. It accomplishes this regardless of operating system or hypervisor presence or
state.
Several products work in conjunction with the iDRAC and Lifecycle controller to simplify and streamline
IT operations, such as:
• Dell Management plug-in for VMware vCenter
• Dell Repository Manager
• Dell Management Packs for Microsoft System Center Operations Manager (SCOM) and Microsoft
System Center Configuration Manager (SCCM)
• BMC Bladelogic
• Dell OpenManage Essentials
• Dell OpenManage Power Center
The iDRAC is available in the following variants:
• Basic Management with IPMI (available by default for 200-500 series servers)
• iDRAC Express (available by default on all 600 and higher series of rack or tower servers, and all blade
servers)
• iDRAC Enterprise (available on all server models)
For more information, see the iDRAC Overview and Feature Guide available at dell.com/support/
manuals.
Benefits of Using iDRAC With Lifecycle Controller
The benefits include:
• Increased Availability — Early notification of potential or actual failures that help prevent a server
failure or reduce recovery time after failure.
• Improved Productivity and Lower Total Cost of Ownership (TCO) — Extending the reach of
administrators to larger numbers of distant servers can make IT staff more productive while driving
down operational costs such as travel.
• Secure Environment — By providing secure access to remote servers, administrators can perform
critical management functions while maintaining server and network security.
• Enhanced Embedded Management through Lifecycle Controller – Lifecycle Controller provides
deployment and simplified serviceability through Lifecycle Controller GUI for local deployment and
16
Page 17
Remote Services (WS-Management) interfaces for remote deployment integrated with Dell
OpenManage Essentials and partner consoles.
For more information on Lifecycle Controller GUI, see Lifecycle Controller User’s Guide and for remote
services, see Lifecycle Controller Remote Services User’s Guide available at dell.com/support/manuals.
Key Features
The key features in iDRAC include:
NOTE: Some of the features are available only with iDRAC Enterprise license. For information on the
features available for a license, see Managing Licenses.
Inventory and Monitoring
• View managed server health.
• Inventory and monitor network adapters and storage subsystem (PERC and direct attached storage)
without any operating system agents.
• View and export system inventory.
• View sensor information such as temperature, voltage, and intrusion.
• Monitor CPU state, processor automatic throttling, and predictive failure.
• View memory information.
• Monitor and control power usage.
• Support for SNMPv3 gets.
• For blade servers: launch Chassis Management Controller (CMC) Web interface, view CMC
information, and WWN/MAC addresses.
NOTE: CMC provides access to iDRAC through the M1000E Chassis LCD panel and local
console connections. For more information, see Chassis Management Controller User’s Guide
available at dell.com/support/manuals.
• View network interfaces available on host operating systems.
• View inventory and monitor information and configure basic iDRAC settings using iDRAC Quick Sync
feature and a mobile device.
Deployment
• Manage vFlash SD card partitions.
• Configure front panel display settings.
• Launch Lifecycle Controller, which allows you to configure and update BIOS and supported network
and storage adapters.
• Manage iDRAC network settings.
• Configure and use virtual console and virtual media.
• Deploy operating systems using remote file share, virtual media, and VMCLI.
• Enable auto-discovery.
• Perform server configuration using the export or import XML profile feature through RACADM and
WS-MAN. For more information, see the Lifecycle Controller Remote Services Quick Start Guide.
• Configure persistence policy for virtual addresses, initiator, and storage targets.
• Remotely configure storage devices attached to the system at run-time.
• Perform the following operations for storage devices:
– Physical disks: Assign or unassign physical disk as a global hot spare
17
Page 18
– Virtual disks:
* Create virtual disks
* Edit virtual disks cache policies
* Check virtual disk consistency
* Initialize virtual disks
* Encrypt virtual disks
* Assign or unassign dedicated hot spare
* Delete virtual disks
– Controllers:
* Configure controller properties
* Import or auto-import foreign configuration
* Clear foreign configuration
* Reset controller configuration
* Create or change security keys
– PCIe SSD devices:
* Inventory and remotely monitor the health of PCIe SSD devices in the server.
* Prepare the PCIe SSD to be removed
* Securely erase the data
– Set the backplane mode (unified or split mode).
– Blink or unblink component LEDs
– Apply the device settings immediately, at next system reboot, at a scheduled time, or as a pending
operation to be applied as a batch as part of the single job.
Update
• Manage iDRAC licenses.
• Update BIOS and device firmware for devices supported by Lifecycle Controller
• Update or rollback iDRAC firmware and lifecycle controller firmware using a single firmware image.
• Manage staged updates.
• Backup and restore server profile
• Access iDRAC interface over direct USB connection.
• Configure iDRAC using Server Configuration Profiles on USB device.
Maintenance and Troubleshooting
• Perform power related operations and monitor power consumption.
• Optimize system performance and power consumption by modifying the thermal settings.
• No dependency on Server Administrator for generation of alerts.
• Log event data: Lifecycle and RAC logs.
• Set email alerts, IPMI alerts, remote system logs, WS eventing logs, and SNMP traps (v1, v2c, and v3)
for events and improved email alert notification.
• Capture last system crash image.
• View boot and crash capture videos.
• Out-of-band monitor and alert the performance index of CPU, memory, and I/O modules.
• Configure warning threshold for inlet temperature and power consumption.
18
Page 19
• Use iDRAC Service Module to:
– View Operating System (OS) information
– Replicate Lifecycle Controller logs to operating system logs
– Automatic system recovery options
– Populate Windows Management Instrumentation (WMI) information
– Integrate with Technical Support Report. This is applicable only if iDRAC Service Module Version
2.0 or later is installed. For more information, see Generating Tech Support Report.
– Integrate with NVMe Management for Prepare to Remove operation on a NVMe class PCIe SSD.
For more information, see Preparing to Remove PCIe SSD.
• Generate technical support report in the following ways:
– Automatic — Using iDRAC Service Module that automatically invokes the OS Collector tool.
– Manual — Using OS Collector tool
Secure Connectivity
Securing access to critical network resources is a priority. iDRAC implements a range of security features
that includes:
• Custom signing certificate for Secure Socket Layer (SSL) certificate.
• Signed firmware updates.
• User authentication through Microsoft Active Directory, generic Lightweight Directory Access
Protocol (LDAP) Directory Service, or locally administered user IDs and passwords.
• Two-factor authentication using the Smart–Card logon feature. The two-factor authentication is
based on the physical smart card and the smart card PIN.
• Single Sign-on and Public Key Authentication.
• Role-based authorization, to configure specific privileges for each user.
• SNMPv3 authentication for user accounts stored locally in the iDRAC. It is recommended to use this,
but it is disabled by default.
• User ID and password configuration.
• Default login password modification.
• Set user passwords and BIOS passwords using one way hash format for improved security.
• SMCLP and Web interfaces that support 128-bit and 40-bit encryption (for countries where 128 bit is
not acceptable), using the SSL 3.0 standard.
• Session time-out configuration (in seconds).
• Configurable IP ports (for HTTP, HTTPS, SSH, Telnet, Virtual Console, and Virtual Media).
NOTE: Telnet does not support SSL encryption and is disabled by default.
• Secure Shell (SSH) that uses an encrypted transport layer for higher security.
• Login failure limits per IP address, with login blocking from that IP address when the limit is exceeded.
• Limited IP address range for clients connecting to iDRAC.
• Dedicated Gigabit Ethernet adapter on rack or tower servers with Enterprise license.
New In This Release
• Set user passwords and BIOS passwords using one way hash format for improved security.
• Optimize system performance and power consumption by modifying the thermal settings.
• Update iDRAC and Lifecycle Controller firmware using a single firmware image.
19
Page 20
• Update device firmware using TFTP or HTTP.
• Out-of-band monitor and alert the performance index of CPU, memory, and I/O modules.
• Configure warning threshold for inlet Temperature.
• Configure persistence policy for virtual addresses, initiator, and storage targets.
• View network interfaces available on host operating systems.
• Enable SNMPv3 authentication for a user to receive SNMP traps.
• Configure the SNMPv3 trap format.
• Set the warning threshold for power consumption.
• Remotely configure storage devices attached to the system at run-time.
• Perform the following operations for storage devices:
– Physical disks: Assign or unassign physical disk as a global hot spare
– Virtual disks:
* Create virtual disks
* Edit virtual disks cache policies
* Check virtual disk consistency
* Initialize virtual disks
* Encrypt virtual disks
* Assign or unassign dedicated hot spare
* Delete virtual disks
– Controllers:
* Configure controller properties
* Import or auto-import foreign configuration
* Clear foreign configuration
* Reset controller configuration
* Create or change security keys
– PCIe SSD devices:
* Inventory and remotely monitor the health of PCIe SSD devices in the server.
* Prepare the PCIe SSD to be removed
* Securely erase the data
– Set the backplane mode (unified or split mode).
– Blink or unblink component LEDs
– Apply the device settings immediately, at next system reboot, at a scheduled time, or as a pending
operation to be applied as a batch as part of the single job.
• Use iDRAC Service Module to:
– Populate WMI information.
– Integrate with Technical Support Report.
• Access iDRAC interface over direct USB connection.
• Configure iDRAC using configuration XML file on USB device.
• View inventory and monitor information and configure basic iDRAC settings using iDRAC Quick Sync
feature and a mobile device.
• Configure video capture settings
• Generate technical support report in the following ways:
20
Page 21
– Automatic — Using iDRAC Service Module that automatically invokes the OS Collector tool.
– Manual — Using OS Collector tool
• Erase system and user data
• Six users can launch the Virtual Console at any point of time.
How To Use This User's Guide
The contents of this User's Guide enable you to perform the tasks by using:
• iDRAC Web interface — Only the task-related information is provided here. For information about the
fields and options, see the iDRAC Online Help that you can access from the Web interface.
• RACADM — The RACADM command or the object that you must use is provided here. For more
information, see the RACADM Command Line Reference Guide available at dell.com/support/
manuals.
• iDRAC Settings Utility — Only the task-related information is provided here. For information about the
fields and options, see the iDRAC Settings Utility Online Help that you can access when you click Help
in the iDRAC Settings GUI (press <F2> during boot, and then click iDRAC Settings on the System
Setup Main Menu page).
Supported Web Browsers
iDRAC is supported on the following browsers:
• Internet Explorer
• Mozilla Firefox
• Google Chrome
• Safari
For the list of versions, see the iDRAC8 Release Notes available at dell.com/support/manuals.
Managing Licenses
iDRAC features are available based on the purchased license (Basic Management, iDRAC Express, or
iDRAC Enterprise). Only licensed features are available in the interfaces that allow you to configure or use
iDRAC. For example, iDRAC Web interface, RACADM, WS-MAN, OpenManage Server Administrator, and
so on. Some features, such as dedicated NIC or vFlash requires iDRAC ports card. This is optional on
200-500 series servers.
iDRAC license management and firmware update functionality is available through iDRAC Web interface
and RACADM.
Types of Licenses
The types of licenses offered are:
• 30 day evaluation and extension — The license expires after 30 days and can be extended for 30 days.
Evaluation licenses are duration based, and the timer runs when power is applied to the system.
• Perpetual — The license is bound to the service tag and is permanent.
Acquiring Licenses
Use any of the following methods to acquire the licenses:
21
Page 22
• E-mail — License is attached to an email that is sent after requesting it from the technical support
center.
• Self-service portal — A link to the Self-Service Portal is available from iDRAC. Click this link to open
the licensing Self-Service Portal on the internet. Currently, you can use the License Self-Service Portal
to retrieve licenses that were purchased with the server. You must contact the sales representative or
technical support to buy a new or upgrade license. For more information, see the online help for the
self-service portal page.
• Point-of-sale — License is acquired while placing the order for a system.
License Operations
Before you perform the license management tasks, make sure to acquire the licenses. For more
information, see the Overview and Feature Guide available at dell.com/support/manuals.
NOTE: If you have purchased a system with all the licenses pre-installed, then license management
is not required.
You can perform the following licensing operations using iDRAC, RACADM, WS-MAN, and Lifecycle
Controller-Remote Services for one-to-one license management, and Dell License Manager for one-tomany license management:
• View — View the current license information.
• Import — After acquiring the license, store the license in a local storage and import it into iDRAC using
one of the supported interfaces. The license is imported if it passes the validation checks.
NOTE: For a few features, a system restart is required to enable the features.
• Export — Export the installed license into an external storage device for backup or to reinstall it again
after a part or motherboard replacement. The file name and format of the exported license is
<EntitlementID>.xml.
• Delete — Delete the license that is assigned to a component if the component is missing. After the
license is deleted, it is not stored in iDRAC and the base product functions are enabled.
• Replace — Replace the license to extend an evaluation license, change a license type such as an
evaluation license with a purchased license, or extend an expired license.
– An evaluation license may be replaced with an upgraded evaluation license or with a purchased
license.
– A purchased license may be replaced with an updated license or with an upgraded license.
• Learn More — Learn more about an installed license, or the licenses available for a component
installed in the server.
NOTE: For the Learn More option to display the correct page, make sure that *.dell.com is
added to the list of Trusted Sites in the Security Settings. For more information, see the Internet
Explorer help documentation.
For one-to-many license deployment, you can use Dell License Manager. For more information, see the
Dell License Manager User’s Guide available at dell.com/support/manuals.
Importing License After Replacing Motherboard
You can use the Local iDRAC Enterprise License Installation Tool if you have recently replaced the
motherboard and need to reinstall the iDRAC Enterprise license locally (with no network connectivity)
and activate the dedicated NIC. This utility installs a 30-day trial iDRAC Enterprise license and allows you
to reset the iDRAC to change from shared NIC to dedicated NIC.
22
Page 23
For more information about this utility and to download this tool, click here.
License Component State or Condition and Available Operations
The following table provides the list of license operations available based on the license state or
condition.
Table 1. License Operations Based on State and Condition
License/
Component
state or
condition
Nonadministrator
login
Active license Yes Yes Yes Yes Yes
Expired license No Yes Yes Yes Yes
License
installed but
component
missing
NOTE: In the iDRAC Web interface, on the Licenses page, expand the device to view the Replace
option in the drop-down menu.
Import Export Delete Replace Learn More
No No No No Yes
No Yes Yes No Yes
Managing Licenses Using iDRAC Web Interface
To manage the licenses using the iDRAC Web interface, go to Overview → Server → Licenses .
The Licensing page displays the licenses that are associated to devices, or the licenses that are installed
but the device is not present in the system. For more information on importing, exporting, deleting, or
replacing a license, see the iDRAC Online Help.
Managing Licenses Using RACADM
To manage licenses using RACADM, use the license subcommand. For more information, see the iDRAC8
RACADM Command Line Interface Reference Guide available at dell.com/support/manuals.
Licensable Features In iDRAC8
The following table provides the iDRAC8 features that are enabled based on the license purchased.
Feature iDRAC8 Basic iDRAC8 Express iDRAC8 Express
for Blades
Interfaces / Standards
IPMI 2.0 Yes Yes Yes Yes
DCMI 1.5 Yes Yes Yes Yes
iDRAC8 Enterprise
23
Page 24
Feature iDRAC8 Basic iDRAC8 Express iDRAC8 Express
iDRAC8 Enterprise
for Blades
Web-based GUI Yes Yes Yes Yes
Racadm command line
Yes Yes Yes Yes
(local/remote)
SMASH-CLP (SSH-only) Yes Yes Yes Yes
Telnet Yes Yes Yes Yes
SSH Yes Yes Yes Yes
WSMAN Yes Yes Yes Yes
Network Time Protocol No Yes Yes Yes
Connectivity
Shared NIC Yes Yes N/A Yes
Dedicated NIC
2
Yes Yes Yes Yes
VLAN tagging Yes Yes Yes Yes
IPv4 Yes Yes Yes Yes
IPv6 Yes Yes Yes Yes
DHCP Yes Yes Yes Yes
1
2
Dynamic DNS Yes Yes Yes Yes
OS pass-through Yes Yes Yes Yes
Front panel USB Yes Yes Yes Yes
Security
Role-based authority Yes Yes Yes Yes
Local users Yes Yes Yes Yes
SSL encryption Yes Yes Yes Yes
IP blocking No Yes Yes Yes
Directory services (AD,
No No No Yes
LDAP)
Two-factor
No No No Yes
authentication
24
Page 25
Feature iDRAC8 Basic iDRAC8 Express iDRAC8 Express
iDRAC8 Enterprise
for Blades
Single sign-on No No No Yes
PK authentication No Yes Yes Yes
Remote Presence
Power control Yes Yes Yes Yes
Boot control Yes Yes Yes Yes
Serial-over-LAN Yes Yes Yes Yes
Virtual Media No No Yes Yes
Virtual Folders No No No Yes
Remote File Share No No No Yes
Virtual Console No No Yes Yes
VNC connection to OS No No No Yes
Quality/bandwidth
No No No Yes
control
Virtual Console
No No Yes Yes
collaboration (6 users)
Virtual Console chat No No No Yes
Virtual Flash partitions No No No Yes
Power and Thermal
Real-time power meter Yes Yes Yes Yes
Power thresholds & alerts No Yes Yes Yes
Real-time power
No Yes Yes Yes
graphing
Historical power counters No Yes Yes Yes
Power capping No No No Yes
Power Center integration No No No Yes
Temperature monitoring Yes Yes Yes Yes
2,3
Temperature graphing No Yes Yes Yes
25
Page 26
Feature iDRAC8 Basic iDRAC8 Express iDRAC8 Express
for Blades
Health Monitoring
iDRAC8 Enterprise
Full agent-free
monitoring
Predictive failure
monitoring
SNMPv1, v2, and v3 (traps
and gets)
Email Alerting No Yes Yes Yes
Configurable thresholds Yes Yes Yes Yes
Fan monitoring Yes Yes Yes Yes
Power Supply monitoring Yes Yes Yes Yes
Memory monitoring Yes Yes Yes Yes
CPU monitoring Yes Yes Yes Yes
RAID monitoring Yes Yes Yes Yes
NIC monitoring Yes Yes Yes Yes
HD monitoring
(enclosure)
Yes Yes Yes Yes
Yes Yes Yes Yes
Yes Yes Yes Yes
Yes Yes Yes Yes
Out of Band Performance
Monitoring
Update
Remote agent-free
update
Embedded update tools Yes Yes Yes Yes
Sync with repository
(scheduled updates)
Auto-update No No No Yes
Deployment and Configuration
Embedded OS
deployment tools
26
No No No Yes
Yes Yes Yes Yes
No No No Yes
Yes Yes Yes Yes
Page 27
Feature iDRAC8 Basic iDRAC8 Express iDRAC8 Express
Embedded configuration
tools
Auto-Discovery No Yes Yes Yes
Remote OS deployment No Yes Yes Yes
Embedded driver pack Yes Yes Yes Yes
Yes Yes Yes Yes
for Blades
iDRAC8 Enterprise
Full configuration
inventory
Inventory export Yes Yes Yes Yes
Remote configuration Yes Yes Yes Yes
Zerotouch configuration No No No Yes
System Retire/Repurpose Yes Yes Yes Yes
Diagnostics, Service, and Logging
Embedded diagnostic
tools
Part Replacement No Yes Yes Yes
Server Configuration
Backup
Server Configuration
Restore
Easy Restore (system
configuration)
Yes Yes Yes Yes
Yes Yes Yes Yes
No No No Yes
Yes Yes Yes Yes
Yes Yes Yes Yes
Health LED / LCD Yes Yes Yes Yes
Quick Sync (require NFC
bezel)
iDRAC Direct (front USB
management port)
iDRAC Service Module
(iSM)
Embedded Tech Support
Report
Yes Yes N/A Yes
Yes Yes Yes Yes
Yes Yes Yes Yes
Yes Yes Yes Yes
27
Page 28
Feature iDRAC8 Basic iDRAC8 Express iDRAC8 Express
for Blades
Crash screen capture No Yes Yes Yes
Crash video capture No No No Yes
Boot capture No No No Yes
Manual reset for iDRAC Yes Yes Yes Yes
Virtual NMI Yes Yes Yes Yes
OS watchdog Yes Yes Yes Yes
Embedded Health Report Yes Yes Yes Yes
System Event Log Yes Yes Yes Yes
Lifecycle Log Yes Yes Yes Yes
Work notes Yes Yes Yes Yes
Remote Syslog No No No Yes
License management Yes Yes Yes Yes
iDRAC8 Enterprise
[1] Not available with blade servers.
[2] 500 series and lower rack and tower servers require a hardware card to enable this feature; this
hardware is offered at additional cost.
[3] Requires vFlash SD card media.
Interfaces and Protocols to Access iDRAC
The following table lists the interfaces to access iDRAC.
NOTE: Using more than one interface at the same time may generate unexpected results.
Table 2. Interfaces and Protocols to Access iDRAC
Interface or
Protocol
iDRAC Settings
Utility
iDRAC Web
Interface
Description
Use the iDRAC Settings utility to perform pre-OS operations. It has a subset of the
features that are available in iDRAC Web interface along with other features.
To access iDRAC Settings utility, press <F2> during boot and then click iDRAC
Settings on the System Setup Main Menu page.
Use the iDRAC Web interface to manage iDRAC and monitor the managed system.
The browser connects to the Web server through the HTTPS port. Data streams
28
Page 29
Interface or
Protocol
RACADM Use this command line utility to perform iDRAC and server management. You can
Description
are encrypted using 128-bit SSL to provide privacy and integrity. Any connection to
the HTTP port is redirected to HTTPS. Administrators can upload their own SSL
certificate through an SSL CSR generation process to secure the Web server. The
default HTTP and HTTPS ports can be changed. The user access is based on user
privileges.
use RACADM locally and remotely.
• Local RACADM command line interface runs on the managed systems that
have Server Administrator installed. Local RACADM communicates with iDRAC
through its in-band IPMI host interface. Since it is installed on the local
managed system, users are required to log in to the operating system to run
this utility. A user must have a full administrator privilege or be a root user to
use this utility.
• Remote RACADM is a client utility that runs on a management station. It uses
the out-of-band network interface to run RACADM commands on the
managed system and uses the HTTPs channel. The –r option runs the RACADM
command over a network.
• Firmware RACADM is accessible by logging in to iDRAC using SSH or telnet.
You can run the firmware RACADM commands without specifying the iDRAC
IP, user name, or password.
• You do not have to specify the iDRAC IP, user name, or password to run the
firmware RACADM commands. After you enter the RACADM prompt, you can
directly run the commands without the racadm prefix.
Server LCD Panel/
Chassis LCD Panel
CMC Web
Interface
Lifecycle Controller Use Lifecycle Controller to perform iDRAC configurations. To access Lifecycle
Use the LCD on the server front panel to:
• View alerts, iDRAC IP or MAC address, user programmable strings.
• Set DHCP
• Configure iDRAC static IP settings.
For blade servers, the LCD is on the chassis front panel and is shared between all
the blades.
To reset iDRAC without rebooting the server, press and hold the System
Identification button for 16 seconds.
In addition to monitoring and managing the chassis, use the CMC Web interface
to:
• View the status of a managed system
• Update iDRAC firmware
• Configure iDRAC network settings
• Log in to iDRAC Web interface
• Start, stop, or reset the managed system
• Update BIOS, PERC, and supported network adapters
Controller, press <F10> during boot and go to System Setup → Advanced
Hardware Configuration
Controller User’s Guide available at dell.com/support/manuals.
→ iDRAC Settings. For more information, see Lifecycle
Telnet Use Telnet to access iDRAC where you can run RACADM and SMCLP commands.
For details about RACADM, see iDRAC8 RACADM Command Line Interface
29
Page 30
Interface or
Protocol
SSH Use SSH to run RACADM and SMCLP commands. It provides the same capabilities
IPMITool Use the IPMITool to access the remote system’s basic management features
VMCLI Use the Virtual Media Command Line Interface (VMCLI) to access a remote media
Description
Reference Guide available at dell.com/support/manuals. For details about SMCLP,
see Using SMCLP.
NOTE: Telnet is not a secure protocol and is disabled by default. Telnet
transmits all data, including passwords in plain text. When transmitting
sensitive information, use the SSH interface.
as the Telnet console using an encrypted transport layer for higher security. The
SSH service is enabled by default on iDRAC. The SSH service can be disabled in
iDRAC. iDRAC only supports SSH version 2 with DSA and the RSA host key
algorithm. A unique 1024-bit DSA and 1024-bit RSA host key is generated when
you power-up iDRAC for the first time.
through iDRAC. The interface includes local IPMI, IPMI over LAN, IPMI over Serial,
and Serial over LAN. For more information on IPMITool, see the Dell OpenManage
Baseboard Management Controller Utilities User’s Guide at dell.com/support/
manuals.
NOTE: IPMI version 1.5 is not supported.
through the management station and deploy operating systems on multiple
managed systems.
SMCLP Use Server Management Workgroup Server Management-Command Line Protocol
(SMCLP) to perform systems management tasks. This is available through SSH or
Telnet. For more information about SMCLP, see Using SMCLP.
WS-MAN The LC-Remote Services is based on the WS-Management protocol to do one-to-
many systems management tasks. You must use WS-MAN client such as WinRM
client (Windows) or the OpenWSMAN client (Linux) to use the LC-Remote Services
functionality. You can also use Power Shell and Python to script to the WS-MAN
interface.
Web Services for Management (WS-Management) is a Simple Object Access
Protocol (SOAP)–based protocol used for systems management. iDRAC uses WS–
Management to convey Distributed Management Task Force (DMTF) Common
Information Model (CIM)–based management information. The CIM information
defines the semantics and information types that can be modified in a managed
system. The data available through WS-Management is provided by iDRAC
instrumentation interface mapped to the DMTF profiles and extension profiles.
For more information, see the following:
• Lifecycle Controller-Remote Services User’s Guide available at dell.com/
support/manuals.
• Lifecycle Controller Integration Best Practices Guide available at dell.com/
support/manuals.
• Lifecycle Controller page on Dell TechCenter — delltechcenter.com/page/
Lifecycle+Controller
• Lifecycle Controller WS-Management Script Center — delltechcenter.com/
page/Scripting+the+Dell+Lifecycle+Controller
• MOFs and Profiles — delltechcenter.com/page/DCIM.Library
30
Page 31
Interface or
Protocol
Description
• DTMF Web site — dmtf.org/standards/profiles/
iDRAC Port Information
The following ports are required to remotely access iDRAC through firewalls. These are the default ports
iDRAC listens to for connections. Optionally, you can modify most of the ports. To do this, see
Configuring Services.
Table 3. Ports iDRAC Listens for Connections
Port Number Function
22* SSH
23* Telnet
80* HTTP
443* HTTPS
623 RMCP/RMCP+
161* SNMP
5900* Virtual Console keyboard and mouse redirection, Virtual Media, Virtual Folders,
and Remote File Share
5901 VNC
When VNC feature is enabled, the port 5901 opens.
* Configurable port
The following table lists the ports that iDRAC uses as a client.
Table 4. Ports iDRAC Uses as Client
Port Number Function
25* SMTP
53 DNS
68 DHCP-assigned IP address
69 TFTP
162* SNMP trap
31
Page 32
Port Number Function
445 Common Internet File System (CIFS)
636 LDAP Over SSL (LDAPS)
2049 Network File System (NFS)
123 Network Time Protocol (NTP)
3269 LDAPS for global catalog (GC)
* Configurable port
Other Documents You May Need
In addition to this guide, the following documents available on the Dell Support website at dell.com/
support/manuals provides additional information about the setup and operation of iDRAC in your
system.
• The iDRAC Online Help provides detailed information about the fields available on the iDRAC Web
interface and the descriptions for the same. You can access the online help after you install iDRAC.
• The iDRAC8 RACADM Command Line Interface Reference Guide provides information about the
RACADM sub-commands, supported interfaces, and iDRAC property database groups and object
definitions.
• The iDRAC RACADM Support Matrix provides the list of sub commands and objects that are applicable
for a particular iDRAC version.
• The Systems Management Overview Guide provides brief information about the various software
available to perform systems management tasks.
• The Dell Lifecycle Controller Graphical User Interface For 13th Generation Dell PowerEdge Servers
User’s Guide provides information on using Lifecycle Controller Graphical User Interface (GUI).
• The Dell Lifecycle Controller Remote Services For 13th Generation Dell PowerEdge Servers Quick
Start Guide provides an overview of the Remote Services capabilities, information on getting started
with Remote Services, Lifecycle Controller API, and provides references to various resources on Dell
Tech Center.
• The Dell Remote Access Configuration Tool User’s Guide provides information on how to use the tool
to discover iDRAC IP addresses in your network and perform one-to-many firmware updates and
active directory configurations for the discovered IP addresses.
• The Dell Systems Software Support Matrix provides information about the various Dell systems, the
operating systems supported by these systems, and the Dell OpenManage components that can be
installed on these systems.
• The iDRAC Service Module Installation Guide provides information to install the iDRAC Service
Module.
• The Dell OpenManage Server Administrator Installation Guide contains instructions to help you install
Dell OpenManage Server Administrator.
• The Dell OpenManage Management Station Software Installation Guide contains instructions to help
you install Dell OpenManage management station software that includes Baseboard Management
Utility, DRAC Tools, and Active Directory Snap-In.
• The Dell OpenManage Baseboard Management Controller Management Utilities User’s Guide has
information about the IPMI interface.
• The Release Notes provides last-minute updates to the system or documentation or advanced
technical reference material intended for experienced users or technicians.
32
Page 33
• The Glossary provides information about the terms used in this document.
The following system documents are available to provide more information:
• The iDRAC Overview and Feature Guide provides information about iDRAC, its licensable features, and
license upgrade options.
• The safety instructions that came with your system provide important safety and regulatory
information. For additional regulatory information, see the Regulatory Compliance home page at
dell.com/regulatory_compliance. Warranty information may be included within this document or as
a separate document.
• The Rack Installation Instructions included with your rack solution describe how to install your system
into a rack.
• The Getting Started Guide provides an overview of system features, setting up your system, and
technical specifications.
• The Owner’s Manual provides information about system features and describes how to troubleshoot
the system and install or replace system components.
Related Links
Contacting Dell
Accessing documents from Dell support site
Social Media Reference
To know more about the product, best practices, and information about Dell solutions and services, you
can access the social media platforms such as Dell TechCenter. You can access blogs, forums,
whitepapers, how-to videos, and so on from the iDRAC wiki page at www.delltechcenter.com/idrac.
For iDRAC and other related firmware documents, see www.dell.com/esmmanuals.
Contacting Dell
NOTE: If you do not have an active Internet connection, you can find contact information on your
purchase invoice, packing slip, bill, or Dell product catalog.
Dell provides several online and telephone-based support and service options. Availability varies by
country and product, and some services may not be available in your area. To contact Dell for sales,
technical support, or customer service issues:
1. Go to dell.com/support.
2. Select your support category.
3. Verify your country or region in the Choose a Country/Region drop-down list at the top of page.
4. Select the appropriate service or support link based on your need.
Accessing documents from Dell support site
You can access the required documents in one of the following ways:
• Using the following links:
– For all Systems Management documents — dell.com/softwaresecuritymanuals
– For Remote Enterprise Systems Management documents — dell.com/esmmanuals
– For Enterprise Systems Management documents — dell.com/openmanagemanuals
33
Page 34
– For Client Systems Management documents — dell.com/clientsystemsmanagement
– For Serviceability Tools documents — dell.com/serviceabilitytools
– For OpenManage Connections Enterprise Systems Management documents — dell.com/
OMConnectionsEnterpriseSystemsManagement
– For OpenManage Connections Client Systems Management documents — dell.com/
connectionsclientsystemsmanagement
• From the Dell Support site:
a. Go to dell.com/support/manuals.
b. Under General support section, click Software & Security.
c. In the Software & Security group box, click the required link from the following:
– Serviceability Tools
– Enterprise Systems Management
– Client Systems Management
– Remote Enterprise Systems Management
– Connections Client Systems Management
d. To view a document, click the required product version.
• Using search engines:
– Type the name and version of the document in the search box.
34
Page 35
2
Logging into iDRAC
You can log in to iDRAC as an iDRAC user, as a Microsoft Active Directory user, or as a Lightweight
Directory Access Protocol (LDAP) user. The default user name and password is root and calvin,
respectively. You can also log in using Single Sign-On or Smart Card.
NOTE: You must have Login to iDRAC privilege to log in to iDRAC.
Related Links
Logging into iDRAC as Local User, Active Directory User, or LDAP User
Logging into iDRAC Using Smart Card
Logging into iDRAC Using Single Sign-on
Changing Default Login Password
Logging into iDRAC as Local User, Active Directory User, or LDAP User
Before you log in to iDRAC using the Web interface, make sure that you have configured a supported
Web browser and the user account is created with the required privileges.
NOTE: The user name is not case-sensitive for an Active Directory user. The password is casesensitive for all users.
NOTE: In addition to Active Directory, openLDAP, openDS, Novell eDir, and Fedora based directory
services are supported.
To log in to iDRAC as local user, Active Directory user, or LDAP user:
1. Open a supported Web browser.
2. In the Address field, type https://[iDRAC-IP-address] and press <Enter>.
NOTE: If the default HTTPS port number (port 443) was changed, enter: https://[iDRACIP-address]:[port-number] where, [iDRAC-IP-address] is the iDRAC IPv4 or IPv6
address and [port-number] is the HTTPS port number.
The Login page is displayed.
3. For a local user:
• In the Username and Password fields, enter your iDRAC user name and password.
• From the Domain drop-down menu, select This iDRAC.
4. For an Active Directory user, in the Username and Password fields, enter the Active Directory user
name and password. If you have specified the domain name as a part of the username, select This
iDRAC from the drop-down menu. The format of the user name can be: <domain>\<username>,
<domain>/<username>, or <user>@<domain>.
For example, dell.com\john_doe, or JOHN_DOE@DELL.COM.
35
Page 36
If the domain is not specified in the user name, select the Active Directory domain from the Domain
drop-down menu.
5. For an LDAP user, in the Username and Password fields, enter your LDAP user name and password.
Domain name is not required for LDAP login. By default, This iDRAC is selected in the drop-down
menu.
6. Click Submit. You are logged into iDRAC with the required user privileges.
If you log in with Configure Users privileges and the default account credentials, and if the default
password warning feature is enabled, the Default Password Warning page is displayed allowing you
to easily change the password.
Related Links
Configuring User Accounts and Privileges
Changing Default Login Password
Configuring Supported Web Browsers
Logging into iDRAC Using Smart Card
You can log in to iDRAC using a smart card. Smart cards provide Two Factor Authentication (TFA) that
provide two-layers of security:
• Physical smart card device.
• Secret code such as, a password or a PIN.
Users must verify their credentials using the smart card and the PIN.
Related Links
Logging Into iDRAC as a Local User Using Smart Card
Logging Into iDRAC as an Active Directory User Using Smart Card
Logging Into iDRAC as a Local User Using Smart Card
Before you log in as a local user using Smart Card, make sure to:
• Upload user smart card certificate and the trusted Certificate Authority (CA) certificate to iDRAC
• Enable smart card logon.
The iDRAC Web interface displays the smart card logon page for users who are configured to use the
smart card.
NOTE: Depending on the browser settings, you are prompted to download and install the smart
card reader ActiveX plug-in when using this feature for the first time.
To log in to iDRAC as a local user using smart card:
1. Access the iDRAC Web interface using the link https://[IP address].
The iDRAC Login page is displayed prompting you to insert the smart card.
NOTE: If the default HTTPS port number (port 443) has been changed, type: https://[IP
address]:[port number] where, [IP address] is the IP address for the iDRAC and
[port number] is the HTTPS port number.
2. Insert the Smart Card into the reader and click Login.
A prompt is displayed for the Smart Card’s PIN. A password in not required.
36
Page 37
3. Enter the Smart Card PIN for local Smart Card users.
You are logged into the iDRAC.
NOTE: If you are a local user for whom Enable CRL check for Smart Card Logon is enabled,
iDRAC attempts to download the CRL and checks the CRL for the user's certificate. The login
fails if the certificate is listed as revoked in the CRL or if the CRL cannot be downloaded for
some reason.
Related Links
Enabling or Disabling Smart Card Login
Configuring iDRAC Smart Card Login for Local Users
Logging Into iDRAC as an Active Directory User Using Smart Card
Before you log in as a Active Directory user using Smart Card, make sure to:
• Upload a Trusted Certificate Authority (CA) certificate (CA-signed Active Directory certificate) to
iDRAC.
• Configure the DNS server.
• Enable Active Directory login.
• Enable Smart Card login.
To log in to iDRAC as an Active Directory user using smart card:
1. Log in to iDRAC using the link https://[IP address].
The iDRAC Login page is displayed prompting you to insert the Smart Card.
NOTE: If the default HTTPS port number (port 443) is changed, type: https://[IP
address]:[port number] where, [IP address] is the iDRAC IP address and [port
number] is the HTTPS port number.
2. Insert the Smart Card and click Login.
The PIN pop-up is displayed.
3. Enter the PIN and click Submit.
You are logged in to iDRAC with your Active Directory credentials.
NOTE:
If the smart card user is present in Active Directory, an Active Directory password is not required.
Related Links
Enabling or Disabling Smart Card Login
Configuring iDRAC Smart Card Login for Active Directory Users
Logging into iDRAC Using Single Sign-on
When Single Sign-On (SSO) is enabled, you can log in to iDRAC without entering your domain user
authentication credentials, such as user name and password.
Related Links
Configuring iDRAC SSO Login for Active Directory Users
Logging into iDRAC SSO Using iDRAC Web Interface
Before logging into iDRAC using Single Sign-on, make sure that:
37
Page 38
• You have logged into your system using a valid Active Directory user account.
• Single Sign-On option is enabled during Active Directory configuration.
To login to iDRAC using Web interface:
1. Log in to your management station using a valid Active Directory account.
2. In a Web browser, type https://[FQDN address]
NOTE: If the default HTTPS port number (port 443) has been changed, type: https://[FQDN
address]:[port number] where, [FQDN address] is the iDRAC FQDN
(iDRACdnsname.domain. name) and
NOTE: If you use IP address instead of FQDN, SSO fails.
iDRAC logs you in with appropriate Microsoft Active Directory privileges, using your credentials that
were cached in the operating system when you logged in using a valid Active Directory account.
[port number] is the HTTPS port number.
Logging into iDRAC SSO Using CMC Web Interface
Using the SSO feature, you can launch iDRAC Web interface from CMC Web interface. A CMC user has
the CMC user privileges when launching iDRAC from CMC. If the user account is present in CMC and not
in iDRAC, the user can still launch iDRAC from CMC.
If iDRAC network LAN is disabled (LAN Enabled = No), SSO is not available.
If the server is removed from the chassis, iDRAC IP address is changed, or there is a problem in iDRAC
network connection, the option to Launch iDRAC is grayed-out in the CMC Web interface.
For more information, see the Chassis Management Controller User’s Guide available at dell.com/
support/manuals.
Accessing iDRAC Using Remote RACADM
You can use remote RACADM to access iDRAC using RACADM utility.
For more information, see the RACADM Reference Guide for iDRAC and CMC available at dell.com/
support/manuals.
If the management station has not stored the iDRAC’s SSL certificate in its default certificate storage, a
warning message is displayed when you run the RACADM command. However, the command is
executed successfully.
NOTE: The iDRAC certificate is the certificate iDRAC sends to the RACADM client to establish the
secure session. This certificate is either issued by a CA or self-signed. In either case, if the
management station does not recognize the CA or signing authority, a warning is displayed.
Related Links
Validating CA Certificate To Use Remote RACADM on Linux
Validating CA Certificate To Use Remote RACADM on Linux
Before running remote RACADM commands, validate the CA certificate that is used for secure
communications.
38
Page 39
To validate the certificate for using remote RACADM:
1. Convert the certificate in DER format to PEM format (using openssl command line tool):
openssl x509 -inform pem -in [yourdownloadedderformatcert.crt] –outform pem
-out [outcertfileinpemformat.pem] –text
2. Find the location of the default CA certificate bundle on the management station. For example, for
RHEL5 64-bit, it is
3. Append the PEM formatted CA certificate to the management station CA certificate.
For example, use the cat command: - cat testcacert.pem >> cert.pem
4. Generate and upload the server certificate to iDRAC.
/etc/pki/tls/cert.pem.
Accessing iDRAC Using Local RACADM
For information to access iDRAC using local RACADM, see the iDRAC8 RACADM Command Line
Interface Reference Guide available at dell.com/support/manuals.
Accessing iDRAC Using Firmware RACADM
You can use SSH or Telnet interfaces to access iDRAC and run firmware RACADM commands. For more
information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/
support/manuals
.
Accessing iDRAC Using SMCLP
SMCLP is the default command line prompt when you log in to iDRAC using Telnet or SSH. For more
information, see Using SMCLP.
Logging in to iDRAC Using Public Key Authentication
You can log into the iDRAC over SSH without entering a password. You can also send a single RACADM
command as a command line argument to the SSH application. The command line options behave
similar to remote RACADM since the session ends after the command is completed.
For example:
Logging in:
ssh username@<domain>
or
ssh username@<IP_address>
where IP_address is the IP address of the iDRAC.
Sending RACADM commands:
ssh username@<domain> racadm getversion
ssh username@<domain> racadm getsel
Related Links
Using Public Key Authentication For SSH
39
Page 40
Multiple iDRAC Sessions
The following table provides the list of multiple iDRAC sessions that are possible using the various
interfaces.
Table 5. Multiple iDRAC Sessions
Interface Number of Sessions
iDRAC Web Interface 6
Remote RACADM 4
Firmware RACADM / SMCLP SSH - 2
Telnet - 2
Serial - 1
Changing Default Login Password
The warning message that allows you to change the default password is displayed if:
• You log in to iDRAC with Configure User privilege.
• Default password warning feature is enabled.
• Credentials for any currently enabled account are root/calvin.
A warning message is also displayed when you log in to iDRAC using SSH, Telnet, remote RACADM, or
the Web interface. For Web interface, SSH, and Telnet, a single warning message is displayed for each
session. For remote RACADM, the warning message is displayed for each command.
Related Links
Enabling or Disabling Default Password Warning Message
Changing Default Login Password Using Web Interface
When you log in to iDRAC Web interface, if the Default Password Warning page is displayed, you can
change the password. To do this:
1. Select the Change Default Password option.
2. In the New Password field, enter the new password.
The maximum characters for the password are 20. The characters are masked. The following
characters are supported:
• 0-9
• A-Z
• a-z
• Special characters: +, &, ?, >, -, }, |, ., !, (, ', ,, _,[, ", @, #, ), *, ;, $, ], /, §, %, =, <, :, {, I, \
3. In the Confirm Password field, enter the password again.
4. Click Continue. The new password is configured and you are logged in to iDRAC.
40
Page 41
NOTE: Continue is enabled only if the passwords entered in the New Password and Confirm
Password fields match.
For information about the other fields, see the iDRAC Online Help.
Changing Default Login Password Using RACADM
To change the password, run the following RACADM command:
racadm set iDRAC.Users.<index>.Password <Password>
where, <index> is a value from 1 to 16 (indicates the user account) and <password> is the new user—
defined password.
For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide.
Changing Default Login Password Using iDRAC Settings Utility
To change the default login password using iDRAC Settings Utility:
1. In the iDRAC Settings utility, go to User Configuration.
The iDRAC Settings.User Configuration page is displayed.
2. In the Change Password field, enter the new password.
3. Click Back, click Finish, and then click Yes.
The details are saved.
Enabling or Disabling Default Password Warning Message
You can enable or disable the display of the default password warning message. To do this, you must
have Configure Users privilege.
Enabling or Disabling Default Password Warning Message Using Web Interface
To enable or disable the display of the default password warning message after logging in to iDRAC:
1. Go to Overview → iDRAC Settings → User Authentication → Local Users .
The Users page is displayed.
2. In the Default Password Warning section, select Enable, and then click Apply to enable the display
Default Password Warning page when you log in to iDRAC. Else, select Disable.
of the
Alternatively, if this feature is enabled and you do not want to display the warning message for
subsequent log-ins, on the Default Password Warning page, select the Do not show this warning
again option, and then click Apply.
Enabling or Disabling Warning Message to Change Default Login Password Using RACADM
To enable the display of the warning message to change the default login password using RACADM, use
idrac.tuning.DefaultCredentialWarning object. For more information, see the iDRAC8 RACADM
Command Line Interface Reference Guide available at dell.com/support/manuals.
41
Page 42
3
Setting Up Managed System and Management Station
To perform out-of-band systems management using iDRAC, you must configure iDRAC for remote
accessibility, set up the management station and managed system, and configure the supported Web
browsers.
NOTE: In case of blade servers, install CMC and I/O modules in the chassis and physically install the
system in the chassis before performing the configurations.
Both iDRAC Express and iDRAC Enterprise ship from the factory with a default static IP address. However,
Dell also offers two options-Auto-discovery that allows you to access the iDRAC, and remotely configure
your server, and DHCP:
• Auto Discovery — Use this option if you have a provisioning server installed in your data center
environment. A provisioning server manages and automates the deployment or upgrade of an
operating system and applications to a Dell PowerEdge server. By enabling Auto Discovery, the
servers — upon first boot — searches for a provisioning server to take control and begin the
automated deployment or update process.
• DHCP — Use this option if you have a Dynamic Host Configuration Protocol (DHCP) server installed in
the data center environment. The DHCP server automatically assigns the IP address, gateway, and
subnet mask for iDRAC.
You can enable Auto-discovery or DHCP when you place an order for the server. There is no charge to
enable either of these features. Only one setting is possible.
Related Links
Setting Up iDRAC IP Address
Setting Up Managed System
Updating Device Firmware
Rolling Back Device Firmware
Setting Up Management Station
Configuring Supported Web Browsers
Setting Up iDRAC IP Address
You must configure the initial network settings based on your network infrastructure to enable the
communication to and from iDRAC. You can set up the IP address using one of the following interfaces:
• iDRAC Settings utility
• Lifecycle Controller (see Lifecycle Controller User’s Guide)
• Dell Deployment Toolkit (see Dell Deployment Toolkit User’s Guide)
• Chassis or Server LCD panel (see the system’s Hardware Owner’s Manual)
42
Page 43
NOTE: In case of blade servers, you can configure the network setting using the Chassis LCD
panel only during initial configuration of CMC. After the chassis is deployed, you cannot
reconfigure iDRAC using the Chassis LCD panel.
• CMC Web interface (see Dell Chassis Management Controller Firmware User’s Guide)
In case of rack and tower servers, you can set up the IP address or use the default iDRAC IP address
192.168.0.120 to configure initial network settings, including setting up DHCP or the static IP for iDRAC.
In case of blade servers, the iDRAC network interface is disabled by default.
After you configure iDRAC IP address:
• Make sure to change the default user name and password after setting up the iDRAC IP address.
• Access it through any of the following interfaces:
– iDRAC Web interface using a supported browser (Internet Explorer, Firefox, Chrome, or Safari)
– Secure Shell (SSH) — Requires a client such as PuTTY on Windows. SSH is available by default in
most of the Linux systems and hence does not require a client.
– Telnet (must be enabled, since it is disabled by default)
– IPMITool (uses IPMI command) or shell prompt (requires Dell customized installer in Windows or
Linux, available from Systems Management Documentation and Tools DVD or support.dell.com)
Related Links
Setting Up iDRAC IP Using iDRAC Settings Utility
Setting Up iDRAC IP Using CMC Web Interface
Enabling Auto-discovery
Configuring Servers and Server Components Using Auto Config
Setting Up iDRAC IP Using iDRAC Settings Utility
To set up the iDRAC IP address:
1. Turn on the managed system.
2. Press <F2> during Power-on Self-test (POST).
3. In the System Setup Main Menu page, click iDRAC Settings.
The iDRAC Settings page is displayed.
4. Click Network.
The Network page is displayed.
5. Specify the following settings:
• Network Settings
• Common Settings
• IPv4 Settings
• IPv6 Settings
• IPMI Settings
• VLAN Settings
6. Click Back, click Finish, and then click Yes.
The network information is saved and the system reboots.
Related Links
Network Settings
Common Settings
43
Page 44
IPv4 Settings
IPv6 Settings
IPMI Settings
VLAN Settings
Network Settings
To configure the Network Settings:
NOTE: For information about the options, see the iDRAC Settings Utility Online Help.
1. Under Enable NIC, select the Enabled option.
2. From the NIC Selection drop-down menu, select one of the following ports based on the network
requirement:
• Dedicated — Enables the remote access device to use the dedicated network interface available
on the Remote Access Controller (RAC). This interface is not shared with the host operating
system and routes the management traffic to a separate physical network, enabling it to be
separated from the application traffic.
This option implies that iDRAC's dedicated network port routes its traffic separately from the
Server's LOM or NIC ports. With respect to managing network traffic, the Dedicated option allows
iDRAC to be assigned an IP address from the same subnet or different subnet in comparison to
the IP addresses assigned to the Host LOM or NICs.
NOTE: The option is available only on rack or tower systems.
• LOM1
• LOM2
• LOM3
• LOM4
NOTE: In the case of rack and tower servers, two LOM options (LOM1 and LOM2) or all four
LOM options are available depending on the server model. Blade servers do not use LOM for
iDRAC communication.
3. From the Failover Network drop-down menu, select one of the remaining LOMs. If a network fails,
the traffic is routed through the failover network.
NOTE: If you have selected Dedicated in NIC Selection drop-down menu, the option is
grayed-out .
For example, to route the iDRAC network traffic through LOM2 when LOM1 is down, select LOM1 for
NIC Selection and LOM2 for Failover Network.
4. Under Auto Negotiation, select On if iDRAC must automatically set the duplex mode and network
speed. This option is available only for dedicated mode. If enabled, iDRAC sets the network speed to
10, 100, or 1000 Mbps based on the network speed.
5. Under Network Speed, select either 10 Mbps or100 Mbps.
NOTE: You cannot manually set the Network Speed to 1000 Mbps. This option is available only
if Auto Negotiation option is enabled.
6. Under Duplex Mode, select Half Duplex or Full Duplex option.
NOTE: If you enable Auto Negotiation, this option is grayed-out.
44
Page 45
Common Settings
If network infrastructure has DNS server, register iDRAC on the DNS. These are the initial settings
requirements for advanced features such as Directory services—–Active Directory or LDAP, Single Sign
On, and smart card.
To register iDRAC:
1. Enable Register DRAC on DNS.
2. Enter the DNS DRAC Name.
3. Select Auto Config Domain Name to automatically acquire domain name from DHCP. Else, provide
the
DNS Domain Name.
IPv4 Settings
To configure the IPv4 settings:
1. Select Enabled option under Enable IPv4 .
2. Select Enabled option under Enable DHCP , so that DHCP can automatically assign the IP address,
gateway, and subnet mask to iDRAC. Else, select Disabled and enter the values for:
• Static IP Address
• Static Gateway
• Static Subnet Mask
3. Optionally, enable Use DHCP to obtain DNS server address, so that the DHCP server can assign the
Static Preferred DNS Server and Static Alternate DNS Server. Else, enter the IP addresses for Static
Preferred DNS Server and Static Alternate DNS Server.
IPv6 Settings
Alternately, based on the infrastructure setup, you can use IPv6 address protocol.
To configure the IPv6 settings:
1. Select Enabled option under Enable IPv6.
2. For the DHCPv6 server to automatically assign the IP address, gateway, and subnet mask to iDRAC,
select Enabled option under Enable Auto-configuration. If enabled, the static values are disabled.
Else, proceed to the next step to configure using the static IP address.
3. In the Static IP Address 1 box, enter the static IPv6 address.
4. In the Static Prefix Length box, enter a value between 0 and 128.
5. In the Static Gateway box, enter the gateway address.
6. If you are using DHCP, enable DHCPv6 to obtain DNS Server addresses to obtain Primary and
Secondary DNS server addresses from DHCPv6 server. Else, select
• In the Static Preferred DNS Server box, enter the static DNS server IPv6 address.
• In the Static Alternate DNS Server box, enter the static alternate DNS server.
Disabled and do the following:
IPMI Settings
To enable the IPMI Settings:
1. Under Enable IPMI Over LAN, select Enabled.
2. Under Channel Privilege Limit, select Administrator, Operator, or User.
3. In the Encryption Key box, enter the encryption key in the format 0 to 40 hexadecimal characters
(without any blanks characters.) The default value is all zeros.
45
Page 46
VLAN Settings
You can configure iDRAC into the VLAN infrastructure. To configure VLAN Settings:
1. Under Enable VLAN ID, select Enabled.
2. In the VLAN ID box, enter a valid number from 1 to 4094.
3. In the Priority box, enter a number from 0 to 7 to set the priority of the VLAN ID.
NOTE: After enabling VLAN, the idrac IP is not accessible for sometime.
Setting Up iDRAC IP Using CMC Web Interface
To set up the iDRAC IP address using CMC Web interface:
NOTE: You must have Chassis Configuration Administrator privilege to set up iDRAC network
settings from CMC.
1. Log in to CMC Web interface.
2. Go to Server Overview → Setup → iDRAC.
The Deploy iDRAC page is displayed.
3. Under iDRAC Network Settings, select Enable LAN and other network parameters as per
requirements. For more information, see CMC online help.
4. For additional network settings specific to each blade server, go to Server Overview → <server
name>.
The Server Status page is displayed.
5. Click Launch iDRAC and go to Overview → iDRAC Settings → Network.
6. In the Network page, specify the following settings:
• Network Settings
• Common Settings
• IPV4 Settings
• IPV6 Settings
• IPMI Settings
• VLAN Settings
NOTE: For more information, see iDRAC Online Help.
7. To save the network information, click Apply.
For more information, see the Chassis Management Controller User’s Guide available at dell.com/
support/manuals.
Enabling Auto-discovery
The auto-discovery feature allows newly installed servers to automatically discover the remote
management console that hosts the provisioning server. The provisioning server provides custom
administrative user credentials to iDRAC, so that the unprovisioned server can be discovered and
managed from the management console. For more information about auto-discovery, see the Lifecycle
Controller Remote Services User’s Guide
Auto-discovery works with a static IP. DHCP, DNS server, or the default DNS host name discovers the
provisioning server. If DNS is specified, the provisioning server IP is retrieved from DNS and the DHCP
settings are not required. If the provisioning server is specified, discovery is skipped so neither DHCP nor
DNS is required.
46
available at dell.com/support/manuals.
Page 47
You can enable auto-discovery using iDRAC Settings Utility or using Lifecycle Controller. For information
on using Lifecycle Controller, see Lifecycle Controller User’s Guide available at dell.com/support/
manuals.
If auto-discovery feature is not enabled on the factory-shipped system, the default administrator account
(user name as root and password as calvin) is enabled. Before enabling auto-discovery, make sure to
disable this administrator account. If the auto-discovery in Lifecycle Controller is enabled, all the iDRAC
user accounts are disabled until the provisioning server is discovered.
To enable auto-discovery using iDRAC Settings utility:
1. Turn on the managed system.
2. During POST, press <F2 >, and go to iDRAC Settings → Remote Enablement.
The iDRAC Settings Remote Enablement page is displayed.
3. Enable auto-discovery, enter the provisioning server IP address, and click Back.
NOTE: Specifying the provisioning server IP is optional. If it is not set, it is discovered using
DHCP or DNS settings (step 7).
4. Click Network.
The iDRAC Settings Network page is displayed.
5. Enable NIC.
6. Enable IPv4.
NOTE: IPv6 is not supported for auto-discovery.
7. Enable DHCP and get the domain name, DNS server address, and DNS domain name from DHCP.
NOTE: Step 7 is optional if the provisioning server IP address (step 3) is provided.
Configuring Servers and Server Components Using Auto Config
The Auto Config feature allows you to configure and provision all the components in a server (example,
iDRAC, PERC, and RAID) in a single operation by automatically importing an XML configuration file. All the
configurable parameters are specified in the XML file. The DHCP server that assigns the IP address also
provides the XML file details to configure the iDRAC.
You can create the XML file based on the service tag of the servers or create a generic XML file that you
can use to configure all iDRACs serviced by the DHCP server. This XML file is stored in a shared location
(CIFS or NFS) that is accessible by the DHCP server and iDRAC(s) of the server being configured. The
DHCP server uses a DHCP server option to specify the XML file name, XML file location, and the user
credentials to access the file location.
When the iDRAC or CMC obtains an IP address from the DHCP server, the XML file is used to configure
the devices. Auto-config is invoked only after the iDRAC gets its IP address from the DHCP server. If it
does not get a response or an IP address from the DHCP server, then auto-config is not invoked.
NOTE:
• You can enable Auto Config only if DHCPv4 and the Enable IPv4 options are enabled.
• Auto Config and auto-discovery features are mutually exclusive. You must disable autodiscovery for the Auto Config feature to work.
If all the Dell PowerEdge servers in the DHCP server pool are of the same Model type and number, then a
single xml file (config.xml) is required. (This is the default XML file name.)
47
Page 48
You can configure individual servers using different configuration files mapped using individual host
names. In an environment that has different servers with specific requirements, you can use different XML
filenames to distinguish each server. For example, if there are two servers – a PowerEdge R720 and a
PowerEdge R520, you must use two XML files, R720-config.xml and R520-config.xml.
The server-config-agent uses the rules in the following sequence to determine which XML file(s) on the
File Share to apply for each iDRAC/PowerEdge server:
1. The filename specified in DHCP option 60.
2. <ServiceTag>-config.xml - If a filename is not specified in DHCP option 60, use the system service
tag to uniquely identify the XML config file for the system. For example, <servicetag>-config.xml
3. <Model number>-config.xml - If the option 60 filename is not specified and the <ServiceTag>config.xml file is not found, then use the system Model number as the basis for the XML config file
name to use. For example, R520-config.xml.
4. config.xml – If the option 60 filename, service tag-based, and model number—based files are not
available, use the default config.xml file.
Related Links
Auto Config Sequence
DHCP Options
Enabling Auto Config Using iDRAC Web Interface
Enabling Auto Config Using RACADM
Auto Config Sequence
1. Create or modify the XML file that configures the attributes of Dell servers.
2. Place the XML file in a share location that is accessible by the DHCP server and all the Dell servers
that are assigned IP address from the DHCP server.
3. Specify the XML file location in vendor-option 43 field of DHCP server.
4. The iDRAC as part of acquiring IP address advertises vendor class identifier iDRAC. (Option 60)
5. The DHCP server matches the vendor class to the vendor option in the dhcpd.conf file and sends the
XML file location and XML file name to the iDRAC.
6. The iDRAC processes the XML file and configures all the attributes listed in the file
DHCP Options
DHCPv4 allows a large number of globally defined parameters to be passed to the DHCP clients. Each
parameter is known as a DHCP option. Each option is identified with an option tag, which is a 1 byte
value. Option tags 0 and 255 are reserved for padding and end of options, respectively. All other values
are available for defining options.
The DHCP Option 43 is used to send information from the DHCP server to the DHCP client. The option is
defined as a text string. This text string is set to contain the values of the XML filename, share location and
the credentials to access the location. For example,
option myname code 43 = text;
option myname "-l 10.35.175.88://xmlfiles –f dhcpProv.xml -u root -p calvin";
where, -l is the location of the Remote File Share and –f is the file name in the string along with the
credentials to the Remote File Share. In this example, root and calvin are the username and password to
the RFS.
The DHCP Option 60 identifies and associates a DHCP client with a particular vendor. Any DHCP server
configured to take action based on a client’s vendor ID should have Option 60 and Option 43 configured.
48
Page 49
With Dell PowerEdge servers, the iDRAC identifies itself with vendor ID: iDRAC. Therefore, you must add a
new ‘Vendor Class’ and create a ‘scope option’ under it for ‘code 60,’ and then enable the new scope
option for the DHCP server.
Related Links
Configuring Option 43 on Windows
Configuring Option 60 on Windows
Configuring Option 43 and Option 60 on Linux
Configuring Option 43 on Windows
To configure option 43 on Windows:
1. On the DHCP server, go to Start → Administration Tools → DHCP to open the DHCP server
administration tool.
2. Find the server and expand all items under it.
3. Right-click on Scope Options and select Configure Options.
The Scope Options dialog box is displayed.
4. Scroll down and select 043 Vendor Specific Info.
5. In the Data Entry field, click anywhere in the area under ASCII and enter the IP address of the server
that has the share location, which contains the XML configuration file.
The value appears as you type it under the ASCII, but it also appears in binary to the left.
6. Click OK to save the configuration.
Configuring Option 60 on Windows
To configure option 60 on Windows:
1. On the DHCP server, go to Start → Administration Tools → DHCP to open the DHCP server
administration tool.
2. Find the server and expand the items under it.
3. Right-click on IPv4 and choose Define Vendor Classes.
4. Click Add and enter the following:
• Display name — iDRAC (read-only)
• Description — Vendor Class
• Under ASCII, click and enter iDRAC.
5. Click OK.
6. On the DHCP window, right-click on IPv4 and choose Set Predefined Options.
7. From the Option class drop-down menu,select iDRAC (created in step 4) and click Add.
8. In the Option Type dialogue box, enter the following information:
• Name — iDRAC
• Data Type — String
• Code – 1
• Description — Dell vendor class identifier
9. Click OK twice to return to the DHCP window.
10. Expand all items under the server name, right-click on Scope Options and select Configure Options.
11. Click on the Advanced tab.
12. From the Vendor class drop-down menu, select iDRAC. The 060iDRAC appears in the Available
Options
column.
49
Page 50
13. Select 060iDRAC option.
14. Enter the string value that must be sent to the iDRAC (along with a standard DHCP provided IP
address). The string value will help in importing the correct XML configuration file.
For the option’s DATA entry, String Value setting, use a text parameter that has the following letter
options and values:
• Filename – iDRAC_Config.XML or iDRAC_Config-<service-tag>.XML. (-f )
• Sharename – (-n)
• ShareType – -s (0 = NFS, 2 = CIFS)
• IPAddress – IP address of the file share. (-i )
• Username – Required for CIFS (-u)
• Password – Required for CIFS (-p)
• ShutdownType – Specify Graceful or Forced. (-d)
• Timetowait - Default is 300 ( -t )
• EndHostPowerState - (-e)
Configuring Option 43 and Option 60 on Linux
Update the /etc/dhcpd.conf file. Similar to Windows, the steps are :
1. Set aside a block or pool of addresses that this DHCP server can allocate.
2. Set the option 43 and use the name vendor class identifier for option 60.
For example,
option myname code 43 = text;
subnet 192.168.0.0 netmask 255.255.0.0 {
#default gateway
option routers 192.168.0.1;
option subnet-mask 255.255.255.0;
option nis-domain "domain.org";
option domain-name "domain.org";
option domain-name-servers 192.168.1.1;
option time-offset -18000; # Eastern Standard Time
# option ntp-servers 192.168.1.1;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
option vendor-class-identifier "iDRAC";
set vendor-string = option vendor-class-identifier;
option myname "2001::9174:9611:5c8d:e85//xmlfiles/dhcpProv.xml -u root -p
calvin";
range dynamic-bootp 192.168.0.128 192.168.0.254;
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
host ns {
next-server marvin.redhat.com;
hardware ethernet 12:34:56:78:AB:CD;
fixed-address 207.175.42.254;
}
}
Enabling Auto Config Using iDRAC Web Interface
Make sure that DHCPv4 and the Enable IPv4 options are enabled and Auto-discovery is disabled.
50
Page 51
To enable Auto Config:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network.
The Network page is displayed.
2. In the Auto Config section, select one of the following options to enable Auto Config:
• Enable Once — Configures the component only once using the XML file referenced by the DHCP
server. After this, Auto Config is disabled.
• Enable Once After Reset — After the iDRAC is reset, configures the components only once using
the XML file referenced by the DHCP server. After this, Auto Config is disabled.
To disable the Auto Config feature, select Disable.
3. Click Apply to apply the setting.
Enabling Auto Config Using RACADM
To enable Auto Config feature using RACADM, use the iDRAC.NIC.AutoConfig object. For more
information, see the iDRAC8 RACADM Command Line Interface Reference Guide.
Using Hash Passwords for Improved Security
For iDRAC in 13th generation servers, you can set user passwords and BIOS passwords using a one way
hash format. The user authentication mechanism is not affected (except for SNMPv3 and IPMI) and you
can provide the password in plain text format.
With the new password hash feature:
• You can generate your own SHA256 hashes to set iDRAC user passwords and BIOS passwords. This
allows you to have the SHA256 values in the server configuration profile, RACADM, and WSMAN.
When you provide the SHA256 password values, you cannot authenticate through SNMPv3 and IPMI.
• You can set up a template server including all the iDRAC user accounts and BIOS passwords using the
current plain text mechanism. After the server is set up, you can export the server configuration profile
with the password that has hash values. The export includes the hash values required for SNMPv3 and
IPMI authentication.
You can generate the hash password with and without Salt using SHA256.
You must have Server Control privileges to include and export hash passwords.
If access to all accounts is lost, use iDRAC Settings Utility or local RACADM and perform reset iDRAC to
default task.
If the iDRAC user account’s password is set with the SHA256 password hash only and not the other
hashes (SHA1v3Key or MD5v3Key), then authentication through SNMP v3 and IPMI is not available.
Hash Password Using RACADM
Use the following objects with the set racadm sub command to set hash passwords:
• iDRAC.Users.SHA256Password
• iDRAC.Users.SHA256PasswordSalt
Use the following command to include the hash password in the exported server configuration profile:
racadm get -f <file name> -l <NFS / CIFS share> -u <username> -p <password> -t
<filetype> --includePH
You must set the Salt attribute when the associated hash is set.
51
Page 52
NOTE: The attributes are not applicable to the INI configuration file.
Hash Password in Server Configuration Profile
The new hash passwords can be optionally exported in the server configuration profile.
When importing server configuration profile, you can uncomment the existing password attribute or the
new password hash attribute(s). If both are uncommented an error is generated and the password is not
set. A commented attribute is not applied during an import.
Generating Hash Password Without SNMPv3 and IPMI Authentication
To generate hash password without SNMPv3 and IPMI authentication:
1. For iDRAC user accounts, you must salt the password using SHA256.
When you salt the password, a 16 byte binary string is appended. The Salt is required to be 16 bytes
long, if provided.
2. Provide hash value and salt in the imported server configuration profile, RACADM commands, or
WSMAN.
3. After setting the password, the normal plain text password authentication works except that SNMP v3
and IPMI authentication fails for iDRAC user accounts that had passwords updated with hash.
Setting Up Management Station
A management station is a computer used for accessing iDRAC interfaces to remotely monitor and
manage the PowerEdge server(s).
To set up the management station:
1. Install a supported operating system. For more information, see the readme.
2. Install and configure a supported Web browser (Internet Explorer, Firefox, Chrome, or Safari).
3. Install the latest Java Runtime Environment (JRE) (required if Java plug-in type is used to access
iDRAC using a Web browser).
4. From the Dell Systems Management Tools and Documentation DVD, install Remote RACADM and
VMCLI from the SYSMGMT folder. Else, run Setup on the DVD to install Remote RACADM by default
and other OpenManage software. For more information about RACADM, see
Command Line Interface Reference Guide available at dell.com/support/manuals.
5. Install the following based on the requirement:
• Telnet
• SSH client
• TFTP
• Dell OpenManage Essentials
Related Links
Installing and Using VMCLI Utility
Configuring Supported Web Browsers
iDRAC8 RACADM
Accessing iDRAC Remotely
To remotely access iDRAC Web interface from a management station, make sure that the management
station is in the same network as iDRAC. For example:
52
Page 53
• Blade servers — The management station must be on the same network as CMC. For more
information on isolating CMC network from the managed system’s network, see Chassis Management
Controller User’s Guide available at dell.com/support/manuals.
• Rack and tower servers — Set the iDRAC NIC to Dedicated or LOM1 and make sure that the
management station is on the same network as iDRAC.
To access the managed system’s console from a management station, use Virtual Console through
iDRAC Web interface.
Related Links
Launching Virtual Console
Network Settings
Setting Up Managed System
If you need to run local RACADM or enable Last Crash Screen capture, install the following from the Dell
Systems Management Tools and Documentation DVD:
• Local RACADM
• Server Administrator
For more information about Server Administrator, see Dell OpenManage Server Administrator User’s
Guide available at
Related Links
Modifying Local Administrator Account Settings
dell.com/support/manuals.
Modifying Local Administrator Account Settings
After setting the iDRAC IP address, you can modify the local administrator account settings (that is, user
2) using the iDRAC Settings utility. To do this:
1. In the iDRAC Settings utility, go to User Configuration.
The iDRAC Settings User Configuration page is displayed.
2. Specify the details for User Name, LAN User Privilege, Serial Port User Privilege, and Change
Password
For information about the options, see the iDRAC Settings Utility Online Help.
3. Click Back, click Finish, and then click Yes.
The local administrator account settings are configured.
.
Setting Up Managed System Location
You can specify the location details of the managed system in the data center using the iDRAC Web
interface or iDRAC Settings utility.
Setting Up Managed System Location Using Web Interface
To specify the system location details:
1. In the iDRAC Web interface, go to Overview → Server → Properties → Details.
The System Details page is displayed.
2. Under System Location, enter the location details of the managed system in the data center.
53
Page 54
For information about the options, see the iDRAC Online Help.
3. Click Apply. The system location details is saved in iDRAC.
Setting Up Managed System Location Using RACADM
To specify the system location details, use the System.Location group objects. For more information,
see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/
manuals
.
Setting Up Managed System Location Using iDRAC Settings Utility
To specify the system location details:
1. In the iDRAC Settings utility, go to System Location.
The iDRAC Settings System Location page is displayed.
2. Enter the location details of the managed system in the data center. For information about the
options, see the iDRAC Settings Utility Online Help.
3. Click Back, click Finish, and then click Yes.
The details are saved.
Optimizing System Performance and Power Consumption
The power required to cool a server can contribute a significant amount to the overall system power.
Thermal control is the active management of system cooling through fan speed and system power
management to make sure that the system is reliable while minimizing system power consumption,
airflow, and system acoustic output. You can adjust the thermal control settings and optimize against the
system performance and performance-per-Watt requirements.
Using the iDRAC Web interface, RACADM, or the iDRAC Settings Utility, you can change the following
thermal settings:
• Optimize for performance
• Optimize for minimum power
• Set the maximum air exhaust temperature
• Increase airflow through a fan offset, if required
• Increase airflow through increasing minimum fan speed
Modifying Thermal Settings Using iDRAC Web Interface
To modify the thermal settings:
1. In the iDRAC Web interface, go to Overview → Hardware → Fans → Setup.
The Fan Setup page is displayed.
2. Specify the following:
• Thermal Profile — Select the thermal profile:
– Default Thermal Profile Settings — Implies that the thermal algorithm uses the same system
profile settings that is defined under System BIOS → System BIOS Settings.System Profile
Settings page.
By default, this is set to Default Thermal Profile Settings. You can also select a custom algorithm,
which is independent of the BIOS profile. The options available are:
54
Page 55
– Maximum Performance (Performance Optimized) :
* Reduced probability of memory or CPU throttling.
* Increased probability of turbo mode activation.
* Generally, higher fan speeds at idle and stress loads.
– Minimum Power (Performance per Watt Optimized):
* Optimized for lowest system power consumption based on optimum fan power state.
* Generally, lower fan speeds at idle and stress loads.
NOTE: Selecting Maximum Performance or Minimum Power, overrides thermal settings
associated to System Profile setting under System BIOS → System BIOS Settings.System
Profile Settings page.
• Maximum Exhaust Temperature Limit — From the drop-down menu, select the maximum
exhaust air temperature. The values are displayed based on the system.
The default value is Default, 70°C (158 °F).
This option allows the system fans speeds to change such that the exhaust temperature does not
exceed the selected exhaust temperature limit. This cannot always be guaranteed under all
system operating conditions due to dependency on system load and system cooling capability.
• Fan Speed Offset — Selecting this option allows additional cooling to the server. In case
hardware is added (example, new PCIe cards), it may require additional cooling. A fan speed
offset causes fan speeds to increase (by the offset % value) over baseline fan speeds calculated by
the Thermal Control algorithm. Possible values are:
– Low Fan Speed — Drives fan speeds to a moderate fan speed.
– Medium Fan Speed — Drives fan speeds close to medium.
– High Fan Speed — Drives fan speeds close to full speed.
– Max Fan Speed — Drives fan speeds to full speed.
– Off — Fan speed offset is set to off. This is the default value. When set to off, the percentage
does not display. The default fan speed is applied with no offset. Conversely, the maximum
setting will result in all fans running at maximum speed.
The fan speed offset is dynamic and based on the system. The fan speed increase for each offset
is displayed next to each option.
The fan speed offset increases all fan speeds by the same percentage. Fan speeds may increase
beyond the offset speeds based on individual component cooling needs. The overall system
power consumption is expected to increase.
Fan speed offset allows you to increase the system fan speed with four incremental steps. These
steps are equally divided between the typical baseline speed and the maximum speed of the
server system fans. Some hardware configurations results in higher baseline fan speeds, which
results in offsets other than the maximum offset to achieve maximum speed.
The most common usage scenario is non-standard PCIe adapter cooling. However, the feature
can be used to increase system cooling for other purposes.
• Minimum Fan Speed in PWM (% of Max) — Select this option to fine tune the fan speed. Using
this option, you can set a higher baseline system fan speed or increase the system fan speed if
other custom fan speed options are not resulting in the required higher fan speeds.
– Default — Sets minimum fan speed to default value as determined by the system cooling
algorithm.
55
Page 56
– Custom — Enter the percentage value.
The allowable range for minimum fan speed PWM is dynamic based on the system configuration.
The first value is the idle speed and the second value is the configuration max (which may or may
not be 100% based on system configuration).
System fans can run higher than this speed as per thermal requirements of the system but not
lower than the defined minimum speed. For example, setting Minimum Fan Speed at 35% limits
the fan speed to never go lower than 35% PWM.
NOTE: 0% PWM does not indicate fan is off. It is the lowest fan speed that the fan can
achieve.
The settings are persistent, which means that once they are set and applied, they do not
automatically change to the default setting during system reboot, power cycling, iDRAC, or BIOS
updates. A few Dell servers may or may not support some or all of these custom user cooling
options. If the options are not supported, they are not displayed or you cannot provide a custom
value.
3. Click Apply to apply the settings.
The following message is displayed:
It is recommended to reboot the system when a thermal profile change has
been made. This is to ensure all power and thermal settings are activated.
Click Reboot Later or Reboot Now.
NOTE: You must reboot the system for the settings to take effect.
Modifying Thermal Settings Using RACADM
To modify the thermal settings, use the objects in the system.thermalsettings group with the set sub
command as provided in the following table.
Object Description Usage Example
AirExhaustT
emp
Allows to set the maximum
air exhaust temperature limit.
Set to any of the
following values
(based on the
system):
• 0 - Indicates
40°C
• 1 - Indicates
45°C
• 2 - Indicates
50°C
• 3 - Indicates
55°C
• 4 - Indicates
60°C
• 255 - Indicates
70°C (default)
To check the existing setting on the
system:
racadm get
system.thermalsettings.AirE
xhaustTemp
The output is:
AirExhaustTemp=70
This means that the system is set to
limit the air exhaust temperature to
70°C.
To set the exhaust temperature
limit to 60°C:
racadm set
system.thermalsettings.AirE
xhaustTemp 4
56
Page 57
Object Description Usage Example
The output is:
Object value modified
successfully.
If a system does not support a
particular air exhaust temperature
limit, then when you run the
following command:
racadm set
system.thermalsettings.AirE
xhaustTemp 0
The following error message is
displayed:
ERROR: RAC947: Invalid
object value specified.
Make sure to specify the value
depending on the type of object.
For more information, see RACADM
help.
To set the limit to the default value:
racadm set
system.thermalsettings.AirE
xhaustTemp 255
FanSpeedHig
hOffsetVal
FanSpeedLow
OffsetVal
• Getting this variable reads
the fan speed offset value
in %PWM for High Fan
Speed Offset setting.
• This value depends on
the system.
• Use FanSpeedOffset
object to set this value
using index value 1.
• Getting this variable reads
the fan speed offset value
in %PWM for Low Fan
Speed Offset setting.
• This value depends on
the system.
• Use FanSpeedOffset
object to set this value
using index value 0.
Values from 0-100
Values from 0-100
racadm get
system.thermalsettings
FanSpeedHighOffsetVal
This returns a value such as “66”.
This means that when you use the
following command, it applies a fan
speed offset of High (66% PWM)
over the baseline fan speed
racadm set
system.thermalsettings
FanSpeedOffset 1
racadm get
system.thermalsettings
FanSpeedLowOffsetVal
This returns a value such as “23”.
This means that when you use the
following command, it applies a fan
speed offset of Low (23% PWM)
over baseline fan speed
racadm set
system.thermalsettings
FanSpeedOffset 0
57
Page 58
Object Description Usage Example
FanSpeedMax
OffsetVal
• Getting this variable reads
the fan speed offset value
in %PWM for Max Fan
Speed Offset setting.
• This value depends on
the system.
• Use FanSpeedOffset to
set this value using index
value 3
Values from 0-100
racadm get
system.thermalsettings
FanSpeedMaxOffsetVal
This returns a value such as “100”.
This means that when you use the
following command, it applies a fan
speed offset of Max (meaning full
speed, 100% PWM). In most cases,
this offset results in fan speeds
increasing to full speed.
racadm set
system.thermalsettings
FanSpeedOffset 3
FanSpeedMed
iumOffsetVa
l
FanSpeedOff
set
• Getting this variable reads
the fan speed offset value
in %PWM for Medium Fan
Speed Offset setting.
• This value depends on
the system.
• Use FanSpeedOffset
object to set this value
using index value 2
• Using this object with get
command displays the
existing Fan Speed Offset
value.
• Using this object with set
command allows setting
the required fan speed
offset value.
• The index value decides
the offset that is applied
and the
FanSpeedLowOffsetVa
l,
FanSpeedMaxOffsetVa
l,
FanSpeedHighOffsetV
, and
al
FanSpeedMediumOffse
tVal objects (defined
earlier) are the values at
which the offsets are
applied.
Values from 0-100
Values are:
• 0 - Low Fan
Speed
• 1 - High Fan
Speed
• 2 - Medium
Fan Speed
• 3 - Max Fan
Speed
• 255 - None
racadm get
system.thermalsettings
FanSpeedMediumOffsetVal
This returns a value such as “47”.
This means that when you use the
following command, it applies a fan
speed offset of Medium (47% PWM)
over baseline fan speed
racadm set
system.thermalsettings
FanSpeedOffset 2
To view the existing setting:
racadm get
system.thermalsettings.FanS
peedOffset
To set the fan speed offset to High
value (as defined in
FanSpeedHighOffsetVal)
racadm set
system.thermalsettings.FanS
peedOffset 1
MFSMaximumL
imit
58
Read Maximum limit for MFS
Values from 1 100
To display the highest value that
can be set using
MinimumFanSpeed option:
racadm get
system.thermalsettings.MFSM
aximumLimit
Page 59
Object Description Usage Example
MFSMinimumL
imit
Read Minimum limit for MFS
Values from 0 to
MFSMaximumLimi
t
To display the lowest value that can
be set using MinimumFanSpeed
option.
MinimumFanS
peed
ThermalProf
ile
• Allows configuring the
Minimum Fan speed that
is required for the system
to operate.
• It defines the baseline
(floor) value for fan speed
and system allows fans to
go lower than this
defined fan speed value.
• This value is %PWM value
for fan speed.
• Allows to specify the
Thermal Base Algorithm.
• Allows to set the system
profile as required for
thermal behavior
associated to the profile.
Default is 255
(means None)
Values from
MFSMinimumLimi
t to
MFSMaximumLimi
t
When get
command reports
255, it means user
configured offset
is not applied.
Values:
• 0 — Auto
• 1 — Maximum
performance
• 2 — Minimum
Power
racadm get
system.thermalsettings.MFSM
inimumLimit
To make sure that the system
minimum speed does not decrease
lower than 45% PWM (45 must be a
value between MFSMinimumLimit
to MFSMaximumLimit):
racadm set
system.thermalsettings.Mini
mumFanSpeed 45
To view the existing thermal profile
setting:
racadm get
system.thermalsettings.Ther
malProfile
To set the thermal profile to
Maximum Performance:
racadm set
system.thermalsettings.Ther
malProfile 1
Modifying Thermal Settings Using iDRAC Settings Utility
To modify the thermal settings:
1. In the iDRAC Settings utility, go to Thermal.
The iDRAC Settings Thermal page is displayed.
2. Specify the following:
• Thermal Profile
• Maximum Exhaust Temperature Limit
• Fan Speed Offset
• Minimum Fan Speed
For information about the fields, see the Modifying Thermal Settings Using Web Interface.
The settings are persistent, which means that once they are set and applied, they do not
automatically change to the default setting during system reboot, power cycling, iDRAC, or BIOS
updates. A few Dell servers may or may not support some or all of these custom user cooling
options. If the options are not supported, they are not displayed or you cannot provide a custom
value.
3. Click Back, click Finish, and then click Yes.
59
Page 60
The thermal settings are configured.
Configuring Supported Web Browsers
iDRAC is supported on Internet Explorer, Mozilla Firefox, Google Chrome, and Safari Web browsers. For
information about the versions, see the Readme available at dell.com/support/manuals.
If you are connecting to iDRAC Web interface from a management station that connects to the Internet
through a proxy server, you must configure the Web browser to access the Internet from through this
server. This section provides information to configure Internet Explorer.
To configure the Internet Explorer Web browser:
1. Set IE to Run As Administrator.
2. In the Web browser, go to Tools → Internet Options → Security → Local Network.
3. Click Custom Level, select Medium-Low, and click Reset. Click OK to confirm. Click Custom Level
to open the dialog.
4. Scroll down to the section labeled ActiveX controls and plug-ins and set the following:
NOTE: The settings in the Medium-Low state depend on the IE version.
• Automatic prompting for ActiveX controls: Enable
• Binary and script behaviors: Enable
• Download signed ActiveX controls: Prompt
• Initialize and script ActiveX controls not marked as safe: Prompt
• Run ActiveX controls and plug-ins: Enable
• Script ActiveX controls marked safe for scripting: Enable
Under Downloads:
• Automatic prompting for file downloads: Enable
• File download: Enable
• Font download: Enable
Under Miscellaneous:
• Allow META-REFRESH: Enable
• Allow scripting of Internet Explorer Web browser control: Enable
• Allow script-initiated windows without size or position constraints: Enable
• Do not prompt for client certificate selection when no certificates or only one certificate exists:
Enable
• Launching programs and files in an IFRAME: Enable
• Open files based on content, not file extension: Enable
• Software channel permissions: Low safety
• Submit non-encrypted form data: Enable
• Use Pop-up Blocker: Disable
Under Scripting:
• Active scripting: Enable
• Allow paste operations via script: Enable
60
Page 61
• Scripting of Java applets: Enable
5. Go to Tools → Internet Options → Advanced.
6. Under Browsing:
• Always send URLs as UTF-8: selected
• Disable script debugging (Internet Explorer): selected
• Disable script debugging: (Other): selected
• Display a notification about every script error: cleared
• Enable Install On demand (Other): selected
• Enable page transitions: selected
• Enable third-party browser extensions: selected
• Reuse windows for launching shortcuts: cleared
Under HTTP 1.1 settings:
• Use HTTP 1.1: selected
• Use HTTP 1.1 through proxy connections: selected
Under Java (Sun):
• Use JRE 1.6.x_yz: selected (optional; version may differ)
Under Multimedia:
• Enable automatic image resizing: selected
• Play animations in Web pages: selected
• Play videos in Web pages: selected
• Show pictures: selected
Under Security:
• Check for publishers' certificate revocation: cleared
• Check for signatures on downloaded programs: selected
• Use SSL 2.0: cleared
• Use SSL 3.0: selected
• Use TLS 1.0: selected
• Warn about invalid site certificates: selected
• Warn if changing between secure and not secure mode: selected
• Warn if forms submittal is being redirected: selected
NOTE: To modify the settings, it is recommended that you learn and understand the
consequences. For example, if you block pop-ups, parts of iDRAC Web interface may not
function properly.
7. Click Apply, and then click OK.
8. Click the Connections tab.
9. Under Local Area Network (LAN) settings, click LAN Settings.
10. If you are using IE9 and IPv6 address to access iDRAC, clear the Use automatic configuration script
option.
11. If the Use a proxy server box is selected, select the Bypass proxy server for local addresses box.
12. Click OK twice.
13. Close and restart your browser to make sure all changes take effect.
61
Page 62
NOTE: When you log in to iDRAC Web interface using Internet Explorer 9.x, sometimes
contents in few pages are not shown properly. To resolve this, press <F12>. In the Internet
Explorer 9 Debug window, select Document Mode as Internet Explorer 7. The browser
refreshes and the iDRAC Login page is displayed.
Related Links
Viewing Localized Versions of Web Interface
Adding iDRAC to the List of Trusted Domains
Disabling Whitelist Feature in Firefox
Adding iDRAC to the List of Trusted Domains
When you access iDRAC Web interface, you are prompted to add iDRAC IP address to the list of trusted
domains if the IP address is missing from the list. When completed, click
browser to establish a connection to iDRAC Web interface.
On some operating systems, Internet Explorer (IE) 8 may not prompt you to add iDRAC IP address to the
list of trusted domains if the IP address is missing from the list.
NOTE: When connecting to the iDRAC Web interface with a certificate the browser does not trust,
the browser's certificate error warning may display a second time after you acknowledge the first
warning. This is the expected behavior to for security.
To add iDRAC IP address to the list of trusted domains in IE8, do the following:
1. Select Tools → Internet Options → Security → Trusted sites → Sites.
2. Enter iDRAC IP address to the Add this website to the zone.
3. Click Add, click OK, and then click Close.
4. Click OK and then refresh your browser.
Refresh or relaunch the Web
Disabling Whitelist Feature in Firefox
Firefox has a "whitelist" security feature that requires user permission to install plug-ins for each distinct
site that hosts a plug-in. If enabled, the whitelist feature requires you to install a Virtual Console viewer for
each iDRAC you visit, even though the viewer versions are identical.
To disable the whitelist feature and avoid unnecessary plug-in installations, perform the following steps:
1. Open a Firefox Web browser window.
2. In the address field, enter about:config and press <Enter>.
3. In the Preference Name column, locate and double-click xpinstall.whitelist.required.
The values for Preference Name, Status, Type, and Value change to bold text. The Status value
changes to user set and the Value changes to false.
4. In the Preferences Name column, locate xpinstall.enabled.
Make sure that Value is true. If not, double-click xpinstall.enabled to set Value to true.
Viewing Localized Versions of Web Interface
iDRAC Web interface is supported in the following languages:
• English (en-us)
• French (fr)
• German (de)
62
Page 63
• Spanish (es)
• Japanese (ja)
• Simplified Chinese (zh-cn)
The ISO identifiers in parentheses denote the supported language variants. For some supported
languages, resizing the browser window to 1024 pixels wide is required to view all features.
iDRAC Web interface is designed to work with localized keyboards for the supported language variants.
Some features of iDRAC Web interface, such as Virtual Console, may require additional steps to access
certain functions or letters. Other keyboards are not supported and may cause unexpected problems.
NOTE: See the browser documentation on how to configure or setup different languages and view
localized versions of iDRAC Web interface.
Updating Device Firmware
Using iDRAC, you can update the iDRAC, BIOS, and all device firmware that is supported through
Lifecycle Controller update such as:
• Lifecycle Controller
• Diagnostics
• Operating System Driver Pack
• Network Interface Card (NIC)
• RAID Controller
• Power Supply Unit (PSU)
• PCIe Solid State Drives (SSDs)
You must upload the required firmware to iDRAC. After the upload is complete, the current version of the
firmware installed on the device and the version being applied is displayed. If the firmware being
uploaded is not valid, an error message is displayed. Updates that do not require a reboot are applied
immediately. Updates that require a system reboot are staged and committed to run on the next system
reboot. Only one system reboot is required to perform all updates.
After the firmware is updated, the System Inventory page displays the updated firmware version and logs
are recorded.
The supported firmware image file types are:
• .exe — Windows based Dell Update Package (DUP)
• .d7 — Contains both iDRAC and Lifecycle Controller firmware.
For files with .exe extension, you must have System Control privilege. The Remote Firmware Update
licensed feature and Lifecycle Controller must be enabled.
For files with .d7 extension, you must have Configure privilege.
You can perform firmware updates using the following methods:
• Using a firmware image file on a local system or on a network share.
• Connecting to the FTP, TFTP, or HTTP site or a network repository that contains a catalog of available
updates. You can create custom repositories using Repository Manager. For more information, see
63
Page 64
Repository Manager User's Guide. iDRAC automatically provides a difference between the BIOS and
the firmware that is installed on the server and the repository location or FTP site. All applicable
updates contained in the repository are applied to the system. This feature is available with iDRAC
Enterprise license.
• Scheduling recurring automated firmware updates using the catalog file in the FTP site or the network
repository location.
The following table provides information on whether a system restart is required or not when firmware is
updated for a particular component.
NOTE: When multiple firmware updates are applied through out-of-band methods, the updates are
ordered in the most efficient possible manner to reduce unnecessary system restart.
Table 6. Firmware Update – Supported Components
Component Name Firmware Rollback
Supported? (Yes or
No)
Out-of-band—
System Restart
Required?
In-band—System
Restart Required?
Lifecycle
Controller GUI—
Restart
Required?
Diagnostics No No No No
OS Driver Pack No No No No
Lifecycle Controller No No No Yes
BIOS Yes Yes Yes Yes
RAID Controller Yes Yes Yes Yes
Backplanes Yes Yes Yes Yes
Enclosures Yes Yes No Yes
NIC Yes Yes Yes Yes
iDRAC Yes **No *No *No
Power Supply Unit Yes Yes Yes Yes
CPLD No Yes Yes Yes
FC Cards Yes Yes Yes Yes
PCIe SSD Yes Yes Yes Yes
* Indicates that though a system restart is not required, iDRAC must be restarted to apply the updates.
iDRAC communication and monitoring will temporarily be interrupted.
** When iDRAC is updated from version 1.30.30 or later, a system restart is not necessary. However,
firmware versions of iDRAC earlier than 1.30.30 require a system restart when applied using the out-ofband interfaces.
Related Links
Downloading Device Firmware
Updating Single Device Firmware
Updating Firmware Using Repository
Updating Firmware Using FTP
Updating Device Firmware Using TFTP
Updating Device Firmware Using HTTP
Updating Device Firmware Using RACADM
64
Page 65
Scheduling Automatic Firmware Updates
Updating Firmware Using CMC Web Interface
Updating Firmware Using DUP
Updating Firmware Using Remote RACADM
Updating Firmware Using Lifecycle Controller Remote Services
Downloading Device Firmware
The image file format that you download depends on the method of update:
• iDRAC Web interface — Download the binary image packaged as a self-extracting archive. The default
firmware image file is firmimg.d7.
NOTE: The same file format is used to recover iDRAC using CMC Web interface.
• Managed System — Download the operating system-specific Dell Update Package (DUP). The file
extensions are .bin for Linux Operating systems and .exe for Windows operating systems.
• Lifecycle Controller — Download the latest catalog file and DUPs and use the Platform Update feature
in Lifecycle Controller to update the device firmware. For more information about Platform Update,
see Lifecycle Controller User’s Guide available at dell.com/support/manuals.
Updating Firmware Using iDRAC Web Interface
You can update the device firmware using firmware images available on the local system, from a
repository on a network share (CIFS or NFS), or from FTP.
Updating Single Device Firmware
Before updating the firmware using single device update method, make sure that you have downloaded
the firmware image to a location on the local system.
To update single device firmware using iDRAC Web interface:
1. Go to Overview → iDRAC Settings → Update and Rollback .
The Firmware Update page is displayed.
2. On the Update tab, select Local as the File Location.
3. Click Browse, select the firmware image file for the required component, and then click Upload.
4. After the upload is complete, the Update Details section displays each firmware file uploaded to
iDRAC and its status.
If the firmware image file is valid and was successfully uploaded, the Contents column displays a
icon next to the firmware image file name. Expand the name to view the Device Name, Current, and
Available firmware version information.
5. Select the required firmware file to be updated and do one of the following:
• For firmware images that do not require a host system reboot, click Install. For example, iDRAC
firmware file.
• For firmware images that require a host system reboot, click Install and Reboot or Install Next
Reboot.
• To cancel the firmware update, click Cancel.
NOTE: If you have uploaded the same firmware image file more than once, only the latest
firmware file is available for selection. The check box for the earlier firmware image files is
disabled.
65
Page 66
When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job
Queue is displayed.
6. Click Job Queue to display the Job Queue page, where you can view and manage the staged
firmware updates or click
NOTE: If you navigate away from the page without committing the updates, an error message
is displayed and all the uploaded content is lost.
Related Links
Updating Device Firmware
Viewing and Managing Staged Updates
Downloading Device Firmware
OK to refresh the current page and view the status of the firmware update.
Updating Firmware Using Repository
You can perform multiple firmware updates by specifying a network share containing a valid repository of
DUPs and a catalog describing the available DUPs. When iDRAC connects to the network share location
and checks for available updates, a comparison report is generated that lists all available updates. You can
then select and apply the required updates contained in the repository to the system.
Before performing an update using the repository, make sure that:
• A repository containing Windows based update packages (DUPs) and a catalog file is created in the
network share (CIFS or NFS). If a user-defined catalog file is not available, by default Catalog.xml is
used.
• Lifecycle Controller is enabled.
• You have Server Control privilege to update firmware for devices other than iDRAC.
To update device firmware using a repository:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Update and Rollback .
The Firmware Update page is displayed.
2. On the Update tab, select Network Share as the File Location.
3. In the Catalog Location section, enter the network setting details.
While specifying the network share settings, it is recommended to avoid special characters for user
name and password or percent encode the special characters.
For information about the fields, see the iDRAC Online Help.
4. Click Check for Update.
The Update Details section displays a comparison report showing the current firmware versions and
the firmware versions available in the repository.
NOTE: Any update in the repository that is not applicable to the system or the installed
hardware or not supported is not included in the comparison report.
5. Select the required updates and do one of the following:
• For firmware images that do not require a host system reboot, click Install. For example, .d7
firmware file.
• For firmware images that require a host system reboot, click Install and Reboot or Install Next
Reboot.
• To cancel the firmware update, click Cancel.
66
Page 67
When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job
Queue is displayed.
6. Click Job Queue to display the Job Queue page, where you can view and manage the staged
firmware updates or click
Related Links
Updating Device Firmware
Viewing and Managing Staged Updates
Downloading Device Firmware
Scheduling Automatic Firmware Updates
OK to refresh the current page and view the status of the firmware update.
Updating Firmware Using FTP
You can directly connect to the Dell FTP site or any other FTP site from iDRAC to perform the firmware
updates. You can use the Windows based update packages (DUPs) and a catalog file available on the FTP
site instead of creating custom repositories.
Before performing an update using the repository, make sure that:
• Lifecycle Controller is enabled.
• You have Server Control privilege to update firmware for devices other than iDRAC.
To update device firmware using FTP:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Update and Rollback .
The Firmware Update page is displayed.
2. On the Update tab, select FTP as the File Location.
3. In the FTP Server Settings section, enter the FTP details.
For information about the fields, see the iDRAC Online Help.
4. Click Check for Update.
5. After the upload is complete, the Update Details section displays a comparison report showing the
current firmware versions and the firmware versions available in the repository.
NOTE: Any update in the repository that is not applicable to the system or the installed
hardware or is not supported is not included in the comparison report.
6. Select the required updates and do one of the following:
• For firmware images that do not require a host system reboot, click Install. For example, .d7
firmware file.
• For firmware images that require a host system reboot, click Install and Reboot or Install Next
Reboot.
• To cancel the firmware update, click Cancel.
When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job
is displayed.
Queue
7. Click Job Queue to display the Job Queue page, where you can view and manage the staged
firmware updates or click OK to refresh the current page and view the status of the firmware update.
Related Links
Updating Device Firmware
Viewing and Managing Staged Updates
Downloading Device Firmware
Scheduling Automatic Firmware Updates
67
Page 68
Updating Device Firmware Using TFTP
You can directly connect to the TFTP site from iDRAC to perform the firmware updates. You can use the
Windows based update packages (DUPs) and a catalog file available on the TFTP site instead of creating
custom repositories.
Before performing an update, make sure that:
• Lifecycle Controller is enabled.
• You have Server Control privilege to update firmware for devices other than iDRAC.
To update device firmware using TFTP:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Update and Rollback .
The Firmware Update page is displayed.
2. On the Update tab, select TFTP as the File Location.
3. In the TFTP Server Settings section, enter the TFTP details.
For information about the fields, see the iDRAC Online Help.
4. Click Check for Update.
5. After the upload is complete, the Update Details section displays a comparison report showing the
current firmware versions and the firmware versions available in the repository.
NOTE: Any update in the repository that is not applicable to the system or the installed
hardware or is not supported is not included in the comparison report.
6. Select the required updates and do one of the following:
• For firmware images that do not require a host system reboot, click Install. For example, .d7
firmware file.
• For firmware images that require a host system reboot, click Install and Reboot or Install Next
Reboot.
• To cancel the firmware update, click Cancel.
When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job
Queue is displayed.
7. Click Job Queue to display the Job Queue page, where you can view and manage the staged
firmware updates or click
Related Links
Downloading Device Firmware
Updating Device Firmware
Viewing and Managing Staged Updates
Downloading Device Firmware
Scheduling Automatic Firmware Updates
OK to refresh the current page and view the status of the firmware update.
Updating Device Firmware Using HTTP
You can directly connect to the HTTP site from iDRAC to perform the firmware updates. You can use the
Windows based update packages (DUPs) and a catalog file available on the HTTP site instead of creating
custom repositories.
Before performing an update using the repository, make sure that:
• Lifecycle Controller is enabled.
68
Page 69
• You have Server Control privilege to update firmware for devices other than iDRAC.
To update device firmware using HTTP:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Update and Rollback .
The Firmware Update page is displayed.
2. On the Update tab, select HTTP as the File Location.
3. In the HTTP Server Settings section, enter the HTTP details.
For information about the fields, see the iDRAC Online Help.
4. Click Check for Update.
5. After the upload is complete, the Update Details section displays a comparison report showing the
current firmware versions and the firmware versions available in the repository.
NOTE: Any update in the repository that is not applicable to the system or the installed
hardware or is not supported is not included in the comparison report.
6. Select the required updates and do one of the following:
• For firmware images that do not require a host system reboot, click Install. For example, .d7
firmware file.
• For firmware images that require a host system reboot, click Install and Reboot or Install Next
Reboot.
• To cancel the firmware update, click Cancel.
When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job
is displayed.
Queue
7. Click Job Queue to display the Job Queue page, where you can view and manage the staged
firmware updates or click OK to refresh the current page and view the status of the firmware update.
Enter the tasks the user should do after finishing this task (optional).
Related Links
Downloading Device Firmware
Updating Device Firmware
Viewing and Managing Staged Updates
Downloading Device Firmware
Scheduling Automatic Firmware Updates
Updating Device Firmware Using RACADM
To update device firmware using RACADM, use the update subcommand. For more information, see the
RACADM Reference Guide for iDRAC and CMC available at dell.com/support/manuals.
Examples:
• To generate a comparison report using an update repository:
racadm update –f catalog.xml –l //192.168.1.1 –u test –p passwd -verifycatalog
• To perform all applicable updates from an update repository using myfile.xml as a catalog file and
perform a graceful reboot:
racadm update –f “myfile.xml” –b “graceful” –l //192.168.1.1 –u test –p
passwd
• To perform all applicable updates from an FTP update repository using Catalog.xml as a catalog file:
racadm update –f “Catalog.xml” –t FTP –e 192.168.1.20/Repository/Catalog
69
Page 70
Scheduling Automatic Firmware Updates
You can create a periodic recurring schedule for iDRAC to check for new firmware updates. At the
scheduled day and time, iDRAC connects to the specified network share (CIFS or NFS) or the FTP, checks
for new updates and applies or stages all applicable updates. A log file on the remote server contains
information about server access and staged firmware updates.
Automatic updates is available only with the iDRAC Enterprise license.
You can schedule automatic firmware updates using the iDRAC Web interface or RACADM.
NOTE: IPv6 address is not supported for scheduling automatic firmware updates.
Related Links
Downloading Device Firmware
Updating Device Firmware
Viewing and Managing Staged Updates
Scheduling Automatic Firmware Update Using Web Interface
To schedule automatic firmware update using Web Interface:
NOTE: Do not create the next scheduled occurrence of an automatic update job if a job is already
Scheduled. It overwrites the current scheduled job.
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Update and Rollback .
The Firmware Update page is displayed.
2. Click the Automatic Update tab.
3. Select the Enable Automatic Update option.
4. Select any of the following options to specify if a system reboot is required after the updates are
staged:
• Schedule Updates — Stage the firmware updates but do not reboot the server.
• Schedule Updates and reboot Server — Enables server reboot after the firmware updates are
staged.
5. Select any of the following to specify the location of the firmware images:
• Network — Use the catalog file from a network share (CIFS or NFS). Enter the network share
location details.
NOTE: While specifying the network share settings, it is recommended to avoid special
characters for user name and password or percent encode the special characters.
• FTP — Use the catalog file from the FTP site. Enter the FTP site details.
6. Based on the selection in step 5, enter the network settings or the FTP settings.
For information about the fields, see the iDRAC Online Help.
7. In the Update Window Schedule section, specify the start time for the firmware update and the
frequency of the updates (daily, weekly, or monthly).
For information about the fields, see the iDRAC Online Help.
8. Click Schedule Update.
The next scheduled job is created in the job queue. Five minutes after the first instance of the
recurring job starts, the job for the next time period is created.
70
Page 71
Scheduling Automatic Firmware Update Using RACADM
To schedule automatic firmware update, use the following commands:
• To enable automatic firmware update:
racadm set lifecycleController.lcattributes.AutoUpdate.Enable 1
• To view the status of automatic firmware update:
racadm get lifecycleController.lcattributes.AutoUpdate
• To schedule the start time and frequency of the firmware update:
racadm AutoUpdateScheduler create -u username –p password –l <location> [-f
catalogfilename -pu <proxyuser> -pp<proxypassword> -po <proxy port> -pt
<proxytype>] -time < hh:mm> [-dom < 1 – 28,L,’*’> -wom <1-4,L,’*’> -dow <sunsat,’*’>] -rp <1-366> -a <applyserverReboot (1-enabled | 0-disabled)>
For example,
– To automatically update firmware using a CIFS share:
racadm AutoUpdateScheduler create -u admin -p pwd -l //1.2.3.4/CIFS-share
–f cat.xml -time 14:30 -wom 1 -dow sun -rp 5 -a 1
– To automatically update firmware using FTP:
racadm AutoUpdateScheduler create -u admin -p pwd -l ftp.mytest.com -pu
puser –pp puser –po 8080 –pt http –f cat.xml -time 14:30 -wom 1 -dow sun rp 5 -a 1
• To view the current firmware update schedule:
racadm AutoUpdateScheduler view
• To disable automatic firmware update:
racadm set lifecycleController.lcattributes.AutoUpdate.Enable 0
• To clear the schedule details:
racadm AutoUpdateScheduler clear
Updating Firmware Using CMC Web Interface
You can update iDRAC firmware for blade servers using the CMC Web interface.
To update iDRAC firmware using the CMC Web interface:
1. Log in to CMC Web interface.
2. Go to Server → Overview → <server name>.
The Server Status page is displayed.
3. Click Launch iDRAC Web interface and perform iDRAC Firmware Update.
Related Links
Updating Device Firmware
Downloading Device Firmware
Updating Firmware Using iDRAC Web Interface
Updating Firmware Using DUP
Before you update firmware using Dell Update Package (DUP), make sure to:
• Install and enable the IPMI and managed system drivers.
• Enable and start the Windows Management Instrumentation (WMI) service if your system is running
Windows operating system,
71
Page 72
NOTE: While updating the iDRAC firmware using the DUP utility in Linux, if you see error
messages such as usb 5-2: device descriptor read/64, error -71 displayed on the
console, ignore them.
• If the system has ESX hypervisor installed, then for the DUP file to run, make sure that the
"usbarbitrator" service is stopped using command: service usbarbitrator stop
To update iDRAC using DUP:
1. Download the DUP based on the installed operating system and run it on the managed system.
2. Run the DUP.
The firmware is updated. A system restart is not required after firmware update is complete.
Updating Firmware Using Remote RACADM
To update using remote RACADM:
1. Download the firmware image to the TFTP or FTP server. For example, C:\downloads\firmimg.d7
2. Run the following RACADM command:
TFTP server:
• Using fwupdate command: racadm -r <iDRAC IP address> -u <username> -p
<password> fwupdate -g -u -a <path>
where path is the location on the TFTP server where firmimg.d7 is stored.
• Using update command: racadm -r <iDRAC IP address> -u <username> -p
<password> update —f <filename>
FTP server:
• Using fwupdate command: racadm -r <iDRAC IP address> -u <username> -p
<password> fwupdate –f <ftpsrever IP> <ftpserver username> <ftpserver
password> –d <path>
where path is the location on the FTP server where firmimg.d7 is stored.
• Using update command: racadm -r <iDRAC IP address> -u <username> -p
<password> update —f <filename>
For more information, see fwupdate command in the iDRAC8 RACADM Command Line Interface
Reference Guide available at dell.com/support/manuals.
Updating Firmware Using Lifecycle Controller Remote Services
For information to update the firmware using Lifecycle Controller–Remote Services, see Lifecycle
Controller Remote Services Quick Start Guide
available at dell.com/support/manuals.
Viewing and Managing Staged Updates
You can view and delete the scheduled jobs including configuration and update jobs. This is a licensed
feature. All jobs queued to run during the next reboot can be deleted.
Related Links
Updating Device Firmware
72
Page 73
Viewing and Managing Staged Updates Using iDRAC Web interface
To view the list of scheduled jobs using iDRAC Web interface, go to Overview → Server → Job Queue.
The
Job Queue page displays the status of jobs in the Lifecycle Controller job queue. For information
about the displayed fields, see the iDRAC Online Help.
To delete job(s), select the job(s) and click Delete. The page is refreshed and the selected job is removed
from the Lifecycle Controller job queue. You can delete all the jobs queued to run during the next reboot.
You cannot delete active jobs, that is, jobs with the status Running or Downloading.
You must have Server Control privilege to delete jobs.
Viewing and Managing Staged Updates Using RACADM
To view the staged updates using RACADM, use jobqueue subcommand. For more information, see the
iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals.
Rolling Back Device Firmware
You can rollback the firmware for iDRAC or any device that is supported by Lifecycle Controller even if
the update was previously performed using another interface. For example, if the firmware was updated
using the Lifecycle Controller GUI, you can rollback the firmware using the iDRAC Web interface. You can
perform firmware rollback for multiple devices with one system reboot.
In 13th generation servers that have a single iDRAC and Lifecycle Controller firmware, rolling back iDRAC
firmware will also rollback Lifecycle Controller firmware.
You can perform firmware rollback for the following components:
• iDRAC with Lifecycle Controller
• BIOS
• Network Interface Card (NIC)
• Power Supply Unit (PSU)
• RAID Controller
• Backplane
NOTE: You cannot perform firmware rollback for Diagnostics, Driver Packs, and CPLD.
Before you rollback the firmware, make sure that:
• You have Configure privilege to rollback iDRAC firmware.
• You have Server Control privilege and have enabled Lifecycle Controller to rollback firmware for any
other device other than the iDRAC.
You can rollback the firmware to the previously installed version using any of the following methods:
• iDRAC Web interface
• CMC Web interface
• RACADM CLI (iDRAC and CMC)
• Lifecycle Controller
73
Page 74
• Lifecycle Controller-Remote Services
Related Links
Rollback Firmware Using iDRAC Web Interface
Rollback Firmware Using CMC Web Interface
Rollback Firmware Using RACADM
Rollback Firmware Using Lifecycle Controller
Rollback Firmware Using Lifecycle Controller-Remote Services
Rollback Firmware Using iDRAC Web Interface
To roll back device firmware:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Update and Rollback → Rollback.
The Rollback page displays the devices for which you can rollback the firmware. You can view the
device name, associated devices, currently installed firmware version, and the available firmware
rollback version.
2. Select one or more devices for which you want to rollback the firmware.
3. Based on the selected devices, click Install and Reboot or Install Next Reboot. If only iDRAC is
selected, then click
When you click Install and Reboot or Install Next Reboot, the message “Updating Job Queue” is
displayed.
4. Click Job Queue.
The Job Queue page is displayed, where you can view and manage the staged firmware updates.
Install.
NOTE:
• While in rollback mode, the rollback process continues in the background even if you
navigate away from this page.
• If iDRAC configuration is reset to default values, the iDRAC IP address is reset to
192.168.0.120. You can access iDRAC using this IP, or reconfigure the iDRAC address using
local RACADM or F2 (remote RACADM requires network access).
An error message appears if:
• You do not have Server Control privilege to rollback any firmware other than the iDRAC or
Configure privilege to rollback iDRAC firmware.
• Firmware rollback is already in-progress in another session.
• Updates are staged to run or already in running state.
If Lifecycle Controller is disabled or in recovery state and you try to perform a firmware rollback for
any device other than iDRAC, an appropriate warning message is displayed along with steps to
enable Lifecycle Controller.
Rollback Firmware Using CMC Web Interface
To roll back using the CMC Web interface:
1. Log in to CMC Web interface.
2. Go to Server Overview → <server name>.
The Server Status page is displayed.
3. Click Launch iDRAC and perform device firmware rollback as mentioned in the Rollback Firmware
Using iDRAC Web Interface section.
74
Page 75
Rollback Firmware Using RACADM
To rollback device firmware using racadm:
1. Check the rollback status and the FQDD using the swinventory command:
racadm swinventory
For the device for which you want to rollback the firmware, the Rollback Version must be
Available. Also, make a note of the FQDD.
2. Rollback the device firmware using:
racadm rollback <FQDD>
For more information, see iDRAC8 RACADM Command Line Interface Reference Guide available at
dell.com/support/manuals.
Rollback Firmware Using Lifecycle Controller
For information, see Lifecycle Controller User’s Guide available at dell.com/support/manuals.
Rollback Firmware Using Lifecycle Controller-Remote Services
For information, see Lifecycle Controller Remote Services Quick Start Guide available at dell.com/
support/manuals
.
Recovering iDRAC
iDRAC supports two operating system images to make sure a bootable iDRAC. In the event of an
unforeseen catastrophic error and you lose both boot paths:
• iDRAC bootloader detects that there is no bootable image.
• System Health and Identify LED is flashed at ~1/2 second rate. (LED is located on the back of a rack
and tower servers and on the front of a blade server.)
• Bootloader is now polling the SD card slot.
• Format an SD card with FAT using a Windows operating system, or EXT3 using a Linux operating
system.
• Copy firmimg.d7 to the SD card.
• Insert the SD card into the server.
• Bootloader detects the SD card, turns the flashing LED to solid amber, reads the firmimg.d7,
reprograms iDRAC, and then reboots iDRAC.
Using TFTP Server
You can use Trivial File Transfer Protocol (TFTP) server to upgrade or downgrade iDRAC firmware or
install certificates. It is used in SM-CLP and RACADM command line interfaces to transfer files to and
from iDRAC. The TFTP server must be accessible using an iDRAC IP address or DNS name.
NOTE: If you use iDRAC Web interface to transfer certificates and update firmware, TFTP server is
not required.
You can use the netstat -acommand on Windows or Linux operating systems to see if a TFTP server is
running. The default port for TFTP is 69. If TFTP server is not running, do one of the following:
• Find another computer on the network running a TFTP service.
75
Page 76
• Install a TFTP server on the operating system.
Backing Up Server Profile
You can backup the system configuration, including the installed firmware images on various
components such as BIOS, RAID, NIC, iDRAC, Lifecycle Controller, and Network Daughter Cards (NDCs)
and the configuration settings of those components. The backup operation also includes the hard disk
configuration data, motherboard, and replaced parts. The backup creates a single file that you can save to
a vFlash SD card or network share (CIFS or NFS).
You can also enable and schedule periodic backups of the firmware and server configuration based on a
certain day, week, or month.
Backup feature is licensed and is available with iDRAC Enterprise license.
NOTE: In 13th generation servers, this feature is automatically enabled.
Before performing a backup operation, make sure that:
• Collect System Inventory On Reboot (CSIOR) option is enabled. If CSIOR is disabled and if you initiate
a backup operation, the following message is displayed:
System Inventory with iDRAC may be stale,start CSIOR for updated inventory
• To perform backup on a vFlash SD card:
– A Dell supported vFlash SD card is inserted, enabled, and initialized.
– vFlash SD card has enough space to store the backup file.
The backup file contains encrypted user sensitive data, configuration information, and firmware images
that you can use for import server profile operation.
Backup events are recorded in the Lifecycle Log.
Related Links
Scheduling Automatic Backup Server Profile
Importing Server Profile
Backing Up Server Profile Using iDRAC Web Interface
To back up the server profile using iDRAC Web interface:
1. Go to Overview → iDRAC Settings → Server Profile.
The Backup and Export Server Profile page is displayed.
2. Select one of the following to save the backup file image:
• Network to save the backup file image on a CIFS or NFS share.
• vFlash to save the backup file image on the vFlash card.
3. Enter the backup file name and encryption passphrase (optional).
4. If Network is selected as the file location, enter the network settings.
NOTE: While specifying the network share settings, it is recommended to avoid special
characters for user name and password or percent encode the special characters.
For information about the fields, see the iDRAC Online Help.
76
Page 77
5. Click Backup Now.
The backup operation is initiated and you can view the status on the Job Queue page. After a
successful operation, the backup file is created in the specified location.
Backing Up Server Profile Using RACADM
To backup the server profile using RACADM, use systemconfig backup subcommand. For more
information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/
support/manuals
.
Scheduling Automatic Backup Server Profile
You can enable and schedule periodic backups of the firmware and server configuration based on a
certain day, week, or month.
Before scheduling automatic backup server profile operation, make sure that:
• Lifecycle Controller and Collect System Inventory On Reboot (CSIOR) option is enabled.
• Network Time Protocol (NTP) is enabled so that time drift does not affect the actual times of
scheduled jobs running and when the next scheduled job is created.
• To perform backup on a vFlash SD card:
– A Dell supported vFlash SD card is inserted, enabled, and initialized.
– vFlash SD card has enough space to store the backup file.
NOTE: IPv6 address is not supported for scheduling automatic backup server profile.
Scheduling Automatic Backup Server Profile Using Web Interface
To schedule automatic backup server profile:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Server Profile.
The Backup and Export Server Profile page is displayed.
2. Click the Automatic Backup tab.
3. Select the Enable Automatic Backup option.
4. Select one of the following to save the backup file image:
• Network to save the backup file image on a CIFS or NFS share.
• vFlash to save the backup file image on the vFlash card.
5. Enter the backup file name and encryption passphrase (optional).
6. If Network is selected as the file location, enter the network settings.
NOTE: While specifying the network share settings, it is recommended to avoid special
characters for user name and password or percent encode the special characters.
For information about the fields, see the iDRAC Online Help
7. In the Backup Window Schedule section, specify the backup operation start time and frequency of
the operation (daily, weekly, or monthly).
For information about the fields, see the iDRAC Online Help.
8. Click Schedule Backup.
A recurring job is represented in the job queue with a start date and time of the next scheduled
backup operation. Five minutes after the first instance of the recurring job starts, the job for the next
77
Page 78
time period is created. The backup server profile operation is performed at the scheduled date and
time.
Scheduling Automatic Backup Server Profile Using RACADM
To enable automatic backup use the command:
racadm set lifecyclecontroller.lcattributes.autobackup Enabled
To schedule a backup server profile operation:
racadm systemconfig backup –f <filename> <target> [-n <passphrase>] -time
<hh:mm> -dom <1-28,L,’*’> -dow<*,Sun-Sat> -wom <1-4, L,’*’> -rp <1-366>-mb
<Max Backups>
To view the current backup schedule:
racadm systemconfig getbackupscheduler
To disable automatic backup use the command:
racadm set LifeCycleController.lcattributes.autobackup Disabled
To clear the backup schedule:
racadm systemconfig clearbackupscheduler
For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at
dell.com/support/manuals.
Importing Server Profile
You can use the back up image file to import (restore) the configuration and firmware for the same server
without rebooting the server.
In 13th generation servers, this feature automates the entire motherboard replacement process. After
replacing the motherboard and reinstalling the memory, HDDs, and other hardware, a special boot
screen is displayed that provides an option to restore all saved configuration, service tag and license
settings, and diagnostic programs. The iDRAC on the new motherboard reads this information and
restores the saved configuration.
Import feature is not licensed.
NOTE: For the restore operation, the system service tag and the service tag in the backup file must
be identical. The restore operation applies to all system components that are same and present in
the same location (example, in the same slot) as captured in the backup file. If components are
different or not in the same location, they are not modified and restore failures is logged to the
Lifecycle Log.
Before performing an import operation, make sure that Lifecycle Controller is enabled. If Lifecycle
Controller is disabled, and if you initiate the import operation, the following message is displayed:
Lifecycle Controller is not enabled, cannot create Configuration job.
When import is already in-progress, and if you initiate a import operation again, the following error
message is displayed:
Restore is already running
78
Page 79
Import events are recorded in the Lifecycle Log.
Related Links
Restore Operation Sequence
Importing Server Profile Using iDRAC Web Interface
To import the server profile using iDRAC Web interface:
1. Go to Overview → iDRAC Settings → Server Profile → Import.
The Import Server Profile page is displayed.
2. Select one of the following to specify the location of the backup file:
• Network
• vFlash
3. Enter the backup file name and decryption passphrase (optional).
4. If Network is selected as the file location, enter the network settings.
NOTE: While specifying the network share settings, it is recommended to avoid special
characters for user name and password or percent encode the special characters.
For information about the fields, see the iDRAC Online Help.
5. Select one of the following for Virtual disks configuration and hard disk data:
• Preserve - Preserves the RAID level, virtual disk, controller attributes, and hard disk data in the
system and restores the system to a previously known state using the backup image file.
• Delete and Replace - Deletes and replaces the RAID level, virtual disk, controller attributes, and
hard disk configuration information in the system with the data from the backup image file.
6. Click Import.
The import server profile operation is initiated.
Importing Server Profile Using RACADM
To import the server profile using RACADM, use systemconfig restore command. For more information,
see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/
manuals
.
Restore Operation Sequence
The restore operation sequence is:
1. Host system shuts down.
2. Backup file information is used to restore the Lifecycle Controller.
3. Host system turns on.
4. Firmware and configuration restore process for the devices is completed.
5. Host system shuts down.
6. iDRAC firmware and configuration restore process is completed.
7. iDRAC restarts.
8. Restored host system turns on to resume normal operation.
79
Page 80
Monitoring iDRAC Using Other Systems Management Tools
You can discover and monitor iDRAC using Dell Management Console or Dell OpenManage Essentials.
You can also use Dell Remote Access Configuration Tool (DRACT) to discover iDRACs, update firmware,
and set up Active Directory. For more information, see the respective user’s guides.
80
Page 81
4
Configuring iDRAC
iDRAC enables you to configure iDRAC properties, set up users, and set up alerts to perform remote
management tasks.
Before you configure iDRAC, make sure that the iDRAC network settings and a supported browser is
configured, and the required licenses are updated. For more information about the licensable feature in
iDRAC, see Managing Licenses.
You can configure iDRAC using:
• iDRAC Web Interface
• RACADM
• Remote Services (see Lifecycle Controller Remote Services User’s Guide)
• IPMITool (see Baseboard Management Controller Management Utilities User’s Guide)
To configure iDRAC:
1. Log in to iDRAC.
2. Modify the network settings if required.
NOTE: If you have configured iDRAC network settings, using iDRAC Settings utility during
iDRAC IP address setup, then ignore this step.
3. Configure interfaces to access iDRAC.
4. Configure front panel display.
5. Configure System Location if required.
6. Configure time zone and Network Time Protocol (NTP) if required.
7. Establish any of the following alternate communication methods to iDRAC:
• IPMI or RAC serial
• IPMI serial over LAN
• IPMI over LAN
• SSH or Telnet client
8. Obtain the required certificates.
9. Add and configure iDRAC users with privileges.
10. Configure and enable e-mail alerts, SNMP traps, or IPMI alerts.
11. Set the power cap policy if required.
12. Enable the Last Crash Screen.
13. Configure virtual console and virtual media if required.
14. Configure vFlash SD card if required.
15. Set the first boot device if required.
16. Set the OS to iDRAC Pass-through if required.
Related Links
Logging into iDRAC
81
Page 82
Modifying Network Settings
Configuring Services
Configuring Front Panel Display
Setting Up Managed System Location
Configuring Time Zone and NTP
Setting Up iDRAC Communication
Configuring User Accounts and Privileges
Monitoring and Managing Power
Enabling Last Crash Screen
Configuring and Using Virtual Console
Managing Virtual Media
Managing vFlash SD Card
Setting First Boot Device
Enabling or Disabling OS to iDRAC Pass-through
Configuring iDRAC to Send Alerts
Viewing iDRAC Information
You can view the basic properties of iDRAC.
Viewing iDRAC Information Using Web Interface
In the iDRAC Web interface, go to Overview → iDRAC Settings → Properties to view the following
information related to iDRAC. For information about the properties, see
iDRAC Online Help.
• Hardware and firmware version
• Last firmware update
• RAC time
• IPMI version
• User interface title bar information
• Network settings
• IPv4 Settings
• IPv6 Settings
Viewing iDRAC Information Using RACADM
To view iDRAC information using RACADM, see getsysinfo or get subcommand details provided in the
iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals.
Modifying Network Settings
After configuring the iDRAC network settings using the iDRAC Settings utility, you can also modify the
settings through the iDRAC Web interface, RACADM, Lifecycle Controller, Dell Deployment Toolkit, and
Server Administrator (after booting to the operating system). For more information on the tools and
privilege settings, see the respective user’s guides.
To modify the network settings using iDRAC Web interface or RACADM, you must have Configure
privileges.
82
Page 83
NOTE: Changing the network settings may terminate the current network connections to iDRAC.
Modifying Network Settings Using Web Interface
To modify the iDRAC network settings:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network.
The Network page is displayed.
2. Specify the network settings, common settings, IPv4, IPv6, IPMI, and/or VLAN settings as per your
requirement and click
If you select Auto Dedicated NIC under Network Settings, when the iDRAC has its NIC Selection as
shared LOM (1, 2, 3, or 4) and a link is detected on the iDRAC dedicated NIC, the iDRAC changes its
NIC selection to use the dedicated NIC. If no link is detected on the dedicated NIC, then the iDRAC
uses the shared LOM. The switch from shared to dedicated time-out is five seconds and from
dedicated to shared is 30 seconds. You can configure this time-out value using RACADM or WSMAN.
For information about the various fields, see the iDRAC Online Help.
Apply.
Modifying Network Settings Using Local RACADM
To generate a list of available network properties, type the following:
NOTE: You can use either getconfig and config commands or get and set commands with the
RACADM objects.
• Using getconfig command: racadm getconfig -g cfgLanNetworking
• Using get command: racadm get iDRAC.Nic
To use DHCP to obtain an IP address, use the following command to write the object cfgNicUseDhcp or
DHCPEnable and enable this feature:
• Using config command: racadm config -g cfgLanNetworking -o cfgNicUseDHCP 1
• Using set command: racadm set iDRAC.IPv4.DHCPEnable 1
The following is an example of how the command may be used to configure the required LAN network
properties:
• Using config command:
racadm config -g cfgLanNetworking -o cfgNicEnable 1
racadm config -g cfgLanNetworking -o cfgNicIpAddress 192.168.0.120
racadm config -g cfgLanNetworking -o cfgNicNetmask 255.255.255.0
racadm config -g cfgLanNetworking -o cfgNicGateway 192.168.0.120
racadm config -g cfgLanNetworking -o cfgNicUseDHCP 0
racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 0
racadm config -g cfgLanNetworking -o cfgDNSServer1 192.168.0.5
racadm config -g cfgLanNetworking -o cfgDNSServer2 192.168.0.6
racadm config -g cfgLanNetworking -o cfgDNSRegisterRac 1
racadm config -g cfgLanNetworking -o cfgDNSRacName RAC-EK00002
racadm config -g cfgLanNetworking -o cfgDNSDomainNameFromDHCP 0
racadm config -g cfgLanNetworking -o cfgDNSDomainName MYDOMAIN
• Using set command:
racadm set iDRAC.Nic.Enable 1
racadm set iDRAC.IPv4.Address 192.168.0.120
83
Page 84
racadm set iDRAC.IPv4.Netmask 255.255.255.0
racadm set iDRAC.IPv4.Gateway 192.168.0.120
racadm set iDRAC.IPv4.DHCPEnable 0
racadm set iDRAC.IPv4.DNSFromDHCP 0
racadm set iDRAC.IPv4.DNS1 192.168.0.5
racadm set iDRAC.IPv4.DNS2 192.168.0.6
racadm set iDRAC.Nic.DNSRegister 1
racadm set iDRAC.Nic.DNSRacName RAC-EK00002
racadm set iDRAC.Nic.DNSDomainFromDHCP 0
racadm set iDRAC.Nic.DNSDomainName MYDOMAIN
NOTE: If cfgNicEnable or iDRAC.Nic.Enable is set to 0, the iDRAC LAN is disabled even if DHCP is
enabled.
Configuring IP Filtering
In addition to user authentication, use the following options to provide additional security while
accessing iDRAC:
• IP filtering limits the IP address range of the clients accessing iDRAC. It compares the IP address of an
incoming login to the specified range and allows iDRAC access only from a management station
whose IP address is within the range. All other login requests are denied.
• When repeated login failures occur from a particular IP address, it prevents the address from logging
in to iDRAC for a preselected time span. If you unsuccessfully log in up to two times, you are allowed
to log in again only after 30 seconds. If you unsuccessfully log in more than two times, you are
allowed to log in again only after 60 seconds.
As login failures accumulate from a specific IP address, they are registered by an internal counter. When
the user successfully logs in, the failure history is cleared and the internal counter is reset.
NOTE: When login attempts are prevented from the client IP address, few SSH clients may display
the message: ssh exchange identification: Connection closed by remote host.
NOTE: If you are using Dell Deployment Toolkit (DTK), see the Dell Deployment Toolkit User’s Guide
for the privileges.
Configure IP Filtering Using iDRAC Web Interface
You must have Configure privilege to perform these steps.
To configure IP filtering:
1. In iDRAC Web interface, go to Overview → iDRAC Settings → Network → Network.
The Network page is displayed.
2. Click Advanced Settings.
The Network Security page is displayed.
3. Specify the IP filtering settings.
For more information about the options, see iDRAC Online Help.
4. Click Apply to save the settings.
Configuring IP Filtering Using RACADM
You must have Configure privilege to perform these steps.
To configure IP filtering, use the following RACADM objects:
• With config command:
84
Page 85
– cfgRacTuneIpRangeEnable
– cfgRacTuneIpRangeAddr
– cfgRacTuneIpRangeMask
• With set command, use the objects in the iDRAC.IPBlocking group:
– RangeEnable
– RangeAddr
– RangeMask
The cfgRacTuneIpRangeMask or the RangeMask property is applied to both the incoming IP address and
to the cfgRacTuneIpRangeAddr or RangeAddr property. If the results are identical, the incoming login
request is allowed to access iDRAC. Logging in from IP addresses outside this range results in an error.
The login proceeds if the following expression equals zero:
• Using legacy syntax: cfgRacTuneIpRangeMask & (<incoming-IP-address> ^
cfgRacTuneIpRangeAddr)
• Using new syntax: RangeMask & (<incoming-IP-address> ^ RangeAddr)
where, & is the bitwise AND of the quantities and ^ is the bitwise exclusive-OR.
Examples for IP Filtering
• The following RACADM commands block all IP addresses except 192.168.0.57:
– Using config command:
racadm config -g cfgRacTuning -o cfgRacTuneIpRangeEnable 1
racadm config -g cfgRacTuning -o cfgRacTuneIpRangeAddr 192.168.0.57
racadm config -g cfgRacTuning -o cfgRacTuneIpRangeMask 255.255.255.255
– Using set command:
racadm set iDRAC.IPBlocking.RangeEnable 1
racadm set iDRAC.IPBlocking.RangeAddr 192.168.0.57
racadm set iDRAC.IPBlocking.RangeMask 255.255.255.255
• To restrict logins to a set of four adjacent IP addresses (for example, 192.168.0.212 through
192.168.0.215), select all but the lowest two bits in the mask:
– Using set command:
racadm set iDRAC.IPBlocking.RangeEnable 1
racadm set iDRAC.IPBlocking.RangeAddr 192.168.0.212
racadm set iDRAC.IPBlocking.RangeMask 255.255.255.252
The last byte of the range mask is set to 252, the decimal equivalent of 11111100b.
For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/
support/manuals.
Configuring Services
You can configure and enable the following services on iDRAC:
• Local Configuration — Disable access to iDRAC configuration (from the host system) using Local
RACADM and iDRAC Settings utility.
• Web Server — Enable access to iDRAC Web interface. If you disable the option, use local RACADM to
re-enable the Web Server, since disabling the Web Server also disables remote RACADM.
85
Page 86
• SSH — Access iDRAC through firmware RACADM.
• Telnet — Access iDRAC through firmware RACADM
• Remote RACADM — Remotely access iDRAC.
• SNMP Agent — Enables support for SNMP queries (GET, GETNEXT, and GETBULK operations) in
iDRAC.
• Automated System Recovery Agent — Enable Last System Crash Screen.
• VNC Server — Enable VNC server with or without SSL encryption.
Configuring Services Using Web Interface
To configure the services using iDRAC Web interface:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network → Services.
The Services page is displayed.
2. Specify the required information and click Apply.
For information about the various settings, see the iDRAC Online Help.
Configuring Services Using RACADM
To enable and configure the various services using RACADM:
• Use the following objects with the config command:
– cfgRacTuneLocalConfigDisable
– cfgRacTuneCtrlEConfigDisable
– cfgSerialSshEnable
– cfgRacTuneSshPort
– cfgSsnMgtSshIdleTimeout
– cfgSerialTelnetEnable
– cfgRacTuneTelnetPort
– cfgSsnMgtTelnetIdleTimeout
– cfgRacTuneWebserverEnable
– cfgSsnMgtWebserverTimeout
– cfgRacTuneHttpPort
– cfgRacTuneHttpsPort
– cfgRacTuneRemoteRacadmEnable
– cfgSsnMgtRacadmTimeout
– cfgOobSnmpAgentEnable
– cfgOobSnmpAgentCommunity
• Use the objects in the following object groups with the set command:
– iDRAC.LocalSecurity
– iDRAC.LocalSecurity
– iDRAC.SSH
– iDRAC.Webserver
– iDRAC.Telnet
86
Page 87
– iDRAC.Racadm
– iDRAC.SNMP
For more information about these objects, see iDRAC8 RACADM Command Line Interface Reference
Guide available at dell.com/support/manuals.
Enabling or Disabling HTTPs Redirection
If you do not want automatic redirection from HTTP to HTTPs due to certificate warning issue with
default iDRAC certificate or as a temporary setting for debugging purpose, you can configure iDRAC such
that redirection from http port (default is 80) to https port (default is 443) is disabled. By default, it is
enabled. You have to log out and log in to iDRAC for this setting to take effect. When you disable this
feature, a warning message is displayed.
You must have Configure iDRAC privilege to enable or disable HTTPs redirection.
An event is recorded in the Lifecycle Controller log file when this feature is enabled or disabled.
To disable the HTTP to HTTPs redirection:
racadm set iDRAC.Webserver.HttpsRedirection Disabled
To enable HTTP to HTTPs redirection:
racadm set iDRAC.Webserver.HttpsRedirection Enabled
To view the status of the HTTP to HTTPs redirection:
racadm get iDRAC.Webserver.HttpsRedirection
Using VNC Client to Manage Remote Server
You can use a standard open VNC client to manage the remote server using both desktop and mobile
devices such as Dell Wyse PocketCloud. When servers in data centers stop functioning, the iDRAC or the
operating system sends an alert to the console on the management station. The console sends an email
or SMS to a mobile device with required information and launches VNC viewer application on the
management station. This VNC viewer can connect to OS/Hypervisor on the server and provide access to
keyboard, video and mouse of the host server to perform the necessary remediation. Before launching
the VNC client, you must enable the VNC server and configure the VNC server settings in iDRAC such as
password, VNC port number, SSL encryption, and the time out value. You can configure these settings
using iDRAC Web interface or RACADM.
NOTE: VNC feature is licensed and is available in the iDRAC Enterprise license.
You can choose from many VNC applications or Desktop clients such as the ones from RealVNC or Dell
Wyse PocketCloud.
Only one VNC client session can be active at a time.
If a VNC session is active, you can only launch the Virtual Media using Launch Virtual Console and not the
Virtual Console Viewer.
If video encryption is disabled, the VNC client starts RFB handshake directly, and a SSL handshake is not
required. During VNC client handshake (RFB or SSL), if another VNC session is active or if a Virtual
Console session is open, the new VNC client session is rejected. After completion of the initial handshake,
87
Page 88
VNC server disables Virtual Console and allows only Virtual Media. After termination of the VNC session,
VNC server restores the original state of Virtual Console (enabled or disabled).
NOTE:
• When iDRAC NIC is in shared mode and the host system is power cycled, the network
connection is lost for a few seconds. During this time, if you perform any action in the active
VNC client, the VNC session may close. You must wait for timeout (value configured for the VNC
Server settings in the Services page in iDRAC Web interface) and then re-establish the VNC
connection.
• If the VNC client window is minimized for more than 60 seconds, the client window closes. You
must open a new VNC session. If you maximize the VNC client window within 60 seconds, you
can continue to use it.
Configuring VNC Server Using iDRAC Web Interface
To configure the VNC server settings:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network → Services.
The Services page is displayed.
2. In the VNC Server section, enable the VNC server, specify the password, port number, and enable or
disable SSL encryption.
For information about the fields, see the iDRAC Online Help.
3. Click Apply.
The VNC server is configured.
Configuring VNC Server Using RACADM
To configure the VNC server, use the VNCserver object with the set command. For more information,
see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/
manuals.
Setting Up VNC Viewer With SSL Encryption
While configuring the VNC server settings in iDRAC, if the SSL Encryption option was enabled, then the
SSL tunnel application must be used along with the VNC Viewer to establish the SSL encrypted
connection with iDRAC VNC server.
NOTE: Most of the VNC clients do not have built-in SSL encryption support.
To configure the SSL tunnel application:
1. Configure SSL tunnel to accept connection on <localhost>:<localport number>. For example,
127.0.0.1:5930.
2. Configure SSL tunnel to connect to <iDRAC IP address>:<VNC server port Number>. For
example, 192.168.0.120:5901.
3. Start the tunnel application.
To establish connection with the iDRAC VNC server over the SSL encrypted channel, connect the
VNC viewer to the localhost (link local IP address) and the local port number (127.0.0.1:<local port
number>).
Setting Up VNC Viewer Without SSL Encryption
In general, all Remote Frame Buffer (RFB) compliant VNC Viewers connect to the VNC server using the
iDRAC IP address and port number that is configured for the VNC server. If the SSL encryption option is
88
Page 89
disabled when configuring the VNC server settings in iDRAC, then to connect to the VNC Viewer do the
following:
In the VNC Viewer dialog box, enter the iDRAC IP address and the VNC port number in the VNC Server
field.
The format is <iDRAC IP address:VNC port number>
For example, if the iDRAC IP address is 192.168.0.120 and VNC port number is 5901, then enter
192.168.0.120:5901.
Configuring Front Panel Display
You can configure the front panel LCD and LED display for the managed system.
For rack and tower servers, two types of front panels are available:
• LCD front panel and System ID LED
• LED front panel and System ID LED
For blade servers, only the System ID LED is available on the server front panel since the blade chassis has
the LCD.
Related Links
Configuring LCD Setting
Configuring System ID LED Setting
Configuring LCD Setting
You can set and display a default string such as iDRAC name, IP, and so on or a user-defined string on the
LCD front panel of the managed system.
Configuring LCD Setting Using Web Interface
To configure the server LCD front panel display:
1. In iDRAC Web interface, go to Overview → Hardware → Front Panel.
2. In LCD Settings section, from the Set Home Message drop-down menu, select any of the following:
• Service Tag (default)
• Asset Tag
• DRAC MAC Address
• DRAC IPv4 Address
• DRAC IPv6 Address
• System Power
• Ambient Temperature
• System Model
• Host Name
• User Defined
• None
If you select User Defined, enter the required message in the text box.
89
Page 90
If you select None, home message is not displayed on the server LCD front panel.
3. Enable Virtual Console indication (optional). If enabled, the Live Front Panel Feed section and the
LCD panel on the server displays the Virtual console session active message when there is
an active Virtual Console session.
4. Click Apply.
The server LCD front panel displays the configured home message.
Configuring LCD Setting Using RACADM
To configure the server LCD front panel display, use the objects in the System.LCD group. For more
information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/
support/manuals.
Configuring LCD Setting Using iDRAC Settings Utility
To configure the server LCD front panel display:
1. In the iDRAC Settings utility, go to Front Panel Security.
The iDRAC Settings.Front Panel Security page is displayed.
2. Enable or disable the power button.
3. Specify the following:
• Access to the front panel
• LCD message string
• System power units, ambient temperature units, and error display
4. Enable or disable the virtual console indication.
For information about the options, see the iDRAC Settings Utility Online Help.
5. Click Back, click Finish, and then click Yes.
Configuring System ID LED Setting
To identify a server, enable or disable System ID LED blinking on the managed system.
Configuring System ID LED Setting Using Web Interface
To configure the System ID LED display:
1. In iDRAC Web interface, go to Overview → Hardware → Front Panel. The Front Panel page is
displayed.
2. In System ID LED Settings section, select any of the following options to enable or disable LED
blinking:
• Blink Off
• Blink On
• Blink On 1 Day Timeout
• Blink On 1 Week Timeout
• Blink On 1 Month Timeout
3. Click Apply.
The LED blinking on the front panel is configured.
90
Page 91
Configuring System ID LED Setting Using RACADM
To configure system ID LED, use the setled command. For more information, see the iDRAC8 RACADM
Command Line Interface Reference Guide available at dell.com/support/manuals.
Configuring Time Zone and NTP
You can configure the time zone on iDRAC and synchronize the iDRAC time using Network Time
Protocol (NTP) instead of BIOS or host system times.
You must have Configure privilege to configure time zone or NTP settings.
Configuring Time Zone and NTP Using iDRAC Web Interface
To configure time zone and NTP using iDRAC Web interface:
1. Go to Overview → iDRAC Settings → Properties → Settings.
The Time zone and NTP page is displayed.
2. To configure the time zone, from the Time Zone drop-down menu, select the required time zone,
and then click Apply.
3. To configure NTP, enable NTP, enter the NTP server addresses, and then click Apply.
For information about the fields, see iDRAC Online Help.
Configuring Time Zone and NTP Using RACADM
To configure time zone and NTP using RACADM, use the objects in the iDRAC.Time and
iDRAC.NTPConfigGroup group with the set command. For more information, see the iDRAC8 RACADM
Command Line Interface Reference Guide available at dell.com/support/manuals.
Setting First Boot Device
You can set the first boot device for the next boot only or for all subsequent reboots. Based on this
selection, you can set the first boot device for the system. The system boots from the selected device on
the next and subsequent reboots and remains as the first boot device in the BIOS boot order, until it is
changed again either from the iDRAC Web interface or from the BIOS boot sequence. You can set the
first boot device to one of the following:
• Normal Boot
• PXE
• BIOS Setup
• Local Floppy/Primary Removable Media
• Local CD/DVD
• Hard Drive
• Virtual Floppy
• Virtual CD/DVD/ISO
• Local SD Card
• vFlash
• Lifecycle Controller
91
Page 92
• BIOS Boot Manager
NOTE:
• BIOS Setup (F2), Lifecycle Controller (F10), BIOS Boot Manager (F11) only support boot once
enabled.
• Virtual Console does not support permanent boot configuration. It is always boot once.
• The first boot device setting in iDRAC Web Interface overrides the System BIOS boot settings.
Setting First Boot Device Using Web Interface
To set the first boot device using iDRAC Web interface:
1. Go to Overview → Server → Setup → First Boot Device.
The First Boot Device page is displayed.
2. Select the required first boot device from the drop-down list, and click Apply.
The system boots from the selected device for subsequent reboots.
3. To boot from the selected device only once on the next boot, select Boot Once. Thereafter, the
system boots from the first boot device in the BIOS boot order.
For more information about the options, see the iDRAC Online Help.
Setting First Boot Device Using RACADM
• To set the first boot device, use the cfgServerFirstBootDevice object.
• To enable boot once for a device, use the cfgServerBootOnce object.
For more information about these objects, see the iDRAC8 RACADM Command Line Interface Reference
Guide available at dell.com/support/manuals.
Setting First Boot Device Using Virtual Console
You can select the device to boot from as the server is being viewed in the Virtual Console viewer before
the server runs through its boot-up sequence. You can perform boot once to all the supported devices
listed in Setting First Boot Device.
To set the first boot device using Virtual Console:
1. Launch Virtual Console.
2. In the Virtual Console Viewer, from the Next Boot menu, set the required device as the first boot
device.
Enabling Last Crash Screen
To troubleshoot the cause of managed system crash, you can capture the system crash image using
iDRAC.
To enable the last crash screen:
1. From the Dell Systems Management Tools and Documentation DVD, install Server Administrator on
the managed system.
For more information, see the Dell OpenManage Server Administrator Installation Guide at dell.com/
support/manuals.
2. In the Windows startup and recovery window, make sure that the automatic reboot option is not
selected.
92
Page 93
For more information, see Windows documentation.
3. Use Server Administrator to enable the Auto Recovery timer, set the Auto Recovery action to Reset,
Power Off, or Power Cycle, and set the timer in seconds (a value between 60 - 480).
For more information, see the Dell OpenManage Server Administrator Installation Guide at dell.com/
support/manuals.
4. Enable the Auto Shutdown and Recovery (ASR) option using one of the following:
• Server Administrator — See Dell OpenManage Server Administrator User’s Guide at dell.com/
support/manuals.
• Local RACADM — Use the command:
racadm config -g cfgRacTuning -o cfgRacTuneAsrEnable 1
5. Enable Automated System Recovery Agent. To do this, go to Overview → iDRAC Settings →
Network → Services, select Enabled and click Apply.
Enabling or Disabling OS to iDRAC Pass-through
In servers that have Network Daughter Card (NDC) or embedded LAN On Motherboard (LOM) devices,
you can enable the OS to iDRAC Pass-through feature that provides a high-speed bi-directional in-band
communication between iDRAC and the host operating system through a shared LOM (rack or tower
servers), a dedicated NIC (rack, tower, or blade servers), or through the USB NIC. This feature is available
for iDRAC Enterprise license.
When enabled through dedicated NIC, you can launch the browser in the host operating system and then
access the iDRAC Web interface. The dedicated NIC for the blade servers is through the Chassis
Management Controller.
Switching between dedicated NIC or shared LOM does not require a reboot or reset of the host operating
system or iDRAC.
You can enable this channel using:
• iDRAC Web interface
• RACADM or WS-MAN (post operating system environment)
• iDRAC Settings utility (pre-operating system environment)
If the network configuration is changed through iDRAC Web interface, you must wait for at least 10
seconds before enabling OS to iDRAC Pass-through.
If you are using the XML configuration file through RACADM or WS-MAN and if the network settings are
changed in this file, then you must wait for 15 seconds to either enable OS to iDRAC Pass-through
feature or set the OS Host IP address.
Before enabling OS to iDRAC Pass-through, make sure that:
• iDRAC is configured to use dedicated NIC or shared mode (that is, NIC selection is assigned to one of
the LOMs).
• Host operating system and iDRAC are in the same subnet and same VLAN.
• Host operating system IP address is configured.
• A card that supports OS to iDRAC pass-through capability is installed.
• You have Configure privilege.
When you enable this feature:
93
Page 94
• In shared mode, the host operating system's IP address is used.
• In dedicated mode, you must provide a valid IP address of the host operating system. If more than
one LOM is active, enter the first LOM’s IP address.
After enabling OS to iDRAC Pass-through feature, if it is not working:
• Check whether the iDRAC's dedicated NIC cable is connected properly.
• Make sure that at least one LOM is active.
Related Links
Supported Cards for OS to iDRAC Pass-through
Supported Operating Systems for USB NIC
Enabling or Disabling OS to iDRAC Pass-through Using Web Interface
Enabling or Disabling OS to iDRAC Pass-through Using RACADM
Enabling or Disabling OS to iDRAC Pass-through Using iDRAC Settings Utility
Supported Cards for OS to iDRAC Pass-through
The following table provides a list of cards that support the OS to iDRAC Pass-through feature using
LOM.
Table 7. : OS to iDRAC Pass-through Using LOM — Supported Cards
Category Manufacturer Type
NDC Broadcom
• 5720 QP rNDC 1G BASE-T
• 57810S DP bNDC KR
• 57800S QP rNDC (10G BASE-T + 1G BASE-T)
• 57800S QP rNDC (10G SFP+ + 1G BASE-T)
• 57840 4x10G KR
• 57840 rNDC
Intel
Qlogic QMD8262 Blade NDC
In-built LOM cards also support the OS to iDRAC pass-through feature.
The following cards do not support the OS to iDRAC Pass-through feature:
• Intel 10 GB NDC.
• Intel rNDC with two controllers – 10G controllers does not support.
• Qlogic bNDC
• PCIe, Mezzanine, and Network Interface Cards.
• i540 QP rNDC (10G BASE-T + 1G BASE-T)
• i350 QP rNDC 1G BASE-T
• x520/i350 rNDC 1GB
Supported Operating Systems for USB NIC
The operating systems supported for USB NIC are:
• Windows Server 2008 SP2 (64-bit)
• Windows Server 2008 SP2 R2 (64-bit)
94
Page 95
• Windows Server 2012 SP1
• SLES 10 SP4 (64-bit)
• SLES 11 SP2 (64-bit)
• RHEL 5.9 (32-bit and 64-bit)
• RHEL 6.4
• vSphere v5.0 U2 ESXi
• vSphere v5.1 U1 ESXi
• vSphere v5.5 ESXi
On servers with Windows 2008 SP2 64-bit operating system, the iDRAC Virtual CD USB Device is not
discovered automatically (or enabled). You must enable this manually. For more information, see steps
recommended by Microsoft to manually update the Remote Network Driver Interface Specification
(RNDIS) driver for this device.
For Linux operating systems, configure the USB NIC as DHCP on the host operating system before
enabling USB NIC.
If the host operating system is SUSE Linux Enterprise Server 11, then after enabling the USB NIC in iDRAC,
you must manually enable DHCP client on the host operating system. For information to enable DHCP,
see the documents for SUSE Linux Enterprise Server 11 operating systems.
For vSphere, you must install the VIB file before enabling USB NIC.
For the following operating systems, if you install the Avahi and nss-mdns packages, then you can use
https://idrac.local to launch the iDRAC from the host operating system. If these packages are not
installed, use https://169.254.0.1 to launch the iDRAC.
Operating
System
RHEL 5.9
32–bit
RHEL 6.4
64–bit
SLES 11 SP3
64–bit
On the host system, while installing RHEL 5.9 operating system, the USB NIC pass-through mode is in
disabled state. If it is enabled after the installation is complete, the network interface corresponding to the
USB NIC device is not active automatically. You can do any of the following to make the USB NIC device
active:
• Configure the USB NIC interface using Network Manager tool. Navigate to System → Administrator
→ Network → Devices → New → Ethernet Connection and select Dell computer corp.iDRAC Virtual
NIC USB Device. Click the Activate icon to activate the device. For more information, see the RHEL
5.9 documentation.
• Create corresponding interface’s config file as ifcfg-ethX in /etc/sysconfig/network-script/ directory.
Add the basic entries DEVICE, BOOTPROTO, HWADDR, ONBOOT. Add TYPE in the ifcfg-ethX file and
restart the network services using the command service network restart.
• Reboot the system.
Firewall
Status
Disable Install as a separate package
Disable Install as a separate package
Disable Avahi package is the part of operating
Avahi Package nss-mdns Package
(avahi-0.6.16-10.el5_6.i386.rpm)
(avahi-0.6.25-12.el6.x86_64.rpm)
system DVD
Install as a separate package (nssmdns-0.10-4.el5.i386.rpm)
Install as a separate package (nssmdns-0.10-8.el6.x86_64.rpm)
nss-mdns is installed while installing
Avahi
95
Page 96
• Turn off and turn on the system.
On systems with RHEL 5.9 operating system, if the USB NIC was disabled and if you turn off the system or
vice-versa, when the system is turned on and if the USB NIC is enabled, the USB NIC device is not active
automatically. To make it active, check if any ifcfg-ethX.bak file is available in the /etc/sysconfig/networkscript directory for the USB NIC interface. If it is available, rename it to ifcfg-ethX and then use the ifup
ethX command.
Related Links
Installing VIB File
Installing VIB File
For vSphere operating systems, before enabling the USB NIC, you must install the VIB file.
To install the VIB file:
1. Using Win-SCP, copy the VIB file to /tmp/ folder of the ESX-i host operating system.
2. Go to the ESXi prompt and run the following command:
esxcli software vib install -v /tmp/ iDRAC_USB_NIC-1.0.0-799733X03.vib --nosig-check
The output is:
Message: The update completed successfully, but the system needs to be
rebooted for the changes to be effective.
Reboot Required: true
VIBs Installed: Dell_bootbank_iDRAC_USB_NIC_1.0.0-799733X03
VIBs Removed:
VIBs Skipped:
3. Reboot the server.
4. At the ESXi prompt, run the command: esxcfg-vmknic –l.
The output displays the usb0 entry.
Enabling or Disabling OS to iDRAC Pass-through Using Web Interface
To enable OS to iDRAC Pass-through using Web interface:
1. Go to Overview → iDRAC Settings → Network → OS to iDRAC Pass-through.
The OS to iDRAC Pass-through page is displayed.
2. Select any of the following options to enable OS to iDRAC pass-through:
• LOM — The OS to iDRAC pass-through link between the iDRAC and the host operating system is
established through the LOM or NDC.
• USB NIC — The OS to iDRAC pass-through link between the iDRAC and the host operating
system is established through the internal USB bus.
To disable this feature, select Disabled.
3. If you select LOM as the pass-through configuration, and if the server is connected using dedicated
mode, enter the IPv4 address of the operating system.
NOTE: If the server is connected in shared LOM mode, then the OS IP Address field is disabled.
4. If you select USB NIC as the pass-through configuration, enter the IP address of the USB NIC.
The default value is 169.254.0.1. It is recommended to use the default IP address. However, if this IP
address conflicts with an IP address of other interfaces of the host system or the local network, you
must change it.
96
Page 97
Do not enter 169.254.0.3 and 169.254.0.4 IPs. These IPs are reserved for the USB NIC port on the
front panel when a A/A cable is used.
5. Click Apply to apply the settings.
6. Click Test Network Configuration to check if the IP is accessible and the link is established between
the iDRAC and the host operating system.
Enabling or Disabling OS to iDRAC Pass-through Using RACADM
To enable or disable OS to iDRAC Pass-through using RACADM, use the objects in the iDRAC.OS-BMC
group. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide
available at dell.com/support/manuals.
Enabling or Disabling OS to iDRAC Pass-through Using iDRAC Settings Utility
To enable or disable OS to iDRAC Pass-through using iDRAC Settings Utility:
1. In the iDRAC Settings utility, go to Communications Permissions.
The iDRAC Settings.Communications Permissions page is displayed.
2. Select any of the following options to enable OS to iDRAC pass-through:
• LOM — The OS to iDRAC pass-through link between the iDRAC and the host operating system is
established through the LOM or NDC.
• USB NIC — The OS to iDRAC pass-through link between the iDRAC and the host operating
system is established through the internal USB bus.
To disable this feature, select Disabled.
NOTE: The LOM option can be selected only of the card supports OS to iDRAC pass-through
capability. Else, this option is grayed-out.
3. If you select LOM as the pass-through configuration, and if the server is connected using dedicated
mode, enter the IPv4 address of the operating system.
NOTE: If the server is connected in shared LOM mode, then the OS IP Address field is disabled.
4. If you select USB NIC as the pass-through configuration, enter the IP address of the USB NIC.
The default value is 169.254.0.1. However, if this IP address conflicts with an IP address of other
interfaces of the host system or the local network, you must change it. Do not enter 169.254.0.3 and
169.254.0.4 IPs. These IPs are reserved for the USB NIC port on the front panel when a A/A cable is
used
5. Click Back, click Finish, and then click Yes. The details are saved.
Obtaining Certificates
The following table lists the types of certificates based on the login type.
Table 8. Types of Certificate Based on Login Type
Login Type Certificate Type How to Obtain
Single Sign-on using Active
Directory
Trusted CA certificate Generate a CSR and get it signed
from a Certificate Authority
97
Page 98
Login Type Certificate Type How to Obtain
SHA-2 certificates are also
supported.
Smart Card login as a local or
Active Directory user
Active Directory user login Trusted CA certificate This certificate is issued by a CA.
Local User login SSL Certificate Generate a CSR and get it signed
• User certificate
• Trusted CA certificate
• User Certificate — Export the
smart card user certificate as
Base64-encoded file using
the card management
software provided by the
smart card vendor.
• Trusted CA certificate — This
certificate is issued by a CA.
SHA-2 certificates are also
supported.
SHA-2 certificates are also
supported.
from a trusted CA
NOTE: iDRAC ships with a
default self-signed SSL
server certificate. The iDRAC
Web server, Virtual Media,
and Virtual Console use this
certificate.
SHA-2 certificates are also
supported.
Related Links
SSL Server Certificates
Generating a New Certificate Signing Request
SSL Server Certificates
iDRAC includes a Web server that is configured to use the industry-standard SSL security protocol to
transfer encrypted data over a network. Built upon asymmetric encryption technology, SSL is widely
accepted for providing authenticated and encrypted communication between clients and servers to
prevent eavesdropping across a network.
An SSL-enabled system can perform the following tasks:
• Authenticate itself to an SSL-enabled client
• Allow the two systems to establish an encrypted connection
The encryption process provides a high level of data protection. iDRAC employs the 128-bit SSL
encryption standard, the most secure form of encryption generally available for Internet browsers in
North America.
iDRAC Web server has a Dell self-signed unique SSL digital certificate by default. You can replace the
default SSL certificate with a certificate signed by a well-known Certificate Authority (CA). A Certificate
98
Page 99
Authority is a business entity that is recognized in the Information Technology industry for meeting high
standards of reliable screening, identification, and other important security criteria. Examples of CAs
include Thawte and VeriSign. To initiate the process of obtaining a CA-signed certificate, use either
iDRAC Web interface or RACADM interface to generate a Certificate Signing Request (CSR) with your
company’s information. Then, submit the generated CSR to a CA such as VeriSign or Thawte. The CA can
be a root CA or an intermediate CA. After you receive the CA-signed SSL certificate, upload this to iDRAC.
For each iDRAC to be trusted by the management station, that iDRAC’s SSL certificate must be placed in
the management station’s certificate store. Once the SSL certificate is installed on the management
stations, supported browsers can access iDRAC without certificate warnings.
You can also upload a custom signing certificate to sign the SSL certificate, rather than relying on the
default signing certificate for this function. By importing one custom signing certificate into all
management stations, all the iDRACs using the custom signing certificate are trusted. If a custom signing
certificate is uploaded when a custom SSL certificate is already in-use, then the custom SSL certificate is
disabled and a one-time auto-generated SSL certificate, signed with the custom signing certificate, is
used. You can download the custom signing certificate (without the private key). You can also delete an
existing custom signing certificate. After deleting the custom signing certificate, iDRAC resets and autogenerates a new self-signed SSL certificate. If a self-signed certificate is regenerated, then the trust must
be re-established between that iDRAC and the management workstation. Auto-generated SSL certificates
are self-signed and have an expiration date of seven years and one day and a start date of one day in the
past (for different time zone settings on management stations and the iDRAC).
The iDRAC Web server SSL certificate supports the asterisk character (*) as part of the left-most
component of the Common Name when generating a Certificate Signing Request (CSR). For example,
*.qa.com, or *.company.qa.com. This is called a wildcard certificate. If a wildcard CSR is generated
outside of iDRAC, you can have a signed single wildcard SSL certificate that you can upload for multiple
iDRACs and all the iDRACs are trusted by the supported browsers. While connecting to iDRAC Web
interface using a supported browser that supports a wildcard certificate, the iDRAC is trusted by the
browser. While launching viewers, the iDRACs are trusted by the viewer clients.
Related Links
Generating a New Certificate Signing Request
Uploading Server Certificate
Viewing Server Certificate
Uploading Custom Signing Certificate
Downloading Custom SSL Certificate Signing Certificate
Deleting Custom SSL Certificate Signing Certificate
Generating a New Certificate Signing Request
A CSR is a digital request to a Certificate Authority (CA) for a SSL server certificate. SSL server certificates
allow clients of the server to trust the identity of the server and to negotiate an encrypted session with
the server.
After the CA receives a CSR, they review and verify the information the CSR contains. If the applicant
meets the CA’s security standards, the CA issues a digitally-signed SSL server certificate that uniquely
identifies the applicant’s server when it establishes SSL connections with browsers running on
management stations.
99
Page 100
After the CA approves the CSR and issues the SSL server certificate, it can be uploaded to iDRAC. The
information used to generate the CSR, stored on the iDRAC firmware, must match the information
contained in the SSL server certificate, that is, the certificate must have been generated using the CSR
created by iDRAC.
Related Links
SSL Server Certificates
Generating CSR Using Web Interface
To generate a new CSR:
NOTE: Each new CSR overwrites any previous CSR data stored in the firmware. The information in
the CSR must match the information in the SSL server certificate. Else, iDRAC does not accept the
certificate.
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network → SSL, select Generate
Certificate Signing Request (CSR) and click Next.
The Generate a New Certificate Signing Request page is displayed.
2. Enter a value for each CSR attribute.
For more information, see iDRAC Online Help.
3. Click Generate.
A new CSR is generated. Save it to the management station.
Generating CSR Using RACADM
To generate a CSR using RACADM, use the objects in the cfgRacSecurity group with the config command
or use the objects in the iDRAC.Security group with the set command, and then use the sslcsrgen
command to generate the CSR. For more information, see the iDRAC8 RACADM Command Line
Interface Reference Guide available at dell.com/support/manuals.
Uploading Server Certificate
After generating a CSR, you can upload the signed SSL server certificate to the iDRAC firmware. iDRAC
must be reset to apply the certificate. iDRAC accepts only X509, Base 64 encoded Web server certificates.
SHA-2 certificates are also supported.
CAUTION: During reset, iDRAC is not available for a few minutes.
Related Links
SSL Server Certificates
Uploading Server Certificate Using Web Interface
To upload the SSL server certificate:
1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network → SSL, select Upload
Server Certificate and click Next.
The Certificate Upload page is displayed.
2. Under File Path, click Browse and select the certificate on the management station.
3. Click Apply.
The SSL server certificate is uploaded to iDRAC.
4. A pop-up message is displayed asking you to reset iDRAC immediately or at a later time. Click Reset
iDRAC or Reset iDRAC Later as required.
100
Loading...