Dell™ Lifecycle Controller 2 Web
Services Interface Guide for Windows
Steven Zessin
December 18, 2012
Version 2.1.0
Document Status: Published
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
This document is for informational purposes only and may contain typographical errors and technical inaccuracies. The content is provided as is, without express or implied warranties of any kind.
© 2012 Dell Inc. All rights reserved. Dell and its affiliates cannot be responsible for errors or omissions in typography or photography. Dell, the Dell logo, and PowerEdge are trademarks of Dell Inc. Intel and Xeon are registered trademarks of Intel Corporation in the U.S. and other countries. Microsoft, Windows, and Windows Server are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell disclaims proprietary interest in the marks and names of others.
December 2012| Rev 2.1.0
2
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows Version: 2.1.0
CONTENTS
1 |
Introduction |
........................................................................................................................ |
10 |
|
2 |
References ........................................................................................................................ |
|
10 |
|
3 |
Overview............................................................................................................................ |
|
12 |
|
|
3.1 |
Format .........................................................for WinRM CLI Examples in Document |
12 |
|
|
3.2 |
WS-Man .......................................................................Security & Time Parameters |
13 |
|
|
|
3.2.1 ....................................................................... |
Encryption Certificate Security |
13 |
|
|
3.2.2 ...................................Handling invalid responses from WSMAN commands |
13 |
|
|
|
3.2.3 ................................................Improving WinRM Enumeration Performance |
14 |
|
|
|
3.2.4 ....................Specifying StartTime, Until Time, and TIME_NOW Parameters |
14 |
|
|
|
3.2.5 ............................................................................................... |
Return Values |
15 |
|
|
3.2.6 ........................................................................................................ |
Glossary |
15 |
4 |
Discovery ........................................................................................................................... |
|
16 |
|
|
4.1 |
Discovering .........................................................................Web Service Capability |
16 |
|
|
4.2 |
Discovering ..............................................................what Profiles are Implemented |
16 |
|
|
4.3 |
Discovering ..................................................................Implementation Namespace |
17 |
|
5 Managing iDRAC ..............................................................................Local User Accounts |
18 |
|||
|
5.1 |
Description .......................................of iDRAC Attributes vs Standard DMTF Model |
18 |
|
|
5.2 |
Account ..............................................................Inventory (using iDRAC Attributes) |
18 |
|
|
|
5.2.1 ........................................Account and Capabilities (using iDRAC Attributes) |
18 |
|
|
|
5.2.2 .......................................Privilege and Capabilities (using iDRAC Attributes) |
19 |
|
|
5.3 |
Manage ..................................................Account Settings (using iDRAC Attributes) |
20 |
|
|
|
5.3.1 .................................................Modify User Name (using iDRAC Attributes) |
20 |
|
|
|
5.3.2 ....................................................Modify Password (using iDRAC Attributes) |
21 |
|
|
|
5.3.3 .............................................Modify Account State (using iDRAC Attributes) |
22 |
|
|
|
5.3.4 .............................................Modify User Privilege (using iDRAC Attributes) |
23 |
|
|
5.4 |
Account ....................................................................Inventory (using DMTF Model) |
23 |
|
|
|
5.4.1 ..............................................Account and Capabilities (using DMTF Model) |
23 |
|
|
|
5.4.2 .............................................Privilege and Capabilities (using DMTF Model) |
26 |
|
|
5.5 |
Manage ........................................................Account Settings (using DMTF Model) |
28 |
|
|
|
5.5.1 .......................................................Modify User Name (using DMTF Model) |
28 |
|
|
|
5.5.2 ..........................................................Modify Password (using DMTF Model) |
31 |
|
|
|
5.5.3 ...................................................Modify Account State (using DMTF Model) |
31 |
|
|
|
5.5.4 ...................................................Modify User Privilege (using DMTF Model) |
32 |
|
6 |
Firmware Inventory ............................................................................................................ |
33 |
||
|
6.1 |
Software ....................................................................Inventory Profile Specification |
33 |
|
|
6.2 |
Remote ................................Inventory Method Invocation – Get Software Inventory |
33 |
|
7 |
Firmware Update ............................................................................................................... |
35 |
||
|
7.1 |
Software .......................................................................Update Profile Specification |
35 |
|
|
7.2 |
”Rollback” ..................................................................................................Firmware |
35 |
|
|
|
7.2.1 ............................................................................. |
Request “Rollback” Image |
35 |
|
|
|
3 |
|
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows Version: 2.1.0
|
|
7.2.2 |
Create Reboot Job ........................................................................................ |
35 |
|
|
7.2.3 |
Schedule Update Jobs .................................................................................. |
35 |
|
|
7.2.4 |
Monitor Update Jobs ..................................................................................... |
35 |
|
7.3 |
BIOS Firmware “Rollback” ........................................................................................ |
36 |
|
|
7.4 |
NIC Firmware “Rollback”........................................................................................... |
37 |
|
|
7.5 |
Update from Network Source.................................................................................... |
39 |
|
|
|
7.5.1 |
Request Update Download............................................................................ |
39 |
|
|
7.5.2 |
Monitor Download Status .............................................................................. |
39 |
|
|
7.5.3 Reboot to Perform Update............................................................................. |
39 |
|
|
|
7.5.4 Wait for Job Completion ................................................................................ |
39 |
|
|
|
7.5.5 |
Delete Job ..................................................................................................... |
40 |
|
7.6 |
Update NICs from HTTP, CIFS Share, NFS share, TFTP, or FTP ............................ |
40 |
|
|
7.7 |
Update BIOS from HTTP, CIFS Share, NFS share, TFTP, or FTP............................ |
42 |
|
|
7.8 |
CreateRebootJob() ................................................................................................... |
44 |
|
8 |
Power State Management.................................................................................................. |
45 |
||
|
8.1 |
Description of Base Server vs Power State Management Methods........................... |
45 |
|
|
8.2 |
Get Power State ....................................................................................................... |
45 |
|
|
|
8.2.1 |
Base Server Method...................................................................................... |
45 |
|
|
8.2.2 Power State Management Method ................................................................ |
46 |
|
|
8.3 |
Get Power Control Capabilites .................................................................................. |
47 |
|
|
|
8.3.1 |
Base Server Method...................................................................................... |
47 |
|
|
8.3.2 Power State Management Method ................................................................ |
48 |
|
|
8.4 |
Power Control ........................................................................................................... |
49 |
|
|
|
8.4.1 |
Base Server Method...................................................................................... |
49 |
|
|
8.4.2 Power State Management Method ................................................................ |
50 |
|
9 |
Hardware Inventory............................................................................................................ |
51 |
||
|
9.1 |
Power Supply Inventory ............................................................................................ |
51 |
|
|
9.2 |
Fan Inventory............................................................................................................ |
52 |
|
|
9.3 |
Memory Inventory ..................................................................................................... |
53 |
|
|
9.4 |
CPU Inventory .......................................................................................................... |
54 |
|
|
9.5 |
iDRAC Card Inventory .............................................................................................. |
55 |
|
|
9.6 |
PCI Device Inventory ................................................................................................ |
56 |
|
|
9.7 |
Video Inventory......................................................................................................... |
57 |
|
|
9.8 |
VFlash SD Card Inventory ........................................................................................ |
58 |
|
|
9.9 |
NIC Inventory & Configuration .................................................................................. |
58 |
|
|
9.10 |
RAID Inventory & Configuration ................................................................................ |
60 |
|
|
9.11 |
BIOS Inventory & Configuration ................................................................................ |
62 |
|
|
9.12 |
System Inventory (including CSIOR attribute) ........................................................... |
63 |
|
10 |
Job Control Management ................................................................................................... |
65 |
||
|
10.1 |
Description of Job Management ............................................................................... |
65 |
|
|
10.2 |
Remote Job Control Examples ................................................................................. |
65 |
|
|
|
10.2.1 Setup Job Queue .......................................................................................... |
65 |
|
|
|
|
4 |
|
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows Version: 2.1.0
|
10.2.2 Delete Job Queue ......................................................................................... |
66 |
|
10.2.3 List Jobs in Job Store .................................................................................... |
67 |
11 Operating System Deployment .......................................................................................... |
69 |
|
11.1 |
OS Deployment Profile Implementation Conformance .............................................. |
69 |
11.2 |
Checking OS Deployment Service Availability .......................................................... |
69 |
11.3 |
OS Deployment Method Invocation Examples .......................................................... |
69 |
|
11.3.1 Get Driver Pack Information .......................................................................... |
70 |
|
11.3.2 Unpack Selected Drivers and Attach to Host OS as USB Device .................. |
71 |
|
11.3.3 Detach Emulated USB Device Containing Drivers......................................... |
72 |
|
11.3.4 Unpack Selected Drivers and Copy to Network Share................................... |
72 |
|
11.3.5 Check Job Status .......................................................................................... |
73 |
|
11.3.6 Boot to Network ISO...................................................................................... |
74 |
|
11.3.7 Detach Network ISO USB Device.................................................................. |
75 |
|
11.3.8 Boot To PXE ................................................................................................. |
76 |
|
11.3.9 Get Host MAC Address Information .............................................................. |
77 |
|
11.3.10 Download ISO to VFlash ........................................................................... |
77 |
|
11.3.11 Boot to ISO from VFlash............................................................................ |
78 |
|
11.3.12 Delete ISO from VFlash............................................................................. |
79 |
|
11.3.13 Detach ISO from VFlash............................................................................ |
80 |
|
11.3.14 Connect Network ISO Image ..................................................................... |
80 |
|
11.3.15 Disconnect Network ISO Image................................................................. |
81 |
|
11.3.16 Skip ISO Image Boot ................................................................................. |
82 |
|
11.3.17 Get Network ISO Image Connection Information ....................................... |
83 |
|
11.3.18 Connect RFS ISO Image ........................................................................... |
83 |
|
11.3.19 Disconnect RFS ISO Image....................................................................... |
84 |
|
11.3.20 Get RFS ISO Image Connection Information ............................................. |
85 |
|
11.3.21 Boot To Hard Drive (HD) ........................................................................... |
85 |
|
11.3.22 Configurarable Boot to Network ISO.......................................................... |
86 |
12 Lifecycle Controller Management Profile ............................................................................ |
87 |
|
12.1 |
Collect System Inventory on Restart (CSIOR)........................................................... |
87 |
12.2 |
Part Replacement Configuration and Management................................................... |
89 |
|
12.2.1 Create Config Job ......................................................................................... |
89 |
|
12.2.2 Get LC Config Job Status.............................................................................. |
90 |
|
12.2.3 List All LC Jobs ............................................................................................. |
90 |
|
12.2.4 Get CSIOR Component Configuration Recovery (CCR) Attribute.................. |
91 |
|
12.2.5 Get Part Firmware Update Attribute .............................................................. |
92 |
12.3 |
Re-Initiate Auto-Discovery Client .............................................................................. |
92 |
12.4 |
Clear or Set Provisioning Server ............................................................................... |
93 |
12.5 |
Check VFlash License Enablement .......................................................................... |
95 |
12.6 |
Download Server Public Key..................................................................................... |
95 |
12.7 |
Download Client Certificates ..................................................................................... |
96 |
12.8 |
Delete Auto-Discovery Client Certificates.................................................................. |
97 |
|
5 |
|
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows Version: 2.1.0
12.9 |
Set Public Certificates............................................................................................... |
98 |
12.10 Set iDRAC Certificate and Private Key...................................................................... |
99 |
|
12.11 Delete Auto-Discovery Server Public Key ............................................................... |
100 |
|
12.12 Insert Comment in Lifecycle Controller Log............................................................. |
100 |
|
12.13 Export Lifecycle Controller Log ............................................................................... |
101 |
|
12.14 Export Hardware Inventory from Lifecycle Controller .............................................. |
102 |
|
12.15 Export Factory Configuration .................................................................................. |
103 |
|
12.16 System Decommission ........................................................................................... |
104 |
|
12.17 Get Remote Services API Status ............................................................................ |
105 |
|
12.18 Export System Configuration .................................................................................. |
105 |
|
12.19 Import System Configuration................................................................................... |
106 |
|
13 VFlash SD Card Management ......................................................................................... |
107 |
|
13.1 |
Listing the SD Card Partitions ................................................................................. |
108 |
13.2 |
Initialize the Virtual Flash Media.............................................................................. |
108 |
|
13.2.1 Get VFlash SD Card Inventory .................................................................... |
109 |
|
13.2.2 Initialize / Format Media .............................................................................. |
109 |
|
13.2.3 Verify Initialization / Formatting.................................................................... |
110 |
13.3 |
Enable/Disable VFlash using VFlash State Change................................................ |
111 |
13.4 |
Create Partition....................................................................................................... |
111 |
13.5 |
Create Partition using Image................................................................................... |
113 |
13.6 |
Delete Partition ....................................................................................................... |
115 |
13.7 |
Format Partition ...................................................................................................... |
115 |
13.8 |
Modify Partition ....................................................................................................... |
117 |
13.9 |
Attach Partition ....................................................................................................... |
117 |
13.10 Detach Partition ...................................................................................................... |
118 |
|
13.11 Export Data from Partition....................................................................................... |
119 |
|
14 Boot Control Configuration Management ......................................................................... |
121 |
|
14.1 |
Listing the Boot Inventory-ConfigSetting Class ....................................................... |
121 |
14.2 |
Getting a Boot ConfigSetting Instance .................................................................... |
122 |
14.3 |
Listing the Boot Inventory-SourceSetting Class ...................................................... |
123 |
14.4 |
Changing the Boot Order by InstanceID-ChangeBootOrderByInstanceID() ............ |
123 |
14.5 |
Enable or Disable the Boot Source-ChangeBootSourceState()............................... |
124 |
15 NIC/CNA Card Management............................................................................................ |
125 |
|
15.1 |
Listing the NIC/CNA Inventory-Enumeration Class ................................................. |
126 |
15.2 |
Listing the NIC/CNA Inventory-String Class ............................................................ |
127 |
15.3 |
Listing the CNA Inventory-Integer Class ................................................................. |
129 |
15.4 |
Listing the CNA Inventory-NICView Class............................................................... |
130 |
15.5 |
Listing the CNA Inventory-NICCapabilities Class .................................................... |
132 |
15.6 |
Listing the CNA InventoryNICStatistics Class ....................................................... |
133 |
15.7 |
Applying the Pending Values for CNA-CreateTargetedConfigJob()......................... |
134 |
15.8 |
Deleting the Pending Values for CNA-DeletePendingConfiguration()...................... |
135 |
15.9 |
Getting the CNA Enumeration Instance .................................................................. |
136 |
|
6 |
|
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows Version: 2.1.0
15.10 Setting the IscsiOffloadMode Attribute .................................................................... |
136 |
||
15.11 Setting the MaxBandwidth Attribute ........................................................................ |
138 |
||
15.12 Setting the VirtMacAddr Attribute ............................................................................ |
139 |
||
15.13 Setting the LegacyBootProto Attribute .................................................................... |
140 |
||
15.14 Setting CNA LAN Modes ........................................................................................ |
141 |
||
15.15 Setting the iSCSI Boot Target ................................................................................. |
142 |
||
15.16 Setting the FCoE Boot Target ................................................................................. |
143 |
||
16 RAID Storage Management ............................................................................................. |
144 |
||
16.1 |
Listing the RAID Inventory-Enumeration Class ....................................................... |
145 |
|
16.2 |
Getting a RAID Enumeration Instance .................................................................... |
146 |
|
16.3 |
Listing the RAID Inventory-Integer Class ................................................................ |
146 |
|
16.4 |
Getting a RAID Integer Instance ............................................................................. |
148 |
|
16.5 |
Listing the RAID Inventory-String Class .................................................................. |
148 |
|
16.6 |
Getting a RAID String Instance ............................................................................... |
149 |
|
16.7 |
Listing the RAID Inventory-ControllerView Class .................................................... |
150 |
|
16.8 |
Getting a RAID ControllerView Instance ................................................................. |
151 |
|
16.9 |
Listing the RAID Inventory-PhysicalDiskView Class................................................ |
152 |
|
16.10 Listing the RAID VirtualDiskView Inventory ............................................................. |
153 |
||
16.11 Listing the RAID EnclosureView Inventory .............................................................. |
155 |
||
16.12 Reset Configuration-ResetConfig() ......................................................................... |
155 |
||
16.13 Clearing the Foreign Configuration-ClearForeignConfig() ....................................... |
156 |
||
16.14 Applying the Pending Values for RAID-CreateTargetedConfigJob()........................ |
157 |
||
16.15 Deleting the Pending Values for RAID-DeletePendingConfiguration()..................... |
158 |
||
16.16 Managing Hot Spare ............................................................................................... |
159 |
||
|
16.16.1 |
Determining Potential Disks-GetDHSDisks() ........................................... |
159 |
|
16.16.2 Assigning the Hot Spare-AssignSpare() .................................................. |
159 |
|
|
16.16.3 Unassigning the Hot Spare-UnassignSpare() .......................................... |
161 |
|
16.17 Managing Keys for Self Encrypting Drives .............................................................. |
161 |
||
|
16.17.1 |
Setting the Key-SetControllerKey() .......................................................... |
161 |
|
16.17.2 Locking the Virtual Disk-LockVirtualDisk() ............................................... |
162 |
|
|
16.17.3 Locking the Controller with a Key-EnableControllerEncryption() .............. |
163 |
|
|
16.17.4 |
Rekeying the Controller-ReKey() ............................................................. |
164 |
|
16.17.5 |
Removing the Key-RemoveControllerKey() ............................................. |
166 |
16.18 Managing Virtual Disk ............................................................................................. |
166 |
||
|
16.18.1 Getting the Available RAID levels-GetRAIDLevels() ................................ |
166 |
|
|
16.18.2 Getting the Available Disks-GetAvailableDisks()...................................... |
168 |
|
|
16.18.3 Checking the Create VD Parameters Validity-CheckVDValues() ............. |
169 |
|
|
16.18.4 Creating a Single Virtual Disk-CreateVirtualDisk() ................................... |
170 |
|
|
16.18.5 Creating a Sliced Virtual Disk-CreateVirtualDisk() ................................... |
173 |
|
|
16.18.6 Creating a Cachecade Virtual Disk-CreateVirtualDisk() ........................... |
176 |
|
|
16.18.7 |
Deleting a Virtual Disk-DeleteVirtualDisk()............................................... |
178 |
16.19 Setting Controller Attributes .................................................................................... |
179 |
||
|
|
7 |
|
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows Version: 2.1.0
|
|
16.19.1 Changing the Value of a RAID Controller Enumeration Attribute ............. |
179 |
|
|
16.19.2 Changing Multiple Values of RAID Controller Enumeration Attributes...... |
179 |
|
|
16.19.3 Changing the Value of a RAID Controller Integer Attribute ...................... |
180 |
|
|
16.19.4 Changing Multiple Values of RAID Controller Integer Attributes............... |
181 |
|
16.20 Convert Physical Disks to RAID-ConvertToRAID() ................................................. |
182 |
|
|
16.21 Convert Physical Disks to Non RAID-ConvertToNonRAID().................................... |
183 |
|
17 |
Managing BIOS Configuration.......................................................................................... |
183 |
|
|
17.1 |
Listing the BIOS Inventory-Enumeration Class ....................................................... |
183 |
|
17.2 |
Getting a BIOS Enumeration Instance .................................................................... |
185 |
|
17.3 |
Changing the BIOS BootMode-SetAttribute() .......................................................... |
185 |
|
17.4 |
Setting Multiple BIOS BootMode Parameters.......................................................... |
186 |
|
17.5 |
Listing the BIOS Inventory-Integer Class ................................................................ |
187 |
|
17.6 |
Listing the BIOS Inventory-String Class .................................................................. |
187 |
|
17.7 |
Applying the Pending Values for BIOS & Boot-CreateTargetedConfigJob() ............ |
188 |
|
17.8 |
Deleting the Pending Values for BIOS & Boot-DeletePendingConfiguration() ......... |
189 |
|
17.9 |
Managing BIOS Passwords .................................................................................... |
190 |
|
|
17.9.1 Setting the BIOS Password ......................................................................... |
190 |
|
|
17.9.2 Create Target Configuration Job ................................................................. |
192 |
|
|
17.9.3 Monitor Set BIOS Password Status............................................................. |
192 |
|
17.10 Listing the BIOS Inventory-Password Class ............................................................ |
192 |
|
18 Exporting and Importing Server Profile............................................................................. |
193 |
||
|
18.1 |
Exporting Server Profile .......................................................................................... |
194 |
|
|
18.1.1 Exporting Server Profile to iDRAC vFlash Card-BackupImage().................. |
194 |
|
|
18.1.2 Exporting Server Profile to NFS Share-BackupImage() ............................... |
194 |
|
|
18.1.3 Exporting Server Profile to CIFS Share-BackupImage() .............................. |
195 |
|
|
18.1.4 Monitoring Export status.............................................................................. |
196 |
|
18.2 |
Importing Server Profile .......................................................................................... |
197 |
|
|
18.2.1 Importing Server Profile from iDRAC vFlash Card-RestoreImage() ............. |
197 |
|
|
18.2.2 Importing Server Profile from NFS share-RestoreImage() ........................... |
197 |
|
|
18.2.3 Importing Server Profile from CIFS share-RestoreImage() .......................... |
198 |
|
|
18.2.4 Monitoring Import Status ............................................................................. |
199 |
19 |
iDRAC Configuration........................................................................................................ |
200 |
|
|
19.1 |
Listing the iDRAC Card Inventory-Enumeration Class ............................................ |
200 |
|
19.2 |
Getting an iDRAC Card Enumeration Instance ....................................................... |
201 |
|
19.3 |
Listing the iDRAC Card Inventory-Enumeration Class using groupID ..................... |
202 |
|
19.4 |
Applying the Attributes and Polling Job Completion ................................................ |
204 |
|
|
19.4.1 Changing iDRAC Values-ApplyAttributes() (Immediate) .............................. |
204 |
|
|
19.4.2 Polling Job Completion................................................................................ |
205 |
|
|
19.4.3 Set Attribute Verification .............................................................................. |
206 |
|
19.5 |
Listing the iDRAC Card Inventory-Integer Class ..................................................... |
207 |
|
19.6 |
Listing the iDRAC Card Inventory-Integer Class using groupID .............................. |
208 |
|
19.7 |
Listing the iDRAC Card Inventory-String Class ....................................................... |
209 |
|
|
8 |
|
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows Version: 2.1.0
|
19.8 |
Listing the iDRAC Card Inventory-String Class using groupID ................................ |
210 |
|
19.9 |
Changing the iDRAC IPChange Notification ........................................................... |
212 |
|
|
19.9.1 Getting the Current iDRAC IPChange State ................................................ |
212 |
|
|
19.9.2 Setting the iDRAC IPChange Notification-SetAttribute() .............................. |
212 |
20 |
Remote Service Status .................................................................................................... |
213 |
|
|
20.1 |
Getting Remote Service Status............................................................................... |
213 |
|
20.2 |
Restarting Remote Service Status .......................................................................... |
215 |
21 |
System Information .......................................................................................................... |
216 |
|
|
21.1 |
Listing the System Inventory-SystemView Class..................................................... |
216 |
22 |
Sensor Information.......................................................................................................... |
217 |
|
|
22.1 |
Listing the Sensors Inventory-PSNumericSensor Class .......................................... |
217 |
23 Managing Fiber Channel (FC) Configuration .................................................................... |
219 |
||
|
23.1 |
Listing the FC Inventory-Attribute Class .................................................................. |
219 |
|
23.2 |
Listing the FC Inventory-Statistics Class ................................................................. |
220 |
|
23.3 |
Listing the FC Inventory-String Class...................................................................... |
221 |
|
23.4 |
Listing the FC Inventory-Integer Class .................................................................... |
222 |
|
23.5 |
Listing the FC Inventory-Enumeration Class ........................................................... |
222 |
|
23.6 |
Changing the FC Attributes-SetAttribute()............................................................... |
223 |
|
23.7 |
Applying the Pending Values for FC-CreateTargetedConfigJob() ........................... |
223 |
|
23.8 |
Deleting the Pending Values for FC-DeletePendingConfiguration() ........................ |
225 |
|
23.9 |
Listing the FC Views ............................................................................................... |
225 |
9
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
1 Introduction
This document serves as a guideline for utilizing the functionality available from embedded Lifecycle Controller Remote Enablement Web Services interfaces. The purpose of this document is to provide information and examples for utilizing the Web services for Management (WS-Man) management protocol using Windows WinRM and open source WSMANCLI command line utilities. Examples and invocation information is provided for the following functionality.
Inventory for BIOS, component firmware and embedded software
Update of BIOS, component firmware and embedded software
Job Control of update tasks
Enhancement of Operating System Deployment using VFlash SD Card
Enhancement of Discovery and Handshake from LifeCycle Controller 1.x
Raid configuration management
iDRAC Inventory and configuration features
NIC configuration management
Boot configuration management
BIOS configuration management
The target audience for this document is application and script writers that want to utilize the remote management capabilities using WS-Man protocol available from Dell Lifecycle Controller.
2 References
1Dell 12th Generation PowerEdge Server Resources: http://www.delltechcenter.com/12thGen
2Dell CIM Profiles:
http://www.delltechcenter.com/page/DCIM.Library.Profile
3 Managed Object Format (MOF) files http://www.delltechcenter.com/page/DCIM.Library.MOF
4 WinRM Scripting API, MSDN: http://msdn.microsoft.com/en-us/library/aa384469(VS.85).aspx
5 Openwsman CLI: http://www.openwsman.org/project/wsmancli
6 DMTF Common Information Model (CIM) Infrastructure Specification (DSP0004): http://www.dmtf.org/standards/published_documents/DSP0004_2.5.0.pdf
10
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
7 List of PCI IDs: http://pciids.sourceforge.net/pci.ids
11
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
3 Overview
The remote interface guidelines provided in this document are illustrated by command line examples of the WS-MAN protocol Web services APIs that expose the remote management capabilities of the Dell Lifecycle Controller. The command line examples are from the Microsoft® Windows® and Linux environments using WinRM4 and WSMANCLI5 respectively. The Lifecycle Controller remote management capabilities are organized by management domain and documented in Dell CIM Profile specifications2. The remote enablement feature for Lifecycle Controller 2.0 provides the following capabilities:
Remotely get inventory of the BIOS, component firmware, and embedded software including version information of both the installed as well as available cached versions
Remote update of BIOS, component firmware, Diagnostic content, DRAC content, driver pack, power supplies from remotely located Dell Update Packages or cached images located in the Lifecycle Controller
Remotely schedule and track the status of update tasks (jobs)
Remotely manage the Part Replacement feature by allowing retrieving and setting auto update and auto system inventory sync
Enable re-initiation of Lifecycle Controller Auto-Discovery feature
Enhancement of Operation System Deployment capabilities by supporting the downloading of an ISO image to a Dell VFlash SD Card and booting to the ISO image on the VFlash SD Card
NIC configuration enables the ability to get and set NIC attributes that are configurable using NIC Option ROM or NIC UEFI HII.
Remote RAID configuration allows users to remotely query and configure the Hardware Raid of the system
Multiple HW Inventory views allows users to remote query the inventory of Hardware
3.1Format for WinRM CLI Examples in Document
The examples of WinRM and WSMANCLI command line invocations in this document are formatted for readability and often span multiple lines in the document. In actual use, scripted or hand-typed invocations are contained on one line. The examples also use substitute values for the target iDRAC IP address, username (with ExecuteServerCommand privilege), password and other site specific information. Actual use of these examples would require using values for IP Address, username and password, etc. that are valid. These values are represented in the examples as follows:
Target iDRAC IP address = [IPADDRESS]
iDRAC Username = [USER]
iDRAC Password = [PASSWORD]
Additional substitute values are used in some of the examples and are described in the specific example.
12
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
The following example is typical of the formatting used in this document:
EXAMPLE:
winrm e cimv2/root/dcim/DCIM_OSDeploymentService
-u:[USER] -p:[PASSWORD]
-r:https://[IPADDRESS]/wsman:443
-encoding:utf-8 -a:basic
3.2WS-Man Security & Time Parameters
3.2.1Encryption Certificate Security
For the WinRM examples provided in this document, the strict checks of certificates such as matching of CNs (Common Names) and verification with the actual CA (Certificate Authority) of the certificate of the WS-Management protocol HTTPS encryption certificate is assumed to be already configured and enabled. To disable the strict certificate checking, add the following command line options to all WinRM examples: –skipCACheck and –skipCNCHeck.
Additionally, the following error may result if the end point does not support this feature. Use the switch -skiprevocationcheck to bypass this error.
WSManFault
Message = The server certificate on the destination computer (10.35.0.232:443) has the following errors:
The SSL certificate could not be checked for revocation. The server used to check for revocation might be unreachable.
Refer to the WinRM documentation4 and related documentation for directions on setting up encryption certificates for WinRM and executing WinRM invocations using full security capabilities. Refer to the Lifecycle Controller User Guide1 for directions on configuring different encryption certificates for the iDRAC Web server. Dell recommends that the full security and encryption capabilities of the WSManagement protocol is used for production level utilization of the Lifecycle Controller Web services interfaces.
3.2.2Handling invalid responses from WSMAN commands
Check the network connection to make sure that the system is connected
Check the WSMAN syntax to ensure there are no typos in the command line
Check if there are other WSMAN commands sending from other systems
Wait for a few seconds and re-try the WSMAN command
13
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
3.2.3Improving WinRM Enumeration Performance
When an enumeration command is executed, the default WinRM configuration gets only 20 instances at a time and therefore slows down the system drastically. Changing the WinRM configuration to allow a greater number, such as 50, will reduce the time taken by the enumeration operations.
Execute the following command to get instances in groups of up to 50.
winrm set winrm/config @{MaxBatchItems="50"}
Additionally, increasing the allotted maximum envelope size and timeout can also increase performance.
winrm set winrm/config @{MaxEnvelopeSizekb="150"}
winrm set winrm/config @{MaxTimeoutms ="60000"}
Other optional WinRM configuration commands are listed below for convenience. To get the current WinRM configuration settings, execute the following command.
winrm g winrm/config
By default, the client computer requires encrypted network traffic. To allow the client computer to request unencrypted traffic, execute the following command:
winrm s winrm/config/Client @{AllowUnencrypted="true"}
TrustedHosts is an array that specifies the list of remote computers that are trusted. Other computers in a workgroup or computers in a different domain should be added to this list.
Note: The computers in the TrustedHosts list are not authenticated.
Execute the following command to allow all computers to be included in TrustedHosts.
winrm s winrm/config/Client @{TrustedHosts="*"}
Basic authentication is a scheme in which the user name and password are sent in clear text to the server or proxy. This method is the least secure method of authentication. The default is True.
Execute the following command to set client computer to use Basic authentication.
winrm s winrm/config/Client/Auth @{Basic="true"}
3.2.4Specifying StartTime, Until Time, and TIME_NOW Parameters
The several methods that attach a virtual USB device to the target system accept a StartTime and Until parameter. The parameter data type is CIM date-time. If the StartTime parameter is null the action will not be started. If the Until parameter is null, the default value will be 17 hours. The date-time data type is defined in the CIM Infrastructure Specification4 as:
ddddddddhhmmss.mmmmmm
Where:
14
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
•dddddddd is the number of days
•hh is the remaining number of hours
•mm is the remaining number of minutes
•ss is the remaining number of seconds
•mmmmmm is the remaining number of microseconds
The Lifecycle controller firmware update, and set attribute related methods that require a date time parameter, use the form YYYYMMDDhhmmss (Eg. 20090930112030). The user is expected to enter the date and time in this format for all Lifecycle Controller updates and set attribute tasks. TIME_NOW is a special value that represents “running the tasks immediately”.
3.2.5Return Values
Many of the methods in this document have the following possible return values. They are summarized here for convenience.
0 = Success
1 = Not Supported
2 = Failed
4096 = Job Created
3.2.6Glossary
|
Term |
|
|
Meaning |
|
|
|
|
|
||
|
|
|
|
|
|
|
BIOS |
|
|
Basic Input / Output System |
|
|
HW |
|
|
Hardware |
|
|
iDRAC |
|
|
Integrated DELL Remote Access Controller |
|
|
IPL |
|
|
Initial Program Load |
|
|
DUP |
|
|
Dell Update Package |
|
|
|
|
|
|
|
|
MOF |
|
|
Managed Object File |
|
|
CIM |
|
|
Common Information Model |
|
|
|
|
|
|
|
|
NIC |
|
|
Network Interface Controller |
|
|
|
|
|
|
|
|
RAID |
|
|
Redundant Array of Independent Disks |
|
|
|
|
|
|
|
|
FQDD |
|
|
Fully Qualified Device Description |
|
|
UEFI |
|
|
Unified Extensible Firmware Interface |
|
|
AMEA |
|
|
Advanced Management Enablement Adapter |
|
|
HII |
|
|
Human Interface Infrastructure |
|
|
WSMAN |
|
|
WS-Management is a specification of a SOAP-based protocol for the |
|
|
|
|
|
management of servers, devices, applications and more |
|
|
|
15 |
|
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
4 Discovery
4.1Discovering Web Service Capability
Determine if the target system supports the WinRM interface using the ‘identify’ command.
Profiles: http://www.dmtf.org/sites/default/files/standards/documents/DSP0217_2.0.0.pdf
EXAMPLE:
winrm identify
-u:[USER] -p:[PASSWORD]
-r:https://[IPADDRESS]/wsman -SkipCNcheck -SkipCAcheck -encoding:utf-8 -a:basic
OUTPUT:
IdentifyResponse
ProtocolVersion = http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor = Openwsman Project
ProductVersion = 2.2.4
4.2Discovering what Profiles are Implemented
Implemented profiles are advertised using the class CIM_RegisteredProfile. Enumerate this class in the
“root/interop” CIM namespace.
Profiles: http://www.dmtf.org/sites/default/files/standards/documents/DSP1033_1.0.0.pdf
EXAMPLE:
winrm e http://schemas.dmtf.org/wbem/wscim/1/cimschema/2/CIM_RegisteredProfile?__cimnamespace=root/interop -u:[USER] -p:[PASSWORD]
-r:https://[IPADDRESS]/wsman -SkipCNcheck -SkipCAcheck -encoding:utf-8 -a:basic
OUTPUT:
DCIM_LCRegisteredProfile
AdvertiseTypeDescriptions = WS-Identify, Interop Namespace AdvertiseTypes = 1, 1
InstanceID = DCIM:Memory:1.0.0 OtherRegisteredOrganization = DCIM RegisteredName = Memory RegisteredOrganization = 1 RegisteredVersion = 1.0.0
...
DCIM_RegisteredProfile
16
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
AdvertiseTypeDescriptions = WS-Identify AdvertiseTypes = 1
Caption = null Description = null ElementName = null
InstanceID = DCIM:CSRegisteredProfile:1 OtherRegisteredOrganization = null RegisteredName = Base Server RegisteredOrganization = 2 RegisteredVersion = 1.0.0
.
.
.
The above example shows that the DMTF Base Server profile version 1.0.0 is implemented.
4.3Discovering Implementation Namespace
The implementation CIM namespace may be discovered from the interop (root/interop) CIM namespace using the class CIM_ElementConformsToProfile that associates an instance of CIM_RegisteredProfile class with an instance of CIM_ComputerSystem class.
Profiles: n/a
EXAMPLE:
winrm e http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/* -dialect:association -associations - filter: {object=DCIM_ComputerSystem?CreationClassName=DCIM_ComputerSystem+Name=srv:system+__cimna mespace=root/dcim}
-u:[USER] -p:[PASSWORD] -r:https://[IPADDRESS]/wsman -encoding:utf-8 -a:basic -SkipCNcheck –SkipCAcheck
OUTPUT:
DCIM_CSRoleLimitedToTarget DefiningRole
Address = http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous ReferenceParameters
ResourceURI = http://schemas.dell.com/wbem/wscim/1/cim-schema/2/DCIM_Role SelectorSet
Selector: CreationClassName = DCIM_Role, Name = DCIM:Role:9, __cimnamespace =
root/dcim TargetElement
Address = http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous ReferenceParameters
ResourceURI = http://schemas.dell.com/wbem/wscim/1/cimschema/2/DCIM_ComputerSystem
SelectorSet
Selector: CreationClassName = DCIM_ComputerSystem, Name = srv:system, __cimnamespace = root/dcim
17
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
DCIM_CSRoleLimitedToTarget DefiningRole
Address = http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous ReferenceParameters
ResourceURI = http://schemas.dell.com/wbem/wscim/1/cim-schema/2/DCIM_Role SelectorSet
Selector: CreationClassName = DCIM_Role, Name = DCIM:Role:10, __cimnamespace =
root/dcim TargetElement
Address = http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous ReferenceParameters
ResourceURI = http://schemas.dell.com/wbem/wscim/1/cimschema/2/DCIM_ComputerSystem
SelectorSet
Selector: CreationClassName = DCIM_ComputerSystem, Name = srv:system, __cimnamespace = root/dcim
5 Managing iDRAC Local User Accounts
5.1Description of iDRAC Attributes vs Standard DMTF Model
The iDRAC user account management data model is represented by both DMTF and Dell Profiles. Both models are currently offered. The DMTF Profiles for Simple Identity Management and Role Based Authorization represent iDRAC user accounts and privileges. The DMTF data model is complex and typically requires multiple transactions to accomplish simple operations such as specifying a username and password or giving a user account admin privileges. For this reason, LC also offers a Dell data model for managing iDRAC user accounts that is based on an attribute model. The DCIM iDRAC Card Profile specifies the attributes for each user account name, password, and privilege. The iDRAC has 15 local user account that can be managed.
5.2Account Inventory (using iDRAC Attributes)
The list of user accounts may be retrieved by enumerating the DCIM_iDRACCard classes. The class provides the user account name and enabled state properties.
Profile and Associated MOFs:
http://www.delltechcenter.com/page/DCIM.Library.Profile
5.2.1Account and Capabilities (using iDRAC Attributes)
Enumerating the DCIM_iDRACCardEnumeration class, Section 19.1, and parsing the output for the attribute AttributeDisplayName = User Admin Enable, will display all of the 16 possible user accounts and their respective status.
EXAMPLE:
winrm e http://schemas.dmtf.org/wbem/wscim/1/cimschema/2/root/dcim/DCIM_iDRACCardEnumeration -u:[USER] -p:[PASSWORD]
18
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
-r:https://[IPADDRESS]/wsman:443 -SkipCNcheck -SkipCAcheck -encoding:utf-8 -a:basic
OUTPUT:
DCIM_iDRACCardEnumeration AttributeDisplayName = User Admin Enable AttributeName = Enable
CurrentValue = Disabled
DefaultValue = Disabled Dependency = null DisplayOrder = 0
FQDD = iDRAC.Embedded.1
GroupDisplayName = Users GroupID = Users.1
InstanceID = iDRAC.Embedded.1#Users.1#Enable IsReadOnly = true
PossibleValues = Disabled, Enabled DCIM_iDRACCardEnumeration
AttributeDisplayName = User Admin Enable AttributeName = Enable
CurrentValue = Enabled
DefaultValue = Enabled Dependency = null DisplayOrder = 0
FQDD = iDRAC.Embedded.1
GroupDisplayName = Users GroupID = Users.2
InstanceID = iDRAC.Embedded.1#Users.2#Enable IsReadOnly = false
PossibleValues = Disabled, Enabled
.
.
.
Account Disabled as displayed in CurrentValue attribute for
Users.1
Account Enabled as displayed in CurrentValue attribute for
Users.2
5.2.2Privilege and Capabilities (using iDRAC Attributes)
Enumerating the DCIM_iDRACCardEnumeration class, Section 19.1, and parsing the output for the
attribute AttributeDisplayName = User Admin IPMI LAN(or Serial) Privilege, will display all of the 16
possible user accounts and their respective status.
EXAMPLE:
DCIM_iDRACCardEnumeration
AttributeDisplayName = User Admin IPMI LAN Privilege
AttributeName = IpmiLanPrivilege
CurrentValue = NoAccess
DefaultValue = NoAccess
Dependency = null
DisplayOrder = 0
FQDD = iDRAC.Embedded.1
GroupDisplayName = Users
GroupID = Users.1
19
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
InstanceID = iDRAC.Embedded.1#Users.1#IpmiLanPrivilege
IsReadOnly = true
PossibleValues = User, Operator, Administrator, NoAccess
DCIM_iDRACCardEnumeration
AttributeDisplayName = User Admin IPMI Serial Privilege AttributeName = IpmiSerialPrivilege
CurrentValue = NoAccess
DefaultValue = NoAccess Dependency = null DisplayOrder = 0
FQDD = iDRAC.Embedded.1
GroupDisplayName = Users GroupID = Users.1
InstanceID = iDRAC.Embedded.1#Users.1#IpmiSerialPrivilege IsReadOnly = true
PossibleValues = User, Operator, Administrator, NoAccess.
.
.
5.3Manage Account Settings (using iDRAC Attributes)
When the account setting capability allows, the user name of an account may be modified by invoking the ApplyAttributes() method on the UserName property. Confirmation of successful user name or password verification can be obtained by enumerating the DCIM_iDRACCardString class(Section 19.6).
5.3.1Modify User Name (using iDRAC Attributes)
EXAMPLE:
winrm i ApplyAttributes http://schemas.dmtf.org/wbem/wscim/1/cimschema/2/root/dcim/DCIM_iDRACCardService ?SystemCreationClassName=DCIM_ComputerSystem +CreationClassName=DCIM_iDRACCardService +SystemName=DCIM:ComputerSystem
+Name=DCIM:iDRACCardService -u:[USER] -p:[PASSWORD]
-r:https://[IPADDRESS]/wsman -SkipCNcheck -SkipCAcheck -encoding:utf-8 -a:basic -file: DracCard_UserName.xml
The input file, DracCard_UserName.xml, is shown below:
<p:ApplyAttributes_INPUT xmlns:p="http://schemas.dmtf.org/wbem/wscim/1/cimschema/2/root/dcim/DCIM_iDRACCardService">
<p:Target>iDRAC.Embedded.1</p:Target> <p:AttributeName>Users.4#UserName</p:AttributeName> <p:AttributeValue>HELLO</p:AttributeValue> </p:ApplyAttributes_INPUT>
OUTPUT:
20
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
When this method is executed, a jobid or an error message is returned.
ApplyAttributes_OUTPUT
ReturnValue = 4096
Job
EndpointReference
Address = https://127.0.0.1:443/wsman
ReferenceParameters
ResourceURI = http://schemas.dell.com/wbem/wscim/1/cim-schema/2/DCIM_LifecycleJob
SelectorSet
Selector: __cimnamespace = root/dcim,
InstanceID = JID_001296571842
5.3.2 Modify Password (using iDRAC Attributes)
EXAMPLE:
winrm i ApplyAttributes http://schemas.dmtf.org/wbem/wscim/1/cimschema/2/root/dcim/DCIM_iDRACCardService ?SystemCreationClassName=DCIM_ComputerSystem +CreationClassName=DCIM_iDRACCardService +SystemName=DCIM:ComputerSystem
+Name=DCIM:iDRACCardService -u:[USER] -p:[PASSWORD]
-r:https://[IPADDRESS]/wsman -SkipCNcheck -SkipCAcheck -encoding:utf-8 -a:basic -file:DracCard_Password.xml
The input file, DracCard_Password.xml, is shown below:
<p:ApplyAttributes_INPUT xmlns:p="http://schemas.dmtf.org/wbem/wscim/1/cimschema/2/root/dcim/DCIM_iDRACCardService">
<p:Target>iDRAC.Embedded.1</p:Target> <p:AttributeName>Users.4#Enable</p:AttributeName> <p:AttributeValue>Enabled</p:AttributeValue> <p:AttributeName>Users.4#Password</p:AttributeName> <p:AttributeValue>PWORDHERE</p:AttributeValue> </p:ApplyAttributes_INPUT>
OUTPUT:
When this method is executed, a jobid or an error message is returned.
ApplyAttributes_OUTPUT
ReturnValue = 4096
Job
EndpointReference
Address = https://127.0.0.1:443/wsman
ReferenceParameters
ResourceURI = http://schemas.dell.com/wbem/wscim/1/cim-schema/2/DCIM_LifecycleJob
SelectorSet
Selector: __cimnamespace = root/dcim,
InstanceID = JID_001296571842
21
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
5.3.3Modify Account State (using iDRAC Attributes)
When the account setting capability allows, the user account may be enabled or disabled by invoking the method ApplyAttributes() method on the Enable property. Confirmation of the change can be obtained by enumerating the DCIM_iDRACCardString class(Section 19.6).
EXAMPLE:
winrm i ApplyAttributes http://schemas.dmtf.org/wbem/wscim/1/cimschema/2/root/dcim/DCIM_iDRACCardService ?SystemCreationClassName=DCIM_ComputerSystem +CreationClassName=DCIM_iDRACCardService +SystemName=DCIM:ComputerSystem
+Name=DCIM:iDRACCardService -u:[USER] -p:[PASSWORD]
-r:https://[IPADDRESS]/wsman -SkipCNcheck -SkipCAcheck -encoding:utf-8 -a:basic -file: DracCard_AccountChange.xml
The input file, DracCard_ AccountChange.xml, is shown below:
<p:ApplyAttributes_INPUT xmlns:p="http://schemas.dmtf.org/wbem/wscim/1/cimschema/2/root/dcim/DCIM_iDRACCardService">
<p:Target>iDRAC.Embedded.1</p:Target> <p:AttributeName>Users.4#Enable</p:AttributeName> <p:AttributeValue>Enabled</p:AttributeValue> <p:AttributeName>Users.4#Password</p:AttributeName> <p:AttributeValue>PASSWORDHERE</p:AttributeValue> </p:ApplyAttributes_INPUT>
OUTPUT:
When this method is executed, a jobid or an error message is returned.
ApplyAttributes_OUTPUT
Job
Address = http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
ReferenceParameters
ResourceURI = http://schemas.dell.com/wbem/wscim/1/cim-schema/2/DCIM_LifecycleJob
SelectorSet
Selector: InstanceID = JID_001296744532, __cimnamespace = root/dcim ReturnValue = 4096
The following error may result if the password has not initially been set to a value. The password may be set an initail value at the same time as the account is enabled by adding the Users.4#Password attribute name and corresponding attribute value, as shown above.
ApplyAttributes_OUTPUT
Message = The User Password is not configured so cannot Enable the User or set values for IPMILan IPMISerial or User Admin Privilege
MessageArguments = NULL MessageID = RAC023 ReturnValue = 2
22
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
5.3.4Modify User Privilege (using iDRAC Attributes)
When the account setting capability allows, the user privileges may be enabled or disabled by invoking the method ApplyAttributes() method on the Enable property. Confirmation of the change can be obtained by enumerating the DCIM_iDRACCardString class(Section 19.6).
EXAMPLE:
winrm i ApplyAttributes http://schemas.dmtf.org/wbem/wscim/1/cimschema/2/root/dcim/DCIM_iDRACCardService ?SystemCreationClassName=DCIM_ComputerSystem +CreationClassName=DCIM_iDRACCardService +SystemName=DCIM:ComputerSystem
+Name=DCIM:iDRACCardService -u:[USER] -p:[PASSWORD]
-r:https://[IPADDRESS]/wsman -SkipCNcheck -SkipCAcheck -encoding:utf-8 -a:basic -file: DracCard_PrivilegeChange.xml
The input file, DracCard_ PrivilegeChange.xml, is shown below:
<p:ApplyAttributes_INPUT xmlns:p="http://schemas.dmtf.org/wbem/wscim/1/cimschema/2/root/dcim/DCIM_iDRACCardService">
<p:Target>iDRAC.Embedded.1</p:Target> <p:AttributeName>Users.4#IpmiLanPrivilege</p:AttributeName> <p:AttributeValue>Operator</p:AttributeValue> </p:ApplyAttributes_INPUT>
OUTPUT:
When this method is executed, a jobid or an error message is returned.
ApplyAttributes_OUTPUT
Job
Address = http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
ReferenceParameters
ResourceURI = http://schemas.dell.com/wbem/wscim/1/cim-schema/2/DCIM_LifecycleJob
SelectorSet
Selector: InstanceID = JID_001296745342, __cimnamespace = root/dcim ReturnValue = 4096
5.4Account Inventory (using DMTF Model)
The list of user accounts may be retrieved by enumerating the CIM_Account class. The class provides the user account name and EnabledState properties. The user account password is also included but it is a write-only property.
Profiles:
http://www.dmtf.org/sites/default/files/standards/documents/DSP1034_1.0.1.pdf
http://www.dmtf.org/sites/default/files/standards/documents/DSP1039_1.0.0.pdf
5.4.1Account and Capabilities (using DMTF Model)
Example-A demonstrates standard ouput. Example-B demonstrates EPR mode output. 23
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
EXAMPLE-A:
winrm e http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_Account -u:[USER] -p:[PASSWORD]
-r:https://[IPADDRESS]/wsman -SkipCNcheck -SkipCAcheck -encoding:utf-8 -a:basic
OUTPUT-A:
DCIM_Account
CreationClassName = DCIM_Account
ElementName = DCIM Account
EnabledDefault = 2
EnabledState = 3
Name = iDRAC.Embedded.1#Users.1
OrganizationName = DCIM
RequestedState = 0
SystemCreationClassName = DCIM_SPComputerSystem
SystemName = systemmc
TransitioningToState = 12
UserID = null
UserPassword = null
DCIM_Account
CreationClassName = DCIM_Account ElementName = DCIM Account EnabledDefault = 2
EnabledState = 2
Name = iDRAC.Embedded.1#Users.2 OrganizationName = DCIM RequestedState = 0
SystemCreationClassName = DCIM_SPComputerSystem SystemName = systemmc
TransitioningToState = 12 UserID = root UserPassword
.
.
.
EXAMPLE-B:
winrm e http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_Account -u:[USER] - p:[PASSWORD]
-r:https://[IPADDRESS]/wsman -SkipCNcheck -SkipCAcheck -encoding:utf-8 -a:basic -returntype:EPR
OUTPUT-B:
EndpointReference
Address = http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
ReferenceParameters
ResourceURI = http://schemas.dell.com/wbem/wscim/1/cim-schema/2/DCIM_Account
SelectorSet
24
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
Selector: __cimnamespace = root/dcim, Name = iDRAC.Embedded.1#Users.1, CreationClassName = DCIM_Account, Sys
temName = systemmc, SystemCreationClassName = DCIM_SPComputerSystem
EndpointReference
Address = http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous ReferenceParameters
ResourceURI = http://schemas.dell.com/wbem/wscim/1/cim-schema/2/DCIM_Account SelectorSet
Selector: __cimnamespace = root/dcim, Name = iDRAC.Embedded.1#Users.2, CreationClassName = DCIM_Account, Sys
temName = systemmc, SystemCreationClassName = DCIM_SPComputerSystem
.
.
.
Account setting capability is defined in the class CIM_AccountManagementCapabilities associated with the CIM_Account class instance. The ability to enable and disable an account is defined in the capability class CIM_EnabledLogicalElementCapabilities associated with the CIM_Account class.
To determine account setting capabilities:
1.Get the CIM_Account class instance of interest using EnumerateEPR mode.
2.Enumerate the associators of the CIM_Account instance and search for CIM_AccountManagementService class instance using EnumerateEPR mode.
3.Enumerate the associators of the CIM_AccountManagementService instance and search for CIM_AccountManagementCapabilities class instance.
4.One exception is account index 0. The first account is static and could not be set. OUTPUT-C:
DCIM_LocalUserAccountManagementCapabilities
ElementName = Local User Account Management Capabilities
ElementNameEditSupported = false
InstanceID = DCIM:LocalUserAccountManagementCapabilities:1
MaxElementNameLen = 0
OperationsSupported = 3
SupportedAuthenticationMethod = 0, 1, 2
DCIM_IPMICLPAccountManagementCapabilities
ElementName = IPMI/CLP Account Management Capabilities
ElementNameEditSupported = false
InstanceID = DCIM:IPMICLPAccountManagementCapabilities:1
MaxElementNameLen = 0
OperationsSupported = 3
25
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
To determine account state setting capabilities:
1.Get the CIM_Account class instance of interest using EnumerateEPR mode.
2.Enumerate the associators of the CIM_Account instance and search for CIM_EnabledLogicalElementCapabilities class instance.
3.The presence of “RequestedStatesSupported” determines which states could be set.
4.One exception is account index 0. The first account is static and could not be set. OUTPUT-D:
DCIM_EnabledLogicalElementCapabilities
ElementName = Account Capabilities ElementNameEditSupported = false
InstanceID = DCIM_EnabledLogicalElementCapabilities:1 MaxElementNameLen = 0
RequestedStatesSupported = 2, 3
.
.
.
5.4.2Privilege and Capabilities (using DMTF Model)
The account privilege assigned to a user is defined in the class CIM_Privilege associated with the CIM_Account class. The class contains a list of privileges granted to the user account.
Profiles:
http://www.dmtf.org/sites/default/files/standards/documents/DSP1034_1.0.1.pdf
http://www.dmtf.org/sites/default/files/standards/documents/DSP1039_1.0.0.pdf
To get the instance of CIM_Privilege for an account:
1.Get the CIM_Account class instance of interest using EnumerateEPR mode.
2.Enumerate the associators of the CIM_Account instance and search for CIM_Identity class instance using EnumerateEPR mode.
3.Enumerate the associators of the CIM_Identity instance and search for CIM_Role class instance using EnumerateEPR mode.
4.Enumerate the associators of the CIM_Role instance and search for CIM_Privilege class instance.
An alternative to the above method, you can retrieve the specific CIM_Privilege instance by enumerating the class directly with filter. This method is similar to the example used to retrieve
CIM_Account.
EXAMPLE:
26
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
winrm e http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/DCIM_LocalRolePrivilege -u:[USER] -p:[PASSWORD]
-r:https://[IPADDRESS]//wsman
-SkipCNcheck -SkipCAcheck -encoding:utf-8 -a:basic
OUTPUT:
DCIM_LocalRolePrivilege
Activities = null
ActivityQualifiers = null
ElementName = DCIM Local Privilege 1
InstanceID = DCIM:Privilege:1
PrivilegeGranted = true
QualifierFormats = null
RepresentsAuthorizationRights = false
DCIM_LocalRolePrivilege
Activities = 7, 7, 7, 7, 7, 7, 7, 7, 7
ActivityQualifiers = Login to DRAC, Configure DRAC, Configure Users, Clear Logs, Test Alerts, Execute Server Control Commands, Access Console Redirection, Access Virtual Media, Execute Diagnostic Commands
ElementName = DCIM Local Privilege 2
InstanceID = DCIM:Privilege:2
PrivilegeGranted = true
QualifierFormats = 9, 9, 9, 9, 9, 9, 9, 9, 9
RepresentsAuthorizationRights = true
DCIM_LocalRolePrivilege
Activities = null
ActivityQualifiers = null
ElementName = DCIM Local Privilege 3 InstanceID = DCIM:Privilege:3 PrivilegeGranted = true QualifierFormats = null RepresentsAuthorizationRights = false
.
.
.
Privilege setting capability is defined in the class CIM_RoleBasedManagementCapabilities associated with the CIM_Privilege class instance. This class contains the list of possible values used to assign
privileges. Look for the property ActivityQualifiersSupported.
To determine privilege setting capabilities:
1.Acquire the class instance of CIM_Privilege of interest.
2.Enumerate the associators of the CIM_Privilege instance and search for CIM_RoleBasedAuthorizationService class instance using EnumerateEPR mode.
27
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
3.Enumerate the associators of the CIM_RoleBasedAuthorizationService instance and search for CIM_RoleBasedManagementCapabilities class instance using EnumerateEPR mode.
OUTPUT:
DCIM_LocalRoleBasedManagementCapabilities
ActivitiesSupported = 7, 7, 7, 7, 7, 7, 7, 7, 7
ActivityQualifiersSupported = Login to DRAC, Configure DRAC, Configure Users, Clear Logs, Execute Server Control Commands, Access Console Redirection, Access Virtual Media, Test Alerts, Execute Di agnostic Commands
ElementName = Local Role Based Management Capabilities
InstanceID = DCIM:LocalRoleBasedManagementCapabilities QualifierFormatsSupported = 9, 9, 9, 9, 9, 9, 9, 9, 9 SharedPrivilegeSupported = false
SupportedMethods = 8
DCIM_CLPRoleBasedManagementCapabilities
ActivitiesSupported = null
ActivityQualifiersSupported = null
ElementName = CLP Role Based Management Capabilities
InstanceID = DCIM:CLPRoleBasedManagementCapabilities
QualifierFormatsSupported = null
SharedPrivilegeSupported = false
SupportedMethods = 6
DCIM_IPMIRoleBasedManagementCapabilities
ActivitiesSupported = null
ActivityQualifiersSupported = null
ElementName = IPMI Role Based Management Capabilities
InstanceID = DCIM:IPMIRoleBasedManagementCapabilities
QualifierFormatsSupported = null
SharedPrivilegeSupported = false
SupportedMethods = 6
5.5Manage Account Settings (using DMTF Model)
5.5.1Modify User Name (using DMTF Model)
When the account setting capability allows, the user name of an account may be modified by issuing a set operation on the UserID property of the CIM_Account class instance. The set operation requires an instance reference. The instance reference may be retrieved by adding EnumerateEPR mode to enumerate or get of the class.
Profiles:
http://www.dmtf.org/sites/default/files/standards/documents/DSP1034_1.0.1.pdf
http://www.dmtf.org/sites/default/files/standards/documents/DSP1039_1.0.0.pdf
28
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
The steps below demonstrate how to set the user name and password for local accounts.
A) Enumerate CIM_Account with EPR to identify all possible instance information to be used in a subsequent put or set operations.
EXAMPLE-A:
winrm e http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_Account ?__cimnamespace=root/dcim
-u:[USER] -p:[PASSWORD]
-r:https://[IPADDRESS]/wsman:443 -SkipCNcheck -SkipCAcheck -encoding:utf-8 -a:basic -returntype:EPR
When this command is executed, a list of objects will be returned. Below is a snippet of the output.
OUTPUT-A:
EndpointReference
Address = http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous ReferenceParameters
ResourceURI = http://schemas.dell.com/wbem/wscim/1/cim-schema/2/DCIM_Account SelectorSet
Selector: __cimnamespace = root/dcim, Name = iDRAC.Embedded.1#Users.1, CreationClassName = DCIM_Account, Sys
temName = systemmc, SystemCreationClassName = DCIM_SPComputerSystem
EndpointReference
Address = http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous ReferenceParameters
ResourceURI = http://schemas.dell.com/wbem/wscim/1/cim-schema/2/DCIM_Account SelectorSet
Selector: __cimnamespace = root/dcim, Name = iDRAC.Embedded.1#Users.2, CreationClassName = DCIM_Account, Sys
temName = systemmc, SystemCreationClassName = DCIM_SPComputerSystem
.
.
.
B) Perform a ‘get’ on any instance from A) to ensure correctness of the URI.
EXAMPLE-B:
winrm g "http://schemas.dell.com/wbem/wscim/1/cim-schema/2/ DCIM_Account?__cimnamespace=root/dcim
+CreationClassName= DCIM_Account +Name= iDRAC.Embedded.1#Users.16
+SystemCreationClassName=DCIM_SPComputerSystem +SystemName=systemmc"
29
Dell™ Lifecycle Controller 2 Web Services Interface Guide for Windows |
Version: 2.1.0 |
-r:https://[IPADDRESS] -u:[USER] -p:[PASSWORD]
-a:basic -encoding:utf-8 –SkipCACheck –SkipCNCheck
When this method is executed, the particular object will be returned. Below is the output.
OUTPUT-B:
DCIM_Account
CreationClassName = DCIM_Account
ElementName = DCIM Account
EnabledDefault = 2
EnabledState = 3
Name = iDRAC.Embedded.1#Users.16
OrganizationName = DCIM
RequestedState = 0
SystemCreationClassName = DCIM_SPComputerSystem
SystemName = systemmc
TransitioningToState = 12
UserID = null
UserPassword = null
C) If B) is successful, set the new values for the specified instance.
EXAMPLE-C:
winrm set "http://schemas.dell.com/wbem/wscim/1/cim-schema/2/ DCIM_Account?__cimnamespace=root/dcim
+CreationClassName= DCIM_Account +Name= iDRAC.Embedded.1#Users.16
+SystemCreationClassName=DCIM_SPComputerSystem +SystemName=systemmc"
-r:https://[IPADDRESS] -u:[USER] -p:[PASSWORD] -a:basic -encoding:utf-8
@{UserID="testuser4";UserPassword="testuser4"} -SkipCACheck -SkipCNCheck –skiprevocationcheck
When this command is executed, the UserID will be displayed in the output. The UserPassword will be displayed as null when the account is disabled. After the account is enabled, it will be displayed as blank. The value of UserPassword will never be displayed.
OUTPUT-C:
DCIM_Account
CreationClassName = DCIM_Account
ElementName = DCIM Account
EnabledDefault = 2
EnabledState = 3
Name = iDRAC.Embedded.1#Users.16
OrganizationName = DCIM
30