Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc.
is strictly forbidden.
Trademarks used in this text: Dell™, the DELL logo, OpenManage™, PowerEdge™, and
PowerVault™ are trademarks of Dell Inc. Intel
U.S. and other countries. Microsoft
registered trademarks of Microsoft Corporation in the United States and/or other countries. Novell
®
SUSE
are registered trademarks of Novell, Inc. in the United States and other countries. Red Hat® is a
registered trademark of Red Hat, Inc. in the United States and other countries. The term Linux
registered trademark of Linus Torvalds, the original author of the Linux kernel. Sun and Java are
trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries.
Other trademarks and trade names may be used in this document to refer to either the entities claiming
the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and
trade names other than its own.
®
®
, Windows® and Windows Server® are either trademarks or
is a registered trademarks of Intel Corporation in the
The Dell Lifecycle Controller provides advanced embedded systems
management and is delivered as part of iDRAC Express card and embedded
Unified Extensible Firmware Interface (UEFI) applications in the 11
generation Dell servers. It includes a 1GB managed and persistent storage
that embeds systems management features in addition to the iDRAC
features. You can further upgrade to iDRAC Enterprise and the vFlash SD
card reader. A vFlash SD card enables hosting of customized and bootable
service images.
The Dell Lifecycle Controller Remote Services
management in a one-to-many method.
Web Service for Management (WS-Management) protocol based web
services interface for remote server provisioning and management through
the iDRAC. The interface is aimed at
include remote operating system (OS) deployment, remote update and
inventory, and automating the setup and configuration of new Dell systems
remotely.
Remote services are accessible over the network using a secured web services
interface and can be programmatically utilized by applications and scripts.
Remote services enable management consoles to perform one-to-many bare
metal server provisioning. The combination of the Auto-discovery feature to
identify and authenticate the attached Dell system to the network and
integration with one-to-many management consoles reduces the manual
steps required for server provisioning.
Remote services enables the Dell Management Console, the Dell Modular
Chassis Management Controller, partner consoles, customer home grown
consoles and scripts to remotely perform systems management tasks such as:
•Install operating systems and drivers
•Perform BIOS firmware updates
•Perform component firmware updates
•Get hardware inventory information
•Get and set NIC and RAID configuration
Remote Services is available using
simplifying many tasks, some of which
further enable remote systems
th
Overview7
•Get and set BIOS configuration
•Export lifecycle log and add user comments
•Export hardware inventory log
•Manage, attach, and boot to vFlash SD card partitions
•Schedule and track the status of the update and configuration jobs
Why Use Remote Services?
Remote services offer the following benefits and features:
•Leverages your existing console for one-to-many server provisioning.
•Does not utilize operating system resources on the managed system.
•Provides a secure communication path for management.
•Reduces manual intervention and improves efficiency while provisioning
servers.
•Enables integration to consoles through WS-Management interfaces.
•OS-agnostic software update.
PowerShell
and scripting for command line interface (CLI)
Web Services for Management
WS-Management is a Simple Object Access Protocol (SOAP)-based protocol
designed for systems management. It is published by the Distributed
Management Task Force (DMTF) and provides an interoperable protocol for
devices to share and exchange data across networks. The WS-Management
implementation complies with the DMTF WS-Management specification
version 1.1.0.
Dell Lifecycle Controller - Remote Services uses WS-Management to convey
DMTF Common Information Model (CIM)-based management
information; the CIM information defines the semantics and information
types that can be manipulated in a managed system. Dell utilizes the WSManagement interface to allow remote access to the hardware lifecycle
8Overview
operations. The Dell-embedded server platform management interfaces are
organized into profiles, where each profile defines the specific interfaces for a
particular management domain or area of functionality. Additionally, Dell has
defined a number of model and profile extensions that provide interfaces for
additional capabilities. The data and methods available through WSManagement are provided by the Lifecycle Controller - Remote Services’
instrumentation interface mapped to the following DMTF profiles and Dell
extension profiles:
Standard DMTF
•
Base Server
•
Base Metrics
— Defines CIM classes for representing the host server.
— Defines CIM classes for providing the ability to model
and control metrics captured for managed elements.
•
Host LAN Network Port —
Defines CIM classes for representing a
network port that provides a LAN interface to a host system, its associated
controller, and network interfaces.
•
Service Processor
•
USB Redirection —
— Defines CIM classes for modeling service processors.
Defines CIM classes for describing information about
USB redirections. For keyboard, video, and mouse devices, this profile
should be used if the devices are to be managed as USB devices.
•
Physical Asset
— Defines CIM classes for representing the physical aspect
of the managed elements.
•
SM CLP Admin Domain
— Defines CIM classes for representing
CLP’s configuration.
•
Power State Management
— Defines CIM classes for power
control operations.
•
Command Line Protocol Service
— Defines CIM classes for representing
CLP’s configuration.
•
IP Interface —
Defines CIM classes for representing an IP interface of a
managed system.
•
DHCP Client —
Defines CIM classes for representing a DHCP client and
its associated capabilities and configuration.
•
DNS Client —
Defines CIM classes for representing a DNS client in a
managed system.
Overview9
•
Record Log
•
Role Based Authorization
•
SMASH Collections
— Defines CIM classes for representing different type of logs.
— Defines CIM classes for representing roles.
— Defines CIM classes for representing
CLP’s configuration.
•
Profile Registration
— Defines CIM classes for advertising the profile
implementations.
•
Simple Identity Management
— Defines CIM classes for representing
identities.
Dell Extensions
•
Dell Active Directory Client Version 2.0.0
— Defines CIM and
Dell extension classes for configuring the Active Directory client and
the local privileges for Active Directory groups.
•
Dell Virtual Media
— Defines CIM and Dell extension classes for
configuring Virtual Media. Extends the USB Redirection Profile.
•
Dell Ethernet Port
— Defines CIM and Dell extension classes for
configuring NIC Side-Band interface for the NIC. Extends the
Ethernet Port Profile.
•
Dell Power Utilization Management
— Defines CIM and Dell extension
classes for representing the host server’s power budget and for
configuring/monitoring the host server’s power budget.
•
Dell OS Deployment
— Defines CIM and Dell extension classes for
representing the configuration of operating system deployment features.
•
Dell Software Update Profile
— Defines CIM and Dell extensions for
representing the service class and methods for updating BIOS, component
firmware, Lifecycle Controller firmware, Diagnostics, and Driver Pack.
•
Dell Software Inventory Profile
— Defines CIM and Dell Extensions for
representing currently installed BIOS, component firmware, Diagnostics,
Unified Server Configurator, and Driver Pack versions. Also provides
representation of versions of BIOS and firmware update images available
in Lifecycle Controller for rollback and re-installation.
•
Dell Job Control Profile
— Defines CIM and Dell extensions for
managing jobs generated by update requests. Jobs can be created, deleted,
modified and aggregated into job queues to sequence and perform
multiple updates in a single reboot.
10Overview
•
Dell Lifecycle Controller Management Profile
— Defines CIM and Dell
extensions for getting and setting attributes for managing Auto-Discovery,
Part Replacement, managing Lifecycle Log, and hardware inventory
export.
•Active Directory Client Profile — Defines the configuration of the
Active Directory client service and the groups managed by this service.
•Power Supply Profile
— Defines the power supplies for manageability
and describes the power supplies in a redundant configuration.
•Power Topology Profile
— Defines a hierarchy of power sources; power
supplies and external power domains, and their redundancies.
•SMASH Collections Profile
— Defines the collections that support
Systems Management - Command Line Protocol (SM-CLP) target
addressing.
•
Virtual Media Profile
— Provides the capability to manage virtual media
sessions and devices that utilize the USB redirection services provided by
the iDRAC service processor.
•
Dell RAID Profile
— Describes the classes, properties and methods for
the representation and configuration of RAID storage.
•
Dell Simple NIC Profile
— Describes the classes, properties and methods
for the representation and configuration of the NIC network controllers.
•
Dell Persistent Storage Profile
— Describes the classes, properties and
methods to represent and manage the partitions on the vFlash SD card on
Dell platforms.
•
Dell BIOS and Boot Management Profile
— Describes the classes,
properties and methods to represent the configuration of the system BIOS
setup and to manage the boot order of the system.
•
Dell CPU Profile
— Describes the properties and interfaces for executing
systems management tasks related to the management of processors in a
managed system.
•
Dell Fan Profile
— Describes the properties and interfaces for executing
systems management tasks related to the management of fans in a
managed system.
•
Dell iDRAC Card Profile
— Describes the properties and interfaces for
executing systems management tasks related to the management of basic
properties of iDRAC card.
Overview11
•
Dell Memory Info Profile
executing systems management tasks related to the management of
memories (DIMMs) in a system.
•
Dell PCI Device Profile
executing systems management tasks related to the management of PCI
devices in a system.
•
Dell Power Supply Profile
executing systems management tasks related to the management of power
supplies in a system.
•
Dell System Info Profile
executing systems management tasks related to the management of the
host system.
•
Dell Video Profile
systems management tasks related to the management of video controllers
in a system.
The Lifecycle Controller - Remote Services WS-Management
implementation uses SSL on port 443 for transport security, and supports
basic authentication. Web services interfaces can be utilized by leveraging
client infrastructure such as Windows WinRM and Powershell CLI, open
source utilities like WS-MANCLI, and application programming
environments like Microsoft .NET.
— Describes the properties and interfaces for
— Describes the properties and interfaces for
— Describes the properties and interfaces for
— Describes the properties and interfaces for
— Describes the properties and interfaces for executing
12Overview
What’s New in Remote Services 1.4
•Auto-Discovery with LCD status
•Certificate management
•Hardware inventory
•NIC configuration
•RAID configuration
•BIOS configuration
•Enhanced job/task control features
•Part replacement with firmware update and configuration recovery
•vFlash SD card management
•Lifecycle log management
Remote Services Features and Support
Information
The Remote Services features supported by a Dell server depend on the
system configuration. Table 1-1 shows the product classifications for Remote
Services. For example, for a Dell system y71x series, y denotes letters such as
M, R, or T; and x denotes numbers.
Table 1-1. Product Classification for Lifecycle Controller Remote Services
Dell
System
Series
y11xNo Options Embedded BMCNA
Options
Available Systems
Management Device
Available Remote Services Features
Overview13
Table 1-1. Product Classification for Lifecycle Controller Remote Services
Platform Update,
Hardware Configuration, Driver
Repository, Remote OS Deployment,
Remote Update, Remote Configuration,
View and Export Hardware Inventory,
Auto-Discovery, View and Export
Lifecycle Log, and Add a Comment to
Lifecycle Log.
iDRAC6 Express - adds Platform
Update, Hardware Configuration, Driver
Repository, Remote OS Deployment,
Remote Update, Remote Configuration,
View and Export Hardware Inventory,
Auto-Discovery, View and Export
Lifecycle log, and Add a Comment to
Lifecycle Log.
iDRAC6 Enterprise - adds Full Remote
Management, Dedicated NIC port,
Virtual KVM, Part Replacement, and
vFlash SD Card Management.
14Overview
Table 1-1. Product Classification for Lifecycle Controller Remote Services
Dell
System
Series
y61x to
y91x
1. For Dell modular systems — BMC, iDRAC6 Express card, and iDRAC6 Enterprise card are
included as standard configurations.
Options
Standard
Optional
Available Systems
Management Device
Embedded BMC
with iDRAC6
Express card
Embedded BMC
with iDRAC6
1
Express card +
iDRAC6
Enterprise card
Available Remote Services Features
Hardware Diagnostics, Platform Update,
Hardware Configuration, Driver
Repository, Remote OS Deployment,
Remote Update, Remote Configuration,
View and Export Hardware Inventory,
Auto-Discovery, View and Export
Lifecycle Log, and Add a Comment to
Lifecycle Log.
iDRAC6 Express - Hardware
Diagnostics, Platform Update, Hardware
Configuration, Driver Repository,
Remote OS Deployment, Remote
Update, Remote Configuration, View
and Export Hardware Inventory, AutoDiscovery, View and Export Lifecycle
Log, and Add a Comment to Lifecycle
Log.
iDRAC6 Enterprise - adds Full Remote
Management, Dedicated NIC port,
Virtual KVM, Part Replacement, and
vFlash SD Card Management.
For information on the supported systems and operating systems, see the Dell Systems Software Support Matrix at support.dell.com/manuals.
See the Glossary at support.dell.com/manuals for terms used in this
document.
Overview15
Other Documents You May Need
In addition to this guide, you can access the following guides available at
support.dell.com/manuals. On the Manuals page, click Software Systems
Management. Click on the appropriate product link on the right-side to
access the documents.
•The
•The
•The
There are additional implementation guides, white papers, profile
specifications, class definition (.mof) files, and code samples you may require
apart from this user’s guide. See:
•Lifecycle Controller page on Dell TechCenter —
•Lifecycle Controller WS-Management Script Center
Integrated Dell Remote Access Controller 6 (iDRAC6) Enterprise for
Blade Servers User Guide
using an iDRAC6 for blade servers to remotely manage and monitor your
system and its shared resources through a network.
Integrated Dell Remote Access Controller 6 (iDRAC6) User Guide
provides complete information about configuring and using an iDRAC6
for rack and tower servers to remotely manage and monitor your system
and its shared resources through a network.
This section describes some of the prerequisites that will help you get started
with the Remote Services functionality and use the new features effectively,
for better results.
Prerequisites for Using Remote Services
Web Services Setup
Ensure that the following conditions are met while setting the system:
•Use the following tools to access Remote Services:
•Windows-based client WinRM that is already installed in the
operating system, else you can download it from
support.microsoft.com/kb/968930
•Linux-based clients like the open-source OpenWSMan based CLI.
For more information, see
•Java-based client such as open-source project
information, see
•Ensure that you know the IP address of the systems on your network. You
will also need to be able to connect to iDRAC. See the iDRAC
documentation at
•Ensure the proper network configuration for client and managed server.
Verify the connectivity with the ping utility. Then ensure that the client
and network allows HTTP and SSL protocols.
wiseman.dev.java.net
support.dell.com/manuals
openwsman.org
.
.
Wiseman
.
for more information.
. For more
WinRM Client
You will need to install the WinRM Client on your console to be able to use
the Remote Services functionality. Microsoft Windows 7, Microsoft Windows
Vista, and Microsoft Windows Server 2008 contain a standard component
called WS-Management. This component contains the WinRM client. For
Microsoft Windows XP and Microsoft Server 2003, you can download and
install this component from support.microsoft.com/kb/968929. You need
local administrator privileges for installation.
Getting Started with Remote Services17
You must configure the client for the connection. For more information, see
the Lifecycle Controller 1.4 Web Services Interface Guide.
OpenWSMan Client
The OpenWSMan client is the WS-Management CLI that is part of the
open-source project Openwsman. To download, build, install, and use the
WS-Management CLI and OpenWSMan packages from sourceforge.net, see
openwsman.org for download links.
NOTE: You must configure the client for the connection. For configuration details,
see the
Lifecycle Controller 1.4 Web Services Interface Guide
.
18Getting Started with Remote Services
3
Remote Services Operations
This section describes the Remote Services features with high-level
descriptions and sample tasks. For more information on the tasks, see the Use
Cases section in the individual profile documents at
delltechcenter.com/page/DCIM.Library.
Managing Auto-Discovery
The Auto-Discovery feature allows newly installed servers to automatically
discover the remote management console that hosts the Provisioning Server.
The Provisioning Server provides custom administrative user credentials to
the iDRAC so that the unprovisioned server can be discovered and managed
by the management console.
When Auto-Discovery is enabled, the iDRAC6 requests an IP address from
DHCP and either acquires the name of the Provisioning Server host and/or
subsequently resolves the address through DNS. After acquiring the
Provisioning Server host address, the iDRAC6 securely handshakes with the
Provisioning Server before acquiring custom administrative account
credentials. The iDRAC can now be managed through its newly acquired
credentials to perform operations, such as remote operating system
deployment.
If you ordered a Dell system with the Auto-Discovery feature Enabled
(factory default setting is Disabled), then the iDRAC will be delivered with
DHCP-enabled and no enabled user accounts. If the auto-discovery feature is
set to Disabled, you can manually enable this feature and disable the default
administrative account from the iDRAC6 Configuration Utility when
booting your system.
For more information on auto-discovery, see the "Lifecycle Controller
Management Profile" on page 56.
Configuring DHCP/DNS
Before adding your Dell system to the network and utilizing the AutoDiscovery feature, ensure that Dynamic Host Configuration Protocol
(DHCP) server/Domain Name System (DNS) are configured with added
Remote Services Operations19
support for Auto-Discovery. There are several options for enabling the
network environment to support discovery of the Provisioning Server host by
unprovisioned servers.
One of the following prerequisites must be met for the Auto-Discovery
feature to work properly:
•The DHCP server provides a comma separated list of Provisioning Server
locations using a vendor scope option of class LifecycleController option 1.
These locations can be a hostname or IP address and optionally include a
port. The iDRAC will resolve the hostname of the management console to
an IP address with a DNS lookup.
•The DNS server specifies a service option
_dcimprovsrv._tcp
that
will resolve to an IP address.
•The DNS server specifies an IP address for a server with the known name
DCIMCredentialServer
.
For more information on configuring DHCP and DNS, see Lifecycle Controller Auto Discovery Network Setup Specification on the Dell Enterprise
Technology Center at delltechcenter.com/page/Lifecycle+Controller.
Auto-Discovery Configuration
To manually enable the Auto-Discovery feature:
1
Press
<Ctrl><e> when prompted within 5 seconds during system
start-up.
The
iDRAC6 Configuration Utility page
appears.
2
Enable
3
Enable
4
Navigate to
5
Select
6
Select
7
Navigate to
a
NIC
(for modular system only.)
DHCP
.
LAN Parameters
Domain Name
DNS Server
LAN user configuration
Select
Account Access
from DHCP and select On.
from DHCP select On.
and select
This disables the default administrative account.
b
Select
Auto-Discovery
.
20Remote Services Operations
.
.
Disabled
.
c
Select
Enable
to enable the Auto-Discovery feature.
NOTE: Auto-Discovery feature will not run if the administrator
accounts are enabled.
8
Save and exit iDRAC6 Configuration Utility.
9
Restart your system.
Auto-Discovery Workflow
This is the Auto-Discovery workflow once it is configured and enabled:
1
Plug in your new Dell system to your network.
2
Plug-in the power cables to turn on the system.
3
iDRAC starts, acquires the Provisioning Server IP addresses/hostnames
from DHCP/DNS and announces itself to the Provisioning Server.
4
The Provisioning Server validates and accepts the secure handshake
session from the iDRAC.
5
The Provisioning Server provides custom user credentials with
administrator privileges to iDRAC.
6
iDRAC receives and completes the secure handshake.
With enhancements to the Auto-Discovery process you can:
•Configure the provisioning server host address through the iDRAC
Configuration utility, Unified Server Configurator (USC), or using
WinRM commands instead of using DHCP or DNS.
•Remotely reinitiate Auto-Discovery in new environments.
•Upload custom client and server certificates using WS-Management.
Remote Services Operations21
Viewing the Discovery Status on the System
You can view the status of the Discovery and Handshake on the LCD
(running, stopped, suspended, or complete.)
After the system is connected to the network:
Use the Auto-Discovery setup on iDRAC Option ROM (CTRL+E) to set
the Auto-Discovery status, save and exit. The LCD displays the status as
running.
If the discovery process is running, you can view its progress code that
corresponds to how far the last attempt reached (i.e. whether Discovery and
Handshake is blocked because the NIC is disabled, or an administrator
account is enabled, and so on). You can also view the time left before timeout.
For example, a menu item could be added for Auto-Discovery at the same
level as iDRAC network setting.
Connecting to Provisioning Server for Initial Credential Deployment
This feature allows you to directly connect to a specified Provisioning Server
host for handshake and registration of the new server on the network. You can
manually configure
USC console, or through a web services request using WS-Management, or
iDRAC6 configuration utility, or preset at the factory.
Set Provisioning Server Using a WS-Management Request
The Provisioning Server IP address property is set by invoking the
SetAttribute() method on the DCIM_LCService class through WS-
Management. See the profile specific chapters in this user guide for
command line examples of Microsoft WinRM SetAttribute() invocations or
in the Lifecycle Controller 1.4 Interface Guide on the Dell TechCenter wiki at
delltechcenter.com/page/Lifecycle+Controller.
The following conditions apply to using a command to set the provisioning
server IP address/hostname:
•When issuing the racadm racresetcf or updating iDRAC6, ensure to enable
the Preserve Configuration option while resetting the iDRAC6 to defaults.
If this option is disabled, the provisioning server IP/hostname is erased.
the provisioning server IP address or host name
through the
22Remote Services Operations
•Auto-Discovery feature does not use the newly set provisioning server IP
address/hostname for any handshakes in progress, but is used only during
the next handshake process.
•Auto-Discovery feature supports setting multiple IP addresses and/or
hostnames using the following format:
•The string is a list of IP addresses and/or hostnames and ports
separated by comma.
•Hostname can be fully qualified.
•IPv4 address – starts with ‘(‘ and ends with ‘)’ when specified at the
same time with a hostname.
•Each IP address or hostname can be optionally followed by a ‘:’ and a
port number.
•Examples of valid strings are - hostname, hostname.domain.com.
Setting Provisioning Server using the USC Console
1
Press
<F10> System Services
when prompted within 5 seconds during
system startup.
The
Unified Server Configurator Lifecycle Controller Enabled
screen
appears.
2
Navigate to
iDRAC6 Configuration
3
Use the
4
Navigate to the
5
Enter the IP/hostname string of the Provisioning Server host.
6
Click
7
Click
8
Click
Hardware Configuration
Next
button to navigate to the
Provisioning Server Addresses
Next
and then click
Finish
.
Exit and Reboot
. Confirm exit.
.
Apply
->
Configuration Wizard
LAN User Configuration
->
screen.
screen.
.
Set Provisioning Server using iDRAC6 Configuration Utility
1
Press
<Ctrl+e>
The
iDRAC6 Configuration Utility
when prompted within 5 seconds during system start-up.
screen appears.
Remote Services Operations23
2
Navigate to the
Provisioning Server
3
Type the IP/hostname string of the Provisioning Server host and click
Enter
.
4
Save and Exit the iDRAC6 Configuration Utility.
LAN User Configuration
.
screen and select the
Remotely Reinitiating Auto-Discovery in New Environments
This feature allows you to reinitiate Auto-Discovery through WSManagement, even though Auto-Discovery may have taken place earlier. Use
this feature to move a server from one data center to another. The AutoDiscovery settings are persisted along with the credentials used for discovery.
When the server is powered on in the new data center, Auto-Discovery will
run according to the settings, and will download the new user credentials for
the new data center.
NOTE: The Auto-Discovery uses WS-Management, so the iDRAC administrator or
iDRAC user with Execute Server Command privilege is required.
The supported WS-Management interface to reinitiate Auto-Discovery
includes these options:
•Whether Auto-Discovery will run immediately or at the next AC power
cycle. This is a required input.
•Provisioning Server IP address/hostname. This is optional.
Regardless of the options you specify, the following operations are performed
as part of the Auto-Discovery initiation:
•Enable NIC (modular servers)
•Enable IPv4
•DHCP enable
•Disable all administrator accounts
•Disable Active Directory
•Get DNS server address from DHCP
•Get DNS domain name from DHCP
24Remote Services Operations
The described interfaces are specified in the Dell Lifecycle Controller
Management Profile available at
delltechcenter.com/page/DCIM+Extensions+Library. Managed Object
Format (MOF) files for related class and method definitions are also available
in the Dell TechCenter DCIM Extensions Library area. The interfaces are:
information. This could be an IP address or a hostname.
•
ResetToFactoryDefaults
indicate whether the current configuration data needs to be deleted prior
to the next cycle of Auto-Discovery. Only
specifying
value is not supported.
then set iDRAC for Auto-Discovery. iDRAC will not be available until the
Auto-Discovery provisioning process is complete and the iDRAC receives
the new credentials.
•
PerformAutoDiscovery:
Auto-Discovery cycle should be performed: immediately or at the next
boot. Select
to run it the next time you boot your system.
SetAttribute(ProvisioningServer)
•
ProvisioningServer:
address/host name.
•
ClearProvisioningServer():
property. No input parameters are required.
FALSE
: optional parameter to indicate the Provisioning Server
: required parameter (
will cause an error message indicating the parameter
TRUE
will reset iDRAC to the default values and
required parameter to indicate when the next
Now
to run the Auto-Discovery cycle immediately; select
parameter to indicate the Provisioning Server IP
Method to clear the Provisioning Server
TRUE
TRUE
will be accepted;
or
FALSE
) to
Next
Managing Certificates
Using Custom Certificates
You can now transfer custom-defined certificates to the iDRAC6, and create a
unique certificate based on the service tag of your system to ensure enhanced
security. You can also have the factory preset the system with the certificate of
your choice using the Custom Factory Install (CFI) process available from
Dell.
Remote Services Operations25
Creating Custom Trusted Root Client Certificates for the Provisioning Server
The DownloadClientCerts() method on the DCIM_LCService class can
be called to generate a custom signed Auto-Discovery client certificate. The
method takes as input a Certificate Authority generated key certificate and
related hash and password parameters. The key certificate provided is used to
sign a certificate containing the system service tag as the Common
Name(CN). The method returns a job ID that can be used to check the
success of the download, generation, and installation of the Auto-Discovery
client certificate. For examples of command line invocations using WinRM
and WSMANCLI see the Lifecycle Controller 1.4 Web Services Interface Guide.
Providing Custom Server Certificates using WS-Management
The DownloadServerPublicKey() method on the DCIM_LCService class
can be called to transfer a Provisioning Server public key certificate. The
Provisioning Server public key can be used as part of mutual authentication
between the Auto-Discovery client and the provisioning server. The method
takes as input a Provisioning Server public key certificate and related hash and
hash type parameters. The method returns a job ID that can be used to check
the success of the processing and installation of the Provisioning Server
public key. For examples of command line invocations using see the Lifecycle Controller 1.4 Web Services Interface Guide. DCIM Profile specification and
related MOF files are available at Dell TechCenter wiki in the DCIM
Extension Library area (delltechcenter.com/page/DCIM.Library.)
Deleting the Custom Certificates Using WS-Management
You can delete the custom certificate that is part of the managed server
supplied from the factory. Using this feature, you can wipe all the custom
signed certificates from the server, whenever required.
NOTE: This feature does not delete the factory certificates.
Custom Server Public Key Deletion using WS-Management
Use the DeleteAutoDiscoveryServerPublicKey() method on the
DCIM_LCService class to delete the CA certificate that is used to validate
or authenticate server certificates.
Custom Client Certificate Deletion using WS-Management
26Remote Services Operations
Loading...
+ 64 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.