Home > Dell > System > Dell Drac 5 User Guide

Dell Drac 5 User Guide

Here you can view all the pages of manual Dell Drac 5 User Guide. The Dell manuals for System are available online for free. You can easily download all the documents as PDF.

Page 211

Configuring Security Features211
12
Configuring Security Features
The DRAC 5 provides the following security features:
• Advanced Security options for the DRAC administrator:
• The Console Redirection disable option allows the 
local system user 
to disable console redirection using the DRAC 5 Console 
Redirection feature. 
• The local configuration disable features allows the 
remote DRAC 
administrator to selectively disable the ability to configure the 
DRAC 5 from:
– BIOS POST option-ROM
– operating...

Page 212

212Configuring Security Features
Security Options for the DRAC Administrator
Disabling the DRAC 5 Local Configuration
Administrators can disable local configuration through the DRAC 5 graphical 
user interface (GUI) by selecting Remote Access Configuration 
Services. When the Disable the DRAC local Configuration using option 
ROM check box is selected, the Remote Access Configuration Utility—
accessed by pressing Ctrl+E during system boot—operates in read-only 
mode, preventing local users from...

Page 213

Configuring Security Features213
Disabling Local Configuration From Local racadm
This feature disables the ability of the managed system’s user to configure the 
DRAC 5 using the local racadm or the Dell OpenManage Server 
Administrator utilities.
racadm config -g cfgRacTune -o 
cfgRacTuneLocalConfigDisable 1
 CAUTION: These features severely limit the ability of the local user to configure 
the DRAC 5 from the local system, including performing a reset to default of the 
configuration. Dell recommends...

Page 214

214Configuring Security Features
at a time to help avoid losing login privileges altogether. For example, 
if administrators have disabled all local DRAC 5 users and allow only 
Microsoft Active Directory directory service users to log in to the DRAC 5, 
and the Active Directory authentication infrastructure subsequently fails, 
the administrators may be unable to log in. Similarly, if administrators have 
disabled all local configuration and place a DRAC 5 with a static IP address 
on a network that...

Page 215

Configuring Security Features215
Several situations might call for disabling DRAC 5 remote vKVM. For 
example, administrators may not want a remote DRAC 5 user to view the 
BIOS settings that they configure on a system, in which case they can disable 
remote vKVM during the system POST by using the 
LocalConRedirDisable command. They may also want to increase 
security by automatically disabling remote vKVM every time an administrator 
logs in to the system, which they can do by executing the...

Page 216

216Configuring Security Features
An SSL-enabled system:
• Authenticates itself to an SSL-enabled client
• Allows the client to authenticate itself to the server
• Allows both systems to establish an encrypted connection
This encryption process provides a high level of data protection. The DRAC 
employs the 128-bit SSL encryption standard, the most secure form of 
encryption generally available for Internet browsers in North America.
The DRAC Web server includes a Dell self-signed SSL digital certificate...

Page 217

Configuring Security Features217
Use the SSL Main Menu page options (see Table 12-1) to generate a CSR to 
send to a CA. The CSR information is stored on the DRAC 5 firmware. 
Table 12-2 describes the buttons available on the SSL Main Menu page.
Table 12-1. SSL Main Menu Options
Field Description
Generate a New 
Certificate Signing 
Request (CSR)Click Next to open the Certificate Signing Request 
Generation page that enables you to generate a CSR to send to 
a CA to request a secure Web certificate....

Page 218

218Configuring Security Features
Generating a New Certificate Signing Request
 NOTE: Each new CSR overwrites any previous CSR on the firmware. Before a 
certificate authority (CA) can accept your CSR, the CSR in the firmware must match the 
certificate returned from the CA. Otherwise, the DRAC 5 will not upload the certificate. 
1In the SSL Main Menu page, select Generate a New Certificate Signing 
Request (CSR)
 and click Next.
2In the Generate Certificate Signing Request (CSR) page, type a value for...

Page 219

Configuring Security Features219
Uploading a Server Certificate
1In the SSL Main Menu page, select Upload Server Certificate and click Next.
The 
Certificate Upload page appears.
2In the File Path field, type the path of the certificate in the Va l u e field or 
click 
Browse to navigate to the certificate file.
 NOTE: The File Path value displays the relative file path of the certificate you are 
uploading. You must type the absolute file path, which includes the full path and the 
complete file name...

Page 220

220Configuring Security Features
Viewing a Server Certificate
1In the SSL Main Menu page, select View Server Certificate and click Next.
Table 12-5 describes the fields and associated descriptions listed in the 
Certificate window.
2Click the appropriate View Server Certificate page button to continue.
Using the Secure Shell (SSH)
Only four SSH sessions are supported at any given time. The session time-out 
is controlled by the cfgSsnMgtSshIdleTimeout property as described in 
the DRAC 5 Property...
Start reading Dell Drac 5 User Guide

Related Manuals for Dell Drac 5 User Guide

All Dell manuals