Home > Dell > System > Dell Drac 5 User Guide

Dell Drac 5 User Guide

Download as PDF Print this page Share this page

Have a look at the manual Dell Drac 5 User Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 327 Dell manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

413

414

415

416

417

418

View all the pages

Add page 71 to Favourites

image text

Enable zoom

							Advanced Configuration of the DRAC 571
Using the Secure Shell (SSH)
It is critical that your system’s devices and device management are secure. 
Embedded connected devices are the core of many business processes. If 
these devices are compromised, your business may be at risk, which requires 
new security demands for command line interface (CLI) device management 
software.
Secure Shell (SSH) is a command line session that includes the same 
capabilities as a telnet session, but with improved security. The DRAC 5 
supports SSH version 2 with password authentication. SSH is enabled on the 
DRAC 5 when you install or update your DRAC 5 firmware.
You can use either PuTTY or OpenSSH on the management station to 
connect to the managed system’s DRAC 5. When an error occurs during the 
login procedure, the secure shell client issues an error message. The message 
text is dependent on the client and is not controlled by the DRAC 5.
 NOTE: OpenSSH should be run from a VT100 or ANSI terminal emulator on 
Windows. Running 
OpenSSH at the Windows command prompt does not result in 
full functionality (that is, some keys do not respond and no graphics are displayed).
Only four SSH sessions are supported at any given time. The session time-out 
is controlled by the cfgSsnMgtSshIdleTimeout property as described in 
the DRAC 5 Property Database Group and Object Definitions on page 345.
To enable the SSH on the DRAC 5, type:
racadm config -g cfgSerial -o cfgSerialSshEnable 1
To change the SSH port, type:
racadm config -g cfgRacTuning -o cfgRacTuneSshPort 
 
For more information on cfgSerialSshEnable and 
cfgRacTuneSshPort properties, see DRAC 5 Property Database Group 
and Object Definitions on page 345.
The DRAC 5 SSH implementation supports multiple cryptography schemes, 
as shown in Table 4-14.

Add page 72 to Favourites

image text

Enable zoom

							72Advanced Configuration of the DRAC 5
 NOTE: SSHv1 is not supported.
Configuring the DRAC 5 Network Settings
 CAUTION: Changing your DRAC 5 Network settings may disconnect your current 
network connection.
Configure the DRAC 5 network settings using one of the following tools:
• Web-based Interface — See Configuring the DRAC 5 NIC on page 75
• RACADM CLI — See cfgLanNetworking on page 347
•
Dell Remote Access Configuration Utility — See Configuring Your 
System to Use a DRAC 5 on page 36
 NOTE: If you are deploying the DRAC 5 in a Linux environment, see Installing 
RACADM on page 40. Table 4-14. Cryptography Schemes
Scheme Type Scheme
Asymmetric Cryptography Diffie-Hellman DSA/DSS 512-1024 (random) bits 
per NIST specification
Symmetric Cryptography
• AES256-CBC 
• RIJNDAEL256-CBC 
• AES192-CBC 
• RIJNDAEL192-CBC 
• AES128-CBC 
• RIJNDAEL128-CBC 
• BLOWFISH-128-CBC 
• 3DES-192-CBC 
• ARCFOUR-128 
Message Integrity• HMAC-SHA1-160 
•HMAC-SHA1-96 
• HMAC-MD5-128 
• HMAC-MD5-96
Authentication• Password

Add page 73 to Favourites

image text

Enable zoom

							Advanced Configuration of the DRAC 573
Accessing the DRAC 5 Through a Network
After you configure the DRAC 5, you can remotely access the managed 
system using one of the following interfaces:
• Web-based interface
•RACADM
•Telnet Console
•SSH 
•IPMI
Table 4-15 describes each DRAC 5 interface.
Table 4-15. DRAC 5 Interfaces
Interface Description
Web-based 
interfaceProvides remote access to the DRAC 5 using a graphical user 
interface. The Web-based interface is built into the DRAC 5 
firmware and is accessed through the NIC interface from a 
supported Web browser on the management station.
For a list of supported Web browsers, see the Dell Systems 
Software Support Matrix on the Dell Support website at 
support.dell.com/manuals.
RACADM Provides remote access to the DRAC 5 using a command line 
interface. RACADM uses the managed system’s IP address to 
execute RACADM commands (racadm remote capability option 
[-r]).
NOTE: The racadm remote capability is supported only on 
management stations.
NOTE: When using the racadm remote capability, you must have 
write permission on the folders where you are using the racadm 
subcommands involving file operations, for example:
racadm getconfig -f 
or:
racadm sslcertupload -t 1 -f 
c:\cert\cert.txt subcommands

Add page 74 to Favourites

image text

Enable zoom

							74Advanced Configuration of the DRAC 5
 NOTE: The DRAC 5 default user name is root and the default password is 
calvin.
You can access the DRAC 5 Web-based interface through the DRAC 5 NIC 
by using a supported Web browser, or through Server Administrator or IT 
Assistant.
For a list of supported Web browsers, see the Dell Systems Software Support 
Matrix on the Dell Support website at support.dell.com/manuals.
To access the DRAC 5 remote access interface using Server Administrator, 
launch Server Administrator. From the system tree on the left pane of the 
Server Administrator home page, click System Main System Chassis 
Remote Access Controller. For more information, see your Server 
Administrator User’s Guide. 
Telnet Console Provides access through the DRAC 5 to the server RAC port and 
hardware management interfaces through the DRAC 5 NIC and 
provides support for serial and RACADM commands including 
powerdown, powerup, powercycle, and hardreset commands.
NOTE: Telnet is an unsecure protocol that transmits all data—
including passwords—in plain text. When transmitting sensitive 
information, use the SSH interface. 
SSH Interface Provides the same capabilities as the telnet console using an 
encrypted transport layer for higher security.
IPMI Interface Provides access through the DRAC 5 to the remote system’s 
basic management features. The interface includes IPMI over 
LAN, IPMI over Serial, and Serial over LAN. See the Dell 
OpenManage Baseboard Management Controller User’s Guide for 
more information. Table 4-15. DRAC 5 Interfaces 
(continued)
Interface Description

Add page 75 to Favourites

image text

Enable zoom

							Advanced Configuration of the DRAC 575
Configuring the DRAC 5 NIC
Configuring the Network and IPMI LAN Settings
 NOTE: You must have Configure DRAC 5 permission to perform the following steps.
 
NOTE: Most DHCP servers require a server to store a client identifier token in its 
reservations table. The client (DRAC 5, for example) must provide this token during 
DHCP negotiation. For RACs, the DRAC 5 supplies the client identifier option using a 
one-byte interface number (0) followed by a six-byte MAC address.
 
NOTE: If your managed system DRAC is configured in Shared or Shared with Failover 
mode and the DRAC is connected to a switch with Spanning Tree Protocol (STP) 
enabled, network clients will experience a 20-30 second delay in connectivity when 
the management station’s LOM link state changes during the STP convergence. 
1In the System tree, click Remote Access. 
2Click the Configuration tab and then click Network.
3In the Network Configuration page, configure the DRAC 5 NIC settings. 
Table 4-16 and Table 4-17 describes the 
Network Settings and IPMI 
Settings
 on the Network Configuration page.
4When completed, click Apply Changes.
5Click the appropriate Network Configuration page button to continue. 
See Table 4-18.
 Table 4-16. Network Settings
Setting Description
NIC SelectionDisplays the selected NIC mode (Dedicated, Shared with Failover, 
or Shared).
The default setting is Dedicated.
MAC Address Displays the DRAC 5 MAC address.
Enable NICEnables the DRAC 5 NIC and activates the remaining controls in 
this group.
The default setting is Enabled.

Add page 76 to Favourites

image text

Enable zoom

							76Advanced Configuration of the DRAC 5
Use DHCP (For 
NIC IP 
Address)Enables Dell OpenManage Server Administrator to obtain the 
DRAC 5 NIC IP address from the Dynamic Host Configuration 
Protocol (DHCP) server. Selecting the check box deactivates the 
Static IP Address, Static Gateway, and Static Subnet Mask 
controls.
The default setting is Disabled.
Static IP 
AddressSpecifies or edits the static IP address for the DRAC 5 NIC. 
To change this setting, deselect the Use DHCP (For NIC 
IP Address) check box.
Static Gateway Specifies or edits the static gateway for the DRAC 5 NIC. 
To change this setting, deselect the Use DHCP (For NIC 
IP Address) check box.
Static Subnet 
MaskSpecifies or edits the static subnet mask for the DRAC 5 NIC. To 
change this setting, deselect the Use DHCP (For NIC IP Address) 
check box.
Use DHCP to 
obtain DNS 
server addressesObtains the primary and secondary DNS server addresses from the 
DHCP server instead of the static settings.
The default setting is Disabled.
Static Preferred 
DNS ServerUses the primary DNS server IP address only when Use DHCP to 
obtain DNS server addresses is not selected.
Static Alternate 
DNS ServerUses the secondary DNS server IP address when Use DHCP to 
obtain DNS server addresses is not selected. You may enter an IP 
address of 0.0.0.0 if you do not have an alternate DNS server.
Register DRAC 
on DNS Registers the DRAC 5 name on the DNS server. 
The default setting is Disabled.
DNS DRAC 
NameDisplays the DRAC 5 name only when Register DRAC 5 on DNS 
is selected. The default DRAC 5 name is RAC-service tag, where 
service tag is the service tag number of the Dell server (for example, 
RAC-EK00002).
Use DHCP for 
DNS Domain 
NameUses the default DNS domain name. When the box is not selected 
and the Register DRAC 5 on DNS option is selected, you can 
modify the DNS domain name in the DNS Domain Name field.
The default setting is Disabled. Table 4-16. Network Settings 
(continued)
Setting Description

Add page 77 to Favourites

image text

Enable zoom

							Advanced Configuration of the DRAC 577
DNS Domain 
NameThe default DNS domain name is MYDOMAIN. When the Use 
DHCP for DNS Domain Name check box is selected, this option 
is grayed out and you cannot modify this field. 
Auto 
NegotiationDetermines whether the DRAC 5 automatically sets the Duplex 
Mode and Network Speed by communicating with the nearest 
router or hub (On) or allows you to set the Duplex Mode and 
Network Speed manually (Off).
Network SpeedSets the network speed to 100 Mb or 10 Mb to match your network 
environment. This option is not available if Auto Negotiation is set 
to On.
Duplex ModeSets the duplex mode to full or half to match your network 
environment. This option is not available if Auto Negotiation is set 
to On.
Table 4-17. IPMI LAN Settings
Setting Description
Enable IPMI Over 
LANEnables the IPMI LAN channel.
Channel Privilege 
Level LimitConfigures the user’s maximum privilege level that can be 
accepted on the LAN channel. Select one of the following 
options: Administrator, Operator, or User.
Encryption KeyConfigures the encryption key character format: 0 to 20 
hexadecimal characters (no blanks allowed).
The default setting is 00000000000000000000.
Enable VLAN IDEnables the VLAN ID. If enabled, only matched VLAN ID 
traffic is accepted.
VLAN IDThe VLAN ID field of 802.1g fields.
PriorityThe Priority field of 802.1g fields. Table 4-16. Network Settings 
(continued)
Setting Description

Add page 78 to Favourites

image text

Enable zoom

							78Advanced Configuration of the DRAC 5
See Configuring the Network Security Settings Using the DRAC 5 GUI on 
page 230 for more information.
Using RACADM Remotely
 NOTE: Configure the IP address on your DRAC 5 before using the racadm remote 
capability. For more information about setting up your DRAC 5 and a list of related 
documents, see Basic Installation of the DRAC 5 on page 35.
RACADM provides a remote capability option (-r) that allows you to connect 
to the managed system and execute racadm subcommands from a remote 
console or management station. To use the remote capability, you need a 
valid user name (
-u option) and password (-p option), and the DRAC 5 
IP address.
 NOTE: If the system from where you are accessing the remote system does not 
have a DRAC certificate in its default certificate store, a message is displayed when 
you type a racadm command. 
Security Alert: Certificate is invalid - Name on 
Certificate is invalid or does not match site name
Continuing execution. Use -S option for racadm to 
stop the execution on certificate-related errors.
Table 4-18. Network Configuration Page Buttons
Button Description
PrintPrints the Network Configuration page
RefreshReloads the Network Configuration page
Advanced SettingsDisplays the Network Security page.
Apply ChangesSaves the changes made to the network configuration. 
NOTE: Changes to the NIC IP address settings will close all user 
sessions and require users to reconnect to the DRAC 5 Web-
based interface using the updated IP address settings. All other 
changes will require the NIC to be reset, which may cause a brief 
loss in connectivity.

Add page 79 to Favourites

image text

Enable zoom

							Advanced Configuration of the DRAC 579
racadm continues to execute the command. However, if you use the –S 
option, racadm stops executing the command and displays the following 
message:
Security Alert: Certificate is invalid - Name on 
Certificate is invalid or does not match site name
Racadm not continuing execution of the command.
EORROR: Unable to connect to RAC at specified 
IP address
 NOTE: The racadm remote capability is supported only on management stations. 
For more information, see the Dell Systems Software Support Matrix on the Dell 
Support website at support.dell.com/manuals for more information.
 
NOTE: When using the racadm remote capability, you must have write permissions 
on the folders where you are using the racadm subcommands involving file 
operations, for example:
racadm getconfig -f 
or
racadm sslcertupload -t 1 -f c:\cert\cert.txt 
subcommands
RACADM Synopsis
racadm -r  -u  -p  
 
racadm -i -r   
Fo r  e x a m p l e :
racadm -r 192.168.0.120 -u root -p calvin getsysinfo
racadm -i -r 192.168.0.120 getsysinfo
If the HTTPS port number of the RAC has been changed to a custom port 
other than the default port (443), the following syntax must be used:
racadm -r : -u  -p 
  
racadm -i -r :

Add page 80 to Favourites

image text

Enable zoom

							80Advanced Configuration of the DRAC 5
RACADM Options
Table 4-19 lists the options for the racadm command.
Enabling and Disabling the racadm Remote 
Capability
 NOTE: It is recommended that you run these commands on your local system.
The racadm remote capability is enabled by default. If disabled, type the 
following racadm command to enable:
racadm config -g cfgRacTuning -o 
cfgRacTuneRemoteRacadmEnable 1
To disable the remote capability, type:
racadm config -g cfgRacTuning -o 
cfgRacTuneRemoteRacadmEnable 0
Table 4-19. racadm Command Options
Option Description
-r 
-r : Specifies the controller’s remote IP address.
Use : if the DRAC 5 port number is 
not the default port (443)
-iInstructs racadm to interactively query the user for 
user name and password.
-u Specifies the user name that is used to authenticate 
the command transaction. If the -u option is used, the 
-p option must be used, and the -i option (interactive) 
is not allowed.
-p Specifies the password used to authenticate the 
command transaction. If the -p option is used, the -i 
option is not allowed.
-S Specifies that racadm should check for invalid 
certificate errors. racadm stops the execution of the 
command with an error message if it detects an invalid 
certificate.

All Dell manuals Comments (0)