#################################################################### DELL(TM) REMOTE ACCESS CONTROLLER (DRAC) 4 #################################################################### This document contains updated information about the Dell Remote Access Controller 4 (DRAC 4/I and DRAC 4/P). For more information about DRAC 4, including installation and configuration information, see the "Dell Remote Access Controller 4 User's Guide" and the "Dell OpenManage(TM) Server Administrator User's Guide." These documents are located on your Product Documentation CD. You can download the documents also from the Dell Support website at "support.dell.com". #################################################################### TABLE OF CONTENTS #################################################################### This file contains the following sections: * Criticality * Minimum Requirements * Release Highlights * Corrected Issues in this Release (Firmware Version 1.20) * Known Issues for DRAC 4 * Known Issues for Managed Server Operating Systems #################################################################### CRITICALITY #################################################################### 3 - Optional #################################################################### MINIMUM REQUIREMENTS #################################################################### The following subsections list operating systems that are compatible with the DRAC 4. ==================================================================== SUPPORTED SYSTEMS ==================================================================== DRAC 4 is supported on the following Dell PowerEdge(TM) systems: 800, 1800, 1850, 2800, 2850, 6800, and 6850. #################################################################### RELEASE HIGHLIGHTS #################################################################### * Virtual Media can be enabled or disabled with racadm (as described in the User's Guide) or with the Option ROM. The Option ROM now has two pages of settings. The and keys may be used to move between the two pages. The first page contains the network-related settings. The second page contains the Virtual Media settings, including enabling or disabling Virtual Media. ==================================================================== SUPPORTED MANAGED SERVER OPERATING SYSTEMS ==================================================================== The DRAC 4 is supported by the following operating systems: * Microsoft(R) Windows(R) Server 2003 Server family The Windows Server 2003 family includes Windows Server 2003 Standard Edition, Windows Server 2003 Enterprise Edition, and Windows Server 2003 Web Edition. * Windows 2000 Server family The Windows 2000 Server family includes Windows 2000 Server and Windows 2000 Advanced Server. NOTE: Virtual Media requires Service Pack 4. * Red Hat(R) Enterprise Linux AS/ES/WS (version 2.1) * Red Hat Enterprise Linux AS/ES/WS (version 3) * Novell(R) NetWare(R), version 6.5 (Service Pack 1 or later) NOTE: This version of NetWare does not support Virtual Media. * NetWare, version 5.1 (Service Pack 7 or later) NOTE: This version of NetWare does not support Virtual Media. ====================================================================== SUPPORTED WEB BROWSERS ====================================================================== * 32-bit versions of Microsoft Internet Explorer 6.0 on Windows * 32-bit versions of Mozilla 1.5 (or later) on Red Hat Enterprise Linux Virtual Media requires: - Internet Explorer on a Windows-based management workstation - Mozilla on a Red Hat Enterprise Linux-based management workstation NOTE: All browsers must have Sun Java VM Plug-in 1.4.2 or later installed to use the DRAC 4 Console Redirection feature. You must clear and disable the Java cache from the Java plug-in control panel. On the Windows operating system, perform the following steps to clear and disable the Java Cache: 1. Click "Settings"->"Control Panel"->"Java Plug-in Control Panel". 2. Click the "Cache" tab. 3. Click "Clear". 4. Uncheck the "Enable Caching" check box to disable the cache. 5. Click "Apply". 6. Close and restart the browser. NOTE: When upgrading the DRAC 4 firmware, you should delete temporary internet files. When using Internet Explorer on systems running Windows, perform the following steps to delete the temporary files: 1. In Internet Explorer, on the "Tools" menu, click "Internet Options". 2. On the "General" tab, click "Delete Files". 3. To the confirmation message, click "OK". ============================================= FIRMWARE VERSIONS ============================================= RAC Firmware Version: 1.20 RAC IDE Option ROM version: 341027 ###################################################################### CORRECTED ISSUES IN THIS RELEASE (FIRMWARE VERSION 1.20) ###################################################################### * After a web session has timed out, the unlock screen will allow the user to log back in.(139490) ###################################################################### KNOWN ISSUES FOR DRAC 4 ###################################################################### The following subsections list the known issues regarding the implementation and operation of the DRAC 4: * The minimum available network bandwidth for Virtual Media or Console Redirection is 128 Kbps. * The NumLock indicator on the management station does not necessarily coincide with the state of the numlock on the remote server when accessed through the DRAC 4. The state of the numlock is dependent on the setting on the server when the remote session is connected, regardless of the state of the numlock on the management station.(137817) * When a telnet login is invalid, a single session is counted toward the maximum of four sessions for approximately one minute after the invalid login attempt. If three valid sessions already exist, this invalid session will prevent further login attempts for that minute. * If you run the Nessus Vulnerability test on the DRAC 4, you may see the following vulnerabilities reported: - Nessus reports HTTP (80/tcp) vulnerability as: “The remote proxy is vulnerable to format strings attacks when issued a badly-formed user name. This flaw allows an attacker to execute arbitrary code on this host.” Since the DRAC 4 always gracefully forwards any HTTP requests (legal or not) to HTTPS, the Nessus plug-in gets confused. This report is not a security issue on the DRAC 4. - Nessus reports HTTP (80/tcp) vulnerability as: “It may be possible to make a web server execute arbitrary code by sending it a too long URL after/jsp. Ie: GET /jsp/AAAA.....AAAAA.” Since the DRAC 4 always gracefully forwards any HTTP requests (legal or not) to HTTPS, the Nessus plug-in gets confused. This report is not a security issue on the DRAC 4. - Nessus reports HTTP (80/tcp) vulnerability as: “It was possible to disable the remote IIS server by making a specially formed PROPFIND request.” Since the DRAC 4 always gracefully forwards any HTTP requests (legal or not) to HTTPS, the Nessus plug-in gets confused. This report is not a security issue on the DRAC 4. - Nessus reports HTTPS (443/tcp) vulnerability as: “The remote web server is vulnerable to a format string attack. If it is ePolicy Orchestrator, an attacker may use this flaw to execute code with the SYSTEM privileges on this host.” The DRAC 4 returns Error 414 with an unsupported long format string in the GET operation. This operation is correct and should not cause any security vulnerability. - Nessus reports syslog (514/udp) vulnerability as: “WinSyslog is an enhanced syslog server for Windows. A vulnerability in the product allows remote attackers to cause the WinSyslog to freeze, which in turn will also freeze the operating system on which the product executes.” Since the DRAC 4 does not support WinSyslog port 514, the Nessus plug-in gets confused. This report is not a security issue on the DRAC 4. * The DRAC 4 racadm version 4.0.0 does not support the management of remote ERA/MC DRAC configurations. ERA/MC configurations should continue to be managed by the racadm utility that officially supports the ERA/MC configuration. * DRAC 4 allows CA Enterprise Root Server and all user type certificates to be uploaded into the DRAC 4 Web server, which causes Client Web Browser SSL authentication failure. To avoid this error, only upload X509 Web Server-type certificates into the DRAC 4 (select only the Web browser type in the Microsoft certificate generating utility). * If you are using Minicom as the DRAC 4 serial terminal and have the Minicom status line enabled, resize the window to 80 x 26. Resizing allows for 26 lines of text and one line of Minicom status. The default Minicom command key is . If you need to use to enter the SCSI BIOS setup screen, redefine the Minicom control key from the "Screen and Keyboard Settings" menu. ###################################################################### KNOWN ISSUES FOR MANAGED SERVER OPERATING SYSTEMS ###################################################################### The following sections provide additional information about known issues with operating systems. ====================================================================== NETWARE OPERATING SYSTEM ISSUES ====================================================================== * When a remote "Reset", "Power Off", or "Power Cycle" command is issued through the DRAC 4 on NetWare, some NetWare applications may require user interaction to close application windows. If this action is necessary, you should use the DRAC 4 Console Redirection to manually close the application windows to allow NetWare to shut down. ====================================================================== RED HAT ENTERPRISE LINUX OPERATING SYSTEM ISSUES ====================================================================== * When the DRAC 4 resets, the virtual drives disappear. On Red Hat Enterprise Linux 4, hotplug IDE is not supported. The system may hang when a remount of the virtual drives is attempted. Do not attempt to remount virtual drives on Red Hat Enterprise Linux 4 after a firmware update. You must restart the server to regain access to the drives. * The Console Redirection mouse will not sync while the Red Hat Enterprise Linux text console is present. The mouse will sync only under X-Windows where the USB mouse driver is present. * When using Console Redirection on a managed system running Red Hat Enterprise Linux, the focus (cursor moved back over an object) follows the cursor. Occasionally, the text windows in Console Redirection lose focus. Before attempting to type in a text window in a Console Redirection window, click the mouse in the text window's space bar or top menu bar to ensure that your target text window has the focus on the correct window or application that you are attempting to use. ###################################################################### Information in this document is subject to change without notice. (C) 2005 Dell Inc. All rights reserved. Reproduction in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: "Dell", "PowerEdge", and "Dell OpenManage"are trademarks of Dell Inc.; "Microsoft"and "Windows" are registered trademarks of Microsoft Corporation; "Novell" and "NetWare" are registered trademarks of Novell, Inc.; "Red Hat" is a registered trademark of Red Hat, Inc. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own. February 2005