The DRAC 5 provides a Web-based interface and RACADM (a command-line interface) that enables you to configure the DRAC 5 properties and users, perform remote management tasks, and troubleshoot a remote (managed) system for problems. For everyday systems management, use the DRAC 5 Web-based interface. This chapter provides information about how to perform common systems management tasks with the DRAC 5 Web-based interface and provides links to related information.
All Web-based interface configuration tasks can also be performed with RACADM. For a list of all RACADM and serial/telnet/ssh console commands that can be used to perform the text-based equivalents of each task, see "Using the RACADM Command Line Interface."
See your DRAC 5 online help for context sensitive information about each Web-based interface page.
Accessing the Web-Based Interface
To access the DRAC 5 Web-based interface, perform the following steps:
In the Address field, type the following and press <Enter>:
https://<IP address>
If the default HTTPS port number (port 443) has been changed, type:
https://<IP address>:<port number>
where IP address is the IP address for the DRAC 5 and port number is the HTTPS port number.
The DRAC 5 Log in window appears.
Logging In
You can log in as either a DRAC 5 user or as a Microsoft® Active Directory® user. The default user name and password are root and calvin, respectively.
Before you log in to the DRAC 5, verify that you have Log In to DRAC 5 permission.
To log in, perform the following steps:
In the User Name field, type one of the following:
Your DRAC 5 user name.
For example, <username>
The DRAC 5 user name for local users is case sensitive
Your Active Directory user name.
For example, <domain>\<username>, <domain>/<username>, or <user>@<domain>.
Examples of an Active Directory user name are: dell.com\john_doe or john_doe@dell.com.
The Active Directory user name is not case sensitive.
In the Password field, type your DRAC 5 user password or Active Directory user password.
This field is case sensitive.
Click OK or press <Enter>.
Logging Out
In the upper-right corner of the DRAC 5 Web-based interface window, click Log Out to close the
session.
Close the browser window.
NOTE: The Log Out button does not appear until you log in.
NOTE: Closing the browser without gracefully logging out causes the session to remain open until it times out. It is strongly recommended that you click the logout button to end the session; otherwise, the session remains active until the session timeout is reached.
NOTE: Closing the DRAC 5 Web-based interface within Microsoft Internet Explorer using the close button ("x") at the top right corner of the window may generate an application error. To fix this issue, download the latest Cumulative Security Update for Internet Explorer from the Microsoft Support website, located at support.microsoft.com.
Configuring the DRAC 5 NIC
Configuring the Network and IPMI LAN Settings
NOTE: You must have Configure DRAC 5 permission to perform the following steps.
NOTE: Most DHCP servers require a server to store a client identifier token in its reservations table. The client (DRAC 5, for example) must provide this token during DHCP negotiation. For RACs, the DRAC 5 supplies the client identifier option using a one-byte interface number (0) followed by a six-byte MAC address.
NOTE: If your managed system DRAC is configured in Shared or Shared with Failover mode and the DRAC is connected to a switch with Spanning Tree Protocol (STP) enabled, network clients will experience a 20-30 second delay in connectivity when the management station's LOM link state changes during the STP convergence.
In the System tree, click Remote Access.
Click the Configuration tab and then click Network.
In the Network Configuration page, configure the DRAC 5 NIC settings.
Table 4-1 and Table 4-2 describes the Network Settings and IPMI Settings on the Network Configuration page.
When completed, click Apply Changes.
Click the appropriate Network Configuration page button to continue. See Table 4-3.
Table 4-1. Network Settings
Setting
Description
NIC Selection
Displays the selected NIC mode (Dedicated, Shared with Failover, or Shared).
The default setting is Dedicated.
MAC Address
Displays the DRAC 5 MAC address.
Enable NIC
Enables the DRAC 5 NIC and activates the remaining controls in this group.
The default setting is Enabled.
Use DHCP (For NIC IP Address)
Enables Dell OpenManage™ Server Administrator to obtain the DRAC 5 NIC IP address from the Dynamic Host Configuration Protocol (DHCP) server. Selecting the check box deactivates the Static IP Address, Static Gateway,and Static Subnet Mask controls.
The default setting is Disabled.
Static IP Address
Specifies or edits the static IP address for the DRAC 5 NIC. To change this setting, deselect the Use DHCP (For NIC IP Address) check box.
Static Gateway
Specifies or edits the static gateway for the DRAC 5 NIC. To change this setting, deselect the Use DHCP (For NIC IP Address) check box.
Static Subnet Mask
Specifies or edits the static subnet mask for the DRAC 5 NIC. To change this setting, deselect the Use DHCP (For NIC IP Address) check box.
Use DHCP to obtain DNS server addresses
Obtains the primary and secondary DNS server addresses from the DHCP server instead of the static settings.
The default setting is Disabled.
Static Preferred DNS Server
Uses the primary DNS server IP address only when Use DHCP to obtain DNS server addresses is not selected.
Static Alternate DNS Server
Uses the secondary DNS server IP address when Use DHCP to obtain DNS server addresses is not selected. You may enter an IP address of 0.0.0.0 if you do not have an alternate DNS server.
Register DRAC on DNS
Registers the DRAC 5 name on the DNS server.
The default setting is Disabled.
DNS DRAC Name
Displays the DRAC 5 name only when Register DRAC 5 on DNS is selected. The default DRAC 5 name is RAC-service tag, where service tag is the service tag number of the Dell server (for example, RAC-EK00002).
Use DHCP for DNS Domain Name
Uses the default DNS domain name. When the box is not selected and the Register DRAC 5 on DNS option is selected, you can modify the DNS domain name in the DNS Domain Name field.
The default setting is Disabled.
DNS Domain Name
The default DNS domain name is MYDOMAIN. When the Use DHCP for DNS Domain Name check box is selected, this option is grayed out and you cannot modify this field.
Auto Negotiation
Determines whether the DRAC 5 automatically sets the Duplex Mode and Network Speed by communicating with the nearest router or hub (On) or allows you to set the Duplex Mode and Network Speed manually (Off).
Network Speed
Sets the network speed to 100 Mb or 10 Mb to match your network environment. This option is not available if Auto Negotiation is set to On.
Duplex Mode
Sets the duplex mode to full or half to match your network environment. This option is not available if Auto Negotiation is set to On.
Table 4-2. IPMI LAN Settings
Setting
Description
Enable IPMI Over LAN
Enables the IPMI LAN channel.
Channel Privilege Level Limit
Configures the user's maximum privilege level that can be accepted on the LAN channel. Select one of the following options: Administrator, Operator, or User.
Encryption Key
Configures the encryption key character format: 0 to 20 hexadecimal characters (no blanks allowed).
The default setting is 00000000000000000000.
Enable VLAN ID
Enables the VLAN ID. If enabled, only matched VLAN ID traffic is accepted.
VLAN ID
The VLAN ID field of 802.1g fields.
Priority
The Priority field of 802.1g fields.
Table 4-3. Network Configuration Page Buttons
Button
Description
Print
Prints the Network Configuration page
Refresh
Reloads the Network Configuration page
Advanced Settings
Displays the Network Security page.
Apply Changes
Saves the changes made to the network configuration.
NOTE: Changes to the NIC IP address settings will close all user sessions and require users to reconnect to the DRAC 5 Web-based interface using the updated IP address settings. All other changes will require the NIC to be reset, which may cause a brief loss in connectivity.
Configuring the Network Security Settings
NOTE: You must have Configure DRAC 5 permission to perform the following steps.
In the System tree, click Remote Access.
Click the Configuration tab and then click Network.
In the Network Configuration page, click Advanced Settings.
In the Network Security page, configure the attribute values and then click Apply Changes.
Table 4-4 describes the Network Security page settings.
Click the appropriate Network Security page button to continue. See Table 4-5.
Table 4-4. Network Security Page Settings
Settings
Description
IP Range Enabled
Enables the IP Range checking feature, which defines a specific range of IP addresses that can access the DRAC 5.
IP Range Address
Determines the acceptable IP subnet address.
IP Range Subnet Mask
Defines the significant bit positions in the IP address. The subnet mask should be in the form of a netmask, where the more significant bits are all 1's with a single transition to all zeros in the lower-order bits.
For example: 255.255.255.0
IP Blocking Enabled
Enables the IP address blocking feature, which limits the number of failed login attempts from a specific IP address for a preselected time span.
IP Blocking Fail Count
Sets the number of login failures attempted from an IP address before the login attempts are rejected from that address.
IP Blocking Fail Window
Determines the time span in seconds within which IP Block Fail Count failures must occur to trigger the IP Block Penalty Time.
IP Blocking Penalty Time
The time span in seconds within which login attempts from an IP address with excessive failures are rejected.
Table 4-5. Network Security Page Buttons
Button
Description
Print
Prints the Network Security page
Refresh
Reloads the Network Security page
Apply Changes
Saves the changes made to the Network Security page.
Go Back to Network Configuration Page
Returns to the Network Configuration page.
Adding and Configuring DRAC 5 Users
To manage your system with the DRAC 5 and maintain system security, create unique users with specific administrative permissions (or role-based authority). For additional security, you can also configure alerts that are emailed to specific users when a specific system event occurs.
To add and configure DRAC 5 users, perform the following steps:
NOTE: You must have Configure DRAC 5 permission to perform the following steps.
Expand the System tree and click Remote Access.
Click the Configuration tab and then click Users.
The Users page appears, which includes each user's State, RAC Privilege, IPMI LAN Privilege, and IPMI Serial Privilege.
In the User ID column, click a user ID number.
In the User Configuration page, configure the user's properties and privileges.
Table 4-6 describes the General settings for configuring a new or existing DRAC username and password.
Table 4-7 describes the IPMI User Privileges for configuring the user's LAN privileges.
Table 4-8 describes the User Group Permissions for the IPMI User Privileges and the DRAC User Privileges settings.
Table 4-9 describes the DRAC Group permissions. If you add a DRAC User Privilege to the Administrator, Power User, or Guest User, the DRAC Group will change to the Custom group.
When completed, click Apply Changes.
Click the appropriate User Configuration page button to continue. See Table 4-10.
Table 4-6. General Properties
Property
Description
User ID
Specifies one of 16 preset User ID numbers.
If you are editing information for user root, this field is static. You cannot edit the username for root.
Enable User
Enables the user to access the DRAC 5. When unchecked, the User Name cannot be changed.
User Name
Specifies a DRAC 5 user name with up to 16 characters. Each user must have a unique user name.
NOTE: User names on the local DRAC 5 cannot include the / (forward slash)or . (period) characters.
NOTE: If the user name is changed, the new name will not appear in the user interface until the next user login.
Change Password
Enables the New Password and Confirm New Password fields. When unchecked, the user's Password cannot be changed.
New Password
Specifies or edits the DRAC 5 user's password.
Confirm New Password
Requires you to retype the DRAC 5 user's password to confirm.
Table 4-7. IPMI User Privileges
Property
Description
Maximum LAN User Privilege Granted
Specifies the user's maximum privilege on the IPMI LAN channel to one of the following user groups: Administrator, Operator, User, or None.
Maximum Serial Port User Privilege Granted
Specifies the user's maximum privilege on the IPMI Serial channel to one of the following: Administrator, Operator, User, or None.
Enable Serial Over LAN
Allows user to use IPMI Serial Over LAN. When checked, this privilege is enabled.
Table 4-8. DRAC User Privileges
Property
Description
DRAC Group
Specifies the user's maximum DRAC user privilege to one of the following: Administrator, Power User, Guest User, None, or Custom.
Enables the user to allow specific users to access the system.
Clear Logs
Enables the user to clear the DRAC logs.
Execute Server Control Commands
Enables the user to execute racadm commands.
Access Console Redirection
Enables the user to run Console Redirection.
Access Virtual Media
Enables the user to run and use Virtual Media.
Test Alerts
Enables the user to send test alerts (e-mail and PET) to a specific user.
Execute Diagnostic Commands
Enables the user to run diagnostic commands.
Table 4-9. DRAC Group Permissions
User Group
Permissions Granted
Administrator
Login to DRAC 5, Configure DRAC 5, Configure Users, Clear Logs, Execute Server Control Commands, Access Console Redirection, Access Virtual Media, Test Alerts, Execute Diagnostic Commands
Power User
Login to DRAC 5, Clear Logs, Execute Server Control Commands, Access Console Redirection, Access Virtual Media, Test Alerts
Guest User
Login to DRAC 5
Custom
Selects any combination of the following permissions: Login to DRAC 5, Configure DRAC 5, Configure Users, Clear Logs, Execute Server Action Commands, Access Console Redirection, Access Virtual Media, Test Alerts, Execute Diagnostic Commands
None
No assigned permissions
Table 4-10. User Configuration Page Buttons
Button
Action
Print
Prints the User Configuration page
Refresh
Reloads the User Configuration page
Go Back To Users Page
Returns to the Users Page.
Apply Changes
Saves the changes made to the network configuration.
Configuring and Managing Active Directory Certificates
NOTE: You must have Configure DRAC 5 permission to configure Active Directory and upload, download, and view an Active Directory certificate.
Use the Microsoft® Active Directory® service to configure your software to provide access to the DRAC 5. The service allows you to add and control the DRAC5 user privileges of your existing users.
Click the Configuration tab and click Active Directory.
Table 4-11 lists the Active Directory Main Menu page options. The buttons in Table 4-12 are available on the Active Directory Main Menu page.
Table 4-11. Active Directory Main Menu Page Options
Field
Description
Configure Active Directory
Configures the Active Directory's DRAC Name, ROOT Domain Name, DRAC Domain Name, and Active Directory Authentication Timeout settings.
Upload Active Directory CA Certificate
Uploads an Active Directory certificate to the DRAC.
Download DRAC Server Certificate
The Windows Download Manager enables you to download a DRAC server certificate to your system.
View Active Directory CA Certificate
Displays the Active Directory Certificate that has been uploaded to the DRAC.
Table 4-12. Active Directory Main Menu Page Buttons
Button
Definition
Print
Prints the contents of the open window to your default printer
Next
Go to the next selected Option page.
Configuring Active Directory
In the Active Directory Main Menu page, select Configure Active Directory and click Next.
In the Active Directory Configuration page, enter the Active Directory settings.
Table 4-13 describes the Active Directory Configuration page settings.
Click Apply to save the settings.
Click the appropriate Active Directory Configuration page button to continue. See Table 4-14.
Table 4-13. Active Directory Configuration Page Settings
Setting
Description
Enable Active Directory
Enables Active Directory. Checked=Enabled; Unchecked=Disabled.
DRAC Name
The name that uniquely identifies the DRAC 5 card in Active Directory. This value is NULL by default.
The name must be a 1-256 character ASCII string, with no blank spaces between characters.
ROOT Domain Name
The Active Directory ROOT domain name. This value is NULL by default.
The name must be a valid domain name consisting of x.y, where x is a 1-256 character ASCII string with no blank spaces between characters, and y is a valid domain type such as com, edu, gov, int, mil, net, org.
DRAC Domain Name
The DNS name (string) of the domain where the Active Directory DRAC 5 object resides. This value is NULL by default.
The name must be a valid domain name consisting of x.y, where x is a 1-256 character ASCII string with no blank spaces between characters, and y is a valid domain type such as com, edu, gov, int, mil, net, org.
Timeout
The time in seconds to wait for Active Directory queries to complete. Minimum value greater than 15 seconds. The default value is 120 seconds.
Table 4-14. Active Directory Configuration Page Buttons
Button
Description
Print
Prints the Active Directory Configuration page.
Apply
Saves the changes made to the Active Directory Configuration page.
Go Back to Active Directory Main Menu
Returns to the Active Directory Main Menu page.
Uploading an Active Directory CA Certificate
In the Active Directory Main Menu page, select Upload Active Directory CA Certificate and click
Next.
In the Certificate Upload page, in the File Path field, type the file path of the certificate or click
Browse to navigate to the certificate file.
NOTE: The File Path value displays the relative file path of the certificate you are uploading. You must type the absolute file path, which includes the full path and the complete file name and file extension.
Click Apply.
Click the appropriate Certificate Upload page button to continue. See Table 4-15.
Table 4-15. Certificate Upload Page Buttons
Button
Description
Print
Print the Certificate Upload page.
Go Back to Active Directory Main Menu
Return to the Active Directory Main Menu page.
Apply
Apply the certificate to the DRAC 5 firmware.
Downloading a DRAC Server Certificate
In the Active Directory Main Menu page, select Download DRAC Server Certificate and click Next.
In the File Download window, click Save and save the file to a directory on your system.
In the Download Complete window, click Close.
Viewing an Active Directory CA Certificate
Use the Active Directory Main Menu page to view a CA server certificate for your DRAC 5.
In the Active Directory Main Menu page, select View Active Directory CA Certificate and click Next.
Table 4-16 describes the fields and associated descriptions listed in the Certificate window.
Table 4-17 describes the available page buttons on the View Active Directory CA Certificate page.
Click the appropriate View Active Directory CA Certificate page button to continue. See Table 4-17.
Table 4-16. Active Directory CA Certificate Information
Field
Description
Serial Number
Certificate serial number.
Subject Information
Certificate attributes entered by the subject.
Issuer Information
Certificate attributes returned by the issuer.
Valid From
Certificate issue date.
Valid To
Certificate expiration date.
Table 4-17. View Active Directory CA Certificate Page Buttons
Button
Description
Print
Prints the Active Directory CA Certificate.
Go Back to Active Directory Main Menu
Returns to the Active Directory Main Menu page.
Securing DRAC 5 Communications Using SSL and Digital
Certificates
This subsection provides information about the following data security features that are incorporated in your DRAC 5:
Secure Sockets Layer (SSL)
Certificate Signing Request (CSR)
Accessing the SSL main menu
Generating a new CSR
Uploading a server certificate
Viewing a server certificate
Secure Sockets Layer (SSL)
The DRAC includes a Web server that is configured to use the industry-standard SSL security protocol to transfer encrypted data over the Internet. Built upon public-key and private-key encryption technology, SSL is a widely accepted technique for providing authenticated and encrypted communication between clients and servers to prevent eavesdropping across a network.
SSL allows an SSL-enabled system to perform the following tasks:
Authenticate itself to an SSL-enabled client
Allow the client to authenticate itself to the server
Allow both systems to establish an encrypted connection
This encryption process provides a high level of data protection. The DRAC employs the 128-bit SSL encryption standard, the most secure form of encryption generally available for Internet browsers in North America.
The DRAC Web server includes a Dell self-signed SSL digital certificate (Server ID). To ensure high security over the Internet, replace the Web server SSL certificate by submitting a request to the DRAC to generate a new Certificate Signing Request (CSR).
Certificate Signing Request (CSR)
A CSR is a digital request to a Certificate Authority (CA) for a secure server certificate. Secure server certificates ensure the identity of a remote system and ensure that information exchanged with the remote system cannot be viewed or changed by others. To ensure the security for your DRAC, it is strongly recommended that you generate a CSR, submit the CSR to a CA, and upload the certificate returned from the CA.
A Certificate Authority is a business entity that is recognized in the IT industry for meeting high standards of reliable screening, identification, and other important security criteria. Examples of CAs include Thawte and VeriSign. After the CA receives your CSR, they review and verify the information the CSR contains. If the applicant meets the CA's security standards, the CA issues a certificate to the applicant that uniquely identifies that applicant for transactions over networks and on the Internet.
After the CA approves the CSR and sends you a certificate, you must upload the certificate to the DRAC firmware. The CSR information stored on the DRAC firmware must match the information contained in the certificate.
Accessing the SSL Main Menu
Expand the System tree and click Remote Access.
Click the Configuration tab and then click SSL.
Use the SSL Main Menu page options (see Table 4-18) to generate a CSR to send to a CA. The CSR information is stored on the DRAC 5 firmware. The buttons in Table 4-19 are available on the SSL Main Menu page.
Table 4-18. SSL Main Menu Options
Field
Description
Generate a New Certificate Signing Request (CSR)
Click Next to open the Certificate Signing Request Generation page that enables you to generate a CSR to send to a CA to request a secure Web certificate.
NOTICE: Each new CSR overwrites any pervious CSR on the firmware. For a CA to accept your CSR, the CSR in the firmware must match the certificate returned from the CA.
Upload Server Certificate
Click Next to upload an existing certificate that your company has title to, and uses to control access to the DRAC 5.
NOTICE: Only X509, Base 64 encoded certificates are accepted by the DRAC 5. DER encoded certificates are not accepted. Upload a new certificate to replace the default certificate you received with your DRAC 5.
View Server Certificate
Click Next to view an existing server certificate.
Table 4-19. SSL Main Menu Buttons
Button
Description
Print
Prints the SSL Main Menu page.
Next
Navigates to the next page.
Generating a New Certificate Signing Request
NOTE: Each new CSR overwrites any previous CSR on the firmware. Before a certificate authority (CA) can accept your CSR, the CSR in the firmware must match the certificate returned from the CA. Otherwise, the DRAC 5 will not upload the certificate.
In the SSL Main Menu page, select Generate a New Certificate Signing Request (CSR) and click
Next.
In the Generate Certificate Signing Request (CSR) page, type a value for each CSR attribute value.
The exact name being certified (usually the Web server's domain name, for example, www.xyzcompany.com). Only alphanumeric characters, hyphens, underscores, and periods are valid. Spaces are not valid.
Organization Name
The name associated with this organization (for example, XYZ Corporation). Only alphanumeric characters, hyphens, underscores, periods and spaces are valid.
Organization Unit
The name associated with an organizational unit, such as a department (for example, Enterprise Group). Only alphanumeric characters, hyphens, underscores, periods, and spaces are valid.
Locality
The city or other location of the entity being certified (for example, Round Rock). Only alphanumeric characters and spaces are valid. Do not separate words using an underscore or some other character.
State Name
The state or province where the entity who is applying for a certification is located (for example, Texas). Only alphanumeric characters and spaces are valid. Do not use abbreviations.
Country Code
The name of the country where the entity applying for certification is located. Use the drop-down menu to select the country.
Email
The email address associated with the CSR. You can type your company's email address, or any email address you desire to have associated with the CSR. This field is optional.
Print the Generate Certificate Signing Request (CSR) page.
Go Back to Security Main Menu
Return to the SSL Main Menu page.
Generate
Generate a CSR.
Uploading a Server Certificate
In the SSL Main Menu page, select Upload Server Certificate and click Next.
The Certificate Upload page appears.
In the File Path field, type the path of the certificate in the Value field or click Browse to navigate to
the certificate file.
NOTE: The File Path value displays the relative file path of the certificate you are uploading. You must type the absolute file path, which includes the full path and the complete file name and file extension
Click Apply.
Click the appropriate page button to continue. See Table 4-22.
Table 4-22. Certificate Upload Page Buttons
Button
Description
Print
Print the Certificate Upload page.
Go Back to SSL Main Menu
Return to the SSL Main Menu page.
Apply
Apply the certificate to the DRAC 5 firmware.
Viewing a Server Certificate
In the SSL Main Menu page, select View Server Certificate and click Next.
Table 4-23 describes the fields and associated descriptions listed in the Certificate window.
Click the appropriate View Server Certificate page button to continue. See Table 4-24.
Table 4-23. Certificate Information
Field
Description
Serial Number
Certificate serial number
Subject Information
Certificate attributes entered by the subject
Issuer Information
Certificate attributes returned by the issuer
Valid From
Issue date of the certificate
Valid To
Expiration date of the certificate
Table 4-24. View Server Certificate Page Buttons
Button
Description
Print
Print the View Server Certificate page.
Go Back to SSL Main Menu
Return to the SSL Main Menu page.
Configuring Serial and Terminal Modes
Configuring IPMI and RAC Serial
Expand the System tree and click Remote Access.
Click the Configuration tab and then click Serial.
Configure the IPMI serial settings.
Table 4-25 provides information about the IPMI serial settings.
Configure the RAC serial settings.
Table 4-26 provides information about the RAC serial settings.
Click Apply Changes.
Click the appropriate Serial Configuration page button to continue. See Table 4-27.
Table 4-25. IPMI Serial Settings
Setting
Description
Connection Mode Setting
Direct Connect Basic Mode - IPMI Serial Basic Mode
Direct Connect Terminal Mode - IPMI Serial Terminal Mode
Baud Rate
Sets the data speed rate. Select 9600 bps, 19.2 kbps, 57.6 kbps, or 115.2 kbps.
Flow Control
None — Hardware Flow Control Off
RTS/CTS — Hardware Flow Control On
Channel Privilege Level Limit
Administrator
Operator
User
Table 4-26. RAC Serial Settings
Setting
Description
Enabled
Enables or disables the RAC serial console. Checked=Enabled; Unchecked=Disabled
Maximum Sessions
The maximum number of simultaneous sessions allowed for this system.
Timeout
The maximum number of seconds of line idle time before the line is disconnected. The range is 60 to 1920 seconds. Default is 300 seconds. Use 0 seconds to disable the Timeout feature.
Redirect Enabled
Enables or disables Console Redirection. Checked=Enabled; Unchecked=Disabled
Baud Rate
The data speed on the external serial port. Values are 9600 bps, 28.8 kbps, 57.6 kbps, and 115.2 kbps. Default is 57.6 kbps.
Escape Key
Specifies the <Esc> key. The default are the ^\ characters.
History Buffer Size
The size of the serial history buffer, which holds the last characters written to the console. The maximum and default = 8192 characters.
Login Command
The DRAC command line to be executed upon valid login.
Table 4-27. Serial Configuration Page Settings
Button
Description
Print
Print the Serial Configuration page.
Refresh
Refresh the Serial Configuration page.
Apply Changes
Apply the IPMI and RAC serial changes.
Terminal Mode Settings
Opens the Terminal Mode Settings page.
Configuring Terminal Mode
Expand the System tree and click Remote Access.
Click the Configuration tab and then click Serial.
In the Serial Configuration page, click Terminal Mode Settings.
Configure the terminal mode settings.
Table 4-28 provides information about the terminal mode settings.
Click Apply Changes.
Click the appropriate Terminal Mode Settings page button to continue. See Table 4-29.
Table 4-28. Terminal Mode Settings
Setting
Description
Line Editing
Enables or disables line editing.
Delete Control
Select one of the following:
BMC outputs a <bksp><sp><bksp> character when <bksp> or <del> is received —
BMC outputs a <del> character when <bksp> or <del> is received —
Echo Control
Enables or disables echo.
Handshaking Control
Enables or disables handshaking.
New Line Sequence
Select None, <CR-LF>, <NULL>, <CR>, <LF-CR>, or <LF>.
Input New Line Sequence
Select <CR> or <NULL>.
Table 4-29. Terminal Mode Settings Page Buttons
Button
Description
Print
Print the Terminal Mode Settings page.
Refresh
Refresh the Terminal Mode Settings page.
Go Back to Serial Port Configuration
Return to the Serial Port Configuration page.
Apply Changes
Apply the terminal mode settings changes.
Configuring Serial Over LAN
NOTE: For complete Serial Over LAN information, see the Dell OpenManage Baseboard Management Controller User's Guide.
Expand the System tree and click Remote Access.
Click the Configuration tab and then click Serial Over LAN.
Configure the Serial Over LAN settings.
Table 4-30 provides information about the Serial Over LAN Configuration page settings.
Click Apply Changes.
Configure the advanced settings, if required. Otherwise, click the appropriate Serial Over LAN
Configuration page button to continue (see Table 4-31).
To configure the advanced settings, perform the following steps:
Click Advanced Settings.
In the Serial Over LAN Configuration Advanced Settings page, configure the advanced settings
as required. See Table 4-32.
Click Apply Changes.
Click the appropriate Serial Over LAN Configuration Advanced Settings page button to
continue. See Table 4-33.
Table 4-30. Serial Over LAN Configuration Page Settings
Setting
Description
Enable Serial Over LAN
Enables Serial Over LAN. Checked=Enabled; Unchecked=Disabled.
Baud Rate
The IPMI data speed. Select 9600 bps, 19.2 kbps, 57.6 kbps, or 115.2 kbps.
Channel Privilege Level Limit
Sets the IPMI Serial Over LAN minimum user privilege: Administrator, Operator, or User.
Table 4-31. Serial Over LAN Configuration Page Buttons
Button
Description
Print
Prints the Serial Over LAN Configuration page.
Refresh
Refreshes the Serial Over LAN Configuration page.
Advanced Settings
Opens the Serial Over LAN Configuration Advanced Settings page.
Apply Changes
Applies the Serial Over LAN Configuration page settings.
Table 4-32. Serial Over LAN Configuration Advanced Settings Page Settings
Setting
Description
Character Accumulate Interval
The amount of time that the BMC will wait before transmitting a partial SOL character data package. 1-based 5ms increments.
Character Send Threshold
The BMC will send an SOL character data package containing the characters as soon as this number of characters (or greater) has been accepted. 1-based units.
Table 4-33. Serial Over LAN Configuration Advanced Settings Page Buttons
Button
Description
Print
Prints the Serial Over LAN Configuration Advanced Settings page.
Refresh
Refreshes the Serial Over LAN Configuration Advanced Settings page.
Go Back To Serial Over LAN Configuration Page
Returns to the Serial Over LAN Configuration page.
Apply Changes
Applies the Serial Over LAN Configuration Advanced Settings page settings.
Configuring Services
NOTE: To modify these settings, you must have Configure DRAC 5 permission. Additionally, the remote RACADM command-line utility can only be enabled if the user is logged in as root.
Expand the System tree and click Remote Access.
Click the Configuration tab and then click Services.
Use the Automated Systems Recovery Agent to enable the Last Crash Screen functionality of the DRAC 5.
NOTE: Server Administrator must be installed with its Auto Recovery feature activated by setting the Action to either: Reboot System, Power Off System, or Power Cycle System, for the Last Crash Screen to function in the DRAC 5.
Click Apply Changes.
Click the appropriate Services page button to continue. See Table 4-40.
Table 4-34. Web Server Settings
Setting
Description
Enabled
Enables or disables the Web server. Checked=Enabled; Unchecked=Disabled.
Max Sessions
The maximum number of simultaneous sessions allowed for this system.
Active Sessions
The number of current sessions on the system, less than or equal to the Max Sessions.
Timeout
The time in seconds that a connection is allowed to remain idle. The session is cancelled when the timeout is reached. Changes to the timeout setting do not affect the current session. When you change the timeout setting, you must log out and log in again to make the new setting effective. Timeout range is 60 to 1920 seconds.
HTTP Port Number
The port used by the DRAC that listens for a server connection. The default setting is 80.
HTTPS Port Number
The port used by the DRAC that listens for a server connection. The default setting is 443.
Table 4-35. SSH Settings
Setting
Description
Enabled
Enables or disables SSH. Checked=Enabled; Unchecked=Disabled.
Max Sessions
The maximum number of simultaneous sessions allowed for this system. Up to four sessions are supported.
Active Sessions
The number of current sessions on the system, less than or equal to the Max Sessions.
Timeout
The Secure Shell idle timeout, in seconds. Range = 60 to 1920 seconds. Enter 0 seconds to disable the Timeout feature. The default setting is 300.
Port Number
The port used by the DRAC that listens for a server connection. The default setting is 22.
Table 4-36. Telnet Settings
Setting
Description
Enabled
Enables or disables Telnet. Checked=Enabled; Unchecked=Disabled.
Max Sessions
The maximum number of simultaneous sessions allowed for this system. Up to four sessions are supported.
Active Sessions
The number of current sessions on the system, less than or equal to the Max Sessions.
Timeout
The Secure Shell idle timeout, in seconds. Range = 60 to 1920 seconds. Enter 0 seconds to disable the Timeout feature. The default setting is 0.
Port Number
The port used by the DRAC that listens for a server connection. The default setting is 23.
Table 4-37. Remote RACADM Settings
Setting
Description
Enabled
Enables or disables remote RACADM. Checked=Enabled; Unchecked=Disabled.
Max Sessions
The maximum number of simultaneous sessions allowed for this system. Up to four sessions are supported.
Active Sessions
The number of current sessions on the system, less than or equal to the Max Sessions.
Table 4-38. SNMP Agent Settings
Setting
Description
Enabled
Enables or disables the SNMP agent. Checked=Enabled; Unchecked=Disabled.
Community Name
The name of the community that contains the IP address for the SNMP Alert destination. The Community Name can be up to 31 non-blank characters in length. The default setting is public.
Table 4-39. Automated System Recovery Agent Setting
Setting
Description
Enabled
Enables the Automated System Recovery Agent.
Table 4-40. Services Page Buttons
Button
Description
Print
Prints the Services page.
Refresh
Refreshes the Services page.
Apply Changes
Applies the Services page settings.
Frequently Asked Questions
Table 4-41 lists frequently asked questions and answers.
Table 4-41. Managing and Recovering a Remote System: Frequently Asked Questions
Question
Answer
When accessing the DRAC 5 Web-based interface, I get a security warning stating the hostname of the SSL certificate does not match the hostname of the DRAC 5.
The DRAC 5 includes a default DRAC 5 server certificate to ensure network security for the Web-based interface and remote racadm features. When this certificate is used, the Web browser displays a security warning because the default certificate is issued to DRAC5 default certificate which does not match the host name of the DRAC 5 (for example, the IP address).
To address this security concern, upload a DRAC 5 server certificate issued to the IP address of the DRAC 5. When generating the certificate signing request (CSR) to be used for issuing the certificate, ensure that the common name (CN) of the CSR matches the IP address of the DRAC 5 (for example, 192.168.0.120) or the registered DNS DRAC name.
To ensure that the CSR matches the registered DNS DRAC name, perform the following steps:
In the System tree, click Remote Access.
Click the Configuration tab and then click Network.
In the Network Settings page, perform the following steps:
Why are the remote racadm and Web-based services unavailable after a property change?
It may take a minute for the remote RACADM services and the Web-based interface to become available after the DRAC 5 Web server resets.
The DRAC 5 Web server is reset after the following occurrences:
When changing the network configuration or network security properties using the DRAC 5 web user interface
When the cfgRacTuneHttpsPort property is changed (including when a config -f <config file> changes it)
When racresetcfg is used
When the DRAC 5 is reset
When a new SSL server certificate is uploaded
Why doesn't my DNS server register my DRAC 5?
Some DNS servers only register names of 31 characters or fewer.
When accessing the DRAC 5 Web-based interface, I get a security warning stating the SSL certificate was issued by a certificate authority (CA) that is not trusted.
DRAC 5 includes a default DRAC 5 server certificate to ensure network security for the Web-based interface and remote racadm features. This certificate was not issued by a trusted CA. To address this security concern, upload a DRAC 5 server certificate issued by a trusted CA (for example, Thawte or Verisign). See "Securing DRAC 5 Communications Using SSL and Digital Certificates" for more information about issuing certificates.
The following message is displayed for unknown reasons:
Remote Access: SNMP Authentication Failure
Why does this happen?
As part of discovery, IT Assistant attempts to verify the device's get and set community names. In IT Assistant, you have the get community name = public and the set community name = private. By default, the community name for the DRAC 5 agent is public. When IT Assistant sends out a set request, the DRAC 5 agent generates the SNMP authentication error because it will only accept requests from community = public.
You can change the DRAC 5 community name using RACADM.
To see the DRAC 5 community name, use the following command:
racadm getconfig -g cfgOobSnmp
To set the DRAC 5 community name, use the following command:
To prevent SNMP authentication traps from being generated, you must input community names that will be accepted by the agent. Since the DRAC 5 only allows one community name, you must input the same get and set community name for IT Assistant discovery setup.
