To enable Auto Config:

1.In the iDRAC Web interface, go to Overview iDRAC Settings Network. The Network page is displayed.

2.In the Auto Config section, select one of the following options to enable Auto Config:

Enable Once — Configures the component only once using the XML file referenced by the DHCP server. After this, Auto Config is disabled.

Enable Once After Reset — After the iDRAC is reset, configures the components only once using the XML file referenced by the DHCP server. After this, Auto Config is disabled.

To disable the Auto Config feature, select Disable.

3.Click Apply to apply the setting.

Enabling Auto Config Using RACADM

To enable Auto Config feature using RACADM, use the iDRAC.NIC.AutoConfig object. For more

information, see the iDRAC8 RACADM Command Line Interface Reference Guide.

Using Hash Passwords for Improved Security

For iDRAC in 13th generation servers, you can set user passwords and BIOS passwords using a one way hash format. The user authentication mechanism is not affected (except for SNMPv3 and IPMI) and you can provide the password in plain text format.

With the new password hash feature:

You can generate your own SHA256 hashes to set iDRAC user passwords and BIOS passwords. This allows you to have the SHA256 values in the server configuration profile, RACADM, and WSMAN. When you provide the SHA256 password values, you cannot authenticate through SNMPv3 and IPMI.

You can set up a template server including all the iDRAC user accounts and BIOS passwords using the current plain text mechanism. After the server is set up, you can export the server configuration profile with the password that has hash values. The export includes the hash values required for SNMPv3 and IPMI authentication.

You can generate the hash password with and without Salt using SHA256.

You must have Server Control privileges to include and export hash passwords.

If access to all accounts is lost, use iDRAC Settings Utility or local RACADM and perform reset iDRAC to default task.

If the iDRAC user account’s password is set with the SHA256 password hash only and not the other hashes (SHA1v3Key or MD5v3Key), then authentication through SNMP v3 and IPMI is not available.

Hash Password Using RACADM

Use the following objects with the set racadm sub command to set hash passwords:

iDRAC.Users.SHA256Password

iDRAC.Users.SHA256PasswordSalt

Use the following command to include the hash password in the exported server configuration profile:

racadm get -f <file name> -l <NFS / CIFS share> -u <username> -p <password> -t <filetype> --includePH

You must set the Salt attribute when the associated hash is set.

51

Page 50 Page 52
Page 51
Image 51
Dell iDRAC8 Using Hash Passwords for Improved Security, Enabling Auto Config Using Racadm, Hash Password Using Racadm
Page 50 Page 52
Top Page Image Contents