Dell Remote Access Controller 4 Firmware Version 1.30 specification

Figure 5-1. Typical Setup for Active Directory Objects

Association Object

User(s) Group(s)

Privilege Object

RAC Device Object(s)

RAC4 Privilege Object

You can create as many or as few association objects as you want or need. However, you must create at least one Association Object, and you must have one RAC Device Object for each RAC (DRAC 4) on the network that you want to integrate with Active Directory for Authentication and Authorization with the RAC (DRAC 4). The Association Object allows for as many or as few users and/or groups as well as RAC Device Objects. However, the Association Object only has one Privilege Object per Association Object. The Association Object connects the "Users" who have "Privileges" on the RACs (DRAC 4s).

In addition, you can set up Active Directory objects in a single domain or in multiple domains. For example, you have two DRAC 4 cards (RAC1 and RAC2) and three existing Active Directory users (user1, user2, and user3). You want to give user1 and user2 an administrator privilege to both DRAC 4 cards and give user3 a login privilege to the RAC2 card. Figure 5-2 shows how you set up the Active Directory objects in this scenario.

Using the DRAC 4 With Microsoft® Active Directory

87

Image 87

Dell Remote Access Controller 4 Firmware Version 1.30 manual RAC4 Privilege Object

Contents

W . d e l l . c o m s u p p o r t . d e l l . c o m Firmware Version 1.30 User’s Guide May Contents Removing Drac 4-Related Applications and Drivers Configuring the Drac 4 Network SettingsConfiguring Red Hat Enterprise Linux for Viewing Localized Versions of the Web-Based Interface First Steps to Troubleshoot a Remote System Configuring Red Hat Enterprise Linux Minicom forAdding and Configuring Drac 4 Users and Alerts Enabling Microsoft Telnet for Telnet Console Redirection Using Active Directory to Log In To the Drac 100 Configuring Active Directory to Access Your DracInstalling the Dell Extension to the Active Directory Users Configuring the Drac 4 Active Directory Settings 111 Installing Operating Systems Using Virtual Media 114Enabling and Disabling the Virtual Media Feature 115 Viewing a List of Serial/Telnet Commands 128 136 Using the racadm Utility to Configure the Drac 137Creating Bootable Deployment Image Files 146 134 154 151152 153 167 164165 166 175 172173 174 181 178179 180 199 190194 197 203 CfgNetTuningNicAutoneg Read/Write 204CfgNetTuningNicFullDuplex Read/Write 205 200 219 214217 218 Overall Architecture of Virtual Media 111 Setting Up Active Directory ObjectsDrac 4 Power Requirements Management Station COM Port Settings Last Crash Screen Page Buttons Enable email Alert PropertiesCertificate Signing Request Generation Watchdog Information Fields Log/Verbose Level Options 131 Drac 4 Network Error CodesDellAssociationObject Class List of Attributes Added to Table A-12 Getssinfo Subcommand Options 159 Table A-13 Table A-5 Config Subcommand OptionsTable A-6 Getconfig Subcommand Options 152 Table A-7 Table A-10 Fwupdate Subcommand Options 157 Table A-11 Table A-41 Sslcertview Subcommand Options 178 Table A-42 Table A-28 Serveraction Subcommand Options 169 Table A-29Table A-33 Setrac Subcommand Options 173 Table A-34 Table A-35 Sslcsrgen Subcommand Options 175 Table A-36 Drac 4 Overview What’s New in Drac 4 in this Release? Drac 4/I Hardware Features RJ-45 Connector Drac 4 Hardware Features Lists the power requirements for the Drac Hardware SpecificationsPower Requirements Connectors Supported Remote Access Connections Drac 4 Security FeaturesLists the features of each type of connection Supported Platforms Supported Operating SystemsSupported Web Browsers Features Other Documents You May Need Drac 4 Overview What You Need to Get Started Installing the Drac 4 HardwareSoftware Installation and Configuration Overview Installing and Setting Up the Drac Installing the Software on the Managed System Disabling the Windows Automatic Reboot Option Rpm -e racadm Installing the Software on the Management StationConfiguring a Supported Web Browser Mount /mnt/cdrom Cd /mnt/cdrom Rpm -ivh linux/rac/*.rpm Viewing Localized Versions of the Web-Based Interface Installing the Sun Java Plug-InInstalling the Sun Java Plug-In to Use Console Redirection Installing the Sun Java Plug-In to Use Mozilla Register the Java plug-in Configuring Drac 4 PropertiesRpm -iv j2re-14versionnumber-linux-i586.rpm For example Configuring the Drac 4 Network Settings Using the Option ROM Configuring the Drac 4 Network Settings Waiting for response from Dhcp Server Virtual Media Configuration Options Adding and Configuring Snmp Alerts Adding and Configuring Drac 4 Users Updating the Drac 4 Firmware Clearing the Web Browser Cache With Internet ExplorerClearing the Web Browser Cache With Mozilla Accessing the Drac 4 Through a Network Service racsvc status Where action is start, stop, status, or probeDrac 4 Software Basics for Red Hat Enterprise Linux Additional Information Removing the DracRemoving Drac 4-Related Applications and Drivers Drac 4 NIC Serial and Telnet Console Features F2 = System Setup Configuring the System Setup Program on the Managed System Serial --unit=0 --speed=57600 terminal --timeout=10 serial Append two options to the kernel lineKernel ............. console=ttyS0,57600 Enabling Login to the Console After Boot Co2345respawn/sbin/agetty -h -L 57600 ttyS0 vt100Sample File /etc/innitab TtyS0 Enabling the Serial/Telnet Console on the Drac Racadm config -g group -o object value Racadm getconfig -g groupUsing racadm Remotely Using the Secure Shell SSH Racadm getconfig -g cfgSerialRacadm config -g cfgSerial -o cfgSerialSshEnable 3DES-192-CBC You can change the SSH port with the commandAES192-CBC AES128-CBC Required Pinout for DB-9 Null Modem Cable Signal Name Connecting the DB-9 CablePage Configuring HyperTerminal for Serial Console Redirection Clear the init, reset, connect, and hangupType minicom -c on Page Enabling Microsoft Telnet for Telnet Console Redirection Using a Serial or Telnet Console Accessing the Web-Based Interface Managing and Recovering a Remote SystemLogging User Properties Property Description User Name Adding and Configuring Drac 4 Users and AlertsAdding and Configuring Drac 4 Users Password Use the information in -3 to enable email alerts Configuring User email Alerts Alert Description Go Back To User ConfigurationEmail Alert Severity Description Informational Severe Configuring the Drac 4 NIC Drac 4 Network Configuration Page Buttons Duplex ModeEmail Alert Settings Check box is selected Default Smtp Email Server Configuring Alerts by Severity Adding and Configuring Snmp Alerts Severity Options Description Informational System Fan Sensors Monitors the system fan speed RPMSuch as chassis intrusion Managing a Remote System Snmp Alert Properties PropertyDescription10. Snmp Alerts Page Buttons Action Print Ensuring Drac 4 Network Security Updating the Drac 4 Firmware Key Size IssuerType Serial View Server Certificate Default certificate you received with your DracFrom the CA Upload Certificate 16. Certificate Management Page Buttons Action Print 14. Required CSR Fields Properties Description Locality LState S Management Generate Viewing System Information System Information Bios VersionService Tag Server Address Recovering and Troubleshooting the Managed System First Steps to Troubleshoot a Remote System Managing Power on a Remote System SEL provides buttons see -24 in the top-right corner Using the SEL User Using the Drac 4 Log25. Status Indicator Icons Description Date/ Time Viewing the Last System Crash Screen Using the Diagnostic Console Ping IP Address 28. Diagnostic Commands Description ArpIfconfig Netstat 30. Drac 4 Network Error Codes Description Troubleshooting Network Problems Troubleshooting Alerting Problems RAC189A RAC065A Frequently Asked Questions Managing and Recovering a Remote System Managing and Recovering a Remote System Using the Drac 4 With Microsoft Active Directory Active Directory Schema Extensions Active Directory Object Overview Overview of the RAC Schema Extensions RAC4 Privilege Object User1 User2 User3 Group1 Priv1 AO1 Configuring Active Directory to Access Your Drac Extending the Active Directory SchemaUsing the Dell Schema Extender Click Next to run the Dell Schema Extender Click Finish Attributes DellRAC4Privileges DellProduct Class DellRAC4Privileges Class840.113556.1.8000.1280.1.1.1.3 Description 840.113556.1.8000.1280.1.1.1.4 Description False DelIsLogClearAdmin Ldaptypecaseignorestring Creating a Privilege Object Adding Drac 4 Users and Privileges to Active DirectoryOpening the Active Directory Users and Computers Snap-In Creating a RAC Device Object Creating an Association Object Adding Objects to an Association ObjectSelect the scope for the Association Object Click OK Click Next and click Finish Enabling SSL on a Domain Controller Exporting the Domain Controller Root CA Certificate Select Computer account and click NextClick Finish and click OK Click the Configuration tab and select Network Configuring the Drac Using Active Directory to Log In To the Drac Racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP100 101 Lists frequently asked questions and answers 102 Racadm sslcertupload -t 0x1 -f websslcert Using Console Redirection Overview103 Current console redirection sessions Maximum console redirection sessions 105 106 Using Console Redirection Frequently Asked Questions AnswerRacadm racreset command Running the racadm racreset hard command 107 108 Run Xwindows startx Run Xconfigurator if not previously run beforeRpm -qa grep radeon7000mdellserver 109 110 Overall Architecture of Virtual Media Managed System 111 Operating System Requirements on the Managed System Installing the Virtual Media Plug-In Using the Virtual Media Feature113 Installing Operating Systems Using Virtual Media Booting From the Virtual Media 115 Enabling and Disabling the Virtual Media FeatureRacadm config -g cfgRacVirtual -o cfgVirMediaDisable Cat /var/log/messages grep Virtual DELL-VIRTUALS-120 Removable Media Drive Configuring the Virtual Floppy Feature as a Super FloppyConfiguring the Virtual Floppy as a Hard Drive Racadm config -g cfgRacVirtual -o cfgFloppyEmulation 117 InstallationRacvmcli Execution Environment Drac 4 IP Address Interfaces and APIsVM-CLI Parameters Racvmcli parameters OS-shell options 119 UDRAC-user-name Cdevice-name image-file CD/DVD Device or Image File 121 Drive Number 1 failed to CfgRacVirtual Racadm getconfig -gDrive Number 0 failed to Detect Virtual device 123 Use the racadm vmdisconnect command toOther console startup Messages 124 Drive Number 0 VirtualfloppyDrive Removable Media Drive Drive Number 1 Virtualcdrom 125 126 Cat /var/log/messages grepCat /etc/fstab grep /dev/hde Mount /mnt/cdrom1 Logging into the Drac Starting a Text Console127 128 Viewing a List of Serial/Telnet CommandsRacadm config -g cfgSerial -o cfgSerialHistorySize number Setsvctag Firmware Unsupported Command 129 Using the racadm CLIRacadm Command Description Prompt a racadm help more Racadm Options Using the racadm CLI RemotelyLists the options for the racadm command Racadm Synopsis Option Description Type the following command to disable the remote capabilityRacadm Command Options 131 132 Racadm Subcommand Descriptions 133 Configuring Multiple Drac 4sRacadm Error Messages Configuration File Overview Racadm getconfig -f myfile.cfg Creating a Drac 4 Configuration File 135 Use the racresetcfg subcommand to keep all Drac 4s the sameCfgLanNetworking CfgNicIpAddress=143.154.133.121 See the example in the previous bullet 136 Configuration File ExampleRacadm config -g groupName -o objectName -i index Racadm getconfig -g groupName -i index 137 Using the racadm Utility to Configure the DracFile contents are as follows This file will be updated as follows Before Adding a Drac 4 User Racadm getconfig -u usernameRacadm getconfig -g cfgUserAdmin -i index # cfgUserAdminIndex=XX CfgUserAdminUserName= Adding a Drac 4 User With Alerting Capabilities 139Specific object 140 Adding a Drac 4 User With Permissions Configuring Drac 4 Network Properties Racadm getconfig -g cfgLanNetworking141 142 Racadm subcmd Error messageRacadm subcmd Transport Error message Racadm subcmd Firmware Error message 143 Requirements Tasks 145 Vmdeploy Windows Users Creating Bootable Deployment Image FilesTo create image files from existing bootable media Linux Users Troubleshooting the Drac Troubleshooting147 Troubleshooting Description Racadm help Racadm help subcommandHelp Synopsis Racadm arp Config/getconfigArp Clearasrscreen Racadm Getconfig Config Subcommand DescriptionRacadm config -p -c -f filename Racadm config -g Racadm getconfig Filename 152 Getconfig Subcommand DescriptionTable A-6. getconfig Subcommand Options Description Filename command Racadm coredump Table A-7 describes the coredump subcommandCoredump Examples 154 Output Example FW dcmdCoreDump No Core dump available FwupdateCoredumpdelete Current task stack Ipev -#005e0000 binary data Input Load the update file into the Drac 4 RAMdisk areaTable A-10 describes the fwupdate subcommand options 156 Table A-9. fwupdate Subcommand Definition 157 Table A-10. fwupdate Subcommand Options Description Racadm -r Racip -u user -p password fwupdate -g -u -a Updating the Firmware158 Racadm getssninfo -A -u username Table A-11 describes the getssinfo subcommandTable A-12 describes the getssinfo subcommand options Getssninfo 143.166.174.19 2004 103239 GMT-0600 GetsysinfoWeb Root Thu 06 Mar 161 Table A-15 describes the getsysinfo subcommand optionsWatchdog information/recovery action Following data element is output as a string Restrictions Racadm getsysinfo -A -w -sRacadm getsysinfo -w -s Racadm getractime -u -d IfconfigRacadm ifconfig Getractime Racadm ping ipaddress NetstatPing Setniccfg/getniccfg 165 Table A-21. setniccfg/getniccfg Subcommand DefinitionDescription for setniccfg Description for getniccfg Racadm getsvctag GetsvctagRacdump Example Racreset Transport Error RC=-1Racadm racreset hard soft graceful delay in seconds Racadm racresetcfg RacresetcfgTable A-25 describes the racreset subcommand options Table A-26 describes the racresetcfg subcommand Serveraction Table A-27 describes the serveraction subcommandRacadm serveraction -d delay action Table A-27. serveraction SubcommandDefinition Getraclog Serveraction command returns without output if successfulTable A-29 describes the getraclog command Table A-29 Getraclog Command Definition Racadm clrraclog Table A-30 describes the getsel commandClrraclog Getsel Racadm gettracelog Racadm gettracelog -m ClrselGettracelog Racadm clrsel Racadm setrac -h -o -T -d Setrac Sslcsrgen Table A-34 describes the sslcsrgen subcommandTable A-33. setrac Subcommand Options Table A-34. sslcsrgen SubcommandDescription 175 Table A-35 describes the sslcsrgen subcommand optionsTable A-35. sslcsrgen Subcommand Options Description Options Sslcertupload Racadm sslcertupload -t type -f filenameRacadm sslcertupload -t 0x1 -f c\cert\cert.txt Sslcertdownload Racadm sslcertdownload -t type -f filenameRacadm sslcertdownload -t 0x1 -f c\cert\cert.txt Sslcertview Output ExamplesRacadm sslcertview -t type -A Racadm testemail -i index -u username 1024 DSU+123431 DSU+153431 RMC Default Certificate Dell IncTestemail Round Rock Texas john@dell.com Racadm testtrap -i index Testtrap Racadm vmdisconnect Table A-46 describes the vmdisconnect subcommandTable A-46. vmdisconnect Subcommand Description Vmdisconnect Racadm Subcommand Man Pages IdRacInfo IdRacProductInfo Read OnlyIdRacDescriptionInfo Read Only IdRacVersionInfo Read Only IdRacName Read/WriteIdRacMisc Read/Write CfgDNSDomainName Read/Write CfgLanNetworkingIdRacType Read CfgDNSDomainNameFromDHCP Read/Write CfgDNSRegisterRac Read/Write CfgDNSRacName Read/Write 187 CfgDNSServersFromDHCP Read/WriteCfgDNSServer1 Read/Write CfgDNSServer2 Read/Write CfgNicEnable Read/Write CfgNicIpAddress Read/WriteCfgNicNetmask Read/Write CfgNicMacAddress Read Only CfgCurrentLanNetworkingCfgNicGateway Read/Write CfgNicUseDhcp Read/Write CfgNicCurrentDhcpWasUsed Read Only CfgNicCurrentIpAddress Read OnlyCfgNicCurrentNetmask Read Only CfgNicCurrentGateway Read Only CfgDNSCurrentServer1 Read Only CfgRhostsSmtpEmailEnable Read/WriteCfgRemoteHosts CfgDNSCurrentDomainName Read Only CfgRhostsFwUpdateTftpEnable Read/Write CfgRhostsFwUpdateIpAddr Read/WriteCfgRhostsSmtpServerIpAddr Read/Write Legal Values CfgUserAdminCfgRhostsFwUpdatePath Read/Write CfgUserAdminPrivilege Read/Write CfgUserAdminUserName Read/Write CfgUserAdminPassword Write OnlyTable B-1. Bit Masks for User Privileges 195 CfgUserAdminAlertFilterRacEventMask Read/WriteCfgUserAdminAlertFilterSysEventMask Read/Write CfgUserAdminEmailEnable Read/Write CfgTraps CfgUserAdminEmailAddress Read/WriteCfgUserAdminEmailCustomMsg Read/Write CfgUserAdminIndex Read Only 197 CfgTrapsEnable Read/WriteCfgTrapsSnmpCommunity Read/Write CfgTrapsFilterRacEventMask Read/Write CfgSessionManagement CfgTrapsFilterSysEventMask Read/WriteCfgTrapsIndex Read Only 199 CfgSsnMgtSshIdleTimeout Read/WriteCfgSsnMgtMaxSessions Read/Write CfgSsnMgtMaxSessionsPerUser Read/Write CfgSerialConsoleEnable Read/Write CfgSerialCfgSerialBaudRate Read/Write 201 CfgSerialConsoleIdleTimeout Read/WriteCfgSerialConsoleQuitKey Read/Write CfgSerialConsoleShellType Read/Write CfgSerialConsoleCommand Read/Write CfgSerialConsoleNoAuth Read/WriteCfgSerialHistorySize Read/Write 203 CfgSerialSshEnable Read/WriteCfgSerialTelnetEnable Read/Write CfgSerialCom2RedirEnable Read/Write CfgSerialTelnet7flsBackspace Read/Write CfgNetTuningCfgNetTuningNicAutoneg Read/Write CfgNetTuningNic100MB Read/Write Legal Values Integer from 1 to Default 0x40 CfgNetTuningNicFullDuplex Read/WriteCfgNetTuningNicMtu Read/Write CfgNetTuningIpTtl Read/Write Legal Values Integer from 6 to Default 0x6 206 CfgNetTuningIpReassTtl Read/WriteCfgNetTuningTcpSrttBase Read/Write CfgNetTuningTcpSrttDflt Read/Write 207 CfgNetTuningTcpReXmtMin Read/WriteCfgNetTuningTcpReXmtMax Read/Write CfgNetTuningTcpMsl Read/Write Ini files are used CfgNetTuningIpSubnetsAreLocal Read/WriteTuning the Drac 4 for Satellite Connectivity Where value is obtained from Table B-2 CfgOobSnmpAgentCommunity Read/Write CfgOobSnmpTrapsEnable Read/WriteLegal Values Boolean, either 1 or 0 True or False Default CfgOobSnmp CfgRacTuneHttpPort Read/Write CfgRacTuningCfgOobSnmpAgentEnable Read/Write Description =Disable, 1=Enable transmission of Snmp traps 211 CfgRacTuneHttpsPort Read/WriteCfgRacTuneSshPort Read/Write CfgRacTuneTelnetPort Read/Write CfgRacTuneHostCom2BaudRate Read/Write CfgRacTuneFwUpdateResetDelay Read/WriteCfgRacTuneRemoteRacadmEnable Read/Write Legal Values 115200, 57600, 19200, Default 212 IfcRacMnOsOsName Read/Write IfcRacManagedNodeOsCfgRacTuneConRedirPort Read/Write IfcRacMnOsHostname Read/Write CfgRacSecCsrOrganizationName Read/Write CfgRacSecurityIfcRacMnOsOsType Read Only CfgRacSecCsrCommonName Read/Write CfgRacSecCsrOrganizationUnit Read/Write CfgRacSecCsrLocalityName Read/WriteCfgRacSecCsrStateName Read/Write Description CSR state CfgRacSecCsrCountryCode Read/WriteCfgRacSecCsrEmailAddr Read/Write CfgRacSecCsrKeySize Read/Write CfgFloppyEmulation Read/Write CfgVirMediaDisable Read/WriteLegal Values Or 0 True or False Default Description CfgRacVirtual CfgADRacDomain Read/Write CfgVirtualBootOnce Read/WriteCfgActiveDirectory CfgVirAtapiSrvPort Read/Write 219 CfgADEnable Read/WriteCfgADAuthTimeout Read/Write CfgADRacName Read/Write 220 Event Filter Operation and Event Mask PropertiesDrac 4-Generated Event Mask Definitions CfgADRootDomain Read/Write Miscmask System-Generated Alert Mask DefinitionsRacadm -g cfgTraps -o cfgTrapsFilterSysEventMask -i1 221 SenMask Alert Filter Properties222 StatMask Racadm testemail -i index Racadm testemail -u username Alert Test CommandsEmail Test Command Alert Data Definitions 224 Trap Test CommandSynopsis Racadm testtrap -t -i trap index Acronym for custom factory integration Acronym for application programming interfaceOther characters Abbreviation for compact disc Abbreviation for disk storage unit Abbreviation for Dell Remote Access ControllerAbbreviation for Dynamic Domain Naming System Abbreviation for Domain Name System Abbreviation for management information base Abbreviation for international standards organizationAbbreviation for local area network Abbreviation for light-emitting diode Acronym for system event log Abbreviation for remote access controllerAbbreviation for uninterruptible power supply RAM disk Index 229 Drac 4, removing related applications and drivers 231 Index