Home > Dell, Hardware, IDRAC, Uncategorized > HOWTO: Dell iDRAC Standardization using RACADM.EXE

HOWTO: Dell iDRAC Standardization using RACADM.EXE

I have been looking into reconfiguring the Dell iDRAC’s to be more standard.  This included renaming from *-idrac to *-rmu (our company standard – we’re an IBM/Dell shop now) and to set the root password similar to the RMU’s.   I noticed a few other things that may still be outstanding, I’d have to check them all just to be sure.  These include:

· E-mail alert monitoring

· AD login capability

· -IDRAC vs –RMU naming and consistency

· Root user password not matching – and not meeting complexity.  If we’re going to change these, there is an argument to be made to changing them all as the current RMU password isn’t meeting complexity and is likely old.

What I have managed to do I think will be great going forward.   I have used the “racadm” program in the past, but only in spot locations and never in depth.  If you login via SSH to the iDRAC, you can run commands against it, including standardizing it.  There is also a CLI based “racadm” which will work remotely, but I’m having issues making it connect, I believe related to SSL.

You can obtain the RACADM program either via the DRAC Tools package (http://www.dell.com/support/drivers/us/en/04/DriverDetails/Product/poweredge-r620?driverId=K7F2N&osCode=WS8R2&fileId=3196045542&languageCode=en&categoryId=SM)  or in the OMSA Managed Node package (http://www.dell.com/support/drivers/us/en/04/DriverDetails/Product/poweredge-r620?driverId=WYD5G&osCode=WS8R2&fileId=3195924439&languageCode=en&categoryId=SM).  These can be installed on any workstation or management station, but the OMSA Managed Node will install the OMSA Web Server used for connecting to other remote OMSA Nodes (eg: ESXi hosts with no web server).

The point of all this is that it would now be possible to configure the iDRAC via text file.   One can either SSH to the iDRAC and enter “racadm” at the “admin-1/>” prompt and then enter commands shown below under “SSH Config”.  Alternatively, this can be done via the RACADM.EXE which is installed to “C:\Program Files\Dell\SysMgt\idrac\racadm.exe”.  Using RACADM.exe will require the use of command line parameters to tell it how to connect:

Racadm -r fsrvcloesxi1-rmu –u root –p <password>

-or-

Racadm r fsrvcloesxi-rmu -I

The “-I” will interactively ask for the password.

Samples are below for both SSH and RACADM.EXE configurations.  Note that RACADM.EXE will be far easier to use programmatically – for example using an input CSV file and a FOR loop, one could reconfigure all IDRAC’s to match in short time.  The SSH method does not accept variables, and has some issues pasting in more than a few lines at a time.

It would be fairly trivial to use a for loop and feed a CSV of hostnames to the RACADM.EXE version and have it walk through all of them.  It’s a little slow in processing, especially if you have an untrusted/default SSL cert.  But…. you can set it and forget it and walk away, and come back later, so really – who cares how slow it might be.

By the way, if anyone has a suggestion or feedback on how I can better format “code” using WordPress and/or LiveWriter, or something otherwise – DO let me know!

 

===== Dell iDRAC RACADM SSH Config =====

putty nw-esxi01-idrac
racadm
#
#
ftp://ftp.dell.com/Manuals/all-products/esuprt_ser_stor_net/esuprt_poweredge/poweredge-m1000e_Developer’s%20Guide6_en-us.pdf
#
# Modify the hostname
racadm config -g cfgLanNetworking -o cfgDNSRacName nw-esxi01-rmu
racadm config -g cfgLanNetworking -o cfgNicEnable 1
racadm config -g cfgLanNetworking -o cfgNicIPv4Enable 1
# Modify the IP Address
racadm config -g cfgLanNetworking -o cfgNicIpAddress 10.0.0.241
racadm config -g cfgLanNetworking -o cfgNicNetmask 255.255.255.0
# Modify the IP Gateway, if applicable
racadm config -g cfgLanNetworking -o cfgNicGateway 10.0.0.1
# Sets the iDRAC NIC to DEDICATED.
racadm config -g cfgLanNetworking -o cfgNicSelection 1
#racadm config -g cfgLanNetworking -o cfgNicVLanEnable 1
#racadm config -g cfgLanNetworking -o cfgNicVLanID 111
# Only works if the NICIPAddress comes from DHCP.
#racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 1
racadm config -g cfgLanNetworking -o cfgDNSServer1 10.0.0.11
racadm config -g cfgLanNetworking -o cfgDNSServer2 10.0.0.13
racadm config -g cfgLanNetworking -o cfgDNSDomainName netwise.ca
racadm config -g cfgLanNetworking -o cfgDNSRegisterRac 1
racadm config -g cfgRemoteHosts -o cfgRhostsSyslogEnable 1
racadm config -g cfgRemoteHosts -o cfgRhostsSyslogServer1 syslog1.netwise.ca
racadm config -g cfgRemoteHosts -o cfgRhostsSyslogPort 514
racadm config -g cfgRemoteHosts -o cfgRhostsSmtpServerIpAddr ssmtp.focus.ca
racadm config -g cfgEmailAlert -i 1 -o cfgEmailAlertIndex 1
racadm config -g cfgEmailAlert -i 1 -o cfgEmailAlertEnable 1
racadm config -g cfgEmailAlert -i 1 -o cfgEmailAlertAddress alerts
@netwise.ca
racadm config -g cfgEmailAlert -o cfgEmailAlertCustomMsg -i 1 “This is a test!”
racadm config -g cfgOobSnmp -o cfgOobSnmpAgentEnable 1
racadm config -g cfgOobSnmp -o cfgOobSnmpAgentCommunity nw_public
racadm config -g cfgActiveDirectory -o cfgADEnable 1
racadm config -g cfgActiveDirectory -o cfgADAuthTimeout 60
racadm config -g cfgActiveDirectory -o cfgADType 2
racadm config -g cfgActiveDirectory -o cfgADDcSRVLookupEnable 1
racadm config -g cfgActiveDirectory -o cfgADDcSRVLookupbyUserdomain 1
racadm config -g cfgActiveDirectory -o cfgADDcSRVLookupDomainName netwise.ca
racadm config -g cfgActiveDirectory -o cfgADGcSRVLookupEnable 1
racadm config -g cfgActiveDirectory -o cfgADGcRootDomain netwise.ca
racadm config -g cfgStandardSchema -i 1 -o cfgSSADRoleGroupIndex 1
racadm config -g cfgStandardSchema -i 1 -o cfgSSADRoleGroupName “Domain Admins”
racadm config -g cfgStandardSchema -i 1 -o cfgSSADRoleGroupDomain netwise.ca
racadm config -g cfgStandardSchema -i 1 -o cfgSSADRoleGroupPrivilege 0x000001ff
racadm config -g cfgUserAdmin -i 2 -o cfgUserAdminIndex 2
racadm config -g cfgUserAdmin -i 2 -o cfgUserAdminUserName root
racadm config -g cfgUserAdmin -i 2 -o cfgUserAdminPassword <passwordhere>
racadm config -g cfgUserAdmin -i 2 -o cfgUserAdminEnable 1
racadm config -g cfgUserAdmin -i 2 -o cfgUserAdminPrivilege 0x000001ff
racadm config -g cfgUserAdmin -i 2 -o cfgUserAdminIpmiLanPrivilege 4
racadm config -g cfgUserAdmin -i 2 -o cfgUserAdminIpmiSerialPrivilege 4
racadm config -g cfgUserAdmin -i 2 -o cfgUserAdminSolEnable 1

===== Dell iDRAC RACADM SSH Config =====

===== Dell iDRAC RACADM CLI Config =====

set RAC_HOST=nw-esxi01-rmu
set RAC_USER=root
set RAC_PASS=<password>
set RAC_PASSNEW=<password>
set RAC_IPADDR=10.0.0.241
set RAC_IPMASK=255.255.255.0
set RAC_IPGW=10.0.0.1
set RAC_DNS1=10.0.0.11
set RAC_DNS2=10.0.0.13
set RAC_FQDN=netwise.ca
set RAC_SYSLOG=syslog1.netwise.ca
set RAC_SMTP=smtp.netwise.ca
set
RAC_ALERTEMAIL=alerts@netwise.ca
set
RAC_SNMPv2=nw_public
# Modify the hostname
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgDNSRacName $RAC_HOST
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgNicEnable 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgNicIPv4Enable 1
# Modify the IP Address
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgNicIpAddress %RAC_IPADDR%
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgNicNetmask %RAC_IPMASK%
# Modify the IP Gateway, if applicable
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgNicGateway %RAC_IPGW%
# Sets the iDRAC NIC to DEDICATED.
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgNicSelection 1
#racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgNicVLanEnable 1
#racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgNicVLanID 111
# Only works if the NICIPAddress comes from DHCP.
#racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgDNSServersFromDHCP 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgDNSServer1 %RAC_DNS1%
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgDNSServer2 %RAC_DNS2%
# Only works if the NICIPAddress comes from DHCP.
#racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgDNSDomainNameFromDHCP 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgDNSDomainName %RAC_FQDN%
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgLanNetworking -o cfgDNSRegisterRac 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgRemoteHosts -o cfgRhostsSyslogEnable 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgRemoteHosts -o cfgRhostsSyslogServer1 %RAC_SYSLOG%
#racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgRemoteHosts -o cfgRhostsSyslogServer2
#racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgRemoteHosts -o cfgRhostsSyslogServer3
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgRemoteHosts -o cfgRhostsSyslogPort 514
#racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgRemoteHosts -o cfgRhostsFwUpdateTftpEnable 1
#racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgRemoteHosts -o cfgRhostsFwUpdateIpAddr 0.0.0.0
#racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgRemoteHosts -o cfgRhostsFwUpdatePath
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgRemoteHosts -o cfgRhostsSmtpServerIpAddr %RAC_SMTP%
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgEmailAlert -i 1 -o cfgEmailAlertIndex 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgEmailAlert -i 1 -o cfgEmailAlertEnable 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgEmailAlert -i 1 -o cfgEmailAlertAddress %RAC_ALERTEMAIL%
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgEmailAlert -o cfgEmailAlertCustomMsg -i 1 “This is a test!”
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgOobSnmp -o cfgOobSnmpAgentEnable 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgOobSnmp -o cfgOobSnmpAgentCommunity %RAC_SNMPv2%
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgActiveDirectory -o cfgADEnable 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgActiveDirectory -o cfgADAuthTimeout 60
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgActiveDirectory -o cfgADType 2
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgActiveDirectory -o cfgADDcSRVLookupEnable 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgActiveDirectory -o cfgADDcSRVLookupbyUserdomain 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgActiveDirectory -o cfgADDcSRVLookupDomainName %RAC_FQDN%
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgActiveDirectory -o cfgADGcSRVLookupEnable 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgActiveDirectory -o cfgADGcRootDomain %RAC_FQDN%
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgStandardSchema -i 1 -o cfgSSADRoleGroupIndex 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgStandardSchema -i 1 -o cfgSSADRoleGroupName “Domain Admins”
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgStandardSchema -i 1 -o cfgSSADRoleGroupDomain %RAC_FQDN%
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgStandardSchema -i 1 -o cfgSSADRoleGroupPrivilege 0x000001ff
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgUserAdmin -i 2 -o cfgUserAdminIndex 2
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgUserAdmin -i 2 -o cfgUserAdminUserName root
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgUserAdmin -i 2 -o cfgUserAdminPassword %RAC_PASSNEW%
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgUserAdmin -i 2 -o cfgUserAdminEnable 1
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgUserAdmin -i 2 -o cfgUserAdminPrivilege 0x000001ff
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgUserAdmin -i 2 -o cfgUserAdminIpmiLanPrivilege 4
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgUserAdmin -i 2 -o cfgUserAdminIpmiSerialPrivilege 4
racadm -r %RAC_HOST% -u %RAC_USER% -p %RAC_PASS% config -g cfgUserAdmin -i 2 -o cfgUserAdminSolEnable 1

===== Dell iDRAC RACADM CLI Config =====

Advertisements
Categories: Dell, Hardware, IDRAC, Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: