Using the Local RACADM Command Line Interface

Using the Local RACADM Command Line Interface

Integrated Dell™ Remote Access Controller Firmware Version 1.2
User Guide

( can work for iDRAC7 )

  Using the RACADM Command

  RACADM Subcommands

  Using the RACADM Utility to Configure the iDRAC

  Using an iDRAC Configuration File

  Configuring Multiple iDRACs

The local RACADM command line interface (CLI) provides access to the iDRAC management features from the managed server. RACADM provides access to the same features as the iDRAC Web interface. However, RACADM can be used in scripts to ease configuration of multiple servers and iDRACs, where the Web interface is more useful for interactive management.
Local RACADM commands do not use network connections to access the iDRAC from the managed server. This means that you can use local RACADM commands to configure the initial iDRAC networking.
For more information about configuring multiple iDRACs, see Configuring Multiple iDRACs.
This section provides the following information:

• Using RACADM from a command prompt
• Configuring your iDRAC using the racadm command
• Using the RACADM configuration file to configure multiple iDRACs

---

Using the RACADM Command

You run RACADM commands locally (on the managed server) from a command prompt or shell prompt.
Log into the managed server, start a command shell, and enter local RACADM commands in the following format:

racadm <subcommand> -g <group> -o <object> <value>

Without options, the RACADM command displays general use information. To display the RACADM subcommand list, type:
racadm help
The subcommand list includes all commands that are supported by the iDRAC.
To get help for a subcommand, type:
racadm help <subcommand>
The command displays the syntax and command-line options for the subcommand.

---

RACADM Subcommands

Table 10-1 provides a description of each RACADM subcommand that you can run in RACADM. For a detailed listing of RACADM subcommands including syntax and valid entries, see RACADM Subcommand Overview.

Table 10-1. RACADM Subcommands 

Command	Description
clrraclog	Clears the iDRAC log. After clearing, a single entry is made to indicate the user and time that the log was cleared.
clrsel	Clears the managed server's System Event Log entries.
config	Configures the iDRAC.
getconfig	Displays the current iDRAC configuration properties.
getniccfg	Displays the current IP configuration for the controller.
getraclog	Displays the iDRAC log.
getractime	Displays the iDRAC time.
getssninfo	Displays information about active sessions.
getsvctag	Displays service tags.
getsysinfo	Displays information about the iDRAC and managed server, including IP configuration, hardware model, firmware versions, and operating system information.
gettracelog	Displays the iDRAC trace log. If used with -i, the command displays the number of entries in the iDRAC trace log.
help	Lists iDRAC subcommands.
help<subcommand>	Lists usage statement for the specified subcommand.
racreset	Resets the iDRAC.
racresetcfg	Resets the iDRAC to the default configuration.
serveraction	Performs power management operations on the managed server.
setniccfg	Sets the IP configuration for the controller.
sslcertdownload	Downloads a CA certificate.
sslcertupload	Uploads a CA certificate or server certificate to the iDRAC.
sslcertview	Views a CA certificate or server certificate in the iDRAC.
sslcsrgen	Generates and downloads the SSL CSR.
testemail	Forces the iDRAC to send an e-mail over the iDRAC NIC.
testtrap	Forces the iDRAC to send an SNMP alert over the iDRAC NIC.

---

Using the RACADM Utility to Configure the iDRAC

This section describes how to use RACADM to perform various iDRAC configuration tasks.

Displaying Current iDRAC Settings

The RACADM getconfig subcommand retrieves current configuration settings from the iDRAC. The configuration values are organized into groups containing one or more objects, and the objects have values.
See iDRAC Property Database Group and Object Definitions for a complete description of the groups and objects.
To display a list of all of the iDRAC groups, enter this command:
racadm getconfig -h
To display the objects and values for a particular group, enter this command:
racadm getconfig -g <group>
For example, to display a list of all cfgLanNetworking group object settings, type the following command:
racadm getconfig -g cfgLanNetworking

Managing iDRAC Users with RACADM

NOTICE: Use caution when using the racresetcfg command, as all configuration parameters are reset to the original defaults. Any previous changes are lost.

NOTE: If you are configuring a new iDRAC or if you ran the racadm racresetcfg command, the only current user is root with the password calvin.

NOTE: Users can be enabled and disabled over time. As a result, a user may have a different index number on each iDRAC.

You can configure up to 15 users in the iDRAC property database. (A sixteenth user is reserved for the IPMI LAN user.) Before you manually enable an iDRAC user, verify if any current users exist.
To verify if a user exists, type the following command at the command prompt:
racadm getconfig -u <username>
OR
type the following command once for each index from 1 to 16:

racadm getconfig -g cfgUserAdmin -i <index>

NOTE: You can also type racadm getconfig -f <filename> and view the generated <filename> file, which includes all users, as well as all other iDRAC configuration parameters.

Several parameters and object IDs are displayed with their current values. Two objects of interest are:

# cfgUserAdminIndex=nn

cfgUserAdminUserName=

If the cfgUserAdminUserName object has no value, that index number, which is indicated by the cfgUserAdminIndex object, is available for use. If a name appears after the =, that index is assigned to that user name.

Adding an iDRAC User

To add a new user to the iDRAC, perform the following steps:

1. Set the user name.
   
   
2. Set the password.
   
   
3. Set the Login to iDRAC user privilege.
   
   
4. Enable the user.

Example

The following example describes how to add a new user named "John" with a "123456" password and login privileges to the iDRAC:
racadm config -g cfgUserAdmin -o cfgUserAdminUserName -i 2 john
racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 2 123456
racadm config -g cfgUserAdmin -o cfgUserPrivilege -i 2 0x00000001
racadm config -g cfgUserAdmin -o cfgUserAdminEnable -i 2 1
To verify the new user, use one of the following commands:

racadm getconfig -u john

racadm getconfig –g cfgUserAdmin –i 2

Enabling an iDRAC User With Permissions

To grant a user a specific administrative (role-based) permissions, set the cfgUserAdminPrivilege property to a bitmask constructed from the values show in Table 10-2:

Table 10-2. Bit Masks for User Privileges 

User Privilege	Privilege Bit Mask
Login to iDRAC	0x0000001
Configure iDRAC	0x0000002
Configure Users	0x0000004
Clear Logs	0x0000008
Execute Server Control Commands	0x0000010
Access Console Redirection	0x0000020
Access Virtual Media	0x0000040
Test Alerts	0x0000080
Execute Debug Commands	0x0000100

For example, to allow the user Configure iDRAC, Configure Users, Clear Logs, and Access Console Redirection privileges, add the values 0x00000002, 0x00000004, 0x00000008, and 0x00000010 to construct the bitmap 0x0000002E. Then enter the following command to set the privilege:
racadm config -g cfgUserAdmin -o cfgUserAdminPrivilege -i 2 0x0000002E

Removing an iDRAC User

When using RACADM, users must be disabled manually and on an individual basis. Users cannot be deleted by using a configuration file.
The following example illustrates the command syntax that can be used to delete a RAC user:

racadm config -g cfgUserAdmin -o cfgUserAdminUserName -i <index> ""

A null string of double quote characters ("") instructs the iDRAC to remove the user configuration at the specified index and reset the user configuration to the original factory defaults.

Testing E-mail Alerting

The iDRAC e-mail alert feature allows users to receive e-mail alerts when a critical event occurs on the managed server. The following example shows how to test the e-mail alert feature to ensure that the iDRAC can properly send e-mail alerts across the network.

racadm testemail -i 2

NOTE: Ensure that the SMTP and E-mail Alert settings are configured before testing the e-mail alert feature. See Configuring E-Mail Alerts for more information.

Testing the iDRAC SNMP Trap Alert Feature

The iDRAC SNMP trap alerting feature allows SNMP trap listener configurations to receive traps for system events that occur on the managed server.
The following example shows how a user can test the SNMP trap alert feature.
racadm testtrap -i 2

NOTE: Before you test the iDRAC SNMP trap alerting feature, ensure that the SNMP and trap settings are configured correctly. See the testtrap and testemail subcommand descriptions to configure these settings.

Configuring iDRAC Network Properties

To generate a list of available network properties, type the following:

racadm getconfig -g cfgLanNetworking

To use DHCP to obtain an IP address, use the following command to write the object cfgNicUseDhcp and enable this feature:
racadm config -g cfgLanNetworking -o cfgNicUseDHCP 1
The commands provide the same configuration functionality as the iDRAC configuration utility when you are prompted to type <Ctrl><E>. For more information about configuring network properties with the iDRAC configuration utility, see LAN.
The following is an example of how the command may be used to configure desired LAN network properties.

racadm config -g cfgLanNetworking -o cfgNicEnable 1

racadm config -g cfgLanNetworking -o cfgNicIpAddress 192.168.0.120

racadm config -g cfgLanNetworking -o cfgNicNetmask 255.255.255.0

racadm config -g cfgLanNetworking -o cfgNicGateway 192.168.0.120

racadm config -g cfgLanNetworking -o cfgNicUseDHCP 0

racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 0

racadm config -g cfgLanNetworking -o cfgDNSServer1 192.168.0.5

racadm config -g cfgLanNetworking -o cfgDNSServer2 192.168.0.6

racadm config -g cfgLanNetworking -o cfgDNSRegisterRac 1

racadm config -g cfgLanNetworking -o cfgDNSRacName RAC-EK00002

racadm config -g cfgLanNetworking -o cfgDNSDomainNameFromDHCP 0

racadm config -g cfgLanNetworking -o cfgDNSDomainName MYDOMAIN

NOTE: If cfgNicEnable is set to 0, the iDRAC LAN is disabled even if DHCP is enabled.

Configuring IPMI

1. Configure IPMI over LAN by entering the following command:

racadm config -g cfgIpmiLan -o cfgIpmiLanEnable 1

NOTE: This setting determines the IPMI commands that can be executed from the IPMI over LAN interface. For more information, see the IPMI 2.0 specifications.

1. Update the IPMI channel privileges by entering the following command:

racadm config -g cfgIpmiLan -o cfgIpmiLanPrivilegeLimit <level>

where <level> is one of the following:

• 2 (User)
• 3 (Operator)
• 4 (Administrator)

For example, to set the IPMI LAN channel privilege to 2 (User), type the following command:

racadm config -g cfgIpmiLan -o cfgIpmiLanPrivilegeLimit 2

2. Set the IPMI LAN channel encryption key, if required, using a command such as the following:

NOTE: The iDRAC IPMI supports the RMCP+ protocol. See the IPMI 2.0 specifications for more information.

racadm config -g cfgIpmiLan -o cfgIpmiEncryptionKey <key>

where <key> is a 20-character encryption key in a valid hexadecimal format.

2. Configure IPMI Serial over LAN (SOL) using the following command:

racadm config -g cfgIpmiSol -o cfgIpmiSolEnable 1

NOTE: The IPMI SOL minimum privilege level determines the minimum privilege required to activate IPMI SOL. For more information, see the IPMI 2.0 specification.

1. Update the IPMI SOL minimum privilege level using the following command:

racadm config -g cfgIpmiSol -o cfgIpmiSolMinPrivilege <level>

where <level> is one of the following:

• 2 (User)
• 3 (Operator)
• 4 (Administrator)

For example, to configure the IPMI privileges to 2 (User), enter the following command:

racadm config -g cfgIpmiSol -o cfgIpmiSolMinPrivilege 2

NOTE: To redirect the serial console over LAN, ensure that the SOL baud rate is identical to your managed server's baud rate.

2. Update the IPMI SOL baud rate using the following command:

racadm config -g cfgIpmiSol -o cfgIpmiSolBaudRate <baud-rate>

where <baud-rate> is 19200, 57600, or 115200 bps.

For example:

racadm config -g cfgIpmiSol -o cfgIpmiSolBaudRate 57600

3. Enable SOL by typing the following command at the command prompt.

NOTE: SOL can be enabled or disabled for each individual user.

racadm config -g cfgUserAdmin -o cfgUserAdminSolEnable -i <id> 2

where <id> is the user's unique ID.

Configuring PEF

You can configure the action you wish the iDRAC to take for each platform alert. Table 10-3 lists the possible actions and the value to identify them in RACADM.

Table 10-3. Platform Event Action

Action	Value
No action	0
Power off	1
Reboot	2
Power Cycle	3

1. Configure PEF actions using the following command:

racadm config -g cfgIpmiPef -o cfgIpmiPefAction -i <index> <action-value>

where <index> is the PEF index (see Table 5-6, and <action-value> is a value from Table 10-3.

For example, to enable PEF to reboot the system and send an IPMI alert when a processor critical event is detected, type the following command:

racadm config -g cfgIpmiPef -o cfgIpmiPefAction -i 9 2

Configuring PET

1. Enable global alerts using the following command:

racadm config -g cfgIpmiLan -o cfgIpmiLanAlertEnable 1

2. Enable PET using the following command:

racadm config -g cfgIpmiPet -o cfgIpmiPetAlertEnable -i <index> <0|1>

where <index> is the PET destination index and 0 or 1 disable PET or enable PET, respectively.

For example, to enable PET with index 4, type the following command:

racadm config -g cfgIpmiPet -o cfgIpmiPetAlertEnable -i 4 1

3. Configure your PET policy using the following command:

racadm config -g cfgIpmiPet -o cfgIpmiPetAlertDestIPAddr -i <index> <IP-address>

where <index> is the PET destination index and <IP-address> is the destination IP address of the system that receives the platform event alerts.

4. Configure the Community Name string.

At the command prompt, type:

racadm config -g cfgIpmiLan -o cfgIpmiPetCommunityName <name>

where <name> is the PET Community Name.

Configuring E-mail Alerts

1. Enable global alerts by entering the following command:

racadm config -g cfgIpmiLan -o cfgIpmiLanAlertEnable 1

2. Enable e-mail alerts by entering the following commands:

racadm config -g cfgEmailAlert -o cfgEmailAlertEnable -i <index> <0|1>

where <index> is the e-mail destination index and 0 disables the e-mail alert or 1 enables the alert. The e-mail destination index can be a value from 1 through 4.

For example, to enable e-mail with index 4, type the following command:

racadm config -g cfgEmailAlert -o cfgEmailAlertEnable -i 4 1

3. Configure your e-mail settings by entering the following command:

racadm config -g cfgEmailAlert -o cfgEmailAlertAddress -i 1 <email-address>

where 1 is the e-mail destination index and <email-address> is the destination e-mail address that receives the platform event alerts.

4. To configure a custom message, enter the following command:

racadm config -g cfgEmailAlert -o cfgEmailAlertCustomMsg -i <index> <custom-message>

where <index> is the e-mail destination index and <custom-message> is the custom message.

5. Test the configured e-mail alert, if desired, by entering the following command:

racadm testemail -i <index>

where <index> is the e-mail destination index to test.

Configuring IP Filtering (IpRange)

IP address filtering (or IP Range Checking) allows iDRAC access only from clients or management workstations whose IP addresses are within a user-specified range. All other login requests are denied.
IP filtering compares the IP address of an incoming login to the IP address range that is specified in the following cfgRacTuning properties:

• cfgRacTuneIpRangeAddr
• cfgRacTuneIpRangeMask

The cfgRacTuneIpRangeMask property is applied to both the incoming IP address and to the cfgRacTuneIpRangeAddr properties. If the results are identical, the incoming login request is allowed to access the iDRAC. Logins from IP addresses outside this range receive an error.
The login proceeds if the following expression equals zero:
cfgRacTuneIpRangeMask & (<incoming-IP-address> ^ cfgRacTuneIpRangeAddr)
where & is the bitwise AND of the quantities and ^ is the bitwise exclusive-OR.
See cfgRacTuning for a complete list of cfgRacTuning properties.

Table 10-4. IP Address Filtering (IpRange) Properties 

Property	Description
cfgRacTuneIpRangeEnable	Enables the IP range checking feature.
cfgRacTuneIpRangeAddr	Determines the acceptable IP address bit pattern, depending on the 1's in the subnet mask. This property is bitwise anded with cfgRacTuneIpRangeMask to determine the upper portion of the allowed IP address. Any IP address that contains this bit pattern in its upper bits is allowed to log in. Logins from IP addresses that are outside this range fail. The default values in each property allow an address range from 192.168.1.0 to 192.168.1.255 to log in.
cfgRacTuneIpRangeMask	Defines the significant bit positions in the IP address. The mask should be in the form of a netmask, where the more significant bits are all 1's with a single transition to all zeros in the lower-order bits.

Configuring IP Filtering

To configure IP filtering in the Web interface, follow these steps:

1. Click System® Remote Access® iDRAC® Network/Security.
   
   
2. On the Network Configuration page, click Advanced Settings.
   
   
3. Check the IP Range Enabled checkbox and enter the IP Range Address and IP Range Subnet Mask.
   
   
4. Click Apply.

Following are examples using local RACADM to set up IP filtering.

NOTE: See Using the Local RACADM Command Line Interface for more information about RACADM and RACADM commands.

1. The following RACADM commands block all IP addresses except 192.168.0.57:

racadm config -g cfgRacTuning -o cfgRacTuneIpRangeEnable 1

racadm config -g cfgRacTuning -o cfgRacTuneIpRangeAddr 192.168.0.57

racadm config -g cfgRacTuning -o cfgRacTuneIpRangeMask 255.255.255.255

2. To restrict logins to a small set of four adjacent IP addresses (for example, 192.168.0.212 through 192.168.0.215), select all but the lowest two bits in the mask, as shown below:

racadm config -g cfgRacTuning -o cfgRacTuneIpRangeEnable 1

racadm config -g cfgRacTuning -o cfgRacTuneIpRangeAddr 192.168.0.212

racadm config -g cfgRacTuning -o cfgRacTuneIpRangeMask 255.255.255.252

The last byte of the range mask is set to 252, the decimal equivalent of 11111100b.

IP Filtering Guidelines

Use the following guidelines when enabling IP filtering:

• Ensure that cfgRacTuneIpRangeMask is configured in the form of a netmask, where all most significant bits are 1's (which defines the subnet in the mask) with a transition to all 0's in the low-order bits.
• Use the desired range's base address as the value of cfgRacTuneIpRangeAddr. The 32-bit binary value of this address should have zeros in all the low-order bits where there are zeros in the mask.

Configuring IP Blocking

IP blocking dynamically determines when excessive login failures occur from a particular IP address and blocks (or prevents) the address from logging into the iDRAC for a preselected time span.
The IP blocking features include:

• The number of allowed login failures (cfgRacTuneIpBlkFailcount)
• The time frame in seconds during which these failures must occur (cfgRacTuneIpBlkFailWindow)
• The amount of time in seconds that the blocked IP address is prevented from establishing a session after the allowed number of failures is exceeded (cfgRacTuneIpBlkPenaltyTime)

As login failures accumulate from a specific IP address, they are registered by an internal counter. When the user logs in successfully, the failure history is cleared and the internal counter is reset.

NOTE: When login attempts are refused from the client IP address, some SSH clients may display the following message: ssh exchange identification: Connection closed by remote host.

See iDRAC Property Database Group and Object Definitions for a complete list of cfgRacTune properties.
Login Retry Restriction Properties lists the user-defined parameters.

Table 10-5. Login Retry Restriction Properties

Property	Definition
cfgRacTuneIpBlkEnable	Enables the IP blocking feature. When consecutive failures (cfgRacTuneIpBlkFailCount) from a single IP address are encountered within a specific amount of time (cfgRacTuneIpBlkFailWindow), all further attempts to establish a session from that address are rejected for a certain time span (cfgRacTuneIpBlkPenaltyTime).
cfgRacTuneIpBlkFailCount	Sets the number of login failures from an IP address before the login attempts are rejected.
cfgRacTuneIpBlkFailWindow	The time frame in seconds during which the failure attempts are counted. When the failures exceed this limit, they are dropped from the counter.
cfgRacTuneIpBlkPenaltyTime	Defines the time span in seconds that login attempts from an IP address with excessive failures are rejected.

Enabling IP Blocking

The following example prevents a client IP address from establishing a session for five minutes if that client has failed five login attempts in a one-minute period of time.
racadm config -g cfgRacTuning -o cfgRacTuneIpRangeEnable 1
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkFailCount 5
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkFailWindow 60
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkPenaltyTime 300
The following example prevents more than three failed attempts within one minute, and prevents additional login attempts for an hour.
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkEnable 1
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkFailCount 3
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkFailWindow 60
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkPenaltyTime 360

Configuring iDRAC Telnet and SSH Services Using Local RACADM

The telnet/SSH console can be configured locally (on the managed server) using RACADM commands.

NOTE: You must have Configure iDRAC permission to execute the commands in this section.

NOTE: When you reconfigure telnet or SSH settings in the iDRAC, any current sessions are terminated without warning.

To enable telnet and SSH from the local RACADM, log in to the managed server and type the following commands at a command prompt:
racadm config -g cfgSerial -o cfgSerialTelnetEnable 1
racadm config -g cfgSerial -o cfgSerialSshEnable 1
To disable the telnet or SSH service, change the value from 1 to 0:
racadm config -g cfgSerial -o cfgSerialTelnetEnable 0
racadm config -g cfgSerial -o cfgSerialSshEnable 0
Type the following command to change the telnet port number on the iDRAC:
racadm config -g cfgRacTuning -o cfgRacTuneTelnetPort <new port number>
For example, to change the telnet port from the default 22 to 8022, type this command:

racadm config -g cfgRacTuning -o cfgRacTuneTelnetPort 8022

For a complete list of available RACADM CLI commands, see Using the Local RACADM Command Line Interface.

---

Using an iDRAC Configuration File

An iDRAC configuration file is a text file that contains a representation of the values in the iDRAC database. You can use the RACADM getconfig subcommand to generate a configuration file containing the current values from the iDRAC. You can then edit the file and use the RACADM config -f subcommand to load the file back into the iDRAC, or to copy the configuration to other iDRACs.

Creating an iDRAC Configuration File

The configuration file is a plain (unformatted) text file. You can use any valid file name; the .cfg file extension is a recommended convention.
The configuration file can be:

• Created with a text editor
• Obtained from the iDRAC with the RACADM getconfig subcommand
• Obtained from the iDRAC with the RACADM getconfig subcommand and then edited

To obtain a configuration file, with the RACADM getconfig command, enter the following command at a command prompt on the managed server:

racadm getconfig -f myconfig.cfg

This command creates the file myconfig.cfg in the current directory.

Configuration File Syntax

NOTICE: Edit the configuration file with a plain text editor, such as Notepad on Windows or vi on Linux. The racadm utility parses ASCII text only. Any formatting confuses the parser and may corrupt the iDRAC database.

This section describes the format of the configuration file.

• Lines that start with # are comments.

A comment must start in the first column of the line. A # character in any other column is treated as a normal # character.

Example:

#

# This is a comment

[cfgUserAdmin]

cfgUserAdminPrivilege=4

• Group entries must be surrounded by [ and ] characters.

The starting [ character denoting a group name must start in column one. This group name must be specified before any of the objects in that group. Objects that do not include an associated group name generate an error. The configuration data is organized into groups as defined in iDRAC Property Database Group and Object Definitions.

The following example displays a group name, object, and the object's property value.

Example:

[cfgLanNetworking] (group name)

cfgNicIpAddress=143.154.133.121 (object name)

• Parameters are specified as object=value pairs with no white space between the object, =, and value.

White space that is included after the value is ignored. White space inside a value string remains unmodified. Any character to the right of the = is taken as is (for example, a second =, or a #, [, ], and so forth).

• The parser ignores an index object entry.

You cannot specify which index is used. If the index already exists, it is either used or the new entry is created in the first available index for that group.

The racadm getconfig -f <filename> command places a comment in front of index objects, allowing you to see the included comments.

NOTE: You can create an indexed group manually using the following command: racadm config -g <groupName> -o <anchored-object> -i <index> <unique-anchor-name>

• The line for an indexed group cannot be deleted from a configuration file.

You must remove an indexed object manually using the following command:

racadm config -g <groupName> -o <objectName> -i <index> ""

NOTE: A NULL string (identified by two "" characters) directs the iDRAC to delete the index for the specified group.

To view the contents of an indexed group, use the following command:

racadm getconfig -g <groupName> -i <index>

• For indexed groups the object anchor must be the first object after the [ ] pair. The following are examples of the current indexed groups:

[cfgUserAdmin]

cfgUserAdminUserName=<username>

• If the parser encounters an indexed group, it is the value of the anchored object that differentiates the various indexes.

The parser reads in all of the indexes from the iDRAC for that group. Any objects within that group are simple modifications when the iDRAC is configured. If a modified object represents a new index, the index is created on the iDRAC during configuration.

• You cannot specify a desired index in a configuration file.

Indexes may be created and deleted, so over time the group may become fragmented with used and unused indexes. If an index is present, it is modified. If an index is not present, the first available index is used. This method allows flexibility when adding indexed entries where you do not need to make exact index matches between all the RACs being managed. New users are added to the first available index. A configuration file that parses and runs correctly on one iDRAC may not run correctly on another if all indexes are full and you must add a new user.

Modifying the iDRAC IP Address in a Configuration File

When you modify the iDRAC IP address in the configuration file, remove all unnecessary <variable>=<value> entries. Only the actual variable group's label with "[" and "]" remains, including the two <variable>=<value> entries pertaining to the IP address change.
For example:

#

# Object Group "cfgLanNetworking"

#

[cfgLanNetworking]

cfgNicIpAddress=10.35.10.110

cfgNicGateway=10.35.10.1

This file will be updated as follows:

#

# Object Group "cfgLanNetworking"

#

[cfgLanNetworking]

cfgNicIpAddress=10.35.9.143

# comment, the rest of this line is ignored

cfgNicGateway=10.35.9.1

Loading the Configuration File Into the iDRAC

The command racadm config -f <filename> parses the configuration file to verify that valid group and object names are present and that syntax rules are followed. If the file is error-free the command then updates the iDRAC database with the contents of the file.

NOTE: To verify the syntax only and not update the iDRAC database, add the -c option to the config subcommand.

Errors in the configuration file are flagged with the line number and a message that explains the problem. You must correct all errors before the configuration file can update the iDRAC.

NOTICE: Use the racresetcfg subcommand to reset the database and the iDRAC NIC settings to the original default settings and remove all users and user configurations. While the root user is available, other users' settings are also reset to the default settings.

Before you execute the racadm config -f <filename> command, you can run the racreset subcommand to reset the iDRAC to its default settings. Ensure that the configuration file you will load includes all desired objects, users, indexes, and other parameters.
To update the iDRAC with the configuration file, execute the following command at the managed server's command prompt:

racadm config -f <filename>

After the command has completed, you can execute the RACADM getconfig subcommand to confirm that the update succeeded.

---

Configuring Multiple iDRACs

Using a configuration file, you can configure other iDRACs with identical properties. Follow these steps to configure multiple iDRACS:

1. Create the configuration file from the iDRAC whose settings you want to replicate to the others. At a command prompt on the managed server, enter the following command:

racadm getconfig -f <filename>

where <filename> is the name of a file to save the iDRAC properties, such a myconfig.cfg.

See Creating an iDRAC Configuration File for more information.

NOTE: Some configuration files contain unique iDRAC information (such as the static IP address) that must be modified before you export the file to other iDRACs.

2. Edit the configuration file you created in the previous step and remove or comment-out any settings you do not want to replicate.
   
   
3. Copy the edited configuration file to a network drive where it is accessible to each managed server whose iDRAC you want to configure.
   
   
4. For each iDRAC you want to configure:
   
   
   1. Log in to the managed server and start a command prompt.
   2. If you want to reconfigure the iDRAC from the default settings, enter the following command:

racadm racreset

3. Load the configuration file into the iDRAC with the following command:

racadm config -f <filename>

where <filename> is the name of the configuration file you created. Include the full path if the file is not in the working directory.

4. Reset the iDRAC that was configured by entering the following command:

racadm reset

---