Hi OME users,
It has been observed that after upgrading to the latest firmware version (iDRAC >= 126.96.36.199, M1000e CMC >= 5.2, FX2 CMC >= 1.4, VRTX CMC >= 2.2), the iDRAC or CMC displays an “unknown” status.
The latest firmware version supports TLS 1.1 as the default communication protocol. If the browser or operating system where OpenManage Essentials is installed, does not support TLS 1.1 protocol, then the device displays an “unknown” status.
To resolve this issue, see “Step 2: Verifying Dell Management Consoles” in the following KB article: http://www.dell.com/Support/Article/us/en/19/SLN302365
Note: Ensure the required registry updates are done either manually or using the “Easy Fix” described in the Microsoft support article - "Update to enable TLS 1.1 and TLS 1.2 as a default secure protocols in WinHTTP in Windows"
I'm still having this issue after trying your fix above with IDRACs showing unknown and also the servers with 188.8.131.52 not updating the inventory properly. All of them are showing non-compliant though their IDRACs are up to date. My OME server is a Windows server 2012 R2 version 184.108.40.2066. Any help would be appreciated.
Same issue here, I've followed the original steps with no success.. All applicable iDRACs are updated but OME still shows them as non-compliant. OME version 220.127.116.116. Any direction on how to fix this?
Windows Server 2012 R2 has by default TLS 1.1/1.2 enabled and you shall not be hitting the issue with OME installed on Windows Server 2012R2.
Can you run the latest Troubleshooting tool shipped with OME 2.2 and perform ws-man test?
That will give you some direction.
This is what I get running the WS-Man test:
Using TLS 1.0 for SSL/TLS handshake.Error: A complete request could not be sent to the remote server.Using TLS 1.1 for SSL/TLS handshake.UntrustedRoot: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.TLS 1.1 Handshake successful.The WS-Man target has TLS 1.1 enabled. If OME is unable to discover this device, install the required updates on the system where OME is installed. For more details, see “Enabling support for TLS 1.1 or 1.2” at delltechcenter.com/ome.Identify Failed. Could not connect
Let me know if I can give you any additional information on this.
I am seeing similar issues with new servers running 18.104.22.168 for DRAC firmware:
Protocols Selected are: WSMAN
Using TLS 1.0 for SSL/TLS handshake.Error: A complete request could not be sent to the remote server.Using TLS 1.1 for SSL/TLS handshake.TLS 1.1 Handshake successful.
The WS-Man target has TLS 1.1 enabled. If OME is unable to discover this device, install the required updates on the system where OME is installed. For more details, see “Enabling support for TLS 1.1 or 1.2” at delltechcenter.com/ome.
Connected. WSMAN profiles found on the remote device are: 1. Profile Registration2. Base Metrics3. Base Server and Physical Asset4. BIOS and Boot Management5. CPU6. Event Filter7. Fan8. Fiber Channel9. iDRAC Card10. Job Control11. LC Management12. License Management13. Memory14. OS Deployment15. PCI Device16. Persistent Storage17. Power State Management18. Power Supply19. Record Log20. Role Based Authorization21. Sensors22. Service Processor23. Simple Identity Management24. Simple NIC25. Simple RAID26. Software Inventory27. Software Update28. System Info29. Video30. SystemQuickSync31. USBDevice32. Physical Computer System View33. Command Line Protocol Service34. SM CLP Admin Domain35. SMASH Collections
Thanks Cameron for the details.
As a next step, can you try running the below winrm commands replacing IP/credentials as required and see if it returns valid output.
winrm e cimv2/root/dcim/DCIM_SystemView -u:user -p:password -r:https://a.b.c.d/wsman:443 -SkipCNcheck -SkipCAcheck -encoding:utf-8 -a:basic
If it gives valid output, then OME should not have any problem discovering the respective iDRAC.
If it does not, then I would suggest to refer "How the DefaultSecureProtocols registry entry works" in https://support.microsoft.com/en-us/kb/3140245 and ensure required registries are enabled.
I had previously installed the windows update from that link but I did not run the "easy fix" . After running that and rebooting OME server I am now able to fully see my dracs with 22.214.171.124 in OME.
Thanks for your help!
Glad that your problem got solved.
Thanks for taking time and updating this thread.