Home » Dell Manuals » Servers » Dell PowerEdge R760 » Manual Viewer

Dell PowerEdge R760 Installation and Service Manual - Page 70

Table 69. System Security details continued, User Defined Delay 120 s to 600

View all Dell PowerEdge R760 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 70 highlights

Table 69. System Security details (continued) Option Description AC Power Recovery Sets how the system behaves after AC power is restored to the system. This option is set to Last by default. NOTE: The host system will not power on up until iDRAC Root of Trust (RoT) is completed, host power on will be delayed by minimum 90 seconds after the AC applied. AC Power Recovery Delay Sets the time delay for the system to power up after AC power is restored to the system. This option is set to Immediate by default. When this option is set to Immediate, there is no delay for power up. When this option is set to Random, the system creates a random delay for power up. When this option is set to User Defined, the system delay time is manually to power up. User Defined Delay (120 s to 600 Sets the User Defined Delay option when the User Defined option for AC Power s) Recovery Delay is selected. The actual AC recovery time needs to add iDRAC root of trust time (around 50 seconds). UEFI Variable Access Provides varying degrees of securing UEFI variables. When set to Standard (the default), UEFI variables are accessible in the operating system per the UEFI specification. When set to Controlled, selected UEFI variables are protected in the environment and new UEFI boot entries are forced to be at the end of the current boot order. In-Band Manageability Interface When set to Disabled , this setting hides the Management Engine's (ME), HECI devices, and the system's IPMI devices from the operating system. This prevents the operating system from changing the ME power capping settings, and blocks access to all inband management tools. All management should be managed through out-of-band. This option is set to Enabled by default. NOTE: BIOS update requires HECI devices to be operational and DUP updates require IPMI interface to be operational. This setting needs to be set to Enabled to avoid updating errors. SMM Security Migration Secure Boot Secure Boot Policy Secure Boot Mode Enables or disables the UEFI SMM security migration protections. It is set to Disabled by default. Enables Secure Boot, where the BIOS authenticates each pre-boot image by using the certificates in the Secure Boot Policy. Secure Boot is set to Disabled by default. When Secure Boot policy is set to Standard, the BIOS uses the system manufacturer's key and certificates to authenticate pre-boot images. When Secure Boot policy is set to Custom, the BIOS uses the user-defined key and certificates. Secure Boot policy is set to Standard by default. Configures how the BIOS uses the Secure Boot Policy Objects (PK, KEK, db, dbx). If the current mode is set to Deployed Mode, the available options are User Mode and Deployed Mode. If the current mode is set to User Mode, the available options are User Mode, Audit Mode, and Deployed Mode. Below are the details of different boot modes available in the Secure Boot Mode option. User Mode In User Mode, PK must be installed, and BIOS performs signature verification on programmatic attempts to update policy objects. The BIOS allows unauthenticated programmatic transitions between modes. Audit mode In Audit Mode, PK is not present. BIOS does not authenticate programmatic update to the policy objects and transitions between modes. The BIOS performs a signature verification on pre-boot images and logs the results in the image Execution Information Table, but executes the images whether they pass or fail verification. Audit Mode is useful for programmatic determination of a working set of policy objects. 70 Pre-operating system management applications

Section	Page
Dell PowerEdge R760 Installation and Service Manual	1
Contents	3
About this document	8
System overview	9
Front view of the system	9
Left control panel view	11
Right control panel view	12
Rear view of the system	13
Inside the system	18
Locating the Express Service Code and Service Tag	20
System information labels	21
Rail sizing and rack compatibility matrix	29
Technical specifications	30
Chassis dimensions	31
System weight	31
Processor specifications	32
PSU specifications	32
Supported operating systems	33
Cooling fan specifications	33
System battery specifications	34
Expansion card riser specifications	34
Memory specifications	35
Storage controller specifications	36
Drives	36
Ports and connectors specifications	37
USB ports specifications	37
NIC port specifications	37
Serial connector specifications	37
VGA ports specifications	37
Video specifications	38
Environmental specifications	38
Thermal restriction matrix	40
Thermal air restrictions	47
Initial system setup and configuration	49
Setting up the system	49
iDRAC configuration	49
Options to set up iDRAC IP address	49
Options to log in to iDRAC	50
Resources to install operating system	51
Options to download drivers and firmware	51
Options to download and install OS drivers	52
Downloading drivers and firmware	52
Pre-operating system management applications	53
System Setup	53
System BIOS	54
System Information	54
Memory Settings	55
Processor Settings	56
SATA Settings	59
NVMe Settings	60
Boot Settings	60
Choosing system boot mode	61
Changing boot order	61
Network Settings	62
Integrated Devices	65
Serial Communication	66
System Profile Settings	67
System Security	68
Creating a system and setup password	71
Using your system password to secure your system	71
Deleting or changing system and setup password	72
Operating with setup password enabled	72
Redundant OS Control	72
Miscellaneous Settings	73
iDRAC Settings	73
Device Settings	74
Service Tag Settings	74
Dell Lifecycle Controller	74
Embedded system management	74
Boot Manager	74
PXE boot	74
Minimum to POST and system management configuration validation	76
Minimum configuration to POST	76
Configuration validation	76
Error messages	77
Installing and removing system components	78
Safety instructions	78
Before working inside your system	79
After working inside your system	79
Recommended tools	79
Optional front bezel	80
Removing the front bezel	80
Installing the front bezel	81
System cover	82
Removing the system cover	82
Installing the system cover	83
Drive backplane cover	84
Removing the drive backplane cover	84
Installing the drive backplane cover	85
Air shrouds	87
Removing the air shroud	87
Installing the air shroud	87
Removing the GPU air shroud top cover	88
Installing the GPU air shroud top cover	89
Removing the GPU air shroud filler	90
Installing the GPU air shroud filler	91
Removing the GPU air shroud	92
Installing the GPU air shroud	93
Removing the 2 x 2.5-inch rear drive module air shroud	94
Installing the 2 x 2.5-inch rear drive module air shroud	95
Removing the 4 x 2.5-inch rear drive module air shroud	96
Installing the 4 x 2.5-inch rear drive module air shroud	97
Cooling fans	98
Removing the cooling fan cage assembly	98
Installing the cooling fan cage assembly	99
Removing a cooling fan	100
Installing a cooling fan	101
Removing a 2 x 2.5-inch rear drive module cooling fan	102
Installing a 2 x 2.5-inch rear drive module cooling fan	103
Removing a 4 x 2.5-inch rear drive module cooling fan	104
Installing a 4 x 2.5-inch rear drive module cooling fan	105
Drives	106
Removing a drive blank	106
Installing a drive blank	107
Removing a drive carrier	107
Installing the drive carrier	108
Removing the drive from the drive carrier	109
Installing the drive into the drive carrier	110
Rear drive module	111
Removing the 2 x 2.5-inch rear drive module	111
Installing the 2 x 2.5-inch rear drive module	112
Removing the 4 x 2.5-inch rear drive module	113
Installing the 4 x 2.5-inch rear drive module	115
Drive backplane	116
Drive backplane	116
Removing the drive backplane	119
Installing the drive backplane	120
Side wall brackets	121
Removing the side wall bracket	121
Installing the side wall bracket	122
Cable routings	123
PERC module	172
Removing the rear mounting front PERC module	172
Installing the rear mounting front PERC module	173
Removing the adapter PERC module	174
Installing the adapter PERC module	176
System memory	177
System memory guidelines	177
General memory module installation guidelines	179
Removing a memory module	180
Installing a memory module	181
Processor and heat sink module	182
Removing the processor and heat sink module	182
Removing the processor	183
Installing the processor	185
Installing the processor and heat sink module	188
Removing the Direct Liquid Cooling module	190
Removing the processor	191
Installing the processor	193
Installing the Direct Liquid Cooling module	196
Expansion cards and expansion card risers	198
Expansion card installation guidelines	198
Removing the expansion card risers	241
Installing the expansion card risers	245
Removing expansion card from the expansion card riser	250
Installing an expansion card into the expansion card riser	251
Removing the full length expansion card risers	253
Installing the full length expansion card risers	255
Removing a GPU	258
Installing a GPU	260
Removing R1 and R4 paddle cards	263
Installing R1 and R4 paddle cards	264
Optional serial COM port	266
Removing the serial COM port	266
Installing the serial COM port	267
Optional VGA port for Direct Liquid Cooling module	269
Removing the VGA port	269
Installing the VGA port	270
Optional BOSS-N1 module	272
Removing the BOSS-N1 module blank	272
Installing the BOSS-N1 module blank	272
Removing the BOSS-N1 card carrier blank	273
Installing the BOSS-N1 card carrier blank	274
Removing the BOSS-N1 module	275
Installing the BOSS-N1 module	278
System battery	280
Replacing the system battery	280
Optional internal USB card	282
Removing the internal USB card	282
Installing the internal USB card	283
Intrusion switch	284
Removing the intrusion switch module	284
Installing the intrusion switch module	284
Optional OCP card	285
Removing the OCP card	285
Installing the OCP card	287
Power supply unit	288
Hot spare feature	288
Removing a power supply unit blank	289
Installing a power supply unit blank	289
Removing a power supply unit adapter	290
Installing a power supply unit adapter	290
Removing a power supply unit	291
Installing a power supply unit	292
Trusted Platform Module	293
Upgrading the Trusted Platform Module	293
Removing the TPM	293
Installing the TPM	294
Initializing TPM for users	294
Initializing the TPM 2.0 for users	294
System board	295
Removing the system board	295
Installing the system board	296
Restoring the system using Easy Restore	298
Manually update the Service Tag	298
LOM card and rear I/O board	298
Removing the LOM card and rear I/O board	298
Installing the LOM card and rear I/O board	300
Control panel	301
Removing the right control panel	301
Installing the right control panel	302
Removing the left control panel	303
Installing the left control panel	304
Upgrade Kits	306
BOSS-N1 module kit	307
GPU kit	309
Internal USB card kit	313
Serial COM port kit	313
Jumpers and connectors	314
System board jumpers and connectors	314
System board jumper settings	316
Disabling a forgotten password	316
System diagnostics and indicator codes	318
Status LED indicators	318
System health and system ID indicator codes	320
iDRAC Quick Sync 2 indicator codes	321
iDRAC Direct LED indicator codes	321
LCD panel	322
Viewing Home screen	323
Setup menu	323
View menu	323
NIC indicator codes	324
Power supply unit indicator codes	324
Drive indicator codes	326
Using system diagnostics	326
Dell Embedded System Diagnostics	327
Running the Embedded System Diagnostics from Boot Manager	327
Running the Embedded System Diagnostics from the Dell Lifecycle Controller	327
System diagnostic controls	327
Getting help	328
Recycling or End-of-Life service information	328
Contacting Dell Technologies	328
Accessing system information by using QRL	329
Quick Resource Locator for PowerEdge R760 system	329
Receiving automated support with Secure Connect Gateway (SCG)	329

Match case Limit results 1 per page

Table 69. System Security details (continued)

Option

Description

AC Power Recovery

Sets how the system behaves after AC power is restored to the system. This option is

set to

Last

by default.

NOTE:

The host system will not power on up until iDRAC Root of Trust (RoT) is

completed, host power on will be delayed by minimum 90 seconds after the AC

applied.

AC Power Recovery Delay

Sets the time delay for the system to power up after AC power is restored to

the system. This option is set to

Immediate

by default. When this option is set to

Immediate

, there is no delay for power up. When this option is set to

Random

, the

system creates a random delay for power up. When this option is set to

User Defined

the system delay time is manually to power up.

User Defined Delay (120 s to 600

Sets the

User Defined Delay

option when the

User Defined

option for

AC Power

Recovery Delay

is selected. The actual AC recovery time needs to add iDRAC root of

trust time (around 50 seconds).

UEFI Variable Access

Provides varying degrees of securing UEFI variables. When set to

Standard

(the

default), UEFI variables are accessible in the operating system per the UEFI

specification. When set to

Controlled

, selected UEFI variables are protected in the

environment and new UEFI boot entries are forced to be at the end of the current boot

order.

In-Band Manageability Interface

When set to

Disabled

, this setting hides the Management Engine's (ME), HECI devices,

and the system's IPMI devices from the operating system. This prevents the operating

system from changing the ME power capping settings, and blocks access to all in-

band management tools. All management should be managed through out-of-band. This

option is set to

Enabled

by default.

NOTE:

BIOS update requires HECI devices to be operational and DUP updates

require IPMI interface to be operational. This setting needs to be set to Enabled to

avoid updating errors.

SMM Security Migration

Enables or disables the UEFI SMM security migration protections. It is set to

Disabled

by default.

Secure Boot

Enables Secure Boot, where the BIOS authenticates each pre-boot image by using the

certificates in the Secure Boot Policy. Secure Boot is set to

Disabled

by default.

Secure Boot Policy

When Secure Boot policy is set to

Standard

, the BIOS uses the system manufacturer’s

key and certificates to authenticate pre-boot images. When Secure Boot policy is set to

Custom

, the BIOS uses the user-defined key and certificates. Secure Boot policy is set

Standard

by default.

Secure Boot Mode

Configures how the BIOS uses the Secure Boot Policy Objects (PK, KEK, db, dbx).

If the current mode is set to

Deployed Mode

, the available options are

User Mode

and

Deployed Mode

. If the current mode is set to

User Mode

, the available options are

User Mode

Audit Mode

, and

Deployed Mode

Below are the details of different boot modes available in the

Secure Boot Mode

option.

User Mode

, PK must be installed, and BIOS performs

signature verification on programmatic attempts to update

policy objects. The BIOS allows unauthenticated programmatic

transitions between modes.

Audit mode

Audit Mode

, PK is not present. BIOS does not authenticate

programmatic update to the policy objects and transitions

between modes. The BIOS performs a signature verification on

pre-boot images and logs the results in the image Execution

Information Table, but executes the images whether they pass

or fail verification.

Audit Mode

is useful for programmatic

determination of a working set of policy objects.

Pre-operating system management applications