iDRAC8 2.80.80.80 inaccessible using FQDN

if you are launching iDRAC using hostname(DNSRacName) or FQDN (DNSRacName.DNSDomainName) which is configured on iDRAC then you will be able to launch iDRAC GUI without any issues or setting ManualDNSEntry attribute. Security fix is added when you are accessing iDRAC using a different hostname or FQDN which is not matching with what configured on iDRAC.

I just upgraded a drac from 2.75.75.75 to 2.81.81.81.   I could no longer log in, got the dreaded 404 errror.

All of my dracs have DNS entries, and all of my dracs have "idrac.nic.dnsdomainname" properly set.

So, now you're telling us that we ALSO have to now set,  "idrac.webserver.ManualDNSEntry" ?

This is getting ridiculous.    What will happen when I get a new server with this horrible vesion of the firmware installed?     

Dear Dell:  Whatever changes you have been introducing lately with regards to hostnames and such ARE CAUSING EVERYONE PROBLEMS.     Please re-think these changes and put back the old behavior which frankly, just WORKED.

If FQDN used for launching is matching with iDRAC DNS and domain name iDRAC GUI should be loaded successfully. Can you clear browse cache and try once. If it still fails can you share the picture of failure screen and value of DNSDomainName and DNSRacName attribute.

I **have** been trying to connect to the FQDN which matches DNS for the IP, and ALSO is the same name as configured in idrac.nic.dnsdomainname.     It gives me the 404 error.      I have had the correct stable setup for YEARS, no problems.   This latest firmware broke all that.

The default behavior for the drac should not prevent the sysadmin from getting in.   You guys have gone too far, in my opinion.  

If you want to have the ability to add all of these ridiculous header checks and so on, that's fine, but for the sanity of all of your customers,, please make the setting "idrac.webserver.HostHeaderCheck" DISABLED by default.

Having that enabled by default is going to break connectivity for a LOT of people.

Here is a screenshot.     The DNS domain name is properly set, like I have been doing for years.    I have both forward and reverse DNS entries set to match.

This does NOT work, unless I disable the header check thing.

You are not getting it.   Your replies are simply, "set the DNS name and it should work".

Ir clearly does NOT work, and myself and about a dozen people are reporting here that once you update to 2.81, access to the drac via FQDN is now BROKEN, unless you manually log in and override one of the settings mentioned above.    

This is not good.     

2.81 seems to have just come out.   I expect you will be hearing from a LOT more customers.  Soon.

Are you launching iDRAC GUI with hostname "idrac-FSS9JH2" or FQDN "idrac-FSS9JH2.kang-mgmt.ctsi.mcw.edu"? As you are getting 404 error looks like issue with address used for launching iDRAC. Can you share the screenshot of the browser with the error?

Nevermind.   I force-fed all of my dracs the 2.81 update AND set the header ignore thing on all of them.   It took me 2 days.   I am tired of dealing with this issue and tired of support people that just do NOT get it.

Once again, unless the default behavior is modified (my suggestion), Dell is going to tick off a LOT of sysadmins with this latest change.   Just saying.

This occurred on 2 hosts I updated today (I thought first one was a fluke since the system board had been replaced). But since I was still able to access - and login - via IP i just continued my updates.  However... on the 3rd one the password isn't working, not the set one or the default.   I went back to the first2 hosts that I updated and the passwords are no longer working on those either!     They initially were post update, but aren't anymore.    

This occurred on 2 hosts i updated (I thought first one was a fluke since the system board had been replaced). But since I was still able to access - and log in - via IP i just continued my updates.  However... on the 3rd one the password isn't working, nor is the default.   I went back to the original 2 hosts with the issue and the passwords aren't working on those anymore either!  I am 100% sure I was able to log in immediately after the update on the first 2.  But not anymore! 

We were able to get in locally and add the domain name to the settings and it's all working again.  

I had this problem too.  IP address worked, but using FQDN did not - kept getting "Access Error: 400 Bad request"

Maybe my resolurion would work for you:

The issue in my case was that the DNS iDRAC name (defined in iDRAC settings > Network > Common settings) was named differently from the actual FQDN defined in our DNS zone

I changed that, and now I can access it using the FQDN.

I also ran into this issue, and had assumed the worst largely because before doing the DRAC update I had to do a FLEA drain because parts of the DRAC interface were generating "Content Encoding" errors, including the part of the page where you upload new firmware.  Figured this took it down for the count.  But I was able to get in via IP address, and change my Domain name settings to get the name working again.  We have, as a matter of process, set the name in the settings to "hostname-serviceTag" so we could use the display on the machine to positively identify the machine.  Changing it to just "hostname" has resolved this issue.  We went from 2.75.75.75.75 to 2.81.81.81

We set our "DNS iDRAC Name" as part of our initial iDRAC setup but we leave the "Static DNS Domain Name" field blank because we've never needed it (as is the case of, I'm guessing, the VAST majority of sysadmins).  Filling in the Static DNS Domain Name box fixed the issue.

For clarity, we fill in just the host name (example: host01) in the DNS iDRAC Name field.  To fix the issue, I added the rest of the domain name in the Static DNS Domain Name box (example: sub.domain.tld - without the leading period, obviously).

Hope this is helpful for someone.

Now to figure out how to get OME to push this setting to our rather large footprint of iDRACs all at once. 

Found the fix for adding this and for pushing it.

The racadm command is:

racadm set iDRAC.NIC.DNSDomainName sub.domain.tld

Found a walkthrough using OME to push it:

https://www.youtube.com/watch?v=f1Cgx7NirEs

Hope that's helpful.