Provided by: freeipmi-tools_1.4.11-1ubuntu1_i386 bug

NAME

       ipmi-dcmi - IPMI DCMI utility

SYNOPSIS

       ipmi-dcmi [OPTION...]

DESCRIPTION

       Ipmi-dcmi is used to execute Data Center Manageability Interface (often
       referred to as DCM or DCMI) IPMI extension  commands.  DCMI  extensions
       include  support  for asset management and power usage management. Most
       will be interested in  DCMI  for  its  power  management  features.  By
       configuring  an  exception  action,  power  limit,  and correction time
       limit, power usage in a data center can be  managed  more  affectively.
       Please  see  --set-power-limit option below for more information.  DCMI
       can also be configured using the dcmi category in ipmi-config(8).   The
       DCMI  specification encompasses many traditional IPMI features that are
       not implemented directly in this tool. Please  see  ipmiconsole(8)  for
       Serial-over-LAN  (SOL) support, ipmi-chassis(8) for power status, power
       control, identification, and ACPI power state information, ipmipower(8)
       for  power  status  and power control, ipmi-sel(8) for System Event Log
       (SEL) information, bmc-info(8) for device and globally unique ID (guid)
       information,  ipmi-sensors(8)  for  sensor readings, and ipmi-config(8)
       for configuration.

       Listed below are general IPMI options, tool specific  options,  trouble
       shooting  information,  workaround  information,  examples,  and  known
       issues. For a general introduction to FreeIPMI please see freeipmi(7).

GENERAL OPTIONS

       The  following  options  are  general  options  for  configuring   IPMI
       communication and executing general tool commands.

       -D IPMIDRIVER, --driver-type=IPMIDRIVER
              Specify  the  driver  type  to  use  instead  of  doing  an auto
              selection.  The currently available outofband  drivers  are  LAN
              and  LAN_2_0,  which perform IPMI 1.5 and IPMI 2.0 respectively.
              The currently available inband drivers are KCS, SSIF,  OPENIPMI,
              SUNBMC, and INTELDCMI.

       --disable-auto-probe
              Do not probe in-band IPMI devices for default settings.

       --driver-address=DRIVER-ADDRESS
              Specify  the  in-band  driver  address to be used instead of the
              probed value. DRIVER-ADDRESS should be prefixed with "0x" for  a
              hex value and '0' for an octal value.

       --driver-device=DEVICE
              Specify the in-band driver device path to be used instead of the
              probed path.

       --register-spacing=REGISTER-SPACING
              Specify the in-band  driver  register  spacing  instead  of  the
              probed  value. Argument is in bytes (i.e. 32bit register spacing
              = 4)

       --target-channel-number=CHANNEL-NUMBER
              Specify the in-band driver target channel number  to  send  IPMI
              requests to.

       --target-slave-address=SLAVE-ADDRESS
              Specify  the  in-band  driver  target  slave number to send IPMI
              requests to.

       -h                                             IPMIHOST1,IPMIHOST2,...,
       --hostname=IPMIHOST1[:PORT],IPMIHOST2[:PORT],...
              Specify   the  remote  host(s)  to  communicate  with.  Multiple
              hostnames may be separated by comma or may  be  specified  in  a
              range format; see HOSTRANGED SUPPORT below. An optional port can
              be specified with  each  host,  which  may  be  useful  in  port
              forwarding or similar situations.

       -u USERNAME, --username=USERNAME
              Specify  the username to use when authenticating with the remote
              host.  If not specified, a null  (i.e.  anonymous)  username  is
              assumed.  The  user  must have atleast ADMIN privileges in order
              for this tool to operate fully.

       -p PASSWORD, --password=PASSWORD
              Specify the password to use when authenticationg with the remote
              host.   If  not  specified,  a null password is assumed. Maximum
              password length is 16 for IPMI 1.5 and 20 for IPMI 2.0.

       -P, --password-prompt
              Prompt for password  to  avoid  possibility  of  listing  it  in
              process lists.

       -k K_G, --k-g=K_G
              Specify  the  K_g  BMC  key  to use when authenticating with the
              remote host for IPMI 2.0.  If  not  specified,  a  null  key  is
              assumed. To input the key in hexadecimal form, prefix the string
              with '0x'. E.g., the key 'abc' can be entered  with  the  either
              the string 'abc' or the string '0x616263'

       -K, --k-g-prompt
              Prompt  for  k-g  to  avoid possibility of listing it in process
              lists.

       --session-timeout=MILLISECONDS
              Specify the session timeout in milliseconds. Defaults  to  20000
              milliseconds (20 seconds) if not specified.

       --retransmission-timeout=MILLISECONDS
              Specify  the  packet  retransmission  timeout  in  milliseconds.
              Defaults to 1000 milliseconds (1 second) if not  specified.  The
              retransmission   timeout  cannot  be  larger  than  the  session
              timeout.

       -a AUTHENTICATION-TYPE, --authentication-type=AUTHENTICATION-TYPE
              Specify the IPMI 1.5 authentication type to use.  The  currently
              available  authentication types are NONE, STRAIGHT_PASSWORD_KEY,
              MD2, and MD5. Defaults to MD5 if not specified.

       -I CIPHER-SUITE-ID, --cipher-suite-id=CIPHER-SUITE-ID
              Specify the IPMI 2.0 cipher suite ID to use. The Cipher Suite ID
              identifies    a    set   of   authentication,   integrity,   and
              confidentiality algorithms to use for  IPMI  2.0  communication.
              The authentication algorithm identifies the algorithm to use for
              session setup, the integrity algorithm identifies the  algorithm
              to  use  for  session packet signatures, and the confidentiality
              algorithm  identifies  the  algorithm   to   use   for   payload
              encryption.  Defaults to cipher suite ID 3 if not specified. The
              following cipher suite ids are currently supported:

              0 - Authentication Algorithm = None; Integrity Algorithm = None;
              Confidentiality Algorithm = None

              1  - Authentication Algorithm = HMAC-SHA1; Integrity Algorithm =
              None; Confidentiality Algorithm = None

              2 - Authentication Algorithm = HMAC-SHA1; Integrity Algorithm  =
              HMAC-SHA1-96; Confidentiality Algorithm = None

              3  - Authentication Algorithm = HMAC-SHA1; Integrity Algorithm =
              HMAC-SHA1-96; Confidentiality Algorithm = AES-CBC-128

              6 - Authentication Algorithm = HMAC-MD5; Integrity  Algorithm  =
              None; Confidentiality Algorithm = None

              7  -  Authentication Algorithm = HMAC-MD5; Integrity Algorithm =
              HMAC-MD5-128; Confidentiality Algorithm = None

              8 - Authentication Algorithm = HMAC-MD5; Integrity  Algorithm  =
              HMAC-MD5-128; Confidentiality Algorithm = AES-CBC-128

              11  - Authentication Algorithm = HMAC-MD5; Integrity Algorithm =
              MD5-128; Confidentiality Algorithm = None

              12 - Authentication Algorithm = HMAC-MD5; Integrity Algorithm  =
              MD5-128; Confidentiality Algorithm = AES-CBC-128

              15 - Authentication Algorithm = HMAC-SHA256; Integrity Algorithm
              = None; Confidentiality Algorithm = None

              16 - Authentication Algorithm = HMAC-SHA256; Integrity Algorithm
              = HMAC_SHA256_128; Confidentiality Algorithm = None

              17 - Authentication Algorithm = HMAC-SHA256; Integrity Algorithm
              = HMAC_SHA256_128; Confidentiality Algorithm = AES-CBC-128

       -l PRIVILEGE-LEVEL, --privilege-level=PRIVILEGE-LEVEL
              Specify the privilege level to be used. The currently  available
              privilege  levels  are  USER,  OPERATOR,  and ADMIN. Defaults to
              ADMIN if not specified.

       --config-file=FILE
              Specify an alternate configuration file.

       -W WORKAROUNDS, --workaround-flags=WORKAROUNDS
              Specify  workarounds  to  vendor  compliance  issues.   Multiple
              workarounds  can  be  specified  separated  by commas. A special
              command line flag of "none", will indicate no  workarounds  (may
              be  useful  for overriding configured defaults). See WORKAROUNDS
              below for a list of available workarounds.

       --debug
              Turn on debugging.

       -?, --help
              Output a help list and exit.

       --usage
              Output a usage message and exit.

       -V, --version
              Output the program version and exit.

IPMI-DCMI OPTIONS

       The following options are specific to Ipmi-dcmi.

       --get-dcmi-capability-info
              Get DCMI capability information.

       --get-asset-tag
              Get asset tag.

       --set-asset-tag=STRING
              Set asset tag.

       --get-management-controller-identifier-string
              Get management controller identifier string tag.

       --set-management-controller-identifier-string=STRING
              Set management controller identifier string tag.

       --get-dcmi-sensor-info
              Get DCMI sensor information.

       --get-system-power-statistics
              Get system power statistics.

       --get-enhanced-system-power-statistics
              Get enhanced system power statistics.

       --get-power-limit
              Get power limit information.

       --set-power-limit
              Set power limit configuration. Can specify configuration via the
              --exception-actions,                    --power-limit-requested,
              --correction-time-limit,  and  --correction-time-limit   options
              listed  below.  If  one or more options below are not specified,
              current configuration will be utilized.

       --exception-actions=BITMASK
              Specify exception actions for  set  power  limit  configuration.
              Special case allowable values: NO_ACTION, HARD_POWER_OFF_SYSTEM,
              LOG_EVENT_TO_SEL_ONLY. Other values (e.g. 0x02 through 0x10) are
              OEM dependent. Used with the --set-power-limit option.

       --power-limit-requested=WATTS
              Specify  power limit for set power limit configuration. Input is
              specified in watts. Used with the --set-power-limit option.

       --correction-time-limit=MILLISECONDS
              Specify correction time limit for set power limit configuration.
              Input    is   specified   in   milliseconds.   Used   with   the
              --set-power-limit option.

       --statistics-sampling-period=SECONDS
              Specify management application statistics  sampling  period  for
              set  power  limit  configuration. Input is specified in seconds.
              Used with the --set-power-limit option.

       --activate-deactivate-power-limit=OPERATION
              Activate or deactivate power limit.  Allowed  values:  ACTIVATE,
              DEACTIVATE.

       --interpret-oem-data
              Attempt  to  interpret  OEM  data,  such  as  event data, sensor
              readings, or general extra info, etc. If an  OEM  interpretation
              is   not  available,  the  default  output  will  be  generated.
              Correctness of OEM interpretations cannot be guaranteed  due  to
              potential  changes  OEM  vendors may make in products, firmware,
              etc.  See  OEM  INTERPRETATION  below  for  confirmed  supported
              motherboard interpretations.

TIME OPTIONS

       By  IPMI  definition,  all  IPMI  times  and  timestamps  are stored in
       localtime. However, in many situations,  the  timestamps  will  not  be
       stored  in  localtime.  Whether  or  not  a  system  truly  stored  the
       timestamps in localtime varies on many factors,  such  as  the  vendor,
       BIOS,  and operating system.  The following options will allow the user
       to adjust the interpretation of the  stored  timestamps  and  how  they
       should be output.

       --utc-to-localtime
              Assume  all  times are reported in UTC time and convert the time
              to localtime before being output.

       --localtime-to-utc
              Convert all localtime timestamps to UTC before being output.

       --utc-offset=SECONDS
              Specify a  specific  UTC  offset  in  seconds  to  be  added  to
              timestamps.   Value  can  range  from  -86400  to 86400 seconds.
              Defaults to 0.

HOSTRANGED OPTIONS

       The following options  manipulate  hostranged  output.  See  HOSTRANGED
       SUPPORT below for additional information on hostranges.

       -B, --buffer-output
              Buffer  hostranged output. For each node, buffer standard output
              until the node has completed its IPMI operation. When specifying
              this  option, data may appear to output slower to the user since
              the the entire IPMI operation must complete before any data  can
              be   output.    See  HOSTRANGED  SUPPORT  below  for  additional
              information.

       -C, --consolidate-output
              Consolidate hostranged output. The complete standard output from
              every  node  specified  will  be consolidated so that nodes with
              identical output are not output twice. A header will list  those
              nodes   with  the  consolidated  output.  When  this  option  is
              specified, no output can be seen until the  IPMI  operations  to
              all  nodes  has completed. If the user breaks out of the program
              early, all currently consolidated output  will  be  dumped.  See
              HOSTRANGED SUPPORT below for additional information.

       -F NUM, --fanout=NUM
              Specify  multiple  host  fanout.  A "sliding window" (or fanout)
              algorithm is used for parallel IPMI communication so that slower
              nodes or timed out nodes will not impede parallel communication.
              The maximum number of threads available  at  the  same  time  is
              limited by the fanout. The default is 64.

       -E, --eliminate
              Eliminate  hosts  determined  as undetected by ipmidetect.  This
              attempts to remove the  common  issue  of  hostranged  execution
              timing  out due to several nodes being removed from service in a
              large cluster. The ipmidetectd daemon must  be  running  on  the
              node executing the command.

       --always-prefix
              Always  prefix  output,  even  if  only one host is specified or
              communicating in-band.  This  option  is  primarily  useful  for
              scripting purposes. Option will be ignored if specified with the
              -C option.

HOSTRANGED SUPPORT

       Multiple hosts can be input either as an explicit comma separated lists
       of  hosts  or  a  range of hostnames in the general form: prefix[n-m,l-
       k,...], where n < m and l < k,  etc.  The  later  form  should  not  be
       confused  with  regular  expression  character classes (also denoted by
       []). For example, foo[19] does not represent foo1 or foo9,  but  rather
       represents a degenerate range: foo19.

       This  range  syntax  is  meant only as a convenience on clusters with a
       prefixNN naming convention and specification of ranges  should  not  be
       considered  necessary -- the list foo1,foo9 could be specified as such,
       or by the range foo[1,9].

       Some examples of range usage follow:
           foo[01-05] instead of foo01,foo02,foo03,foo04,foo05
           foo[7,9-10] instead of foo7,foo9,foo10
           foo[0-3] instead of foo0,foo1,foo2,foo3

       As a reminder to the reader, some shells will interpret brackets ([ and
       ])  for  pattern matching. Depending on your shell, it may be necessary
       to enclose ranged lists within quotes.

       When multiple hosts are  specified  by  the  user,  a  thread  will  be
       executed  for  each host in parallel up to the configured fanout (which
       can be adjusted via the -F option). This will  allow  communication  to
       large numbers of nodes far more quickly than if done in serial.

       By  default,  standard  output  from each node specified will be output
       with the hostname prepended to  each  line.  Although  this  output  is
       readable  in  many  situations,  it  may  be difficult to read in other
       situations. For example,  output  from  multiple  nodes  may  be  mixed
       together. The -B and -C options can be used to change this default.

       In-band  IPMI  Communication  will be used when the host "localhost" is
       specified.  This  allows  the  user  to  add  the  localhost  into  the
       hostranged output.

GENERAL TROUBLESHOOTING

       Most often, IPMI problems are due to configuration problems.

       IPMI  over  LAN  problems  involve  a  misconfiguration  of  the remote
       machine's BMC.  Double check to make sure the following are  configured
       properly  in  the remote machine's BMC: IP address, MAC address, subnet
       mask,  username,  user  enablement,  user  privilege,   password,   LAN
       privilege, LAN enablement, and allowed authentication type(s). For IPMI
       2.0  connections,  double  check  to  make  sure   the   cipher   suite
       privilege(s)  and  K_g  key are configured properly. The ipmi-config(8)
       tool can be used to check and/or change these configuration settings.

       Inband IPMI problems are  typically  caused  by  improperly  configured
       drivers or non-standard BMCs.

       In  addition  to the troubleshooting tips below, please see WORKAROUNDS
       below to also if there are any vendor  specific  bugs  that  have  been
       discovered and worked around.

       Listed  below  are  many  of the common issues for error messages.  For
       additional support, please e-mail the <freeipmi-users@gnu.org>  mailing
       list.

       "username  invalid"  - The username entered (or a NULL username if none
       was entered) is not available on the remote machine.  It  may  also  be
       possible the remote BMC's username configuration is incorrect.

       "password  invalid"  - The password entered (or a NULL password if none
       was entered) is not correct. It may also be possible the  password  for
       the user is not correctly configured on the remote BMC.

       "password  verification timeout" - Password verification has timed out.
       A "password invalid" error (described  above)  or  a  generic  "session
       timeout" (described below) occurred.  During this point in the protocol
       it cannot be differentiated which occurred.

       "k_g invalid" - The K_g key entered (or a NULL  K_g  key  if  none  was
       entered)  is  not  correct.  It may also be possible the K_g key is not
       correctly configured on the remote BMC.

       "privilege level insufficient" - An IPMI command requires a higher user
       privilege  than  the one authenticated with. Please try to authenticate
       with a higher privilege. This may require authenticating to a different
       user which has a higher maximum privilege.

       "privilege  level  cannot  be  obtained  for this user" - The privilege
       level you are attempting  to  authenticate  with  is  higher  than  the
       maximum allowed for this user. Please try again with a lower privilege.
       It may also be possible the maximum privilege level allowed for a  user
       is not configured properly on the remote BMC.

       "authentication  type  unavailable for attempted privilege level" - The
       authentication type you wish to authenticate with is not available  for
       this privilege level. Please try again with an alternate authentication
       type or  alternate  privilege  level.  It  may  also  be  possible  the
       available  authentication  types  you  can  authenticate  with  are not
       correctly configured on the remote BMC.

       "cipher suite id unavailable"  -  The  cipher  suite  id  you  wish  to
       authenticate  with is not available on the remote BMC. Please try again
       with an alternate  cipher  suite  id.  It  may  also  be  possible  the
       available  cipher  suite ids are not correctly configured on the remote
       BMC.

       "ipmi 2.0 unavailable" - IPMI 2.0 was  not  discovered  on  the  remote
       machine. Please try to use IPMI 1.5 instead.

       "connection  timeout"  - Initial IPMI communication failed. A number of
       potential errors are possible, including an invalid hostname specified,
       an  IPMI  IP  address  cannot  be  resolved, IPMI is not enabled on the
       remote server, the  network  connection  is  bad,  etc.  Please  verify
       configuration and connectivity.

       "session  timeout"  - The IPMI session has timed out. Please reconnect.
       If this error occurs often, you may wish to increase the retransmission
       timeout. Some remote BMCs are considerably slower than others.

       "device  not  found"  - The specified device could not be found. Please
       check configuration or inputs and try again.

       "driver timeout" - Communication with the driver or  device  has  timed
       out. Please try again.

       "message  timeout"  - Communication with the driver or device has timed
       out. Please try again.

       "BMC  busy"  -  The  BMC  is  currently  busy.  It  may  be  processing
       information  or  have  too many simultaneous sessions to manage. Please
       wait and try again.

       "could not find inband device" - An inband device could not  be  found.
       Please  check configuration or specify specific device or driver on the
       command line.

       "driver timeout" - The inband driver has timed out communicating to the
       local  BMC  or  service  processor. The BMC or service processor may be
       busy or (worst case) possibly non-functioning.

       "internal IPMI error" - An IPMI error has occurred that  FreeIPMI  does
       not  know  how  to  handle.  Please  e-mail <freeipmi-users@gnu.org> to
       report the issue.

WORKAROUNDS

       With so many different vendors implementing their own  IPMI  solutions,
       different  vendors  may implement their IPMI protocols incorrectly. The
       following describes a number  of  workarounds  currently  available  to
       handle  discovered  compliance  issues. When possible, workarounds have
       been implemented so they will be transparent to the user. However, some
       will  require  the  user  to  specify  a  workaround be used via the -W
       option.

       The hardware listed below may only indicate the hardware that a problem
       was  discovered  on.  Newer  versions  of hardware may fix the problems
       indicated below. Similar machines from vendors may or may  not  exhibit
       the  same  problems.  Different vendors may license their firmware from
       the same IPMI firmware developer,  so  it  may  be  worthwhile  to  try
       workarounds listed below even if your motherboard is not listed.

       If  you  believe  your hardware has an additional compliance issue that
       needs a workaround to  be  implemented,  please  contact  the  FreeIPMI
       maintainers on <freeipmi-users@gnu.org> or <freeipmi-devel@gnu.org>.

       assumeio   -   This  workaround  flag  will  assume  inband  interfaces
       communicate with system I/O rather than being memory-mapped. This  will
       work  around  systems that report invalid base addresses. Those hitting
       this issue may see "device not supported" or  "could  not  find  inband
       device" errors.  Issue observed on HP ProLiant DL145 G1.

       spinpoll  -  This workaround flag will inform some inband drivers (most
       notably the KCS driver) to spin while polling rather than  putting  the
       process to sleep. This may significantly improve the wall clock running
       time of tools because an operating system scheduler's  granularity  may
       be  much larger than the time it takes to perform a single IPMI message
       transaction. However, by spinning, your system may be  performing  less
       useful work by not contexting out the tool for a more useful task.

       authcap  -  This  workaround  flag  will skip early checks for username
       capabilities, authentication capabilities, and K_g  support  and  allow
       IPMI  authentication  to  succeed.  It  works around multiple issues in
       which the remote system does not properly report username capabilities,
       authentication  capabilities,  or  K_g status. Those hitting this issue
       may  see  "username  invalid",  "authentication  type  unavailable  for
       attempted privilege level", or "k_g invalid" errors.  Issue observed on
       Asus  P5M2/P5MT-R/RS162-E4/RX4,  Intel  SR1520ML/X38ML,  and  Sun  Fire
       2200/4150/4450 with ELOM.

       nochecksumcheck  - This workaround flag will tell FreeIPMI to not check
       the checksums returned from IPMI command  responses.  It  works  around
       systems that return invalid checksums due to implementation errors, but
       the packet is otherwise valid. Users are cautioned on the use  of  this
       option,  as  it  removes  validation of packet integrity in a number of
       circumstances.  However,  it  is  unlikely  to  be  an  issue  in  most
       situations.  Those  hitting  this  issue  may see "connection timeout",
       "session timeout", or "password verification timeout" errors.  On  IPMI
       1.5  connections, the "noauthcodecheck" workaround may also needed too.
       Issue  observed  on  Supermicro  X9SCM-iiF,  Supermicro  X9DRi-F,   and
       Supermicro X9DRFR.

       idzero  -  This  workaround  flag  will  allow  empty session IDs to be
       accepted by the client. It works around IPMI sessions that report empty
       session  IDs  to  the client. Those hitting this issue may see "session
       timeout" errors. Issue observed on Tyan S2882 with M3289 BMC.

       unexpectedauth - This workaround flag will  allow  unexpected  non-null
       authcodes  to  be checked as though they were expected. It works around
       an issue when packets contain non-null authentication  data  when  they
       should  be  null  due  to  disabled  per-message  authentication. Those
       hitting this issue may see "session timeout" errors. Issue observed  on
       Dell PowerEdge 2850,SC1425. Confirmed fixed on newer firmware.

       forcepermsg   -   This   workaround   flag   will   force   per-message
       authentication to be used no matter what is advertised  by  the  remote
       system.  It  works  around  an issue when per-message authentication is
       advertised as disabled  on  the  remote  system,  but  it  is  actually
       required  for  the  protocol. Those hitting this issue may see "session
       timeout" errors.  Issue observed on IBM eServer 325.

       endianseq - This workaround flag will flip the endian  of  the  session
       sequence  numbers  to  allow the session to continue properly. It works
       around IPMI 1.5 session sequence numbers that  are  the  wrong  endian.
       Those  hitting  this  issue  may  see  "session  timeout" errors. Issue
       observed on  some  Sun  ILOM  1.0/2.0  (depends  on  service  processor
       endian).

       noauthcodecheck  - This workaround flag will tell FreeIPMI to not check
       the authentication codes returned from IPMI 1.5 command  responses.  It
       works  around  systems  that return invalid authentication codes due to
       hashing or implementation errors. Users are cautioned  on  the  use  of
       this  option,  as  it  removes  an  authentication  check verifying the
       validity of a packet. However, in most organizations, this is  unlikely
       to  be  a  security issue. Those hitting this issue may see "connection
       timeout", "session timeout", or "password verification timeout" errors.
       Issue   observed   on   Xyratex   FB-H8-SRAY,  Intel  Windmill,  Quanta
       Winterfell, and Wiwynn Windmill.

       intel20 - This workaround flag will work around several Intel IPMI  2.0
       authentication issues. The issues covered include padding of usernames,
       and password  truncation  if  the  authentication  algorithm  is  HMAC-
       MD5-128. Those hitting this issue may see "username invalid", "password
       invalid", or "k_g invalid" errors. Issue observed  on  Intel  SE7520AF2
       with Intel Server Management Module (Professional Edition).

       supermicro20 - This workaround flag will work around several Supermicro
       IPMI 2.0  authentication  issues  on  motherboards  w/  Peppercon  IPMI
       firmware.   The   issues   covered   include  handling  invalid  length
       authentication codes.  Those  hitting  this  issue  may  see  "password
       invalid"  errors.   Issue  observed  on  Supermicro  H8QME  with  SIMSO
       daughter card. Confirmed fixed on newerver firmware.

       sun20 - This workaround flag will work work around several Sun IPMI 2.0
       authentication issues. The issues covered include invalid lengthed hash
       keys, improperly hashed keys, and invalid cipher suite  records.  Those
       hitting  this  issue  may see "password invalid" or "bmc error" errors.
       Issue observed on Sun Fire 4100/4200/4500 with ILOM.   This  workaround
       automatically includes the "opensesspriv" workaround.

       opensesspriv - This workaround flag will slightly alter FreeIPMI's IPMI
       2.0 connection protocol to workaround an invalid hashing algorithm used
       by  the remote system. The privilege level sent during the Open Session
       stage of an IPMI 2.0 connection is used for hashing keys instead of the
       privilege  level  sent during the RAKP1 connection stage. Those hitting
       this issue may see "password invalid", "k_g invalid", or "bad  rmcpplus
       status  code"  errors.   Issue observed on Sun Fire 4100/4200/4500 with
       ILOM, Inventec 5441/Dell Xanadu II, Supermicro X8DTH, Supermicro X8DTG,
       Intel S5500WBV/Penguin Relion 700, Intel S2600JF/Appro 512X, and Quanta
       QSSC-S4R/Appro GB812X-CN. This workaround  is  automatically  triggered
       with the "sun20" workaround.

       integritycheckvalue  - This workaround flag will work around an invalid
       integrity check value during an IPMI  2.0  session  establishment  when
       using  Cipher Suite ID 0. The integrity check value should be 0 length,
       however the remote motherboard responds with a non-empty  field.  Those
       hitting  this  issue  may  see  "k_g invalid" errors. Issue observed on
       Supermicro X8DTG, Supermicro X8DTU, and Intel  S5500WBV/Penguin  Relion
       700, and Intel S2600JF/Appro 512X.

       No IPMI 1.5 Support - Some motherboards that support IPMI 2.0 have been
       found to not support IPMI 1.5. Those hitting this issue may  see  "ipmi
       2.0  unavailable"  or  "connection  timeout"  errors. This issue can be
       worked around by using IPMI 2.0  instead  of  IPMI  1.5  by  specifying
       --driver-type=LAN_2_0. Issue observed on HP Proliant DL 145.

OEM INTERPRETATION

       The  following  motherboards are confirmed to have atleast some support
       by the --interpret-oem-data option. While highly probable the OEM  data
       interpretations  would  work  across  other  motherboards  by  the same
       manufacturer, there are no guarantees. Some of the  motherboards  below
       may be rebranded by vendors/distributors.

       Currently None

EXAMPLES

       # ipmi-dcmi --get-power-limit

       Get power limit of the local machine.

       # ipmi-dcmi -h ahost -u myusername -p mypassword --get-power-limit

       Get power limit of a remote machine using IPMI over LAN.

       #  ipmi-dcmi  -h  mycluster[0-127]  -u  myusername -p mypassword --get-
       power-limit

       Get power limit across a cluster using IPMI over LAN.

DIAGNOSTICS

       Upon successful execution, exit status is 0. On error, exit  status  is
       1.

       If multiple hosts are specified for communication, the exit status is 0
       if and only if all targets successfully  execute.  Otherwise  the  exit
       status is 1.

KNOWN ISSUES

       On  older  operating systems, if you input your username, password, and
       other potentially security relevant information on  the  command  line,
       this information may be discovered by other users when using tools like
       the ps(1) command or looking in the /proc file system. It is  generally
       more  secure  to input password information with options like the -P or
       -K options. Configuring security relevant information in  the  FreeIPMI
       configuration  file  would  also  be  an  appropriate  way to hide this
       information.

       In order to prevent brute force attacks,  some  BMCs  will  temporarily
       "lock  up" after a number of remote authentication errors. You may need
       to wait awhile in order to this temporary "lock up" to pass before  you
       may authenticate again.

REPORTING BUGS

       Report bugs to <freeipmi-users@gnu.org> or <freeipmi-devel@gnu.org>.

COPYRIGHT

       Copyright (C) 2009-2014 Lawrence Livermore National Security, LLC.

       This program is free software; you can redistribute it and/or modify it
       under the terms of the GNU General Public License as published  by  the
       Free  Software Foundation; either version 3 of the License, or (at your
       option) any later version.

SEE ALSO

       freeipmi(7),  ipmi-chassis(8),   ipmi-config(8),   ipmi-sel(8),   ipmi-
       sensors(8), ipmiconsole(8), ipmipower(8)

       http://www.gnu.org/software/freeipmi/