Reset the iDRAC administrator password via ipmitool

In the previous post, I configured the iDRAC interface on a Dell server using ipmitool on CentOS. However, I ran into a problem, which I blame on poor user interface design:

When you log into the iDRAC web interface as root/calvin, it warns you that you are using the default username/password and prompts you to change the password. I did so by generating a random password in my password manager and pasting it into the password field.

The problem? The password can contain at most 20 characters, a limitation that is not obvious from the web interface. The password field on the iDRAC web interface truncates the password at 20 characters, and so I submitted a partial password. Then later, when I attempting to log it using the password saved in my password manager, it didn’t match. (For reasons that aren’t clear to me, submitting just the first 20 characters of the password saved in the password manager did not work either.)

I figured I was stuck and would have to go to the data center, reboot the server, and boot into the Lifecycle Controller in order to reset the iDRAC password. But I thought I’d see what I could do via ipmitool first.

From Configuring DRAC with ipmitool and ipmitool Cheatsheet:

Reset BMC/DRAC to default:

$ sudo ipmitool mc reset cold

The command was successful, but that did not reset the password for me.

From Resetting the BMC:

…you can reset the BMC to factory defaults with IPMICFG or ipmitool. Be aware that this will wipe any existing settings on the BMC that you may have set from the web interface, but excludes network settings.

# ipmitool raw 0x3c 0x40

But that did not work for me, and produced an error code. I spent some time trying to determine what the various raw hex values for ipmi meant, but that was not productive.

Eventually though I did hit upon an ipmitool command that worked:

$ sudo ipmitool user list 1
ID  Name	     Callin  Link Auth	IPMI Msg   Channel Priv Limit
1                    true    false      false      NO ACCESS
2   superuser        true    true       true       ADMINISTRATOR
3                    true    false      false      NO ACCESS

The username I configured corresponds with ID 2, so then I used ipmitool to set the password for that user:

$ sudo ipmitool user set password 2

I was prompted to enter the password, which I was then able to use to log in to the iDRAC web interface.

Password Form Usability: Duke Energy

When you’re singing up with any online service, picking a password is always trouble. What weird password requirements does this service have? Tonight I had that question with Duke Energy’s sign-up form. Fortunately, they had a Help icon that described the password rules:

Duke Energy Sign-up Form: password rules
Text reads: Password are case-sensitive and must contain at least eight letters or numbers.

OK, minimum of 8 alphanumeric characters. Easy enough.

I use Password Safe as my password manager. I have no idea what any of my passwords are: they are auto-generated random strings. I generated a new random password and entered it into the form:

Duke Energy Form: password feedback mixed messages
Text reads: Must be at least eight characters, contain one letter and one number and no special characters.

OK, so the password rules are a little different than what was initially described. But which symbols are special characters? And this screen is sending mixed-messages: if the password strength is rated Strong, why is it not valid?

I updated the password generation rules in Password Safe to generate a new password, assuming that only alphanumeric characters are allowed:

  • Use lowercase letters, minimum 1
  • Use upper case letters, no minimum
  • Use numbers, minimum 1
  • No symbols

And, since no symbols are included, I increased the password length to 16 characters. This new password was accepted, but the feedback indicates that the password is only moderately strong!

Duke Energy form: a valid password, rated moderately strong
The password is valid, but rated only moderately strong

I’m guessing that the code that generates the password strength indicator is from a 3rd-party and has no knowledge of Duke Energy’s password rules.

My problems with this, from a usability perspective:

  1. The password rules should apparent and described accurately.
  2. The password strength indicator should be aware of any password rules, and should describe a rejected password as such.

From a security perspective, I don’t see why any keyboard characters should be restricted. More characters to choose from means more complexity. Plus, if there were no character restrictions, it would be easier to describe the rules–and use an accurate 3rd-party password-strength tool.

Find Feature UI annoyance in Adobe Acrobat Pro

The Find feature in Adobe Acrobat Pro X has bothered me for some time now:

Adobe Acrobat's Find feature: note the size of the click-targets
Adobe Acrobat’s Find feature: note the size of the click-targets

The click-targets to find the previous or next occurrence of your search term are tiny. Minuscule. Verging on microscopic. Let’s say I’m searching a 600 page PDF on SharePoint and I’m looking for occurrences of the term workflow. As I click next repeatedly, trying to find the relevant section, I find that it’s very easy for my cursor to edge over just a little bit and close the Find dialog.

(Yes, I know: I can just keep pressing Enter and avoid this issue.)

How Many People Does It Take To Silence an Alarm System?

This is my fourth logbook entry for my Human-Computer Interaction (HCI) course.

A few weeks ago on a Sunday morning, a piercing, ear-splitting din pervaded my apartment: the fire alarm. This is not anything like your typical household smoke detector: smoke detectors are merely loud. This sound causes pain. We managed to scoop up the cat and shove her into her carrier and head outside. Fortunately, it was a false alarm: workers in the restaurant on the ground floor of my building accidentally triggered the alarm system.

The fire department arrived and confirmed that, indeed, there was no fire. However, they did not have the code to turn off the alarm. Neither did the employees at the restaurant. I called the maintenance number for our building who relayed the top-secret code that would reset the alarm: 1-2-3-4.
Continue reading How Many People Does It Take To Silence an Alarm System?

Big Belly Trash Cans and Usability

This is my third logbook entry for my Human-Computer Interaction (HCI) course.

A few years ago, Philadelphia replaced many of the garbage cans with BigBelly Solar trash compactors.

Big Belly Solar Trash Compactors
2 recycling bins and a solar compactor in Penn Park

I’d first seen Big Belly at a park in Chicago. It seemed like a great idea: the smart trash can compacts refuse so that it needs to be collected less frequently, and even sends out a signal to the grounds crew when it is full, so that there’s never an overflowing trash receptacle (the latter was a big problem in Philly, especially on weekends).

Time Magazine recently ran an article on BigBelly (“Trash Talk“), particularly citing their success in Philadelphia. I still think the solar compactors are a great improvement over the overflowing trash cans of years past. The streets are cleaner, and they save money. But from a resident’s perspective, I think they have room for improvement.
Continue reading Big Belly Trash Cans and Usability

Ambiguous “On” Indicators on Television Sets and Monitors

I’m currently taking a course on Human-Computer Interaction (HCI). The instructor advised us to keep logs of things we notice in the world that relate to the course material. This is one of my log entries.

One item I noticed today was the On indicator on a Samsung television at work. It’s a large flat-panel screen that we have connected to a PC for presentation purposes in a small conference room. I was preparing for a presentation and sat down at the keyboard and mouse. The power light glowed amber, so I wiggled the mouse. Nothing. I pressed CTRL-ALT-DEL. Nothing. I checked to make sure that the PC was on, and then I checked to make sure the cables were connected. Everything looked correct–why wasn’t the screen getting a signal?

Bottom panel of a television set displaying an amber light. Note that although the indicator light is near the power symbol, it could be much closer.

Continue reading Ambiguous “On” Indicators on Television Sets and Monitors