{"id":2175,"date":"2017-10-23T22:14:22","date_gmt":"2017-10-24T03:14:22","guid":{"rendered":"http:\/\/osric.com\/chris\/accidental-developer\/?p=2175"},"modified":"2017-10-23T22:14:22","modified_gmt":"2017-10-24T03:14:22","slug":"reset-the-idrac-administrator-password-via-ipmitool","status":"publish","type":"post","link":"https:\/\/osric.com\/chris\/accidental-developer\/2017\/10\/reset-the-idrac-administrator-password-via-ipmitool\/","title":{"rendered":"Reset the iDRAC administrator password via ipmitool"},"content":{"rendered":"<p>In the <a href=\"https:\/\/osric.com\/chris\/accidental-developer\/2017\/10\/using-ipmitool-to-configure-dell-idrac\/\">previous post<\/a>, I configured the iDRAC interface on a Dell server using <code>ipmitool<\/code> on CentOS. However, I ran into a problem, which I blame on poor user interface design:<\/p>\n<p>When you log into the iDRAC web interface as <code>root\/calvin<\/code>, it warns you that you are using the default username\/password and prompts you to change the password. I did so by generating a random password in my password manager and pasting it into the password field.<\/p>\n<p>The problem? The password can contain at most 20 characters, a limitation that is not obvious from the web interface. The password field on the iDRAC web interface truncates the password at 20 characters, and so I submitted a partial password. Then later, when I attempting to log it using the password saved in my password manager, it didn&#8217;t match. (For reasons that aren&#8217;t clear to me, submitting just the first 20 characters of the password saved in the password manager did not work either.)<\/p>\n<p>I figured I was stuck and would have to go to the data center, reboot the server, and boot into the Lifecycle Controller in order to reset the iDRAC password. But I thought I&#8217;d see what I could do via <code>ipmitool<\/code> first.<\/p>\n<p>From <a href=\"https:\/\/sysadmin.compxtreme.ro\/configuring-drac-with-ipmitool\/\">Configuring DRAC with ipmitool<\/a> and <a href=\"http:\/\/www.theprojectbot.com\/ipmitool-cheatsheet-and-configuring-drac-from-ipmitool\/\">ipmitool Cheatsheet<\/a>:<\/p>\n<p><em>Reset BMC\/DRAC to default:<\/em><\/p>\n<pre><code>$ sudo ipmitool mc reset cold<\/code><\/pre>\n<p>The command was successful, but that did not reset the password for me.<\/p>\n<p>From <a href=\"https:\/\/siliconmechanics.zendesk.com\/hc\/en-us\/articles\/201143819-Resetting-the-BMC\">Resetting the BMC<\/a>:<\/p>\n<p><em>&#8230;you can reset the BMC to factory defaults with IPMICFG or ipmitool. Be aware that this will wipe any existing settings on the BMC that you may have set from the web interface, but excludes network settings.<\/em><\/p>\n<pre><code># ipmitool raw 0x3c 0x40<\/code><\/pre>\n<p>But that did not work for me, and produced an error code. I spent some time trying to determine what the various raw hex values for ipmi meant, but that was not productive.<\/p>\n<p>Eventually though I did hit upon an <code>ipmitool<\/code> command that worked:<\/p>\n<pre><code>$ sudo ipmitool user list 1\r\nID  Name\t     Callin  Link Auth\tIPMI Msg   Channel Priv Limit\r\n1                    true    false      false      NO ACCESS\r\n2   superuser        true    true       true       ADMINISTRATOR\r\n3                    true    false      false      NO ACCESS\r\netc.<\/code><\/pre>\n<p>The username I configured corresponds with ID 2, so then I used <code>ipmitool<\/code> to set the password for that user:<\/p>\n<pre><code>$ sudo ipmitool user set password 2<\/code><\/pre>\n<p>I was prompted to enter the password, which I was then able to use to log in to the iDRAC web interface.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In the previous post, I configured the iDRAC interface on a Dell server using ipmitool on CentOS. However, I ran into a problem, which I blame on poor user interface design: When you log into the iDRAC web interface as root\/calvin, it warns you that you are using the default username\/password and prompts you to &hellip; <a href=\"https:\/\/osric.com\/chris\/accidental-developer\/2017\/10\/reset-the-idrac-administrator-password-via-ipmitool\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Reset the iDRAC administrator password via ipmitool<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[422],"tags":[414,415,467,468,260],"class_list":["post-2175","post","type-post","status-publish","format-standard","hentry","category-sysadmin","tag-centos","tag-centos-7","tag-dell","tag-idrac","tag-ux"],"_links":{"self":[{"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/posts\/2175","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/comments?post=2175"}],"version-history":[{"count":1,"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/posts\/2175\/revisions"}],"predecessor-version":[{"id":2176,"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/posts\/2175\/revisions\/2176"}],"wp:attachment":[{"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/media?parent=2175"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/categories?post=2175"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/tags?post=2175"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}