Reset Administrator Password on iLO
RIBCL: Reset Administrator Password on iLO
Filed under: Quick Code, Security — Written by Chrissy on Wednesday, April 26th, 2006 @ 4:57 am
Last night I got locked out of my Compaq DL360’s iLO. I searched the web to find how to reset the Administrator password and read that, for the most part, I’d have to be at the console. Bah! My servers are in San Jose and I’m up here in San Francisco, I didn’t want to make a trip just to reset my passwords. I continued to look around the web for a solution and found that I could reset the Administrator password (or even add another user with admin privs) using Compaq’s Remote Insight Board Command Language. Apparently, if you are processing RIBCL commands through your given operating sytem so long as you have the rights to login to the server. I logged in as my Windows Domain Admin and performed the following steps (Linux users, you can download the RPM for HPONCFG):
1. I installed SNMP because it was a preprequesite for HP Insight Management Agents.
2. I dowloaded and installed the HP Insight Management Agents.
3. I then downloaded HP Lights-Out Online Configuration Utility.
4. I ran into NTVDM errors trying to run the file so I just used WinRAR to extract the contents into C:\hp\ilo. I also extracted the zip file contained within the initial archive.
5. I then downloaded the HP Lights-Out XML Scripting Sample for Windows (Linux users can download the files in tgz format here or here.) extracted it and found the file I was looking for —
<login USER_LOGIN=”Administrator” PASSWORD=”boguspassword”>
6. Using notepad, I opened up the sample file and modified it slightly. Initially, I just removed the LOGIN and ran the file but HPONCFG gave me a syntax error. I then added it back and gave the Administrator a bogus password. Apparently, the LOGIN line is required for syntax reasons but it is not actually processed.
7. Next, I opened a command line and changed directories to C:\hp\ilo and typed the following:
HPONCFG.exe /f Administrator_reset_pw.xml /l log.txt > output.txt
8. I opened up Firefox, navigated to my iLO machine and viola! I was able to login as Administrator.
If changing Administrator’s password seems too scary, you can also add another user with administrator privileges. You can then login as that user and change the Administrator password via the web console. Use the following code, suited to your liking:
<login USER_LOGIN=”Administrator” PASSWORD=”boguspass”>
<user_INFO MODE=”write” >
<reset_SERVER_PRIV value = “Y” />
<admin_PRIV value = “Y” />
Here’s a zip of just hponcfg.exe, add_user.xml, and Administrator_reset_pwd.xml. Since it’s an exe with no apparent supporting files, y ou may be able to just use that.
I see quite a few people have hit this page..if you found it useful, please let me know! If not, drop me a note and I’ll see how I can help.