Wednesday, August 12, 2015

Backdoor to iLO via Chassis OA to factory reset

I recently ran into issues where I could not connect to iLO on HP Proliant blades after the OA subnet changed vLAN.  The root cause was the ilo was configured with static IP addresses and not DHCP via EBIP.  I did not have physical access and needed to change the iLO to DHCP.

Thanks to this post and Casper42's suggestion I resolved the issue.

http://h30499.www3.hp.com/t5/HP-BladeSystem/Reset-Blade-Server-iLo-to-defaults/td-p/4803223#.Vct8JI2KC70

  1. SSH to the active OA
  2. Type CONNECT SERVER X
    1. Where X is the Blade's slot number.
    2. This will get you into the iLO Smash CLP string.
  3. Type set /map1/dhcpendpt1 EnabledState=yes and hit enter
    1. Give the iLO 90-120 seconds to reboot.
  4. Run the XML based Reset Command  Paste the entire text below at the prompt:

HPONCFG X << end_marker
<RIBCL VERSION="2.0">
<LOGIN USER_LOGIN="adminname" PASSWORD="password">
<RIB_INFO MODE="write">
<FACTORY_DEFAULTS/>
</RIB_INFO>
</LOGIN>
</RIBCL>
end_marker






The iLO will reboot and you now have a factory defaulted iLO.

Of course me being a bonehead, and not being physically onsite to read the default Administrator password, I still could not login.  So I entered this command to add a temp user to get me in.

HPONCFG 13 << end_marker
<RIBCL VERSION="2.0">
<LOGIN USER_LOGIN="adminname" PASSWORD="password">
<USER_INFO MODE="write">
<ADD_USER
USER_NAME="temp"
USER_LOGIN="temp"
PASSWORD="password">
<ADMIN_PRIV value ="Y"/>
<REMOTE_CONS_PRIV value ="Y"/>
<RESET_SERVER_PRIV value ="Y"/>
<VIRTUAL_MEDIA_PRIV value ="Y"/>
</ADD_USER>
</USER_INFO>
</LOGIN>
</RIBCL>
end_marker


Now I can get into the iLO to make any changes I want.

No comments: