Skip to content

Instantly share code, notes, and snippets.

@smbambling
Forked from andrewspiers/change-idrac-password.rst
Last active October 27, 2023 08:56
Show Gist options
  • Save smbambling/34980ec47d74139004b6 to your computer and use it in GitHub Desktop.
Save smbambling/34980ec47d74139004b6 to your computer and use it in GitHub Desktop.
Change iDRAC password using OpenManage

How to change an iDRAC password using Racadm for a Dell R720 and similar servers.

TLDR:

#  racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 2 <newpassword>

This guide assumes you have OpenManage installed. It was tested with the following version of OpenManage:

# omreport about

Product name : Dell OpenManage Server Administrator
Version      : 7.3.0-1
Copyright    : Copyright (C) Dell Inc. 1995-2013 All rights reserved.
Company      : Dell Inc.

and the following version of idRac:

# racadm getconfig -g idRacInfo

# idRacType=16
# idRacProductInfo=Integrated Dell Remote Access Controller
# idRacDescriptionInfo=This system component provides a complete set of remote management functions for Dell PowerEdge Servers
# idRacVersionInfo=1.40.40
# idRacBuildInfo=17
# idRacName=idrac

racadm is the remote access controller administration command line interface. The official documentation for this interface is the "RACADM Command Line Reference Guide for iDRAC7". Versions 1.40.40 and 1.50.50 of this guide were available at http://downloads.dell.com/Manuals/all-products/esuprt_software/esuprt_remote_ent_sys_mgmt/esuprt_rmte_ent_sys_rmte_access_cntrllr/ as of 9th April 2014. iDRAC has room for up to 16 users. To obtain information about users you need to specify the user you are interested in by index. I do not know of a command to dump information about all the users. The factory default is for one user to be set up with username 'root' at index 2. Here is how to find out

about that default user:

# racadm getconfig -g cfgUserAdmin -i 2

This gives output like this:

cfgUserAdminUserName=root
# cfgUserAdminPassword=******** (Write-Only)
cfgUserAdminEnable=1
cfgUserAdminPrivilege=0x000001ff
cfgUserAdminIpmiLanPrivilege=4
cfgUserAdminIpmiSerialPrivilege=4
cfgUserAdminSolEnable=1

The AdminPrivilege value is a mask indicating what the user is permitted to do.

Now that we have confirmed the index of the root user we can change its password:

#  racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 2 <newpassword>


All Dell DRACs come with a default account set up as root / calvin which is a huge security risk if left!

The web interface doesn’t let you change the password but the firmware does when you boot the server.

A second way to change the password is with the racadm tool, if installed, at the command line! This means you don’t have to reboot that precious production server!

In DRAC 4, the first index slot is root by default. In DRAC 5 and 6, index 1 is Administrator, index 2 is root.

We can display the ID info using racadm command:

DRAC 4:

racadm getconfig -g cfgUserAdmin -i 1

DRAC 5 and 6:

racadm getconfig -g cfgUserAdmin -i 2 # cfgUserAdminIndex=2 cfgUserAdminUserName=root # cfgUserAdminPassword=******** (Write-Only) cfgUserAdminEnable=1 cfgUserAdminPrivilege=0x000001ff cfgUserAdminIpmiLanPrivilege=4 cfgUserAdminIpmiSerialPrivilege=4 cfgUserAdminSolEnable=1

When we’re sure we have the correct ID, we can easily change the password with the racadm command too

DRAC 4:

racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 1 newpassword

DRAC 5 and 6:

racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 2 newpassword

Object value modified successfully

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment