IDRAC6 Virtual Console Launcher

README

Use this as an example on how to start the virtual console without the need of Java Web Start or accessing it from the web interface.
You can use the user and password that you use for the web interface.

You need an old JRE... I used 1.7.0_80 from the Server JRE package, also I have tested successfully 1.7.0_79 with MacOS.
You don't need to install it, just extract it or copy the files in "jre" folder.

Open the viewer.jnlp file that you get by launching the virtual console from the web interface with a text editor.
Note the urls to the jar files. Download the main jar file avctKVM.jar and the libs for your operating system and architecture.
Extract the dlls (.so Linux, .jnilib MacOS) from the jar libs.

If you don't see the MacOS libs in the file make sure you download it from MacOS.

Edit the bat/sh file according to your needs.

The file structure should look like this:

start-virtual-console.bat (.sh if Linux/MacOS)
avctKVM.jar
jre/<jre home here>
lib/avctKVMIO.dll (.so if Linux, .jnilib if MacOS)
lib/avmWinLib.dll (.so if Linux, .jnilib if MacOS)

start-virtual-console.bat

@echo off

set /P drachost="Host: "
set /p dracuser="Username: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
    $BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
        [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (`%psCommand%`) do set dracpwd=%%p

.\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

start-virtual-console.sh

#!/bin/bash

echo -n 'Host: '
read drachost

echo -n 'Username: '
read dracuser

echo -n 'Password: '
read -s dracpwd
echo

./jre/bin/java -cp avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip=$drachost kmport=5900 vport=5900 user=$dracuser passwd=$dracpwd apcp=1 version=2 vmprivilege=true "helpurl=https://$drachost:443/help/contents.html"

tested also with following JRE on Win2012 R2 system

Java(TM) SE Runtime Environment (build pwa6460sr16fp41-20170215_04(SR16 FP41))
IBM J9 VM (build 2.4, JRE 1.6.0 IBM J9 2.4 Windows Server 2012 amd64-64 jvmwa6460sr16fp40-20161215_329869 (JIT enabled, AOT enabled)

Java(TM) SE Runtime Environment (build pwa6470_27sr3fp60ifix-20161110_01(SR3 FP60+IV90630+IV90578))
IBM J9 VM (build 2.7, JRE 1.7.0 Windows Server 2012 R2 amd64-64 Compressed References 20161005_321280 (JIT enabled, AOT enabled)

Handy script, thanks! I modified the bat version slightly to automatically download avctKVM.jar:

@echo off

set /P drachost="Host: "
set /p dracuser="Username: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
$BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
[System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (%psCommand%) do set dracpwd=%%p

ECHO Grabbing avctKVM.jar from host...
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVM.jar','.\avctKVM.jar')"

.\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

Awesome, thank you

Thank you so much for this!

I'm running into some issues running the script on Mac, however. When running the .sh file, everything goes fine until I receive the error: "Could not find or load main class com.avocent.idrac.kvm.Main".

Any idea as to how I would remedy this?

Great stuff! Thanks!

What about getting this working for iDRAC 7 and 8? I tried using the script with Java 8 but always get error: "Login failed with an access denied error." It almost works...

Hey I keep getting a connection failed error message, any advice?

11/11/2017 01:43:32:025: Connection failed with exception: Connection refused:
connect
==== propertyChange: (SESSION_STATE):CONNECTION_FAILED====

@ptmorris1 I'm stuck with iDRAC6, but you should be able to use VNC with iDRAC7 or iDRAC8. http://en.community.dell.com/cfs-file/__key/telligent-evolution-components-attachments/13-4491-00-00-20-44-10-34/AccessingRemoteDesktop_5F00_using_5F00_VNC_5F00_on_5F00_iDRAC.pdf

Fist off - thanks for the snippet and work-around. It was very useful to get an idea how it works behind the scenes - and that we don't actually need a web browser to kick-start console (our iDRAC6 does not even have a link for console, I had to hack it through viewer.jnlp!

I have managed to make it work - well, sort of "work". The thing is damn iDRAC6 in it's express` version simply does not support KVM.

Oh how I hate you Dell. Even more than I hate HP(E) and Intel together!

I'll stick with SuperMicro for good - they have HTML5 KVM which works from any device/browser! As a normal feature!

@stamster Did you actually get the console to work with iDRAC6 express? If yes, how?

Great thanks! It was very useful. But i have one big question with it - how can i include a virtual media library into this snippet?

Hi, trying to figure this out, new to messing with servers/java... Where would I get the libs for my operating system? I was able to download the avctKVM.jar from my server iDrac.

Also, where does the .bat file come from?

Sorry for the noob questions

@nizrael I spent some time getting the virtual media console to work. On windows, you need to open up avctKVMIOWin64.jar and avctVMWin64.jar, extract the .dlls contained therein and throw them in a lib folder in the folder you have the start-virtual-console.bat. I've confirmed this works with both the 64bit and 32bit dlls extracted from the jars.

@colomb001 thank you so much for the keyboard tip

Hi, How can I get avctKVMIO.dll and a vmWinLib.dll?? I downloaded from google avctKVMIO.dll and get vmWinLib.dll from my java ultimate version installed in appdata\LocalLow\Sun\Java\Deployment... but I get a error message: "The native library for keyboard and mouse support failed to load. Pass all keys to server and single cursor support will not be available", and not run, I´m under win10 x64, thanks

I got this to work (on enterprise), but I'm having problems getting keyboard input to work. It does not register any keypress.
It does register if I use the menu to ie. trigger or something.

I'm on latest macOS, if that helps any.

I get the error message
Error occurred during initialization of VM
java/lang/NoClassDefFoundError: java/lang/Object

Thanks for advice, regards

Great script. Nice
if you add reconnect=2( got from the jnlp downloaded from iDrac web ) as a parameter when running the jar, then iDrac 7 also work (dnt know why, maybe due to ssl check).
But no luck with iDrack 8 :(

Again Thankz for the script it was a great start and gave a goog understanding of how stuff works under the hood. I have made few updates and now it works for iDrac 6/7/8, think it'll help someone

As .Net < 4 throws errors when creating Tls12 connections and sometimes it's so hard to change registry to enable those if you are in a common environment. As a work around I used this https://eternallybored.org/misc/wget/ to download avctKVM.jar from the server.
" wget.exe --no-check-certificate "https://%ipaddress%/software/avctKVM.jar"
"
and updated the JRE version >= 1.8 as 1.7 was complaining about SSL handshake with iDrac 8.

finally, add " del avctKVM.jar " at the end of the bat. As wget.exe won't replace (maybe im missing a switch ), then you are good to go :)

Also working on a shell script to use x11 forwarding to pop out as most of the time jump hosts are Linux.

Thank you for the script, so much easier to get the console to connect. Couple of questions though, is there any way to get the Virtual Media Feature working with this script? Also, is this script compatible with the DRAC 5 card?

Thanks

I'm with @duckdave1, having the same issue with iDRAC6, NoClassDefFound when running both 1.7 and 1.6.

Edit: I can get the jnlp to run with Java baked in to Windows on 7u80 once video encryption is turned off. Still would rather hope for a universal solution like this one though ;-)

With JDK (Server JRE package) 7u80 I found here I could run the console even with encryption enabled using the .sh script (using cygwin here).

But I can't get the virtual media to work at all. From iDRAC 6 interfce, I see it is Enterprise, so it /should/ work. I've downloaded all .jar files pointed by viewer.jnlp, so it probably is a limitation by the way it is run. I see @nizrael also had the same issue than me.

Other than that, all seems to work, I can walk thru bios, type, reboot, and so on.

EDIT: to have virtual media working, just follow the steps into extracting the DLL (.so or .jnilib depending on OS). The avctKVMIO.dll and avmWinlib.dll files are within the avctKVMIO*.jar and avctVM*.jar, respectively. You have to choose between Linux32, Linux64, Win32 or Win64, depending on your OS.

In my case, windows 10 64-bit, it was Win64.

Hi,

I follow every step as mentioned even i extracted / un compressed the components of the jar file in "lib" folder however i am still getting this error
"Could not find or load main class com.avocent.idrac.kvm.Main". any help will be highly appreciated.

Thanks,
yousuf

@sirtcp Do you have the avctKVM.jar file in the same folder as the script?

I tried this out and it worked great on my mac.

• downloaded the JRE 1.7.0.79 tar file (not the installer) and extracted it.

• Downloaded the avctKVM.jar

• Run the java cmd and hard referenced the locations of the files
  Works like a charm! Thank you

`

MBP:Progs$ ls
avctKVM.jar		avctVMMac64.jar
avctKVMIOMac64.jar	jre1.7.0.79

export drachost=
export dracuser=
export dracpwd=
/Users/Progs/jre1.7.0.79/Contents/Home/bin/java -cp /Users//Progs/avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip=$drachost kmport=5900 vport=5900 user=$dracuser passwd=$dracpwd apcp=1 version=2 vmprivilege=true "helpurl=https://$drachost:443/help/contents.html"

Brilliant!!! This saves so much time. Thank you,

Was finally able to get this script running. A couple of things that I had to go through a few times, 1. Don't hard code the IP of the idrac. I had put into my script Host: https://A.B.C.D and then put my username and it wasn't working. Maybe if I had just put the IP and not the https: it would have worked. 2. I had to create a folder on my computer to hold the jre folder I downloaded and extracted as well as a .lib folder I created to house the .dll's that you have to extract and download from the links in the "viewer.jnlp". In the viewer.jnlp there are multiple lines, I am running 64 bit so I used the nativelib lines. I also extracted the avctKVM.jar and copied the com directory out into the lib folder. So my folder structure looks like:

Console (main folder)

1. Start-virtual-console.bat
2. jre folder (extracted from the server-jre that I downloaded form the internet)
3. lib folder
   a. com folder (extracted from avctKVM.jar)
   b. avctKVMIO.dll (extracted from viewer.jnlp Win64 section)
   c. avctWinLib.dll (extracted from viewer.jnlp Win64 section)

Once this was all set, I just ran the script using Powershell and it worked.

@joedel94 I know its been a while since you posted, but I got the same error. I found out that it was because I missunderstood what the

set /P drachost="Host: "
set /p dracuser="Username: "

lines did: I thought that the text in the quotes were just a place holder and you would need to modify the script to change the variables. They actually set the given variable name to the user input after prompting with the text in the string. So, when the script ran with your string set to, say, 192.168.0.0 and you hit enter after being prompted with that string, you're passing it an empty string. The console fails to connect with an empty string.

Try running the original script as is, then do the following in the console:

1. Enter hostname/ip address of the DRAC
2. Press enter key
3. Enter username for DRAC
4. Press enter key
5. Enter password for that username
6. Press enter key

Assuming there aren't any other problems (see below), you have your jre in the jre folder, and correct lib files in the lib folder alongside the script, that should run and connect the console.

Worst case, ignore the set lines and try to manually set your parameters in the long java line (though, I'd only do this for testing, as leaving a password in a script wouldn't be a very good idea):

.\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=192.168.0.0 kmport=5900 vport=5900 user="myUserName" passwd="SuperSecurePassword1" apcp=1 version=2 vmprivilege=true "helpurl=https://192.168.0.0:443/help/contents.html"

If that fails, you might be trying to access the wrong port (check the port number the console runs on in the web gui) or there might be a firewall between you and the DRAC blocking that port (5900 by default).

hard coding the password into the .bat file got it to work. I was having all sorts of authentication issues.

set drachost="192.168.1.10"
set dracuser="MyUserName"
set dracpwd="MyPassword"
.\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

Thanks, this works a treat. Running great on MacOS High Sierra using jre1.7.0_80

For the Mac users make sure to get both of the Mac jars from the .jnlp file and extract the libs from both of them (and put them into ./lib or whatever path you are going to use for that). Both viewer and Virtual media bits working as expected.

My two cents, it works flawlessly but sometimes my Keyboard doesn't work at all.
It turns out that it depends on the version of the avctKVM.jar:

• Virtual Console 1.0 (1.07.0.17647) completely works
• Virtual Console 1.5 (1.0.0.78) has keyboard issues (doesn't work)

If any is interested in the first version (that should work on any iDRAC6 device), I'll try to attach it... (rename it to 7z)

Here is a version that makes assumptions about your paths (so fix them if they don't match) and also uses 7-Zip to extract the required DLL file. It gives you an option to use a port other than 5900 since some of our hosts use different ports.

@echo off

set /P drachost="Host: "
set /p dracuser="Username: "
set /p kvmport="KVM Port: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
	$BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
		[System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (`%psCommand%`) do set dracpwd=%%p

md iDRAC6-%drachost%
cd iDRAC6-%drachost%
ECHO Grabbing avctKVM.jar from %drachost%
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVM.jar','.\avctKVM.jar')"
ECHO Grabbing avctKVMIOWin32.jar from %drachost%
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('http://%drachost%/software/avctKVMIOWin32.jar','.\avctKVMIOWin32.jar')"
ECHO Extracting .dll files to ./lib
"C:\Program Files\7-Zip\7z.exe" e avctKVMIOWin32.jar -oc:lib *.dll -r
ECHO Running KVM client
"C:\Program Files (x86)\Java\jre6\bin\java" -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.kvm.client.Main ip=%drachost% kmport=%kvmport% vport=%kvmport% user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

This works great, finally a workaround for the broken iDRAC!

A few notes on Ubuntu:

• It works with current version of Oracle's java
• The window appears hidden, you have to blindly activate it with alt-space, and then select "maximize"
• You need to extract the .so from both *Linux64.jar files, and put them in lib

I had to enable SSLv3 in java, I always got the error "connection failed"

Comment out "jdk.tls.disabledAlgorithms=SSLv3 in /lib/security/java.security

Thanks for that great script!
I have IDRAC8, and original script didn't work. So I played a little bit, tried this and that, and finally it works! My configuration and what did I do:

I used Java 1.8 (64-bit in my case). Changed "java.security", as @krubottom advised (and BIG THANKS for that!) - withou it I got an Error.

In Idrac 8 Dell have changed DLLs, and now the DLLs in \lib folder is:
avctKVMIO.dll - from avctKVMIOWin32.jar (or avctKVMIOWin64.jar - for 64)
VMAPI_DLL.dll - from avctVMAPI_DLLWin32.jar (or avctVMAPI_DLLWin64.jar - for 64)
VMAPI_DLL.lib (idk if the jar need that, but I decided to paste it inside \lib folder also) - from avctVMAPI_DLLWin32.jar (or avctVMAPI_DLLWin64.jar - for 64)

With original script Console launched just fine, but I got "access denied" message.
So - I dig inside my "viewer.jnlp" a little bit, and changed some parameters - and - it works! So - my command for running avctKVM.jar looks like:

.\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 reconnect=2 version=2 vm=1 "helpurl=https://%drachost%:443/help/contents.html"

Hi,

I follow every step as mentioned even i extracted / un compressed the components of the jar file in "lib" folder however i am still getting this error
"Could not find or load main class com.avocent.idrac.kvm.Main". any help will be highly appreciated.

Thanks,
yousuf

I'm experiencing the same issue as well.

Hello everyone, I have the remote console working on a dell R710 with the enterprise idrac.
Thanks to MathieuW here: https://www.dell.com/community/Systems-Management-General/iDRAC6-Virtual-Console-Connection-Failed/td-p/5144021/page/2

I am running the latest java version as of 10/01/2018.
Version 8 Update 181 (build 1.8.0_181-b13)

Go to here or wherever you installed java.
C:\Program Files\Java\jre1.8.0_181\lib\security\java.security

Comment out this line in java.security with a #
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024,
and add the IP address (https://IPhere) and (https://IPhere:443) to the security tab of the java control pannel.

I don't know what security implications this has but it works.

I have fixed it on ubuntu 16.04 with openjdk-8-jre:amd64 8u181-b13-0ubuntu0.16.04.1 the following way.

This is an original statement in java.security:

jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC

You have to delete SSLv3 and 3DES_EDE_CBC for iDrac console to be functional again.

So it will look like this:

jdk.tls.disabledAlgorithms=RC4, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224, DES40_CBC, RC4_40

Enjoy!

@Be5qP4Y3Fzaj

Hi,
I follow every step as mentioned even i extracted / un compressed the components of the jar file in "lib" folder however i am still getting this error
"Could not find or load main class com.avocent.idrac.kvm.Main". any help will be highly appreciated.
Thanks,
yousuf

I'm experiencing the same issue as well.

In case you, or anyone hasn't figured this issue out yet, I had to download the avctKVM.jar file separately, the same way as the files listed in the .jnlp file (ipaddress/software/avctKVM.jar) and put it in the same directory as the .bat/.sh file.

I have it working on Linux with iDRAC7. Issue for me was that the keyboard wouldn't work with the 64bit libraries and the virtual media wouldn't work with the 32bit libraries.

Mixing the two worked. I downloaded both sets to lib32 and lib64 directories and then copied the 64bit and 32bit file:

mkdir lib
cp -a lib32/libavctKVMIO.so ./lib
cp -a lib64/libavmlinux.so ./lib

I updated the Linux script to take arguments on the command line:

#!/bin/bash
# https://gist.github.com/xbb/4fd651c2493ad9284dbcb827dc8886d6

show_help () {
  echo "Usage: `basename $0` <options>";
  echo;
  echo "Options:";
  echo " -h | --help   = Help, show this message.";
  echo " -r | --host=<NAME>   = iDRAC IP Address (Mandatory).";
  echo " -u | --user=<USER>   = iDRAC user name (Mandatory";
  echo " -p | --pass=<PASS>   = iDRAC password (Mandatory)";
}

OPTS=`getopt -o hr:u:p: --long help,host:,user:,pass: -n 'help' -- "$@"`

#if [ $? != 0 ] ; then echo "Failed parsing options." >&2 ; show_help; exit 1 ; fi

# echo "$OPTS"
eval set -- "$OPTS"

while true; do
  case "$1" in
    -h | --help )    show_help; exit 0; shift ;;
    -r | --host )    host="$2"; shift 2 ;;
    -u | --user )    user="$2"; shift 2 ;;
    -p | --pass )    pass="$2"; shift 2 ;;
    -- ) shift; break ;;
    * ) echo "Invalid arguments!"; show_help; exit 1 ;;
  esac
done

if [ ! "$host" ] || [ ! "$user" ] || [ ! "$pass" ]; then
    show_help
    exit 1
fi

./jre/bin/java -cp avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip=$host kmport=5900 vport=5900 user=$user passwd=$pass apcp=1 version=2 vmprivilege=true "helpurl=https://$host:443/help/contents.html"

Hi!
Will it work with DRAC5? Would be great. I have made some tests with various jre and settings, but no luck.

For DRAC5 I have only 1 dll - avctKVMIO.dll.
Also avctKVM.jar file seems to be missing, I can only download avctKVMWin32.jar and avctDRAC5Viewer.jar
Anyway it seems to be working after adjusting the script, but with some Java versions I get bad_record_mac error, and with some even logon failures. Which I find strange since the normal connection over the browser works with this version of java.
Any clues what might be the problem?

This is my connection error:
Packet log written to: c:\javaViewer.log
==== propertyChange: (SESSION_STATE):CONNECTING====
==== propertyChange: (VIDEO_PANEL_SIZE_CHANGED):java.awt.Dimension[width=1600,he
ight=1600]====
==== propertyChange: (VIDEO_PANEL_SIZE_CHANGED):java.awt.Dimension[width=1600,he
ight=1600]====
12/07/2018 12:22:07:754: SSL: context protocol = SSLv3
12/07/2018 12:22:08:365: SSLv2Hello
12/07/2018 12:22:08:365: SSLv3
12/07/2018 12:22:08:366: TLSv1
12/07/2018 12:22:08:366: TLSv1.1
12/07/2018 12:22:08:366: TLSv1.2
12/07/2018 12:22:08:366: ======connectToPort======
12/07/2018 12:22:08:368: User Login Request: 0x100
12/07/2018 12:22:08:369: ======connectToPort - sendRequest======
12/07/2018 12:22:08:369: packet type( 0x100)
Sending packet: com.avocent.kvm.e.a.bf@442552 (8, 208).
setPassthroughEnabled(true)
setPassthroughEnabled(false)
12/07/2018 12:22:08:430: SSL: checkServerTrusted() called.
12/07/2018 12:22:08:432: SSL: getAcceptedIssuers() called.
12/07/2018 12:22:08:639: ===PacketReceiver==TYPE:(0x8305) - User Login Response
12/07/2018 12:22:08:641: Receive 0x8305 User Login Response (V2)
12/07/2018 12:22:08:642: User login response: 3
==== propertyChange: (SESSION_STATE):CONNECTION_LOGIN_FAILED====
12/07/2018 12:22:08:649: ======connectToPort - sendRequest======
12/07/2018 12:22:08:655: packet type( 0x400)
12/07/2018 12:22:08:656: ****************KEEP_ALIVE_INTERVAL:10000,getProperty(
KvmSession.SESSION_STATE)=CONNECTION_LOGIN_FAILED
Sending packet: com.avocent.kvm.e.a.q@83c96a (8, 8).

With java jre1.8.0_51 32 bit for windows, of course.

Dude, you're a hero 👍

Would you believe it even works with the proper Java 8 on MacOS High Sierra?

FYI, in a modern Linux operating system, you'll have to also edit this file by removing all SSLv3 / RC4 / RC4_* :

[root@knox back-ends]# pwd
/etc/crypto-policies/back-ends
[root@knox back-ends]# cat java.config
jdk.tls.ephemeralDHKeySize=1023
jdk.certpath.disabledAlgorithms=MD2, MD5, DSA, RSA keySize < 2048
#jdk.tls.disabledAlgorithms=DH keySize < 1023, SSLv2, DHE_DSS, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, 3DES_EDE_CBC, DES_CBC, RC4_40, RC4_128, DES40_CBC, RC2, HmacMD5
jdk.tls.disabledAlgorithms=DH keySize < 1023, SSLv2, DHE_DSS, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, 3DES_EDE_CBC, DES_CBC, DES40_CBC, RC2, HmacMD5
jdk.tls.legacyAlgorithms=

as well as :
[root@knox security]# pwd
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.192.b12-0.fc30.x86_64/jre/lib/security
[root@knox security]# grep "disabled." java.security | grep -v "^#"
jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer,
RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
jdk.tls.disabledAlgorithms=DES, MD5withRSA, DH keySize < 1024,
EC keySize < 224, 3DES_EDE_CBC

Hello everyone, I have the remote console working on a dell R710 with the enterprise idrac.
Thanks to MathieuW here: https://www.dell.com/community/Systems-Management-General/iDRAC6-Virtual-Console-Connection-Failed/td-p/5144021/page/2

I am running the latest java version as of 10/01/2018.
Version 8 Update 181 (build 1.8.0_181-b13)

Go to here or wherever you installed java.
C:\Program Files\Java\jre1.8.0_181\lib\security\java.security

Comment out this line in java.security with a #
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024,
and add the IP address (https://IPhere) and (https://IPhere:443) to the security tab of the java control pannel.

I don't know what security implications this has but it works.

commenting out jdk.tls.disabledAlgorithms works for me with jdk1.8

I had to enable SSLv3 in java, I always got the error "connection failed"
Comment out "jdk.tls.disabledAlgorithms=SSLv3 in /lib/security/java.security

This fixed it for me. too with latest java. Nice to have it in its own folder as a "portable"

same for allowing unsecure algos.
It work

The original post worked for me, thanks for this!

Another option - All in Powershell this time, which can be used on any system that has PSCore installed :)

function Connect-iDrac {
    [CmdletBinding()]
    param (
        [IPAddress]$dracHost,
        $dracUser
    )
    try {
        $cred = Get-Credential -UserName $dracUser -Message "Please enter iDrac credentials.." -Title "Connect-iDrac"
        $jrePath = "C:\bin\jre1.7.0_80" #set to your jre binaries root folder.
        $kvmJar = "$jrePath\avctKVM.jar"
        if (!(Test-Path $kvmJar)) {
            [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
            $WebClient = New-Object System.Net.WebClient
            $WebClient.DownloadFile("http://$dracHost/software/avctKVM.jar", "$kvmJar")
        }
        $proc = Start-Process -FilePath cmd -ArgumentList "/c `"$jrePath\bin\java.exe -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=$dracHost kmport=5900 vport=5900 user=$dracUser passwd=$($cred.GetNetworkCredential().Password) apcp=1 version=2 vmprivilege=true 'helpurl=https://%drachost%:443/help/contents.html'`"" -WorkingDirectory $jrePath -PassThru
        return $proc
    }
    catch {
        Write-Warning $_.Exception.Message
    }
}

I stumbled over this posting while searching for a solution to connect to my Lenovo RD530 via KVM, so i gave it a shot - and it worked flawless. So thank you for that.

Difference to the original posting is, i just got the avctKVMIO.dll out of the jar and i had to change 'com.avocent.idrac.kvm.Main' to 'com.avocent.kvm.client.Main'.

Thank you very much - this works great!

wow thank you! this is the only way I got the iDrac 6 console to open.

Thanks, great solution.
There remains a small problem, I want a video resolution of 1024x768 and higher ...

Thank you for the great script. I have it running on iDRAC6 and iDRAC7. I using JRE 1.7 for iDRAC6 and JRE 1.8 for IDRAC7. It works out well. The only issue I have is Virtual Media is not showing (working) for iDRAC7. If anyone have a solution for Virtual Media on iDRAC 7, please share. Virtual Media works fine in iDRAC6 with "avmWinLib.dll" in the .\lib directory.

@lbong Read this

@NoLooseEnds iDRAC6 Express simply does not support KVM. You will need to buy the iDRAC6 Enterprise add-on. There is no work around since iDRAC6 Express simply does not contains the Hardware required to support this. The add-on can easily be purchase from many providers for less then 20$USD. So very cheap. If you want the feature simply by the required hardware.

@LouisOuellet Yes, and I did. :)

Thanks for the great script. I did added some functionalities to it such as Arguments support for HOST, USER and PASSWORD to make it a little faster to used. But nice find.

This works great, thank you!

I keep getting
"Error: Could not find or load main class com.avocent.kvm.client.Main"

*** Edit ***
looking at the folder structure of the extracted lib, there was no client directory. Removed that from the string and added back the 'idrac'

com.avocent.idrac.kvm.Main
...voila! It works!

thanks, works here!!!

I solve my problem using this tutorial. https://antoniocampos.net/2018/01/12/java-erro-ao-utilizar-md5withrsa/

Proving there are many ways to skin a cat, how about a method which utilises your Java installation's 'javaws' binary and templates out a JNLP file, written in Perl.

idrac-console.pl:

#!/usr/bin/perl

use strict;
use warnings;

use Getopt::Long;
use Text::Template;
use File::Spec;
use FindBin;
use File::Temp qw/tempfile/;

my $java_dir = File::Spec->catfile($FindBin::Bin, 'jre7');
my $drac_host;
my $drac_user;
my $drac_password;

GetOptions('host=s' => \$drac_host,
           'user=s' => \$drac_user,
           'password=s' => \$drac_password,
           'java-dir=s' => \$java_dir) or
  die "Invalid options\n";

if (!$drac_host or !$drac_user or !$drac_password)
{
  die "You must specify --host, --user and --password\n";
}
 
my $template = Text::Template->new(TYPE => 'FILE', SOURCE => File::Spec->catfile($FindBin::Bin, 'viewer.jnlp.tmpl'));

my %hash =
(
  'drac_host' => $drac_host,
  'drac_user' => $drac_user,
  'drac_password' => $drac_password
);

my $text = $template->fill_in(HASH => \%hash);

my $tmp_file = File::Temp->new(SUFFIX => '.jnlp');

print $tmp_file $text;
close $tmp_file;

print "Launching $tmp_file...\n";

system(
       File::Spec->catfile($java_dir, 'bin', 'javaws'),
       $tmp_file
      );

viewer.jnlp.tmpl:

<?xml version="1.0" encoding="UTF-8"?>
<jnlp codebase="https://{$drac_host}:443" spec="1.0+">
<information>
  <title>iDRAC6 Virtual Console Client</title>
  <vendor>Dell Inc.</vendor>
   <icon href="https://{$drac_host}:443/images/logo.gif" kind="splash"/>
   <shortcut online="true"/>
 </information>
 <application-desc main-class="com.avocent.idrac.kvm.Main">
   <argument>ip={$drac_host}</argument>
   <argument>vmprivilege=true</argument>
   <argument>helpurl=https://{$drac_host}:443/help/contents.html</argument>
   <argument>title=idrac</argument>
   <argument>user={$drac_user}</argument>
   <argument>passwd={$drac_password}</argument>
   <argument>kmport=5900</argument>
   <argument>vport=5900</argument>
   <argument>apcp=1</argument>
   <argument>version=2</argument>
 </application-desc>
 <security>
   <all-permissions/>
 </security>
 <resources>
   <j2se version="1.7"/>
   <jar href="https://{$drac_host}:443/software/avctKVM.jar" download="eager" main="true" />
 </resources>
 <resources os="Windows" arch="x86">
   <nativelib href="https://{$drac_host}:443/software/avctKVMIOWin32.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMWin32.jar" download="eager"/>
 </resources>
 <resources os="Windows" arch="amd64">
   <nativelib href="https://{$drac_host}:443/software/avctKVMIOWin64.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMWin64.jar" download="eager"/>
 </resources>
 <resources os="Windows" arch="x86_64">
   <nativelib href="https://{$drac_host}:443/software/avctKVMIOWin64.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMWin64.jar" download="eager"/>
 </resources>
  <resources os="Linux" arch="x86">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOLinux32.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMLinux32.jar" download="eager"/>
  </resources>
  <resources os="Linux" arch="i386">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOLinux32.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMLinux32.jar" download="eager"/>
  </resources>
  <resources os="Linux" arch="i586">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOLinux32.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMLinux32.jar" download="eager"/>
  </resources>
  <resources os="Linux" arch="i686">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOLinux32.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMLinux32.jar" download="eager"/>
  </resources>
  <resources os="Linux" arch="amd64">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOLinux64.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMLinux64.jar" download="eager"/>
  </resources>
  <resources os="Linux" arch="x86_64">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOLinux64.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMLinux64.jar" download="eager"/>
  </resources>
  <resources os="Mac OS X" arch="x86_64">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOMac64.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMMac64.jar" download="eager"/>
  </resources>
</jnlp>

Thank you very much! I made the mistake of editing the script and filling in the host IP and user, don't do that, just fill in when prompted :)

thanks for the script. successfully implemented for an R710 with idrac enterprise 6 on a windows 10 64 bit machine.
was driving me batty why i couldn't get the console running with java 8, but your script is a neat workaround and runs perfectly.

You don't NEED an old Java, you just need to disable all the SSL/TLS restrictions in ($javadir)/lib/security/java.security - specifically, set jdk.tls.disabledAlgorithms=DES and jdk.certpath.disabledAlgorithms=MD2 (You may want to leave others there, but that's enough to get it working).

You probably also want to disable TLS1.3 in Java Settings -> Advanced, as that can cause problems with HP ILOs, too.

Worked great on my R810 with iDrac6 Enterprise.

Just a note for anyone else that might have this problem... I was getting an SSL socket exception in Java. The only thing I changed was the password I was using for the user. Turns out I had a few special characters in the password. That was the issue. Once I removed the special characters everything worked perfectly.

iDrac5 Success:
On MacOS Catalina

• Java JDK 7u80
• Edit /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/java.security" and comment out jdk.tls.disabledAlgorithms=SSLv3 at the very bottom.
  • If your path is different, sudo find /Library -name "java.security"
• Download https://<ipaddr>/plugins/vkvm/avctDRAC5Viewer.jar
• Get the latest vkvm.jnlp (current login, credentials expire). Replace <ipaddr> with your IP Address
• awk 'NR == 12 {print substr($0,16,32)}' ~/Downloads/vkvm.jnlp | xargs -I {} /usr/bin/java -cp avctDRAC5Viewer.jar -Djava.library.path=./lib com.avocent.drac5.kvm.Main ip="<ipaddr>" kmport=5900 vport=5901 user={} passwd= apcp=0 sslv3=1
  • awk 'NR == 12 {print substr($0,16,32)}' prints line 12, chars 16-32, which contain the hashed username.
  • Be sure you're in the same path as avctDRAC5Viewer
  • Change kmport and vport accordingly. (also available inside the vkvm.jnlp file).
  • Using the jnlp username, you do not need a password. Leave as passwd=

@jamesastound

Thank you. It works for me

Thank you very much it works!

Yes it works for me too. Thanks.

@wdz111:

Thanks for that great script!
I have IDRAC8, and original script didn't work. So I played a little bit, tried this and that, and finally it works! My configuration and what did I do:

I used Java 1.8 (64-bit in my case). Changed "java.security", as @krubottom advised (and BIG THANKS for that!) - withou it I got an Error.
...
VMAPI_DLL.dll - from avctVMAPI_DLLWin32.jar (or avctVMAPI_DLLWin64.jar - for 64)

Thanks for sharing. I used procexp (from sysinternals) to determine I needed a VMAPI_DLL but did not know what to pull from the server. Is it a safe bet to assume that the path to the .jar will always be the DLL filename, minus the .dll then prepend avct and postpend Linux64.jar|Win64?

I'm hoping that when I get a server that has a newer iDRAC version it will be this simple.

Thank you, this worked on linux mint w/ default java 8. Fwiw instead of editing the system-wide security policy (eg. /usr/lib/.../security/java.security) you can copy the file into the local directory and tell the script to use it by adding "-Djava.security.properties=./java.security" to the java arguments. Then the security settings will only apply for this particular application, hopefully avoiding potential security risks.

Thank you! It works for me too.

I made a Python script based on this. Should work for Win/Linux/Mac.

https://github.com/gethvi/iDRAC6VirtualConsoleLauncher

any way to fix keyboard on windows?

Hi, How can I get avctKVMIO.dll and a vmWinLib.dll?? I downloaded from google avctKVMIO.dll and get vmWinLib.dll from my java ultimate version installed in appdata\LocalLow\Sun\Java\Deployment... but I get a error message: "The native library for keyboard and mouse support failed to load. Pass all keys to server and single cursor support will not be available", and not run, I´m under win10 x64, thanks

@codigobinario did you fix it?