Skip to content

Instantly share code, notes, and snippets.

@xbb
Last active Jul 1, 2022
Embed
What would you like to do?
IDRAC6 Virtual Console Launcher
Use this as an example on how to start the virtual console without the need of Java Web Start or accessing it from the web interface.
You can use the user and password that you use for the web interface.
You need an old JRE... I used 1.7.0_80 from the Server JRE package, also I have tested successfully 1.7.0_79 with MacOS.
You don't need to install it, just extract it or copy the files in "jre" folder.
Open the viewer.jnlp file that you get by launching the virtual console from the web interface with a text editor.
Note the urls to the jar files. Download the main jar file avctKVM.jar and the libs for your operating system and architecture.
Extract the dlls (.so Linux, .jnilib MacOS) from the jar libs.
If you don't see the MacOS libs in the file make sure you download it from MacOS.
Edit the bat/sh file according to your needs.
The file structure should look like this:
start-virtual-console.bat (.sh if Linux/MacOS)
avctKVM.jar
jre/<jre home here>
lib/avctKVMIO.dll (.so if Linux, .jnilib if MacOS)
lib/avmWinLib.dll (.so if Linux, .jnilib if MacOS)
@echo off
set /P drachost="Host: "
set /p dracuser="Username: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
$BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
[System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (`%psCommand%`) do set dracpwd=%%p
.\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"
#!/bin/bash
echo -n 'Host: '
read drachost
echo -n 'Username: '
read dracuser
echo -n 'Password: '
read -s dracpwd
echo
./jre/bin/java -cp avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip=$drachost kmport=5900 vport=5900 user=$dracuser passwd=$dracpwd apcp=1 version=2 vmprivilege=true "helpurl=https://$drachost:443/help/contents.html"
@Gamer08YT
Copy link

Gamer08YT commented Dec 17, 2020

12/17/2020 02:28:18:947: User login response: 0
Failed to open video connection.
java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.(Unknown Source)
at java.net.Socket.(Unknown Source)
at com.avocent.kvm.b.l.a(Unknown Source)
at com.avocent.kvm.b.l.b(Unknown Source)
at com.avocent.kvm.b.r.z(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.y.run(Unknown Source)
Getting that by running the script :|

It is refusing the connection, i'm sure you see that. There isn't much to gain from the error message. I would suggest checking your firewall settings. Or find out why that port if refusing the connection otherwise. It looks like a configuration issue not the software.

I have no firewall between my pc and my server...

I used another script from GitHub, and it worked for me, don't know if it relies on my IDrac6 Version...

But thanks for your fast Answer 👍

@PrestonHack
Copy link

PrestonHack commented Dec 17, 2020

Post your version of Java to make sure you are using the right one and maybe someone else has an idea for you.

@Yamakuzure
Copy link

Yamakuzure commented Dec 17, 2020

12/17/2020 02:28:18:947: User login response: 0
Failed to open video connection.
java.net.ConnectException: Connection refused: connect

I have no firewall between my pc and my server...

I had this, too, because my server listens on a different port. Got the correct one out of the jnlp file.

@Gamer08YT
Copy link

Gamer08YT commented Dec 18, 2020

Thanks for your replies, i think the script has a section were the session between idrac and pc gets started.
I only copied the Java Command because I like to use the script without Input, i know it's not secure but it's only a trashy testserver :)

@lx1
Copy link

lx1 commented Dec 18, 2020

Hi!

I'd like to make a big Thanks!
The method works for me with an iDRAC7 on a T320. The only thing I had to change to make it work with iDRAC7 are the arguments passed to java.exe, which should be the ones listed in the lines in the .jnlp.
My command line for iDRAC7 is below. In particular, if I omit reconnect=2, the console stays in "Reconnecting..." state, then times out.

bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% vm=1 title=idrac-%2C+PowerEdge+T320%2C+User%3A+root user=%dracuser% passwd=%dracpwd% kmport=5900 vport=5900 apcp=1 reconnect=2 chat=1 F1=1 custom=0 scaling=15 minwinheight=100 minwinwidth=100 videoborder=0 version=2 "helpurl=https://%drachost%:443/help/contents.html"

@Durrok
Copy link

Durrok commented Feb 4, 2021

@j0mbie Thank you so much for writing that all out. Worked like a charm.

@patrickmrennie
Copy link

patrickmrennie commented May 1, 2021

thanks for this, followed the instructions and worked perfectly on win10 64 latest.

@itzsimpl
Copy link

itzsimpl commented May 6, 2021

Thank you! Works like a charm.

Here is my batch file for windows 10 (64-bit, but easily changed for 32-bit)... it automatically downloads the jar files and unzips the .dll files if they don't exist so it can use the native dll libraries:

Also, keep in mind if you still have to update the java settings to allow the older TLS to work:
Java location .\jre\lib\security\java.security
Remove SSLv3 and 3DES_EDE_CBC from jdk.tls.disabledAlgorithms, should end up like so:
jdk.tls.disabledAlgorithms=RC4, MD5withRSA, DH keySize < 1024,
EC keySize < 224, DES40_CBC, RC4_40

@echo off

set /P drachost="Host: "
set /p dracuser="Username: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
    $BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
        [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (`%psCommand%`) do set dracpwd=%%p

IF NOT EXIST "avctKVM.jar" (
ECHO Grabbing avctKVM.jar from host...
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVM.jar','.\avctKVM.jar')"
)

IF NOT EXIST "lib" (
ECHO Creating lib directory
mkdir "lib"
)

IF NOT EXIST ".\lib\avmWinLib.dll" (
  IF NOT EXIST ".\lib\avctVMWin64.zip" (
    IF NOT EXIST ".\lib\avctVMWin64.jar" (
      ECHO Grabbing avctKVMWin64.jar from host...
      powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctVMWin64.jar','.\lib\avctVMWin64.jar')"
    )
    ECHO Renaming avctVMWin64.jar to avctVMWin64.zip
    rename ".\lib\avctVMWin64.jar" avctVMWin64.zip
  )
  ECHO Unzipping avctKVMWin64.zip
  powershell Expand-Archive ".\lib\avctVMWin64.zip" -DestinationPath ".\lib"
  rmdir ".\lib\META-INF" /s /q
  erase ".\lib\avctVMWin64.zip" /q
)

IF NOT EXIST ".\lib\avctKVMIO.dll" (
  IF NOT EXIST ".\lib\avctKVMIOWin64.zip" (
    IF NOT EXIST ".\lib\avctKVMIOWin64.jar" (
      ECHO Grabbing avctKVMIOWin64.jar from host...
      powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVMIOWin64.jar','.\lib\avctKVMIOWin64.jar')"
    )
    ECHO Renaming avctKVMIOWin64.jar to avctKVMIOWin64.zip
    rename ".\lib\avctKVMIOWin64.jar" avctKVMIOWin64.zip
  )
  ECHO Unzipping avctKVMIOWin64.zip
  powershell Expand-Archive ".\lib\avctKVMIOWin64.zip" -DestinationPath ".\lib"
  rmdir ".\lib\META-INF" /s /q
  erase ".\lib\avctKVMIOWin64.zip" /q
)

java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

@jelewis666
Copy link

jelewis666 commented May 22, 2021

I tried what lxi did and I keep getting a connection error. I did set the java (which is version 7u80 x64) with the listed exceptions.
The last part is slightly different because if I used it as is, it kept saying path not found, even when I included the full path. The only difference is the last part is

C:\idrac\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 reconnect=2 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

As described, I set the java security to
jdk.tls.disabledAlgorithms=RC4, MD5withRSA, DH keySize < 1024, EC keySize < 224, DES40_CBC, RC4_40

The error I get is the following (I omitted the login parts)
`KVM/VM Client Version: 5.04.04 (Build 488)
replace numpad
** Max Size: W = 1366 H = 728
** Window Pref Size: W = 1040 H = 823
** Max Size: W = 1366 H = 728
** Window Pref Size: W = 1040 H = 823
ProtocolAPCP.receieveSessionSetup : v1.2 APCP = true
APCP Version = 260

Supported protocols: [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2]

Enabled protocols: [SSLv3, TLSv1]

Supported ciphers: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_
AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128
CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC
SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SH
A, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_EC
DSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AE
S_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_C
BC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_
ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RS
A_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIAT
ION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_C
BC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, S
SL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES
CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EX
PORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPO
RT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL

SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH
_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_an
on_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB
5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, T
LS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5]

Enabled ciphers: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AE
S_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_C
BC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SH
A256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDS
A_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_
128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC
SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_EC
DH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA

WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATIO
N_INFO_SCSV, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC
_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL
_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_C
BC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPO
RT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT
_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SH
A256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_N
ULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon
WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5
WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS
_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5]

Exception in server handshake
java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:196)
at java.net.SocketInputStream.read(SocketInputStream.java:122)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
at sun.security.ssl.InputRecord.read(InputRecord.java:480)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.
java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359
)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343
)
at com.avocent.d.a.a.a(Unknown Source)
at com.avocent.d.a.a.a(Unknown Source)
at com.avocent.d.a.a.c(Unknown Source)
at com.avocent.d.d.b.a(Unknown Source)
at com.avocent.a.b.w.g(Unknown Source)
at com.avocent.a.b.w.a(Unknown Source)
at com.avocent.app.c.l.m(Unknown Source)
at com.avocent.app.c.l.e(Unknown Source)
at com.avocent.idrac.kvm.a.e(Unknown Source)
at com.avocent.idrac.kvm.Main.a(Unknown Source)
at com.avocent.idrac.kvm.Main.main(Unknown Source)
java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:196)
at java.net.SocketInputStream.read(SocketInputStream.java:122)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
at sun.security.ssl.InputRecord.read(InputRecord.java:480)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.
java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359
)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343
)
at com.avocent.d.a.a.a(Unknown Source)
at com.avocent.d.a.a.a(Unknown Source)
at com.avocent.d.a.a.c(Unknown Source)
at com.avocent.d.d.b.a(Unknown Source)
at com.avocent.a.b.w.g(Unknown Source)
at com.avocent.a.b.w.a(Unknown Source)
at com.avocent.app.c.l.m(Unknown Source)
at com.avocent.app.c.l.e(Unknown Source)
at com.avocent.idrac.kvm.a.e(Unknown Source)
at com.avocent.idrac.kvm.Main.a(Unknown Source)
at com.avocent.idrac.kvm.Main.main(Unknown Source)
CoreSessionListener : connection failed
in CoreSessionListner : fireOnSessionStateChanged
KVM session state SESSION_FAILED
KVM session state SESSION_CLOSING
calling clenaup from CloseViewerClient`

This is on Server 2012 R2 and I'm trying to connecto to an iDrac enterprise on a Dell 720.

The method works for me with an iDRAC7 on a T320. The only thing I had to change to make it work with iDRAC7 are the arguments passed to java.exe, which should be the ones listed in the lines in the .jnlp.
My command line for iDRAC7 is below. In particular, if I omit reconnect=2, the console stays in "Reconnecting..." state, then times out.

bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% vm=1 title=idrac-%2C+PowerEdge+T320%2C+User%3A+root user=%dracuser% passwd=%dracpwd% kmport=5900 vport=5900 apcp=1 reconnect=2 chat=1 F1=1 custom=0 scaling=15 minwinheight=100 minwinwidth=100 videoborder=0 version=2 "helpurl=https://%drachost%:443/help/contents.html"

@lx1
Copy link

lx1 commented May 22, 2021

@jelewis666 : did you put on your java command line all the arguments found in your viewer.jnlp, in the form of key=value? Because your command line seems to lack some arguments I had found in my viewer.jnlp. I remember that omitting some arguments, lead to weird results. HTH, Lux.

@9swampy
Copy link

9swampy commented Aug 25, 2021

Awesome. For the umpteenth time I was jumping through the JavaWS hoops and just couldn't get any of the usual tricks to work. I set the files up in a folder as you described, parameterised the commandline in Remote Desktop Manager and for first time ever now have secure one click access to all my iDracs alongside everything else and using the same credential store. Awesome. Just awesome. Thanks.

@bmatthewshea
Copy link

bmatthewshea commented Sep 30, 2021

I had to enable SSLv3 in java, I always got the error "connection failed"
Comment out "jdk.tls.disabledAlgorithms=SSLv3 in /lib/security/java.security

This fixed it for me. too with latest java. Nice to have it in its own folder as a "portable"

Same here.
Added wget to WIndows and added to script-

 echo "Grabbing jar file from host."
 wget.exe -N --no-check-certificate "https://%drachost%/software/avctKVM.jar"

And still didn't work:
Then saw that about SSL3..

Glad I kept reading down this comment thread before I gave up!

@wouterdebruijn
Copy link

wouterdebruijn commented Oct 20, 2021

Worked perfectly! (Linux)

Used JRE 1.7 extracted from tar.

@vandreytrindade
Copy link

vandreytrindade commented Oct 22, 2021

I was able to connect doing this (iDRAC 6 Enterprise):

Here's how my directory ended:

Directory.png

Then I'm using this PowerShell script:

Set-Location -Path C:\idrac
$ServerHost = Read-Host "Type the name of the host that you want to connect to"
$HostPassword = Read-Host "Type the password of the host that you want to connect to"

Write-Host "`nDownloading files..."
wget.exe -N --no-check-certificate "https://$ServerHost/software/avctKVM.jar" -q
wget.exe -N --no-check-certificate "https://$ServerHost/software/avctVMWin64.jar" -P lib -q
wget.exe -N --no-check-certificate "https://$ServerHost/software/avctKVMIOWin64.jar" -P lib -q

Write-Host "`nExpanding files to initiate connection..."
Rename-Item .\lib\avctVMWin64.jar avctVMWin64.zip
Rename-Item .\lib\avctKVMIOWin64.jar avctKVMIOWin64.zip
Expand-Archive .\lib\avctVMWin64.zip -DestinationPath .\lib
Remove-Item .\lib\META-INF -Recurse -Confirm:$False
Expand-Archive .\lib\avctKVMIOWin64.zip -DestinationPath .\lib
Remove-Item .\lib\META-INF -Recurse -Confirm:$False
Remove-Item .\lib*.zip

Start-Process -FilePath .\bin\java -ArgumentList "-cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=$ServerHost kmport=5900 vport=5900 user=root passwd=$HostPassword apcp=1 verison=2 vmprivilege=true 'helpurl=https://$($ServerHost):443/help/contents.html'"

Remove-Item .\lib*.dll
Remove-Item .\avctKVM.jar

It worked without modifying my PC java.security file.

The only problems until now is that I didn't find a way to pass the password using PowerShell in a secure way (I have tried the -AsSecureString), so for now the password is in plain text... =/
And I have tried to use this code to download the files:

Invoke-WebRequest https://$ServerHost/software/avctKVM.jar -OutFile .\avctKVM.jar

But sometimes worked, sometimes don't, I think that I need to initiate the connection first...
Meanwhile I'm using wget as other users commented previously.

Anyway, thanks a lot for your time to help a lot of people!!!

@lx1
Copy link

lx1 commented Oct 23, 2021

@vandreytrindade: generally, for these old servers, I find it convenient to use an old Java version. I downloaded a portable old java from here https://sourceforge.net/projects/portableapps/files/Java%20Portable/ and I unpack it only when I have to use it. If I remember well, I found jPortable_8_Update_40_Rev_2.paf.exe to behave well with iDRAC 6 and 7.

@vandreytrindade
Copy link

vandreytrindade commented Oct 25, 2021

@vandreytrindade: generally, for these old servers, I find it convenient to use an old Java version. I downloaded a portable old java from here https://sourceforge.net/projects/portableapps/files/Java%20Portable/ and I unpack it only when I have to use it. If I remember well, I found jPortable_8_Update_40_Rev_2.paf.exe to behave well with iDRAC 6 and 7.

Thanks!

@ready4droid
Copy link

ready4droid commented Oct 25, 2021

@29039
Copy link

29039 commented Oct 25, 2021

I can't use your script as there is no WinZip.

@tyler56895

Why are you using WinZip. Windows has ZIP built in, powershell, or even the fully free 7-zip. No one needs to be using WinZip anymore in 2020 or 2021, they will sue you for using it in business without paying.

@wizdude
Copy link

wizdude commented Oct 25, 2021

I can't use your script as there is no WinZip.

@tyler56895

Why are you using WinZip. Windows has ZIP built in, powershell, or even the fully free 7-zip. No one needs to be using WinZip anymore in 2020 or 2021, they will sue you for using it in business without paying.

the script uses a specific version of powershell to expand the file, and tyler56895 didn't meet this requirement.

in any event they managed to work around the problem manually the next day and posted to confirm they are all now ok.

@assadniang
Copy link

assadniang commented Nov 17, 2021

Hello everyone, I have the remote console working on a dell R710 with the enterprise idrac. Thanks to MathieuW here: https://www.dell.com/community/Systems-Management-General/iDRAC6-Virtual-Console-Connection-Failed/td-p/5144021/page/2

I am running the latest java version as of 10/01/2018. Version 8 Update 181 (build 1.8.0_181-b13)

Go to here or wherever you installed java. C:\Program Files\Java\jre1.8.0_181\lib\security\java.security

Comment out this line in java.security with a # jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, and add the IP address (https://IPhere) and (https://IPhere:443) to the security tab of the java control pannel.

I don't know what security implications this has but it works.

This worked for me
Thank you!

@kbhuinfo
Copy link

kbhuinfo commented Nov 30, 2021

Hello everyone, I have the remote console working on a dell R710 with the enterprise idrac. Thanks to MathieuW here: https://www.dell.com/community/Systems-Management-General/iDRAC6-Virtual-Console-Connection-Failed/td-p/5144021/page/2

I am running the latest java version as of 10/01/2018. Version 8 Update 181 (build 1.8.0_181-b13)

Go to here or wherever you installed java. C:\Program Files\Java\jre1.8.0_181\lib\security\java.security

Comment out this line in java.security with a # jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, and add the IP address (https://IPhere) and (https://IPhere:443) to the security tab of the java control pannel.

I don't know what security implications this has but it works.

This worked for me
Thank you!

And for me as well!

@Manit-Chanthavong
Copy link

Manit-Chanthavong commented Dec 11, 2021

@lx1 thank that worked for iDrac 7.

@jimfrench
Copy link

jimfrench commented Dec 24, 2021

Hi,
For those concerned about changing global java security settings, they can be overridden on the command line like so:
java -Djava.security.properties=idrac.java.security -cp avctKVM.jar com.avocent.idrac.kvm.Main ip=$IP kmport=$port vport=$port user=$user passwd=$pass apcp=1 version=2 vmprivilege=true "helpurl=https://$IP:443/help/contents.html"

The -D switch uses a file which needs to be created idrac.java.security
e.g.

`#idrac.java.security
#Custom java.security overrides for DELL IDRAC Virtual Console

jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, anon, NULL, include jdk.disabled.namedCurves`

If done correctly this will override this one setting for this one time JVM instance instead of changing global settings, this is much preferred.

Notice also there is only one algorithm which prevents the console from running (at least on my system, java version 14) and that the specific culprit seems to be 3DES_EDE_CBC which is the only flag which needs to be missing from the original list for the JVM to run.

Other operating systems and java versions might need different attention but I hope this helps.

@pinguinfuss
Copy link

pinguinfuss commented Jan 22, 2022

Here's my short little function, to either install the requirements or open the iDRAC session. It assumes, that there's a installed version of 7zip.

function Connect-iDRACRemoteConsole {
    <#
        .SYNOPSIS
            Install and launch a Dell iDRAC Remote console using java.

        .DESCRIPTION
            This function will prepare the necessary files as well as launch (when told to) a Dell iDRAC Remote Console window.

        .PARAMETER ProgramFolder
            Program folder, where files are stored. Will default to: $env:LOCALAPPDATA\Dell iDRAC

        .PARAMETER ServerHost
            Either the FQDN or IP address of a iDRAC system.

        .PARAMETER Credential
            PowerShell credential object, allowing for passing of somewhere else stored credentials.

        .PARAMETER Install
            Using this switch, the function will then download the necessary files, unzip them and remove a few unnecessary files.

        .INPUTS
            [None]

        .OUTPUTS
            [None]

    #>

    [CmdletBinding()]

    Param(
        [Parameter(Mandatory = $false, ParameterSetName = 'Connect')]
        [Parameter(Mandatory = $false, ParameterSetName = 'Install')]
        [string] $ProgramFolder = '{0}\Dell iDRAC' -f $env:LOCALAPPDATA,

        [Parameter(Mandatory = $true, ParameterSetName = 'Connect')]
        [Parameter(Mandatory = $true, ParameterSetName = 'Install')]
        [string] $ServerHost,

        [Parameter(Mandatory = $true, ParameterSetName = 'Connect')]
        [pscredential] $Credential,

        [Parameter(Mandatory = $true, ParameterSetName = 'Install')]
        [switch] $Install
    )

    begin {
        $ErrorActionPreference = 'Stop'
        $InformationPreference = 'Continue'
        $libdir = '{0}\clientlib' -f $ProgramFolder

        if ($PSCmdlet.ParameterSetName -ne 'install') {
            try {
                Set-Location -Path $ProgramFolder
            }
            catch {
                $_.Exception.Message | Write-Warning
                throw ('Unable to change directory to {0}' -f $ProgramFolder)
            }
        }
        elseif ($PSCmdlet.ParameterSetName -eq 'install') {
            $7zipPath = "$env:ProgramFiles\7-Zip\7z.exe"

            if (-not (Test-Path -Path $7zipPath -PathType Leaf)) {
                throw ('7zip file {0} not found' -f $7zipPath)
            }

            Set-Alias 7zip $7zipPath
            $tempdir = '{0}\temp' -f $ProgramFolder
        }
    }

    process {
        if ($PSCmdlet.ParameterSetName -eq 'install') {
            # try and create the program folder.
            try {
                if (-not (Get-Item -Path $ProgramFolder -ErrorAction 'SilentlyContinue')) {
                    New-Item -ItemType 'Directory' -Path $ProgramFolder
                }
                if (-not (Get-Item -Path $libdir -ErrorAction 'SilentlyContinue')) {
                    New-Item -ItemType 'Directory' -Path $libdir
                }

                if (-not (Get-Item -Path $tempdir -ErrorAction 'SilentlyContinue')) {
                    New-Item -ItemType 'Directory' -Path $tempdir
                }
            }
            catch {
                $_.Exception.Message | Write-Warning
                throw ('Unable to create program directory {0}' -f $ProgramFolder)
            }

            # Start the download into the program folder.
            $FileUrls = @(
               [PSCustomObject]@{
                    Uri = 'https://master.dl.sourceforge.net/project/portableapps/Java%20Portable/jPortable64_8_Update_40_Rev_2.paf.exe?viasf=1'
                    FileName = 'jPortable64_8_Update_40_Rev_2.paf.exe'
                    UnzipDir = '\'
                    UnzipParams = ''
                    SkipCertificateCheck = $false
                    SkipUnzip = $false
                    HashAlgorithm = 'SHA256'
                    Hash = 'A4AAC39FC458C3D4E551C08B8896DD1CE3C373C910B0005F4C40485907791E05'
                    RemoveDirs = @('$PLUGINSDIR', 'App', 'Other')
                    RemoveFiles = @('release')
                },
                [PSCustomObject]@{
                    Uri = 'https://{0}/software/avctKVM.jar' -f $ServerHost
                    FileName = 'avctKVM.jar'
                    CopyDir = 'clientlib'
                    SkipUnzip = $true
                    SkipCertificateCheck = $true
                    
                },
                [PSCustomObject]@{
                    Uri = 'https://{0}/software/avctVMWin64.jar' -f $ServerHost
                    FileName = 'avctVMWin64.jar'
                    UnzipDir = 'clientlib'
                    UnzipParams = ''
                    SkipUnzip = $false
                    SkipCertificateCheck = $true
                    RemoveDirs = @('META-INF')
                },
                [PSCustomObject]@{
                    Uri = 'https://{0}/software/avctKVMIOWin64.jar' -f $ServerHost
                    FileName = 'avctKVMIOWin64.jar'
                    UnzipDir = 'clientlib'
                    UnzipParams = ''
                    SkipUnzip = $false
                    SkipCertificateCheck = $true
                    RemoveDirs = @('META-INF')
                }

            )

            # Loop through the file list and download them.
            foreach ($uri in $FileUrls) {
                $OutFile = '{0}\{1}' -f $tempdir, $uri.FileName
                $WebRequestArgs = @{
                    Uri = $uri.uri
                    OutFile = $OutFile
                    UserAgent = [Microsoft.PowerShell.Commands.PSUserAgent]::FireFox
                }
                try {
                    if ($uri.SkipCertificateCheck -eq $true) {
                        add-type @"
                            using System.Net;
                            using System.Security.Cryptography.X509Certificates;
                            public class TrustAllCertsPolicy : ICertificatePolicy {
                                public bool CheckValidationResult(
                                    ServicePoint srvPoint, X509Certificate certificate,
                                    WebRequest request, int certificateProblem) {
                                    return true;
                                }
                            }
"@
<#                        $AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
                        [System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols#>
                        [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
                    }

                    $res = Invoke-WebRequest @WebRequestArgs
                }
                catch {
                    $_.Exception.Message | Write-Warning
                    throw ('Unable to download {0} to {1}' -f $uri.uri, $OutFile)
                }

                # The download finished, now we can make sure, that if HashAlgorithm and Hash have been given to verify them.
                if (-not [string]::IsNullOrWhiteSpace($uri.HashAlgorithm) -and -not [string]::IsNullOrWhiteSpace($uri.Hash)) {
                    # Get a comparsion hash value of the file we've just downloaded.
                    try {
                        $hash = Get-FileHash -Algorithm $uri.HashAlgorithm -Path $OutFile

                        # Now check if the computed hash is the same as the one we got from the file list.
                        if ($hash.Hash -eq $uri.Hash) {
                            Write-Verbose ('Hash values of download {0} matches stored hash value' -f $uri.FileName)
                        }
                        else {
                            Write-Warning -Message ('Hash values of download {0} do not match. Deleting' -f $uri.FileName)
                            Remove-Item -Confirm:$false -Path $OutFile
                        }
                    }
                    catch {
                        $_.Exception.Message | Write-Warning
                        throw ('Failure during hash verification of file {0}' -f $uri.FileName)
                    }
                }

                # Since we've gotten this far, we need to extract the files using 7z.
                try {
                    if ($uri.SkipUnzip -eq $false) {
                        $null = 7zip x -y $uri.UnzipParams ('-o"{0}\{1}"' -f $ProgramFolder, $uri.UnzipDir) "$OutFile"
                    }
                    elseif ($uri.SkipUnzip -eq $true -and -not [string]::IsNullOrEmpty($uri.CopyDir)) {
                        $Destination = '{0}\{1}\{2}' -f $ProgramFolder, $uri.CopyDir, $uri.FileName
                        Copy-Item -Path $OutFile -Destination $Destination -Confirm:$false
                    }

                    # Check if the current file has RemoveDirs set. If so, loop through them and do as requested.
                    if ($uri.RemoveDirs -is [System.Array] -and $uri.RemoveDirs.Count -eq 0) {
                        Write-Verbose -Message 'No files to delete after extraction.'
                    }
                    elseif ($uri.RemoveDirs -is [System.Array] -and $uri.RemoveDirs.Count -ge 1) {
                        foreach ($dir in $uri.RemoveDirs) {
                            # Now we need to construct the absolute path.
                            $RemovalPath = '{0}\{1}\{2}' -f $ProgramFolder, $uri.UnzipDir, $dir
                            
                            if (Get-Item -Path $RemovalPath -ErrorAction 'SilentlyContinue') {
                                Remove-Item -Path $RemovalPath -Recurse -Confirm:$false
                            }
                        }
                    }
                    else {
                        Write-Warning -Message ('Invalid RemoveDirs variable for file {0}' -f $uri.uri)
                    }
                }
                catch {
                    $_.Exception.Message | Write-Warning
                    throw ('Unable to extract {0} to {1}' -f $OutFile, $uri.UnzipDir)
                }

                # Now remove the download file.
                try {
                    Remove-Item -Path $OutFile -Confirm:$false
                }
                catch {
                    $_.Exception.Message | Write-Warning
                    throw ('Unable to remove {0}' -f $OutFile)
                }


                # Clear the content, so it'll not spill into the next loop.
                $OutFile, $WebRequestArgs, $FileName = $null
            }

            # Create the java security override.
            $Content = 'jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, anon, NULL, include jdk.disabled.namedCurves'
            $Content | Out-File -FilePath ('{0}\{1}' -f $ProgramFolder, 'idrac.java.security')
        }
        elseif ($PSCmdlet.ParameterSetName -eq 'Connect') {
            # Make sure, there is the necessary set of tools.
            $files = @('bin\java.exe', 'clientlib\avctKVM.jar', 'clientlib\avctKVMIO.dll', 'clientlib\avmWinLib.dll')

            foreach ($folder in $folders) {
                try {
                    Get-Item -Path ('{0}\{1}' -f $ProgramFolder, $folder)
                }
                catch {
                    $_.Exception.Message | Write-Warning
                    throw ('Unable to locate {0}\{1}' -f $ProgramFolder, $folder)
                }
            }

            # Check file requisites.
            foreach ($file in $files) {
                try {
                    Get-Item -Path ('{0}\{1}' -f $ProgramFolder, $file)
                }
                catch {
                    $_.Exception.Message | Write-Warning
                    throw ('Unable to locate {0}\{1}' -f $ProgramFolder, $file)
                }
            }

            # Do connection stuff here.
            try {
                $ProcessArgs = @(
                    '"-Djava.security.properties=idrac.java.security"',
                    ('-cp "{0}\avctKVM.jar" "-Djava.library.path={0}"' -f $libdir),
                    'com.avocent.idrac.kvm.Main',
                    ('ip="{0}" user="{1}" passwd="{2}"' -f $ServerHost, $Credential.UserName, $Credential.GetNetworkCredential().Password),
                    'apcp=1 version=2 vmprivilege=true kmport=5900 vport=5900',
                    ('"helpurl=https://{0}:443/help/contents.html"' -f $ServerHost)
                )
                $proc = Start-Process -FilePath ('"{0}\{1}"' -f $ProgramFolder, 'bin\java.exe') -PassThru -Wait -ArgumentList $ProcessArgs
                return $proc
            }
            catch {
                $_.Exception.Message | Write-Warning
                throw ('Unable to start iDRAC Remote console.')
            }
        }
    }

    end {}
}

@29039
Copy link

29039 commented Jan 22, 2022

This is great work! I think that we are at the level where an actual GitHub project is warranted?

@TheTaoOfPhil
Copy link

TheTaoOfPhil commented Feb 13, 2022

For me this worked almost exactly as documented. The only issues I had are probably the result of my specific version of macos (Big Sur 11.5.2):

  • the Java package that worked for me is jre-7u80-macosx-x64.tar.gz (the server JRE package's Java executable is not compatible with Mac)
  • macos considers the author of this version of Java to be "untrusted" and will not open it:
    • the Open Anyway button in Privacy and Security settings no longer works;
    • What does work is:
      • Before running the idrac script, run sudo spctl --master-disable
      • Now when you run the idrac script, a security dialog will appear with a warning message; it has an Open button that really does allow you to run the script, and it only bothers you the first time you run it.

Once I got through these issues, it now works. Many thanks for the efforts that went into this!

@cepm-nate
Copy link

cepm-nate commented May 11, 2022

Does anyone have success getting the "Virtual Media" to work for iDrac6? I can connect and get keyboard input and video, but when I tap "Virtual Media -> Launch Virtual Media", I get an error about "The Virtual Media native library cannot be loaded". If someone has it working, can they share the exact version of JRE they have?

@patrickmrennie
Copy link

patrickmrennie commented May 11, 2022

Does anyone have success getting the "Virtual Media" to work for iDrac6? I can connect and get keyboard input and video, but when I tap "Virtual Media -> Launch Virtual Media", I get an error about "The Virtual Media native library cannot be loaded". If someone has it working, can they share the exact version of JRE they have?

iDRAC6 on my R510 - working fine.
Using server-jre-7u80-windows-x64

EDIT: sorry just double-checked it and I am getting that same error now but I believe it was working previously, feel free to ignore me. :(

@greecemunky
Copy link

greecemunky commented May 11, 2022

Does anyone have success getting the "Virtual Media" to work for iDrac6? I can connect and get keyboard input and video, but when I tap "Virtual Media -> Launch Virtual Media", I get an error about "The Virtual Media native library cannot be loaded". If someone has it working, can they share the exact version of JRE they have?

This may occur when library file avctKVMIO.dll isn't found or loaded properly e.g. attempting to use 32-bit library with 64-bit JRE. I just tested using both jre-8u212-windows-i586 and jre-8u212-windows-x64 on Windows 10 (pulling down 32-bit and 64-bit library files respectfully), and clicking Virtual Media -> Launch Virtual Media within an iDRAC6 session opens without error for me.

I've been working on a script based on https://gist.github.com/xbb/4fd651c2493ad9284dbcb827dc8886d6?permalink_comment_id=3428052#gistcomment-3428052 that supports both 32-bit and 64-bit Java and tries to detect the iDRAC's version to know which arguments to pass to avctKVM.jar. It's a mess right now and not fully tested, but once it's somewhat cleaned up I will post it here.

@cepm-nate
Copy link

cepm-nate commented May 20, 2022

I got it to work:

  • Installed JRE 7 from Oracle
  • Viewed the viewer.jnlp file to get the right .jar files
  • Downloaded files manually, renamed to .zip, and extracted them into the proper folder. (avctKVM.jar goes in same folder as console.bat, other .dlls go into /lib folder)
  • Edited the console.bat to include IP and username instead of prompting me each time.

The tricky part was trying various platform .jar files till I found one that worked. As @greecemunky said, it was just a matter of finding the right one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment