IDRAC6 Virtual Console Launcher

README

Use this as an example on how to start the virtual console without the need of Java Web Start or accessing it from the web interface.
You can use the user and password that you use for the web interface.

You need an old JRE... I used 1.7.0_80 from the Server JRE package, also I have tested successfully 1.7.0_79 with MacOS.
You don't need to install it, just extract it or copy the files in "jre" folder.

Open the viewer.jnlp file that you get by launching the virtual console from the web interface with a text editor.
Note the urls to the jar files. Download the main jar file avctKVM.jar and the libs for your operating system and architecture.
Extract the dlls (.so Linux, .jnilib MacOS) from the jar libs.

If you don't see the MacOS libs in the file make sure you download it from MacOS.

Edit the bat/sh file according to your needs.

The file structure should look like this:

start-virtual-console.bat (.sh if Linux/MacOS)
avctKVM.jar
jre/<jre home here>
lib/avctKVMIO.dll (.so if Linux, .jnilib if MacOS)
lib/avmWinLib.dll (.so if Linux, .jnilib if MacOS)

start-virtual-console.bat

@echo off

set /P drachost="Host: "
set /p dracuser="Username: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
    $BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
        [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (`%psCommand%`) do set dracpwd=%%p

.\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

start-virtual-console.sh

#!/bin/bash

echo -n 'Host: '
read drachost

echo -n 'Username: '
read dracuser

echo -n 'Password: '
read -s dracpwd
echo

./jre/bin/java -cp avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip=$drachost kmport=5900 vport=5900 user=$dracuser passwd=$dracpwd apcp=1 version=2 vmprivilege=true "helpurl=https://$drachost:443/help/contents.html"

tested also with following JRE on Win2012 R2 system

Java(TM) SE Runtime Environment (build pwa6460sr16fp41-20170215_04(SR16 FP41))
IBM J9 VM (build 2.4, JRE 1.6.0 IBM J9 2.4 Windows Server 2012 amd64-64 jvmwa6460sr16fp40-20161215_329869 (JIT enabled, AOT enabled)

Java(TM) SE Runtime Environment (build pwa6470_27sr3fp60ifix-20161110_01(SR3 FP60+IV90630+IV90578))
IBM J9 VM (build 2.7, JRE 1.7.0 Windows Server 2012 R2 amd64-64 Compressed References 20161005_321280 (JIT enabled, AOT enabled)

Handy script, thanks! I modified the bat version slightly to automatically download avctKVM.jar:

@echo off

set /P drachost="Host: "
set /p dracuser="Username: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
$BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
[System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (%psCommand%) do set dracpwd=%%p

ECHO Grabbing avctKVM.jar from host...
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVM.jar','.\avctKVM.jar')"

.\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

Awesome, thank you

Thank you so much for this!

I'm running into some issues running the script on Mac, however. When running the .sh file, everything goes fine until I receive the error: "Could not find or load main class com.avocent.idrac.kvm.Main".

Any idea as to how I would remedy this?

Great stuff! Thanks!

What about getting this working for iDRAC 7 and 8? I tried using the script with Java 8 but always get error: "Login failed with an access denied error." It almost works...

Hey I keep getting a connection failed error message, any advice?

11/11/2017 01:43:32:025: Connection failed with exception: Connection refused:
connect
==== propertyChange: (SESSION_STATE):CONNECTION_FAILED====

@ptmorris1 I'm stuck with iDRAC6, but you should be able to use VNC with iDRAC7 or iDRAC8. http://en.community.dell.com/cfs-file/__key/telligent-evolution-components-attachments/13-4491-00-00-20-44-10-34/AccessingRemoteDesktop_5F00_using_5F00_VNC_5F00_on_5F00_iDRAC.pdf

Fist off - thanks for the snippet and work-around. It was very useful to get an idea how it works behind the scenes - and that we don't actually need a web browser to kick-start console (our iDRAC6 does not even have a link for console, I had to hack it through viewer.jnlp!

I have managed to make it work - well, sort of "work". The thing is damn iDRAC6 in it's express` version simply does not support KVM.

Oh how I hate you Dell. Even more than I hate HP(E) and Intel together!

I'll stick with SuperMicro for good - they have HTML5 KVM which works from any device/browser! As a normal feature!

@stamster Did you actually get the console to work with iDRAC6 express? If yes, how?

Great thanks! It was very useful. But i have one big question with it - how can i include a virtual media library into this snippet?

Hi, trying to figure this out, new to messing with servers/java... Where would I get the libs for my operating system? I was able to download the avctKVM.jar from my server iDrac.

Also, where does the .bat file come from?

Sorry for the noob questions

@nizrael I spent some time getting the virtual media console to work. On windows, you need to open up avctKVMIOWin64.jar and avctVMWin64.jar, extract the .dlls contained therein and throw them in a lib folder in the folder you have the start-virtual-console.bat. I've confirmed this works with both the 64bit and 32bit dlls extracted from the jars.

@colomb001 thank you so much for the keyboard tip

Hi, How can I get avctKVMIO.dll and a vmWinLib.dll?? I downloaded from google avctKVMIO.dll and get vmWinLib.dll from my java ultimate version installed in appdata\LocalLow\Sun\Java\Deployment... but I get a error message: "The native library for keyboard and mouse support failed to load. Pass all keys to server and single cursor support will not be available", and not run, I´m under win10 x64, thanks

I got this to work (on enterprise), but I'm having problems getting keyboard input to work. It does not register any keypress.
It does register if I use the menu to ie. trigger or something.

I'm on latest macOS, if that helps any.

I get the error message
Error occurred during initialization of VM
java/lang/NoClassDefFoundError: java/lang/Object

Thanks for advice, regards

Great script. Nice
if you add reconnect=2( got from the jnlp downloaded from iDrac web ) as a parameter when running the jar, then iDrac 7 also work (dnt know why, maybe due to ssl check).
But no luck with iDrack 8 :(

Again Thankz for the script it was a great start and gave a goog understanding of how stuff works under the hood. I have made few updates and now it works for iDrac 6/7/8, think it'll help someone

As .Net < 4 throws errors when creating Tls12 connections and sometimes it's so hard to change registry to enable those if you are in a common environment. As a work around I used this https://eternallybored.org/misc/wget/ to download avctKVM.jar from the server.
" wget.exe --no-check-certificate "https://%ipaddress%/software/avctKVM.jar"
"
and updated the JRE version >= 1.8 as 1.7 was complaining about SSL handshake with iDrac 8.

finally, add " del avctKVM.jar " at the end of the bat. As wget.exe won't replace (maybe im missing a switch ), then you are good to go :)

Also working on a shell script to use x11 forwarding to pop out as most of the time jump hosts are Linux.

Thank you for the script, so much easier to get the console to connect. Couple of questions though, is there any way to get the Virtual Media Feature working with this script? Also, is this script compatible with the DRAC 5 card?

Thanks

I'm with @duckdave1, having the same issue with iDRAC6, NoClassDefFound when running both 1.7 and 1.6.

Edit: I can get the jnlp to run with Java baked in to Windows on 7u80 once video encryption is turned off. Still would rather hope for a universal solution like this one though ;-)

With JDK (Server JRE package) 7u80 I found here I could run the console even with encryption enabled using the .sh script (using cygwin here).

But I can't get the virtual media to work at all. From iDRAC 6 interfce, I see it is Enterprise, so it /should/ work. I've downloaded all .jar files pointed by viewer.jnlp, so it probably is a limitation by the way it is run. I see @nizrael also had the same issue than me.

Other than that, all seems to work, I can walk thru bios, type, reboot, and so on.

EDIT: to have virtual media working, just follow the steps into extracting the DLL (.so or .jnilib depending on OS). The avctKVMIO.dll and avmWinlib.dll files are within the avctKVMIO*.jar and avctVM*.jar, respectively. You have to choose between Linux32, Linux64, Win32 or Win64, depending on your OS.

In my case, windows 10 64-bit, it was Win64.

Hi,

I follow every step as mentioned even i extracted / un compressed the components of the jar file in "lib" folder however i am still getting this error
"Could not find or load main class com.avocent.idrac.kvm.Main". any help will be highly appreciated.

Thanks,
yousuf

@sirtcp Do you have the avctKVM.jar file in the same folder as the script?

I tried this out and it worked great on my mac.

• downloaded the JRE 1.7.0.79 tar file (not the installer) and extracted it.

• Downloaded the avctKVM.jar

• Run the java cmd and hard referenced the locations of the files
  Works like a charm! Thank you

`

MBP:Progs$ ls
avctKVM.jar		avctVMMac64.jar
avctKVMIOMac64.jar	jre1.7.0.79

export drachost=
export dracuser=
export dracpwd=
/Users/Progs/jre1.7.0.79/Contents/Home/bin/java -cp /Users//Progs/avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip=$drachost kmport=5900 vport=5900 user=$dracuser passwd=$dracpwd apcp=1 version=2 vmprivilege=true "helpurl=https://$drachost:443/help/contents.html"

Brilliant!!! This saves so much time. Thank you,

Was finally able to get this script running. A couple of things that I had to go through a few times, 1. Don't hard code the IP of the idrac. I had put into my script Host: https://A.B.C.D and then put my username and it wasn't working. Maybe if I had just put the IP and not the https: it would have worked. 2. I had to create a folder on my computer to hold the jre folder I downloaded and extracted as well as a .lib folder I created to house the .dll's that you have to extract and download from the links in the "viewer.jnlp". In the viewer.jnlp there are multiple lines, I am running 64 bit so I used the nativelib lines. I also extracted the avctKVM.jar and copied the com directory out into the lib folder. So my folder structure looks like:

Console (main folder)

1. Start-virtual-console.bat
2. jre folder (extracted from the server-jre that I downloaded form the internet)
3. lib folder
   a. com folder (extracted from avctKVM.jar)
   b. avctKVMIO.dll (extracted from viewer.jnlp Win64 section)
   c. avctWinLib.dll (extracted from viewer.jnlp Win64 section)

Once this was all set, I just ran the script using Powershell and it worked.

@joedel94 I know its been a while since you posted, but I got the same error. I found out that it was because I missunderstood what the

set /P drachost="Host: "
set /p dracuser="Username: "

lines did: I thought that the text in the quotes were just a place holder and you would need to modify the script to change the variables. They actually set the given variable name to the user input after prompting with the text in the string. So, when the script ran with your string set to, say, 192.168.0.0 and you hit enter after being prompted with that string, you're passing it an empty string. The console fails to connect with an empty string.

Try running the original script as is, then do the following in the console:

1. Enter hostname/ip address of the DRAC
2. Press enter key
3. Enter username for DRAC
4. Press enter key
5. Enter password for that username
6. Press enter key

Assuming there aren't any other problems (see below), you have your jre in the jre folder, and correct lib files in the lib folder alongside the script, that should run and connect the console.

Worst case, ignore the set lines and try to manually set your parameters in the long java line (though, I'd only do this for testing, as leaving a password in a script wouldn't be a very good idea):

.\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=192.168.0.0 kmport=5900 vport=5900 user="myUserName" passwd="SuperSecurePassword1" apcp=1 version=2 vmprivilege=true "helpurl=https://192.168.0.0:443/help/contents.html"

If that fails, you might be trying to access the wrong port (check the port number the console runs on in the web gui) or there might be a firewall between you and the DRAC blocking that port (5900 by default).

hard coding the password into the .bat file got it to work. I was having all sorts of authentication issues.

set drachost="192.168.1.10"
set dracuser="MyUserName"
set dracpwd="MyPassword"
.\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

Thanks, this works a treat. Running great on MacOS High Sierra using jre1.7.0_80

For the Mac users make sure to get both of the Mac jars from the .jnlp file and extract the libs from both of them (and put them into ./lib or whatever path you are going to use for that). Both viewer and Virtual media bits working as expected.

My two cents, it works flawlessly but sometimes my Keyboard doesn't work at all.
It turns out that it depends on the version of the avctKVM.jar:

• Virtual Console 1.0 (1.07.0.17647) completely works
• Virtual Console 1.5 (1.0.0.78) has keyboard issues (doesn't work)

If any is interested in the first version (that should work on any iDRAC6 device), I'll try to attach it... (rename it to 7z)

Here is a version that makes assumptions about your paths (so fix them if they don't match) and also uses 7-Zip to extract the required DLL file. It gives you an option to use a port other than 5900 since some of our hosts use different ports.

@echo off

set /P drachost="Host: "
set /p dracuser="Username: "
set /p kvmport="KVM Port: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
	$BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
		[System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (`%psCommand%`) do set dracpwd=%%p

md iDRAC6-%drachost%
cd iDRAC6-%drachost%
ECHO Grabbing avctKVM.jar from %drachost%
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVM.jar','.\avctKVM.jar')"
ECHO Grabbing avctKVMIOWin32.jar from %drachost%
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('http://%drachost%/software/avctKVMIOWin32.jar','.\avctKVMIOWin32.jar')"
ECHO Extracting .dll files to ./lib
"C:\Program Files\7-Zip\7z.exe" e avctKVMIOWin32.jar -oc:lib *.dll -r
ECHO Running KVM client
"C:\Program Files (x86)\Java\jre6\bin\java" -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.kvm.client.Main ip=%drachost% kmport=%kvmport% vport=%kvmport% user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

This works great, finally a workaround for the broken iDRAC!

A few notes on Ubuntu:

• It works with current version of Oracle's java
• The window appears hidden, you have to blindly activate it with alt-space, and then select "maximize"
• You need to extract the .so from both *Linux64.jar files, and put them in lib

I had to enable SSLv3 in java, I always got the error "connection failed"

Comment out "jdk.tls.disabledAlgorithms=SSLv3 in /lib/security/java.security

Thanks for that great script!
I have IDRAC8, and original script didn't work. So I played a little bit, tried this and that, and finally it works! My configuration and what did I do:

I used Java 1.8 (64-bit in my case). Changed "java.security", as @krubottom advised (and BIG THANKS for that!) - withou it I got an Error.

In Idrac 8 Dell have changed DLLs, and now the DLLs in \lib folder is:
avctKVMIO.dll - from avctKVMIOWin32.jar (or avctKVMIOWin64.jar - for 64)
VMAPI_DLL.dll - from avctVMAPI_DLLWin32.jar (or avctVMAPI_DLLWin64.jar - for 64)
VMAPI_DLL.lib (idk if the jar need that, but I decided to paste it inside \lib folder also) - from avctVMAPI_DLLWin32.jar (or avctVMAPI_DLLWin64.jar - for 64)

With original script Console launched just fine, but I got "access denied" message.
So - I dig inside my "viewer.jnlp" a little bit, and changed some parameters - and - it works! So - my command for running avctKVM.jar looks like:

.\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 reconnect=2 version=2 vm=1 "helpurl=https://%drachost%:443/help/contents.html"

Hi,

I follow every step as mentioned even i extracted / un compressed the components of the jar file in "lib" folder however i am still getting this error
"Could not find or load main class com.avocent.idrac.kvm.Main". any help will be highly appreciated.

Thanks,
yousuf

I'm experiencing the same issue as well.

Hello everyone, I have the remote console working on a dell R710 with the enterprise idrac.
Thanks to MathieuW here: https://www.dell.com/community/Systems-Management-General/iDRAC6-Virtual-Console-Connection-Failed/td-p/5144021/page/2

I am running the latest java version as of 10/01/2018.
Version 8 Update 181 (build 1.8.0_181-b13)

Go to here or wherever you installed java.
C:\Program Files\Java\jre1.8.0_181\lib\security\java.security

Comment out this line in java.security with a #
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024,
and add the IP address (https://IPhere) and (https://IPhere:443) to the security tab of the java control pannel.

I don't know what security implications this has but it works.

I have fixed it on ubuntu 16.04 with openjdk-8-jre:amd64 8u181-b13-0ubuntu0.16.04.1 the following way.

This is an original statement in java.security:

jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC

You have to delete SSLv3 and 3DES_EDE_CBC for iDrac console to be functional again.

So it will look like this:

jdk.tls.disabledAlgorithms=RC4, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224, DES40_CBC, RC4_40

Enjoy!

@Be5qP4Y3Fzaj

Hi,
I follow every step as mentioned even i extracted / un compressed the components of the jar file in "lib" folder however i am still getting this error
"Could not find or load main class com.avocent.idrac.kvm.Main". any help will be highly appreciated.
Thanks,
yousuf

I'm experiencing the same issue as well.

In case you, or anyone hasn't figured this issue out yet, I had to download the avctKVM.jar file separately, the same way as the files listed in the .jnlp file (ipaddress/software/avctKVM.jar) and put it in the same directory as the .bat/.sh file.

I have it working on Linux with iDRAC7. Issue for me was that the keyboard wouldn't work with the 64bit libraries and the virtual media wouldn't work with the 32bit libraries.

Mixing the two worked. I downloaded both sets to lib32 and lib64 directories and then copied the 64bit and 32bit file:

mkdir lib
cp -a lib32/libavctKVMIO.so ./lib
cp -a lib64/libavmlinux.so ./lib

I updated the Linux script to take arguments on the command line:

#!/bin/bash
# https://gist.github.com/xbb/4fd651c2493ad9284dbcb827dc8886d6

show_help () {
  echo "Usage: `basename $0` <options>";
  echo;
  echo "Options:";
  echo " -h | --help   = Help, show this message.";
  echo " -r | --host=<NAME>   = iDRAC IP Address (Mandatory).";
  echo " -u | --user=<USER>   = iDRAC user name (Mandatory";
  echo " -p | --pass=<PASS>   = iDRAC password (Mandatory)";
}

OPTS=`getopt -o hr:u:p: --long help,host:,user:,pass: -n 'help' -- "$@"`

#if [ $? != 0 ] ; then echo "Failed parsing options." >&2 ; show_help; exit 1 ; fi

# echo "$OPTS"
eval set -- "$OPTS"

while true; do
  case "$1" in
    -h | --help )    show_help; exit 0; shift ;;
    -r | --host )    host="$2"; shift 2 ;;
    -u | --user )    user="$2"; shift 2 ;;
    -p | --pass )    pass="$2"; shift 2 ;;
    -- ) shift; break ;;
    * ) echo "Invalid arguments!"; show_help; exit 1 ;;
  esac
done

if [ ! "$host" ] || [ ! "$user" ] || [ ! "$pass" ]; then
    show_help
    exit 1
fi

./jre/bin/java -cp avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip=$host kmport=5900 vport=5900 user=$user passwd=$pass apcp=1 version=2 vmprivilege=true "helpurl=https://$host:443/help/contents.html"

Hi!
Will it work with DRAC5? Would be great. I have made some tests with various jre and settings, but no luck.

For DRAC5 I have only 1 dll - avctKVMIO.dll.
Also avctKVM.jar file seems to be missing, I can only download avctKVMWin32.jar and avctDRAC5Viewer.jar
Anyway it seems to be working after adjusting the script, but with some Java versions I get bad_record_mac error, and with some even logon failures. Which I find strange since the normal connection over the browser works with this version of java.
Any clues what might be the problem?

This is my connection error:
Packet log written to: c:\javaViewer.log
==== propertyChange: (SESSION_STATE):CONNECTING====
==== propertyChange: (VIDEO_PANEL_SIZE_CHANGED):java.awt.Dimension[width=1600,he
ight=1600]====
==== propertyChange: (VIDEO_PANEL_SIZE_CHANGED):java.awt.Dimension[width=1600,he
ight=1600]====
12/07/2018 12:22:07:754: SSL: context protocol = SSLv3
12/07/2018 12:22:08:365: SSLv2Hello
12/07/2018 12:22:08:365: SSLv3
12/07/2018 12:22:08:366: TLSv1
12/07/2018 12:22:08:366: TLSv1.1
12/07/2018 12:22:08:366: TLSv1.2
12/07/2018 12:22:08:366: ======connectToPort======
12/07/2018 12:22:08:368: User Login Request: 0x100
12/07/2018 12:22:08:369: ======connectToPort - sendRequest======
12/07/2018 12:22:08:369: packet type( 0x100)
Sending packet: com.avocent.kvm.e.a.bf@442552 (8, 208).
setPassthroughEnabled(true)
setPassthroughEnabled(false)
12/07/2018 12:22:08:430: SSL: checkServerTrusted() called.
12/07/2018 12:22:08:432: SSL: getAcceptedIssuers() called.
12/07/2018 12:22:08:639: ===PacketReceiver==TYPE:(0x8305) - User Login Response
12/07/2018 12:22:08:641: Receive 0x8305 User Login Response (V2)
12/07/2018 12:22:08:642: User login response: 3
==== propertyChange: (SESSION_STATE):CONNECTION_LOGIN_FAILED====
12/07/2018 12:22:08:649: ======connectToPort - sendRequest======
12/07/2018 12:22:08:655: packet type( 0x400)
12/07/2018 12:22:08:656: ****************KEEP_ALIVE_INTERVAL:10000,getProperty(
KvmSession.SESSION_STATE)=CONNECTION_LOGIN_FAILED
Sending packet: com.avocent.kvm.e.a.q@83c96a (8, 8).

With java jre1.8.0_51 32 bit for windows, of course.

Dude, you're a hero 👍

Would you believe it even works with the proper Java 8 on MacOS High Sierra?

FYI, in a modern Linux operating system, you'll have to also edit this file by removing all SSLv3 / RC4 / RC4_* :

[root@knox back-ends]# pwd
/etc/crypto-policies/back-ends
[root@knox back-ends]# cat java.config
jdk.tls.ephemeralDHKeySize=1023
jdk.certpath.disabledAlgorithms=MD2, MD5, DSA, RSA keySize < 2048
#jdk.tls.disabledAlgorithms=DH keySize < 1023, SSLv2, DHE_DSS, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, 3DES_EDE_CBC, DES_CBC, RC4_40, RC4_128, DES40_CBC, RC2, HmacMD5
jdk.tls.disabledAlgorithms=DH keySize < 1023, SSLv2, DHE_DSS, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, 3DES_EDE_CBC, DES_CBC, DES40_CBC, RC2, HmacMD5
jdk.tls.legacyAlgorithms=

as well as :
[root@knox security]# pwd
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.192.b12-0.fc30.x86_64/jre/lib/security
[root@knox security]# grep "disabled." java.security | grep -v "^#"
jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer,
RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
jdk.tls.disabledAlgorithms=DES, MD5withRSA, DH keySize < 1024,
EC keySize < 224, 3DES_EDE_CBC

Hello everyone, I have the remote console working on a dell R710 with the enterprise idrac.
Thanks to MathieuW here: https://www.dell.com/community/Systems-Management-General/iDRAC6-Virtual-Console-Connection-Failed/td-p/5144021/page/2

I am running the latest java version as of 10/01/2018.
Version 8 Update 181 (build 1.8.0_181-b13)

Go to here or wherever you installed java.
C:\Program Files\Java\jre1.8.0_181\lib\security\java.security

Comment out this line in java.security with a #
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024,
and add the IP address (https://IPhere) and (https://IPhere:443) to the security tab of the java control pannel.

I don't know what security implications this has but it works.

commenting out jdk.tls.disabledAlgorithms works for me with jdk1.8

I had to enable SSLv3 in java, I always got the error "connection failed"
Comment out "jdk.tls.disabledAlgorithms=SSLv3 in /lib/security/java.security

This fixed it for me. too with latest java. Nice to have it in its own folder as a "portable"

same for allowing unsecure algos.
It work

The original post worked for me, thanks for this!

Another option - All in Powershell this time, which can be used on any system that has PSCore installed :)

function Connect-iDrac {
    [CmdletBinding()]
    param (
        [IPAddress]$dracHost,
        $dracUser
    )
    try {
        $cred = Get-Credential -UserName $dracUser -Message "Please enter iDrac credentials.." -Title "Connect-iDrac"
        $jrePath = "C:\bin\jre1.7.0_80" #set to your jre binaries root folder.
        $kvmJar = "$jrePath\avctKVM.jar"
        if (!(Test-Path $kvmJar)) {
            [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
            $WebClient = New-Object System.Net.WebClient
            $WebClient.DownloadFile("http://$dracHost/software/avctKVM.jar", "$kvmJar")
        }
        $proc = Start-Process -FilePath cmd -ArgumentList "/c `"$jrePath\bin\java.exe -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=$dracHost kmport=5900 vport=5900 user=$dracUser passwd=$($cred.GetNetworkCredential().Password) apcp=1 version=2 vmprivilege=true 'helpurl=https://%drachost%:443/help/contents.html'`"" -WorkingDirectory $jrePath -PassThru
        return $proc
    }
    catch {
        Write-Warning $_.Exception.Message
    }
}

I stumbled over this posting while searching for a solution to connect to my Lenovo RD530 via KVM, so i gave it a shot - and it worked flawless. So thank you for that.

Difference to the original posting is, i just got the avctKVMIO.dll out of the jar and i had to change 'com.avocent.idrac.kvm.Main' to 'com.avocent.kvm.client.Main'.

Thank you very much - this works great!

wow thank you! this is the only way I got the iDrac 6 console to open.

Thanks, great solution.
There remains a small problem, I want a video resolution of 1024x768 and higher ...

Thank you for the great script. I have it running on iDRAC6 and iDRAC7. I using JRE 1.7 for iDRAC6 and JRE 1.8 for IDRAC7. It works out well. The only issue I have is Virtual Media is not showing (working) for iDRAC7. If anyone have a solution for Virtual Media on iDRAC 7, please share. Virtual Media works fine in iDRAC6 with "avmWinLib.dll" in the .\lib directory.

@lbong Read this

@NoLooseEnds iDRAC6 Express simply does not support KVM. You will need to buy the iDRAC6 Enterprise add-on. There is no work around since iDRAC6 Express simply does not contains the Hardware required to support this. The add-on can easily be purchase from many providers for less then 20$USD. So very cheap. If you want the feature simply by the required hardware.

@LouisOuellet Yes, and I did. :)

Thanks for the great script. I did added some functionalities to it such as Arguments support for HOST, USER and PASSWORD to make it a little faster to used. But nice find.

This works great, thank you!

I keep getting
"Error: Could not find or load main class com.avocent.kvm.client.Main"

*** Edit ***
looking at the folder structure of the extracted lib, there was no client directory. Removed that from the string and added back the 'idrac'

com.avocent.idrac.kvm.Main
...voila! It works!

thanks, works here!!!

I solve my problem using this tutorial. https://antoniocampos.net/2018/01/12/java-erro-ao-utilizar-md5withrsa/

Proving there are many ways to skin a cat, how about a method which utilises your Java installation's 'javaws' binary and templates out a JNLP file, written in Perl.

idrac-console.pl:

#!/usr/bin/perl

use strict;
use warnings;

use Getopt::Long;
use Text::Template;
use File::Spec;
use FindBin;
use File::Temp qw/tempfile/;

my $java_dir = File::Spec->catfile($FindBin::Bin, 'jre7');
my $drac_host;
my $drac_user;
my $drac_password;

GetOptions('host=s' => \$drac_host,
           'user=s' => \$drac_user,
           'password=s' => \$drac_password,
           'java-dir=s' => \$java_dir) or
  die "Invalid options\n";

if (!$drac_host or !$drac_user or !$drac_password)
{
  die "You must specify --host, --user and --password\n";
}
 
my $template = Text::Template->new(TYPE => 'FILE', SOURCE => File::Spec->catfile($FindBin::Bin, 'viewer.jnlp.tmpl'));

my %hash =
(
  'drac_host' => $drac_host,
  'drac_user' => $drac_user,
  'drac_password' => $drac_password
);

my $text = $template->fill_in(HASH => \%hash);

my $tmp_file = File::Temp->new(SUFFIX => '.jnlp');

print $tmp_file $text;
close $tmp_file;

print "Launching $tmp_file...\n";

system(
       File::Spec->catfile($java_dir, 'bin', 'javaws'),
       $tmp_file
      );

viewer.jnlp.tmpl:

<?xml version="1.0" encoding="UTF-8"?>
<jnlp codebase="https://{$drac_host}:443" spec="1.0+">
<information>
  <title>iDRAC6 Virtual Console Client</title>
  <vendor>Dell Inc.</vendor>
   <icon href="https://{$drac_host}:443/images/logo.gif" kind="splash"/>
   <shortcut online="true"/>
 </information>
 <application-desc main-class="com.avocent.idrac.kvm.Main">
   <argument>ip={$drac_host}</argument>
   <argument>vmprivilege=true</argument>
   <argument>helpurl=https://{$drac_host}:443/help/contents.html</argument>
   <argument>title=idrac</argument>
   <argument>user={$drac_user}</argument>
   <argument>passwd={$drac_password}</argument>
   <argument>kmport=5900</argument>
   <argument>vport=5900</argument>
   <argument>apcp=1</argument>
   <argument>version=2</argument>
 </application-desc>
 <security>
   <all-permissions/>
 </security>
 <resources>
   <j2se version="1.7"/>
   <jar href="https://{$drac_host}:443/software/avctKVM.jar" download="eager" main="true" />
 </resources>
 <resources os="Windows" arch="x86">
   <nativelib href="https://{$drac_host}:443/software/avctKVMIOWin32.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMWin32.jar" download="eager"/>
 </resources>
 <resources os="Windows" arch="amd64">
   <nativelib href="https://{$drac_host}:443/software/avctKVMIOWin64.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMWin64.jar" download="eager"/>
 </resources>
 <resources os="Windows" arch="x86_64">
   <nativelib href="https://{$drac_host}:443/software/avctKVMIOWin64.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMWin64.jar" download="eager"/>
 </resources>
  <resources os="Linux" arch="x86">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOLinux32.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMLinux32.jar" download="eager"/>
  </resources>
  <resources os="Linux" arch="i386">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOLinux32.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMLinux32.jar" download="eager"/>
  </resources>
  <resources os="Linux" arch="i586">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOLinux32.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMLinux32.jar" download="eager"/>
  </resources>
  <resources os="Linux" arch="i686">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOLinux32.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMLinux32.jar" download="eager"/>
  </resources>
  <resources os="Linux" arch="amd64">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOLinux64.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMLinux64.jar" download="eager"/>
  </resources>
  <resources os="Linux" arch="x86_64">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOLinux64.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMLinux64.jar" download="eager"/>
  </resources>
  <resources os="Mac OS X" arch="x86_64">
    <nativelib href="https://{$drac_host}:443/software/avctKVMIOMac64.jar" download="eager"/>
   <nativelib href="https://{$drac_host}:443/software/avctVMMac64.jar" download="eager"/>
  </resources>
</jnlp>

Thank you very much! I made the mistake of editing the script and filling in the host IP and user, don't do that, just fill in when prompted :)

thanks for the script. successfully implemented for an R710 with idrac enterprise 6 on a windows 10 64 bit machine.
was driving me batty why i couldn't get the console running with java 8, but your script is a neat workaround and runs perfectly.

You don't NEED an old Java, you just need to disable all the SSL/TLS restrictions in ($javadir)/lib/security/java.security - specifically, set jdk.tls.disabledAlgorithms=DES and jdk.certpath.disabledAlgorithms=MD2 (You may want to leave others there, but that's enough to get it working).

You probably also want to disable TLS1.3 in Java Settings -> Advanced, as that can cause problems with HP ILOs, too.

Worked great on my R810 with iDrac6 Enterprise.

Just a note for anyone else that might have this problem... I was getting an SSL socket exception in Java. The only thing I changed was the password I was using for the user. Turns out I had a few special characters in the password. That was the issue. Once I removed the special characters everything worked perfectly.

iDrac5 Success:
On MacOS Catalina

• Java JDK 7u80
• Edit /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/java.security" and comment out jdk.tls.disabledAlgorithms=SSLv3 at the very bottom.
  • If your path is different, sudo find /Library -name "java.security"
• Download https://<ipaddr>/plugins/vkvm/avctDRAC5Viewer.jar
• Get the latest vkvm.jnlp (current login, credentials expire). Replace <ipaddr> with your IP Address
• awk 'NR == 12 {print substr($0,16,32)}' ~/Downloads/vkvm.jnlp | xargs -I {} /usr/bin/java -cp avctDRAC5Viewer.jar -Djava.library.path=./lib com.avocent.drac5.kvm.Main ip="<ipaddr>" kmport=5900 vport=5901 user={} passwd= apcp=0 sslv3=1
  • awk 'NR == 12 {print substr($0,16,32)}' prints line 12, chars 16-32, which contain the hashed username.
  • Be sure you're in the same path as avctDRAC5Viewer
  • Change kmport and vport accordingly. (also available inside the vkvm.jnlp file).
  • Using the jnlp username, you do not need a password. Leave as passwd=

@jamesastound

Thank you. It works for me

Thank you very much it works!

Yes it works for me too. Thanks.

@wdz111:

Thanks for that great script!
I have IDRAC8, and original script didn't work. So I played a little bit, tried this and that, and finally it works! My configuration and what did I do:

I used Java 1.8 (64-bit in my case). Changed "java.security", as @krubottom advised (and BIG THANKS for that!) - withou it I got an Error.
...
VMAPI_DLL.dll - from avctVMAPI_DLLWin32.jar (or avctVMAPI_DLLWin64.jar - for 64)

Thanks for sharing. I used procexp (from sysinternals) to determine I needed a VMAPI_DLL but did not know what to pull from the server. Is it a safe bet to assume that the path to the .jar will always be the DLL filename, minus the .dll then prepend avct and postpend Linux64.jar|Win64?

I'm hoping that when I get a server that has a newer iDRAC version it will be this simple.

Thank you, this worked on linux mint w/ default java 8. Fwiw instead of editing the system-wide security policy (eg. /usr/lib/.../security/java.security) you can copy the file into the local directory and tell the script to use it by adding "-Djava.security.properties=./java.security" to the java arguments. Then the security settings will only apply for this particular application, hopefully avoiding potential security risks.

Thank you! It works for me too.

I made a Python script based on this. Should work for Win/Linux/Mac.

https://github.com/gethvi/iDRAC6VirtualConsoleLauncher

any way to fix keyboard on windows?

Hi, How can I get avctKVMIO.dll and a vmWinLib.dll?? I downloaded from google avctKVMIO.dll and get vmWinLib.dll from my java ultimate version installed in appdata\LocalLow\Sun\Java\Deployment... but I get a error message: "The native library for keyboard and mouse support failed to load. Pass all keys to server and single cursor support will not be available", and not run, I´m under win10 x64, thanks

@codigobinario did you fix it?

Hi,

I have read through all the comments and tried all solutions.

i am still getting this error

Jun 13, 2020 7:01:07 PM java.util.prefs.WindowsPreferences <init>
WARNING: Could not open/create prefs root node Software\JavaSoft\Prefs at root 0x80000002. Windows RegCreateKeyEx(...) returned error code 5.
06/13/2020 07:01:07:627: Starting client.
====setPowerMenuStatus: (##2)
06/13/2020 07:01:12:937:  Connection failed with exception: Connection refused: connect

I am using JRE 7 on Windows 10.

I can download the viewer.jnlp fresh from the webGUI and it works.

I have change the SSL v3 statement in the security file.
I have added both Drac IP + Port 443 and Drac IP + Port 5900 to the allowed domains.

Any suggestions.

Toby

Thank you very much, it saved me hours and hours of headaches! To get the jar files from the idrac6 server, I had to use (with wine) an old Firefox (from 2011), so I didn't have to compile openssl and wget to allow sslv3 to work!

$ tree
.
├── avctKVM.jar
├── avctKVMIO.jar
├── avctKVMIO.jnilib
├── avctKVMIOMac64.jar
├── avctKVMIOMac64.jnilib
├── avctVM.jar
├── avctVM.jnilib
├── avctVMMac64.jar
├── avctVMMac64.jnilib
├── lib
│   ├── avctKVMIO.dll
│   ├── avctKVMIO.jar
│   ├── avctKVMIO.jnilib
│   ├── avctKVMIO.lib
│   ├── avctKVMIO.so
│   ├── avctKVMIOMac64.jar
│   ├── avctKVMIOMac64.jnilib
│   ├── avctVM.jar
│   ├── avctVM.jnilib
│   ├── avctVMMac64.jar
│   └── avctVMMac64.jnilib
├── start-virtual-console.sh
└── viewer.jnlp

1 directory, 22 files

I'm not sure how to find out what its looking for...

NativeKeyboard.init() Native library loading [avctKVMIO]
 iDracViewerObjectFactory: Failed to load native keyboard library.
  Exception: no avctKVMIO in java.library.path
  Library path=./lib

I wish it would say, I am looking for a file named x so I can name it that.

If anyone is here trying to get this to work with an Avocent/Dell KVM switch, I was able to get it to work using a similar methodology.

I probably overdid it with duplicate files, but here's my tree (depth truncated selectively)

| jre
| lib
| -- com
| -- -- avocent
| -- -- -- avworks
| -- -- -- lib
| -- -- -- protocols
| -- -- -- video
| -- -- -- vm
| -- -- linuxnet
| -- -- -- jpcsc
| -- acvvWin32Lib.dll
| -- avctVideo.jar
| -- avctVM.jar
| -- avctWin32Lib.jar
| -- avmWin32Lib.dll
| -- avmWin32Lib.jar
| -- jpcsc.dll
| avctVideo.jar
| launch.bat

You can customize with variables to your desire, but here's the launch command I got to work on Windows 10 with JRE 1.7.0 x64:

START /B "" .\jre\bin\java.exe -cp avctVideo.jar -Djava.library.path=.\lib com.avocent.video.Nautilus title="DEVICE_NAME" devicetype=avsp path=a:KVM_IP,r:DONGLE_ID,c:0,e:1,s:"DEVICE_NAME",l:120 oem=DELL user=USER_NAME password=PASSWORD "helpurl=https://KVM_IP:443/help/contents.html"

where:

DEVICE_NAME = the name of the device connected to the KVM port
KVM_IP = the KVM IP
DONGLE_ID = the ID of the KVM dongle (like 652432-13BB80 from the Web UI)
USER_NAME = the KVM username
PASSWORD = the KVM password

Virtual media is not current working, but everything else seems to be. I extracted the .jar files from

https://KVM_IP/viewers/avctWin32Lib.jar etc... When available, I used the Win64 versions if they existed in the /viewers/ directory. I extracted the .jar files and put the contents into the root lib folder along with any com folders and merged.

I got this to work on Windows by doing the following:

1. Download jre-8u201-windows-i586.tar.gz (the last JRE before the new license)
   sha256: dc419a2ebd838e2f3d4e0a0efb02024abad464129d5d8decb8a7b6fbde552227
   md5: a44e40bb1f0f98a34fe13226b5f050eb
   sha1: cef8b9979a872e908c43f9a1d81b9a859dbcece7

2. Open jre-8u201-windows-i586.tar.gz in 7-zip, and then inside it also open the jre-8u201-windows-i586.tar file (still within 7-zip), then open the jre1.8.0_201 folder, and then extract the contents to just .\jre\

3. Edit .\jre\lib\security\java.security in Notepad as follows:
   For the line: jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \ remove only the RC4, bit

4. Download https://192.168.0.120:443/software/avctKVM.jar with web browser and put into root folder

5. Download https://192.168.0.120:443/software/avctKVMIOWin32.jar with web browser and put into .\lib\ folder

6. Download https://192.168.0.120:443/software/avctVMWin32.jar with web browser and put into .\lib\ folder

7. For both avctKVMIOWin32.jar and avctVMWin32.jar open in 7-zip and extract the containing .dll files into the .\lib\ folder

This should work for a long time to come. But there will be more fun when the SSL Cert expires in 2024.

Here is my batch file for windows 10 (64-bit, but easily changed for 32-bit)... it automatically downloads the jar files and unzips the .dll files if they don't exist so it can use the native dll libraries:

Also, keep in mind if you still have to update the java settings to allow the older TLS to work:
Java location .\jre\lib\security\java.security
Remove SSLv3 and 3DES_EDE_CBC from jdk.tls.disabledAlgorithms, should end up like so:
jdk.tls.disabledAlgorithms=RC4, MD5withRSA, DH keySize < 1024,
EC keySize < 224, DES40_CBC, RC4_40

@echo off

set /P drachost="Host: "
set /p dracuser="Username: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
    $BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
        [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (`%psCommand%`) do set dracpwd=%%p

IF NOT EXIST "avctKVM.jar" (
ECHO Grabbing avctKVM.jar from host...
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVM.jar','.\avctKVM.jar')"
)

IF NOT EXIST "lib" (
ECHO Creating lib directory
mkdir "lib"
)

IF NOT EXIST ".\lib\avmWinLib.dll" (
  IF NOT EXIST ".\lib\avctVMWin64.zip" (
    IF NOT EXIST ".\lib\avctVMWin64.jar" (
      ECHO Grabbing avctKVMWin64.jar from host...
      powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctVMWin64.jar','.\lib\avctVMWin64.jar')"
    )
    ECHO Renaming avctVMWin64.jar to avctVMWin64.zip
    rename ".\lib\avctVMWin64.jar" avctVMWin64.zip
  )
  ECHO Unzipping avctKVMWin64.zip
  powershell Expand-Archive ".\lib\avctVMWin64.zip" -DestinationPath ".\lib"
  rmdir ".\lib\META-INF" /s /q
  erase ".\lib\avctVMWin64.zip" /q
)

IF NOT EXIST ".\lib\avctKVMIO.dll" (
  IF NOT EXIST ".\lib\avctKVMIOWin64.zip" (
    IF NOT EXIST ".\lib\avctKVMIOWin64.jar" (
      ECHO Grabbing avctKVMIOWin64.jar from host...
      powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVMIOWin64.jar','.\lib\avctKVMIOWin64.jar')"
    )
    ECHO Renaming avctKVMIOWin64.jar to avctKVMIOWin64.zip
    rename ".\lib\avctKVMIOWin64.jar" avctKVMIOWin64.zip
  )
  ECHO Unzipping avctKVMIOWin64.zip
  powershell Expand-Archive ".\lib\avctKVMIOWin64.zip" -DestinationPath ".\lib"
  rmdir ".\lib\META-INF" /s /q
  erase ".\lib\avctKVMIOWin64.zip" /q
)

java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

@mermao1 @codigobinario
See my above post if you are still having issues with the .dll files if you're running 64-bit windows 10 it automatically pulls all files for you and checks if they exist first so it doesn't pull them every time.

Hi @ready4droid
I'm trying to get on a iDRAC 6 from a Windows Server 2012 R2 Treminal Server
I can't use your script as there is no WinZip.
Attached are 2 screenshots of your script and the unable to connect message we get when just selecting JavaWS to open the downloaded file.
Any help or support would be greatly appreciated.

Hi @ready4droid
I'm trying to get on a iDRAC 6 from a Windows Server 2012 R2 Treminal Server
I can't use your script as there is no WinZip.
Attached are 2 screenshots of your script and the unable to connect message we get when just selecting JavaWS to open the downloaded file.
Any help or support would be greatly appreciated.

Apologies, I updated my post. This is using the inbuilt unzip from Windows 10 (possibly server 2016?). I can look into 2012 to see if it has any unzip options and re-work the script for you, but if you check my post and edit the java algorithms (the iDRAC 6 uses an old TLS protocol that is disabled in newer versions of Java, which is why you are getting the connection failed). The .zip files failing is not the reason it's not connecting though, it's needing to modify/edit your java security settings to allow the TLS connection. Once you fix this, you can unzip the .zip files by hand and just make sure the .dll files are in the lib folder and it'll work 100% correctly (and as long as it finds the .dll files in the lib folder it won't try to download/unzip them again). Since there can be so many versions of java I did not have it try to modify the security settings automatically (as finding JAVA_HOME and parsing the file would require admin rights as well).

Ok, found this:
"Prior to Windows Server 2016 there wasn’t really an easy built-in way of compressing files into a .zip archive by command line without custom scripts or tools, until now."
"PowerShell 5.0 was recently released for Windows Server 2008, 2008 R2, 2012, and 2012 R2, so you can manually install it there as well to make use of Compress-Archive and Expand-Archive cmdlets. Note that the installation will require a system reboot."
https://www.rootusers.com/how-to-zipunzip-files-in-windows-with-powershell/

So it seems if you update powershell to a version > 5.0 the auto unzip should function properly from Server 2008 and up.

I'm not sure i have permission to install a newer version of power shell.
I've manually unzipped the files from the target iDRRAC and added them as in the screenshot, but still get unable to connect. To be honest, this is out of my experience and i'm not really sure what I'm doing. I also have the java.security file edited for version 6.

I'm not sure i have permission to install a newer version of power shell.
I've manually unzipped the files from the target iDRRAC and added them as in the screenshot, but still get unable to connect. To be honest, this is out of my experience and i'm not really sure what I'm doing. I also have the java.security file edited for version 6.

First, those files don't have to be in your jre\lib folder, just in a lib folder from wherever you are running the .bat file. So the layout should look like this (you can put in any folder, but this is how the structure should end up).

c:\idracscript\run.bat
c:\idracscript\avctKVM.jar
c:\idracscript\lib\avmWinLib.dll
c:\idracscript\lib\avctKVMIIinLib.dll

Second, if you're getting the connection failed, then it's a java issue someway. Either you need to add an exception for the site in the java configuration or something still isn't right in your security file. Also, I don't have server 2012 in order to do any testing so this is as much of a suggestion I can give. As long as you get the "Connection Failed" it is going to be an issue with java security. The .jar file will still run properly even without the .dll files, it will just use generic plugins that don't work as well for the IO and possibly be missing the ability to mount virtual CD's and stuff, but the connection itself should still establish.

Perfect, its working now, it was the file location that was stopping it!
Thank you for taking the time to respond and help.

Perfect, its working now, it was the file location that was stopping it!
Thank you for taking the time to respond and help.

Great to hear, glad you were able to get it working!

I got this to work on Windows by doing the following:

1. Download **jre-8u201-windows-i586.tar.gz** (the last JRE before the new license)
   sha256: dc419a2ebd838e2f3d4e0a0efb02024abad464129d5d8decb8a7b6fbde552227
   md5: a44e40bb1f0f98a34fe13226b5f050eb
   sha1: cef8b9979a872e908c43f9a1d81b9a859dbcece7

2. Open jre-8u201-windows-i586.tar.gz in 7-zip, and then inside it also open the **jre-8u201-windows-i586.tar** file (still within 7-zip), then open the **jre1.8.0_201** folder, and then extract the contents to just **.\jre\**

3. Edit **.\jre\lib\security\java.security** in Notepad as follows:
   For the line: **jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \** remove only the **RC4,** bit

4. Download **https://192.168.0.120:443/software/avctKVM.jar** with web browser and put into root folder

5. Download **https://192.168.0.120:443/software/avctKVMIOWin32.jar** with web browser and put into **.\lib\** folder

6. Download **https://192.168.0.120:443/software/avctVMWin32.jar** with web browser and put into **.\lib\** folder

7. For both **avctKVMIOWin32.jar** and **avctVMWin32.jar** open in 7-zip and extract the containing .dll files into the **.\lib\** folder

This should work for a long time to come. But there will be more fun when the SSL Cert expires in 2024.

This worked for me too in August 2020. Thanks so much everyone!

Worked perfectly for me with the ...Win64... files. Many Thanks to everyone!

Thank you for this! Works in Arch Linux using the jdk-7u79-linux-x64.tar.gz tarball from https://www.oracle.com/java/technologies/javase/javase7-archive-downloads.html#license-lightbox

So, I had to jump through a lot of hoops to get this to work, but it DID work. That said, in case others are having the same issues I had, I'm posting here to tell you what I did. Note that this was on an x64 Windows machine.

1. Create a folder that you can easily navigate to using the command line. I will use "C:\idracfix" for this example.
2. Create subdirectories "jre" and "lib" within "C:\idracfix". (In other words, create "C:\idracfix\jre" and "C:\idracfix\lib".)
3. Create the "start-virtual-console.bat" file that is posted above and put it in your "C:\idracfix" folder.
4. Download the older version of Java from the Oracle webpage. I used this page to download "Java SE Development Kit 7u80" (jdk-7u80-windows-x64.exe). You will have to create an Oracle account. You may be able to find this same file elsewhere on the internet if you Google for it. If you have a 32-bit system, download the x86 (i586) file instead.
5. Extract the files from the executable you just downloaded. I used 7-Zip to do this.
6. You'll end up with a "tools.zip" file. Extract the files from "tools.zip". I again used 7-Zip but since it's a regular .zip file, you can use Windows built-in unzipping/extraction utility.
7. Put all the files and folders from "tools.zip" into your "C:\idracfix\jre" directory.
8. Download your "viewer.jnlp" file from your iDRAC by clicking the "Launch" button on the iDRAC System Summary page. It will actually be named something fairly crazy. You can rename it to "viewer.jnlp" if you like, but it doesn't ultimately matter.
9. Open your "viewer.jnlp" file in a text editor. I used Notepad++ so I could easily double-click the links you'll need from within the file, but regular Notepad works if you don't mind cutting and pasting into a browser.
10. Find the first "resources" section. There will be a link within it to pull your "avctKVM.jar" file from your iDRAC. Use that link to download your "avctKVM.jar" file, and place it directly in your "C:\idracfix" folder.
11. In your "viewer.jnlp" file, below the link to your "avctKVM.jar" file, there is more "resources" sections. Look for the one with your OS and architecture. If you're using 32-bit Windows, you want the architecture of "x86", and if you're using 64-bit Windows, you want the architecture of "amd64" or "x86_64". (Those last two should end up linking to the same files.) Using the same process you used to download your "avctKVM.jar", download "avctKVMIOWin64.jar" (32-bit: "avctKVMIOWin32.jar") and "avctVMWin64.jar" (32-bit: "avctVMWin32.jar").
12. Extract the files from "avctKVMIOWin64.jar" (32-bit: "avctKVMIOWin32.jar") and "avctVMWin64.jar" (32-bit: "avctVMWin32.jar"). I again used 7-Zip for this.
13. From the resulting files you extracted,, copy the .dll files and paste them in the "C:\idracfix\lib" folder. My .dll files were named "avmWinLib.dll" and "avctKVMIO.dll" but I cannot guarantee that yours will be the same names.
14. You should now have a file/folder structure similar to this:

C:\idracfix\start-virtual-console.bat
C:\idracfix\avctKVM.jar
C:\idracfix\lib\avmWinLib.dll
C:\idracfix\lib\avctKVMIO.dll
C:\idracfix\jre\(A bunch of files from tools.zip)

15. Open Command Prompt, as Administrator, and navigate to your "C:\idracfix" folder. ("cd C:\idracfix")
16. Run the "start-virtual-console.bat" file from within Command Prompt. (Just type in "start-virtual-console.bat" and hit enter.)
17. Fill in the requested information. However, it is at this point that I got the following error:

Error occurred during initialization of VM
java/lang/NoClassDefFoundError: java/lang/Object

18. This likely means that various .jar files need to be unpacked. This happens by itself when you run the actual installer, but since we needed to manually extract the files, it didn't happen.
19. You can do this manually using the below command in Command Prompt from the "C:\idracfix" directory. Thanks go out to MultiplyByZer0 and Rigg802 at this link.

for /r %f in (*.pack) do "jre\bin\unpack200.exe" -r -q "%f" "%~pf%~nf.jar"

20. Run "start-virtual-console.bat" again from the Command Prompt.
21. Your iDRAC console should launch successfully this time!

Worked perfectly when I could not access with JNLP. Legend.

@j0mbie:
i did everything like you described but i get following error:

can you help me please?
thanks in advance!

Here is my batch file for windows 10 (64-bit, but easily changed for 32-bit)... it automatically downloads the jar files and unzips the .dll files if they don't exist so it can use the native dll libraries:

Also, keep in mind if you still have to update the java settings to allow the older TLS to work:
Java location .\jre\lib\security\java.security
Remove SSLv3 and 3DES_EDE_CBC from jdk.tls.disabledAlgorithms, should end up like so:
jdk.tls.disabledAlgorithms=RC4, MD5withRSA, DH keySize < 1024,
EC keySize < 224, DES40_CBC, RC4_40

@echo off

set /P drachost="Host: "
set /p dracuser="Username: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
    $BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
        [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (`%psCommand%`) do set dracpwd=%%p

IF NOT EXIST "avctKVM.jar" (
ECHO Grabbing avctKVM.jar from host...
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVM.jar','.\avctKVM.jar')"
)

IF NOT EXIST "lib" (
ECHO Creating lib directory
mkdir "lib"
)

IF NOT EXIST ".\lib\avmWinLib.dll" (
  IF NOT EXIST ".\lib\avctVMWin64.zip" (
    IF NOT EXIST ".\lib\avctVMWin64.jar" (
      ECHO Grabbing avctKVMWin64.jar from host...
      powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctVMWin64.jar','.\lib\avctVMWin64.jar')"
    )
    ECHO Renaming avctVMWin64.jar to avctVMWin64.zip
    rename ".\lib\avctVMWin64.jar" avctVMWin64.zip
  )
  ECHO Unzipping avctKVMWin64.zip
  powershell Expand-Archive ".\lib\avctVMWin64.zip" -DestinationPath ".\lib"
  rmdir ".\lib\META-INF" /s /q
  erase ".\lib\avctVMWin64.zip" /q
)

IF NOT EXIST ".\lib\avctKVMIO.dll" (
  IF NOT EXIST ".\lib\avctKVMIOWin64.zip" (
    IF NOT EXIST ".\lib\avctKVMIOWin64.jar" (
      ECHO Grabbing avctKVMIOWin64.jar from host...
      powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVMIOWin64.jar','.\lib\avctKVMIOWin64.jar')"
    )
    ECHO Renaming avctKVMIOWin64.jar to avctKVMIOWin64.zip
    rename ".\lib\avctKVMIOWin64.jar" avctKVMIOWin64.zip
  )
  ECHO Unzipping avctKVMIOWin64.zip
  powershell Expand-Archive ".\lib\avctKVMIOWin64.zip" -DestinationPath ".\lib"
  rmdir ".\lib\META-INF" /s /q
  erase ".\lib\avctKVMIOWin64.zip" /q
)

java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

You saved me, this is awesome. Thanks

A thousand thank yous! Finally a solution. I'll mop up the blood, sweat and tears and move on with my life.

worked for me ! many thanks you saved my ass ! its a shame for java and dell we have to do all that to use their sh**ty products !

Cool, this help me to access my Dell R620 from my Mac OS.

Finally it is worked on Windows 10. Thank you very much guys :) Specially thank you to @j0mbie

Hey, thank you very much for your script.
It did not work for a DELL PowerEdge R715 out of the box, but I made it work with the following adaptation:

#!/bin/bash

echo -n 'Host: '
read drachost

echo -n 'Username: '
read dracuser

echo -n 'Password: '
read -s dracpwd
echo

JRE="$HOME/jre-7u79/jdk1.7.0_79/"

$JRE/jre/bin/java \
    -cp $JRE/lib:$JRE/jre/lib:$JRE/lib/avctKVM.jar:$JRE/lib/avctVMLinux64.jar:$JRE/lib/avctKVMIOLinux64.jar \
    -Djava.library.path=$JRE/lib \
    com.avocent.idrac.kvm.Main \
    ip=$drachost  \
    user=$dracuser \
    passwd=$dracpwd \
    kmport=4900 vport=4900 \
    apcp=1 version=2 vmprivilege=true \
    "helpurl=https://$drachost:443/help/contents.html"

As you can see, the kmport and vport are 4900 on my server, not 5900. I got that information out of the jnlp file.

It complained about the native IO lib not working, but keyboard worked just fine despite that complaint.

12/17/2020 02:28:18:947: User login response: 0
Failed to open video connection.
java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.(Unknown Source)
at java.net.Socket.(Unknown Source)
at com.avocent.kvm.b.l.a(Unknown Source)
at com.avocent.kvm.b.l.b(Unknown Source)
at com.avocent.kvm.b.r.z(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.y.run(Unknown Source)

Getting that by running the script :|

12/17/2020 02:28:18:947: User login response: 0
Failed to open video connection.
java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.(Unknown Source)
at java.net.Socket.(Unknown Source)
at com.avocent.kvm.b.l.a(Unknown Source)
at com.avocent.kvm.b.l.b(Unknown Source)
at com.avocent.kvm.b.r.z(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.y.run(Unknown Source)

Getting that by running the script :|

It is refusing the connection, i'm sure you see that. There isn't much to gain from the error message. I would suggest checking your firewall settings. Or find out why that port if refusing the connection otherwise. It looks like a configuration issue not the software.

12/17/2020 02:28:18:947: User login response: 0
Failed to open video connection.
java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.(Unknown Source)
at java.net.Socket.(Unknown Source)
at com.avocent.kvm.b.l.a(Unknown Source)
at com.avocent.kvm.b.l.b(Unknown Source)
at com.avocent.kvm.b.r.z(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.y.run(Unknown Source)
Getting that by running the script :|

It is refusing the connection, i'm sure you see that. There isn't much to gain from the error message. I would suggest checking your firewall settings. Or find out why that port if refusing the connection otherwise. It looks like a configuration issue not the software.

I have no firewall between my pc and my server...

I used another script from GitHub, and it worked for me, don't know if it relies on my IDrac6 Version...

But thanks for your fast Answer 👍

Post your version of Java to make sure you are using the right one and maybe someone else has an idea for you.

12/17/2020 02:28:18:947: User login response: 0
Failed to open video connection.
java.net.ConnectException: Connection refused: connect

I have no firewall between my pc and my server...

I had this, too, because my server listens on a different port. Got the correct one out of the jnlp file.

Thanks for your replies, i think the script has a section were the session between idrac and pc gets started.
I only copied the Java Command because I like to use the script without Input, i know it's not secure but it's only a trashy testserver :)

Hi!

I'd like to make a big Thanks!
The method works for me with an iDRAC7 on a T320. The only thing I had to change to make it work with iDRAC7 are the arguments passed to java.exe, which should be the ones listed in the lines in the .jnlp.
My command line for iDRAC7 is below. In particular, if I omit reconnect=2, the console stays in "Reconnecting..." state, then times out.

bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% vm=1 title=idrac-%2C+PowerEdge+T320%2C+User%3A+root user=%dracuser% passwd=%dracpwd% kmport=5900 vport=5900 apcp=1 reconnect=2 chat=1 F1=1 custom=0 scaling=15 minwinheight=100 minwinwidth=100 videoborder=0 version=2 "helpurl=https://%drachost%:443/help/contents.html"