| Use this as an example on how to start the virtual console without the need of Java Web Start or accessing it from the web interface. | |
| You can use the user and password that you use for the web interface. | |
| You need an old JRE... I used 1.7.0_80 from the Server JRE package, also I have tested successfully 1.7.0_79 with MacOS. | |
| You don't need to install it, just extract it or copy the files in "jre" folder. | |
| Open the viewer.jnlp file that you get by launching the virtual console from the web interface with a text editor. | |
| Note the urls to the jar files. Download the main jar file avctKVM.jar and the libs for your operating system and architecture. | |
| Extract the dlls (.so Linux, .jnilib MacOS) from the jar libs. | |
| If you don't see the MacOS libs in the file make sure you download it from MacOS. | |
| Edit the bat/sh file according to your needs. | |
| The file structure should look like this: | |
| start-virtual-console.bat (.sh if Linux/MacOS) | |
| avctKVM.jar | |
| jre/<jre home here> | |
| lib/avctKVMIO.dll (.so if Linux, .jnilib if MacOS) | |
| lib/avmWinLib.dll (.so if Linux, .jnilib if MacOS) |
| @echo off | |
| set /P drachost="Host: " | |
| set /p dracuser="Username: " | |
| set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^ | |
| $BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^ | |
| [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)"" | |
| for /f "usebackq delims=" %%p in (`%psCommand%`) do set dracpwd=%%p | |
| .\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html" |
| #!/bin/bash | |
| echo -n 'Host: ' | |
| read drachost | |
| echo -n 'Username: ' | |
| read dracuser | |
| echo -n 'Password: ' | |
| read -s dracpwd | |
| echo | |
| ./jre/bin/java -cp avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip=$drachost kmport=5900 vport=5900 user=$dracuser passwd=$dracpwd apcp=1 version=2 vmprivilege=true "helpurl=https://$drachost:443/help/contents.html" |
@vandreytrindade: generally, for these old servers, I find it convenient to use an old Java version. I downloaded a portable old java from here https://sourceforge.net/projects/portableapps/files/Java%20Portable/ and I unpack it only when I have to use it. If I remember well, I found jPortable_8_Update_40_Rev_2.paf.exe to behave well with iDRAC 6 and 7.
@vandreytrindade: generally, for these old servers, I find it convenient to use an old Java version. I downloaded a portable old java from here https://sourceforge.net/projects/portableapps/files/Java%20Portable/ and I unpack it only when I have to use it. If I remember well, I found jPortable_8_Update_40_Rev_2.paf.exe to behave well with iDRAC 6 and 7.
Thanks!
I can't use your script as there is no WinZip.
Why are you using WinZip. Windows has ZIP built in, powershell, or even the fully free 7-zip. No one needs to be using WinZip anymore in 2020 or 2021, they will sue you for using it in business without paying.
I can't use your script as there is no WinZip.
Why are you using WinZip. Windows has ZIP built in, powershell, or even the fully free 7-zip. No one needs to be using WinZip anymore in 2020 or 2021, they will sue you for using it in business without paying.
the script uses a specific version of powershell to expand the file, and tyler56895 didn't meet this requirement.
in any event they managed to work around the problem manually the next day and posted to confirm they are all now ok.
Hello everyone, I have the remote console working on a dell R710 with the enterprise idrac. Thanks to MathieuW here: https://www.dell.com/community/Systems-Management-General/iDRAC6-Virtual-Console-Connection-Failed/td-p/5144021/page/2
I am running the latest java version as of 10/01/2018. Version 8 Update 181 (build 1.8.0_181-b13)
Go to here or wherever you installed java. C:\Program Files\Java\jre1.8.0_181\lib\security\java.security
Comment out this line in java.security with a # jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, and add the IP address (https://IPhere) and (https://IPhere:443) to the security tab of the java control pannel.
I don't know what security implications this has but it works.
This worked for me
Thank you!
Hello everyone, I have the remote console working on a dell R710 with the enterprise idrac. Thanks to MathieuW here: https://www.dell.com/community/Systems-Management-General/iDRAC6-Virtual-Console-Connection-Failed/td-p/5144021/page/2 I am running the latest java version as of 10/01/2018. Version 8 Update 181 (build 1.8.0_181-b13) Go to here or wherever you installed java. C:\Program Files\Java\jre1.8.0_181\lib\security\java.security Comment out this line in java.security with a # jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, and add the IP address (https://IPhere) and (https://IPhere:443) to the security tab of the java control pannel. I don't know what security implications this has but it works.This worked for me
Thank you!
And for me as well!
@lx1 thank that worked for iDrac 7.
Hi,
For those concerned about changing global java security settings, they can be overridden on the command line like so:
java -Djava.security.properties=idrac.java.security -cp avctKVM.jar com.avocent.idrac.kvm.Main ip=$IP kmport=$port vport=$port user=$user passwd=$pass apcp=1 version=2 vmprivilege=true "helpurl=https://$IP:443/help/contents.html"
The -D switch uses a file which needs to be created idrac.java.security
e.g.
`#idrac.java.security
#Custom java.security overrides for DELL IDRAC Virtual Console
jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, anon, NULL, include jdk.disabled.namedCurves`
If done correctly this will override this one setting for this one time JVM instance instead of changing global settings, this is much preferred.
Notice also there is only one algorithm which prevents the console from running (at least on my system, java version 14) and that the specific culprit seems to be 3DES_EDE_CBC which is the only flag which needs to be missing from the original list for the JVM to run.
Other operating systems and java versions might need different attention but I hope this helps.
Here's my short little function, to either install the requirements or open the iDRAC session. It assumes, that there's a installed version of 7zip.
function Connect-iDRACRemoteConsole {
<#
.SYNOPSIS
Install and launch a Dell iDRAC Remote console using java.
.DESCRIPTION
This function will prepare the necessary files as well as launch (when told to) a Dell iDRAC Remote Console window.
.PARAMETER ProgramFolder
Program folder, where files are stored. Will default to: $env:LOCALAPPDATA\Dell iDRAC
.PARAMETER ServerHost
Either the FQDN or IP address of a iDRAC system.
.PARAMETER Credential
PowerShell credential object, allowing for passing of somewhere else stored credentials.
.PARAMETER Install
Using this switch, the function will then download the necessary files, unzip them and remove a few unnecessary files.
.INPUTS
[None]
.OUTPUTS
[None]
#>
[CmdletBinding()]
Param(
[Parameter(Mandatory = $false, ParameterSetName = 'Connect')]
[Parameter(Mandatory = $false, ParameterSetName = 'Install')]
[string] $ProgramFolder = '{0}\Dell iDRAC' -f $env:LOCALAPPDATA,
[Parameter(Mandatory = $true, ParameterSetName = 'Connect')]
[Parameter(Mandatory = $true, ParameterSetName = 'Install')]
[string] $ServerHost,
[Parameter(Mandatory = $true, ParameterSetName = 'Connect')]
[pscredential] $Credential,
[Parameter(Mandatory = $true, ParameterSetName = 'Install')]
[switch] $Install
)
begin {
$ErrorActionPreference = 'Stop'
$InformationPreference = 'Continue'
$libdir = '{0}\clientlib' -f $ProgramFolder
if ($PSCmdlet.ParameterSetName -ne 'install') {
try {
Set-Location -Path $ProgramFolder
}
catch {
$_.Exception.Message | Write-Warning
throw ('Unable to change directory to {0}' -f $ProgramFolder)
}
}
elseif ($PSCmdlet.ParameterSetName -eq 'install') {
$7zipPath = "$env:ProgramFiles\7-Zip\7z.exe"
if (-not (Test-Path -Path $7zipPath -PathType Leaf)) {
throw ('7zip file {0} not found' -f $7zipPath)
}
Set-Alias 7zip $7zipPath
$tempdir = '{0}\temp' -f $ProgramFolder
}
}
process {
if ($PSCmdlet.ParameterSetName -eq 'install') {
# try and create the program folder.
try {
if (-not (Get-Item -Path $ProgramFolder -ErrorAction 'SilentlyContinue')) {
New-Item -ItemType 'Directory' -Path $ProgramFolder
}
if (-not (Get-Item -Path $libdir -ErrorAction 'SilentlyContinue')) {
New-Item -ItemType 'Directory' -Path $libdir
}
if (-not (Get-Item -Path $tempdir -ErrorAction 'SilentlyContinue')) {
New-Item -ItemType 'Directory' -Path $tempdir
}
}
catch {
$_.Exception.Message | Write-Warning
throw ('Unable to create program directory {0}' -f $ProgramFolder)
}
# Start the download into the program folder.
$FileUrls = @(
[PSCustomObject]@{
Uri = 'https://master.dl.sourceforge.net/project/portableapps/Java%20Portable/jPortable64_8_Update_40_Rev_2.paf.exe?viasf=1'
FileName = 'jPortable64_8_Update_40_Rev_2.paf.exe'
UnzipDir = '\'
UnzipParams = ''
SkipCertificateCheck = $false
SkipUnzip = $false
HashAlgorithm = 'SHA256'
Hash = 'A4AAC39FC458C3D4E551C08B8896DD1CE3C373C910B0005F4C40485907791E05'
RemoveDirs = @('$PLUGINSDIR', 'App', 'Other')
RemoveFiles = @('release')
},
[PSCustomObject]@{
Uri = 'https://{0}/software/avctKVM.jar' -f $ServerHost
FileName = 'avctKVM.jar'
CopyDir = 'clientlib'
SkipUnzip = $true
SkipCertificateCheck = $true
},
[PSCustomObject]@{
Uri = 'https://{0}/software/avctVMWin64.jar' -f $ServerHost
FileName = 'avctVMWin64.jar'
UnzipDir = 'clientlib'
UnzipParams = ''
SkipUnzip = $false
SkipCertificateCheck = $true
RemoveDirs = @('META-INF')
},
[PSCustomObject]@{
Uri = 'https://{0}/software/avctKVMIOWin64.jar' -f $ServerHost
FileName = 'avctKVMIOWin64.jar'
UnzipDir = 'clientlib'
UnzipParams = ''
SkipUnzip = $false
SkipCertificateCheck = $true
RemoveDirs = @('META-INF')
}
)
# Loop through the file list and download them.
foreach ($uri in $FileUrls) {
$OutFile = '{0}\{1}' -f $tempdir, $uri.FileName
$WebRequestArgs = @{
Uri = $uri.uri
OutFile = $OutFile
UserAgent = [Microsoft.PowerShell.Commands.PSUserAgent]::FireFox
}
try {
if ($uri.SkipCertificateCheck -eq $true) {
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
<# $AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols#>
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
}
$res = Invoke-WebRequest @WebRequestArgs
}
catch {
$_.Exception.Message | Write-Warning
throw ('Unable to download {0} to {1}' -f $uri.uri, $OutFile)
}
# The download finished, now we can make sure, that if HashAlgorithm and Hash have been given to verify them.
if (-not [string]::IsNullOrWhiteSpace($uri.HashAlgorithm) -and -not [string]::IsNullOrWhiteSpace($uri.Hash)) {
# Get a comparsion hash value of the file we've just downloaded.
try {
$hash = Get-FileHash -Algorithm $uri.HashAlgorithm -Path $OutFile
# Now check if the computed hash is the same as the one we got from the file list.
if ($hash.Hash -eq $uri.Hash) {
Write-Verbose ('Hash values of download {0} matches stored hash value' -f $uri.FileName)
}
else {
Write-Warning -Message ('Hash values of download {0} do not match. Deleting' -f $uri.FileName)
Remove-Item -Confirm:$false -Path $OutFile
}
}
catch {
$_.Exception.Message | Write-Warning
throw ('Failure during hash verification of file {0}' -f $uri.FileName)
}
}
# Since we've gotten this far, we need to extract the files using 7z.
try {
if ($uri.SkipUnzip -eq $false) {
$null = 7zip x -y $uri.UnzipParams ('-o"{0}\{1}"' -f $ProgramFolder, $uri.UnzipDir) "$OutFile"
}
elseif ($uri.SkipUnzip -eq $true -and -not [string]::IsNullOrEmpty($uri.CopyDir)) {
$Destination = '{0}\{1}\{2}' -f $ProgramFolder, $uri.CopyDir, $uri.FileName
Copy-Item -Path $OutFile -Destination $Destination -Confirm:$false
}
# Check if the current file has RemoveDirs set. If so, loop through them and do as requested.
if ($uri.RemoveDirs -is [System.Array] -and $uri.RemoveDirs.Count -eq 0) {
Write-Verbose -Message 'No files to delete after extraction.'
}
elseif ($uri.RemoveDirs -is [System.Array] -and $uri.RemoveDirs.Count -ge 1) {
foreach ($dir in $uri.RemoveDirs) {
# Now we need to construct the absolute path.
$RemovalPath = '{0}\{1}\{2}' -f $ProgramFolder, $uri.UnzipDir, $dir
if (Get-Item -Path $RemovalPath -ErrorAction 'SilentlyContinue') {
Remove-Item -Path $RemovalPath -Recurse -Confirm:$false
}
}
}
else {
Write-Warning -Message ('Invalid RemoveDirs variable for file {0}' -f $uri.uri)
}
}
catch {
$_.Exception.Message | Write-Warning
throw ('Unable to extract {0} to {1}' -f $OutFile, $uri.UnzipDir)
}
# Now remove the download file.
try {
Remove-Item -Path $OutFile -Confirm:$false
}
catch {
$_.Exception.Message | Write-Warning
throw ('Unable to remove {0}' -f $OutFile)
}
# Clear the content, so it'll not spill into the next loop.
$OutFile, $WebRequestArgs, $FileName = $null
}
# Create the java security override.
$Content = 'jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, anon, NULL, include jdk.disabled.namedCurves'
$Content | Out-File -FilePath ('{0}\{1}' -f $ProgramFolder, 'idrac.java.security')
}
elseif ($PSCmdlet.ParameterSetName -eq 'Connect') {
# Make sure, there is the necessary set of tools.
$files = @('bin\java.exe', 'clientlib\avctKVM.jar', 'clientlib\avctKVMIO.dll', 'clientlib\avmWinLib.dll')
foreach ($folder in $folders) {
try {
Get-Item -Path ('{0}\{1}' -f $ProgramFolder, $folder)
}
catch {
$_.Exception.Message | Write-Warning
throw ('Unable to locate {0}\{1}' -f $ProgramFolder, $folder)
}
}
# Check file requisites.
foreach ($file in $files) {
try {
Get-Item -Path ('{0}\{1}' -f $ProgramFolder, $file)
}
catch {
$_.Exception.Message | Write-Warning
throw ('Unable to locate {0}\{1}' -f $ProgramFolder, $file)
}
}
# Do connection stuff here.
try {
$ProcessArgs = @(
'"-Djava.security.properties=idrac.java.security"',
('-cp "{0}\avctKVM.jar" "-Djava.library.path={0}"' -f $libdir),
'com.avocent.idrac.kvm.Main',
('ip="{0}" user="{1}" passwd="{2}"' -f $ServerHost, $Credential.UserName, $Credential.GetNetworkCredential().Password),
'apcp=1 version=2 vmprivilege=true kmport=5900 vport=5900',
('"helpurl=https://{0}:443/help/contents.html"' -f $ServerHost)
)
$proc = Start-Process -FilePath ('"{0}\{1}"' -f $ProgramFolder, 'bin\java.exe') -PassThru -Wait -ArgumentList $ProcessArgs
return $proc
}
catch {
$_.Exception.Message | Write-Warning
throw ('Unable to start iDRAC Remote console.')
}
}
}
end {}
}
This is great work! I think that we are at the level where an actual GitHub project is warranted?
For me this worked almost exactly as documented. The only issues I had are probably the result of my specific version of macos (Big Sur 11.5.2):
- the Java package that worked for me is
jre-7u80-macosx-x64.tar.gz(the server JRE package's Java executable is not compatible with Mac) - macos considers the author of this version of Java to be "untrusted" and will not open it:
- the Open Anyway button in Privacy and Security settings no longer works;
- What does work is:
- Before running the idrac script, run
sudo spctl --master-disable - Now when you run the idrac script, a security dialog will appear with a warning message; it has an Open button that really does allow you to run the script, and it only bothers you the first time you run it.
- Before running the idrac script, run
Once I got through these issues, it now works. Many thanks for the efforts that went into this!
Does anyone have success getting the "Virtual Media" to work for iDrac6? I can connect and get keyboard input and video, but when I tap "Virtual Media -> Launch Virtual Media", I get an error about "The Virtual Media native library cannot be loaded". If someone has it working, can they share the exact version of JRE they have?
Does anyone have success getting the "Virtual Media" to work for iDrac6? I can connect and get keyboard input and video, but when I tap "Virtual Media -> Launch Virtual Media", I get an error about "The Virtual Media native library cannot be loaded". If someone has it working, can they share the exact version of JRE they have?
iDRAC6 on my R510 - working fine.
Using server-jre-7u80-windows-x64
EDIT: sorry just double-checked it and I am getting that same error now but I believe it was working previously, feel free to ignore me. :(
Does anyone have success getting the "Virtual Media" to work for iDrac6? I can connect and get keyboard input and video, but when I tap "Virtual Media -> Launch Virtual Media", I get an error about "The Virtual Media native library cannot be loaded". If someone has it working, can they share the exact version of JRE they have?
This may occur when library file avctKVMIO.dll isn't found or loaded properly e.g. attempting to use 32-bit library with 64-bit JRE. I just tested using both jre-8u212-windows-i586 and jre-8u212-windows-x64 on Windows 10 (pulling down 32-bit and 64-bit library files respectfully), and clicking Virtual Media -> Launch Virtual Media within an iDRAC6 session opens without error for me.
I've been working on a script based on https://gist.github.com/xbb/4fd651c2493ad9284dbcb827dc8886d6?permalink_comment_id=3428052#gistcomment-3428052 that supports both 32-bit and 64-bit Java and tries to detect the iDRAC's version to know which arguments to pass to avctKVM.jar. It's a mess right now and not fully tested, but once it's somewhat cleaned up I will post it here.
I got it to work:
- Installed JRE 7 from Oracle
- Viewed the viewer.jnlp file to get the right .jar files
- Downloaded files manually, renamed to .zip, and extracted them into the proper folder. (avctKVM.jar goes in same folder as console.bat, other .dlls go into /lib folder)
- Edited the console.bat to include IP and username instead of prompting me each time.
The tricky part was trying various platform .jar files till I found one that worked. As @greecemunky said, it was just a matter of finding the right one.
On mac osx big sur, i couldnt manage to make it work with all the instructions properly done and java.security file patched. I downloaded and used jre1.7 as mentioned before. I commented disabledAlgorithms and left it empty, neither way worked as well. I can use the same script to connect on windows using jre1.6.
I still get the following error. Did anybody manage to solve it in big sur+ ?
07/24/2022 11:24:38:487: User login response: 3
java.net.SocketException: Broken pipe
at java.net.SocketOutputStream.socketWrite0(Native Method)
at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:113)
at java.net.SocketOutputStream.write(SocketOutputStream.java:159)
at sun.security.ssl.OutputRecord.writeBuffer(OutputRecord.java:377)
at sun.security.ssl.OutputRecord.write(OutputRecord.java:363)
at sun.security.ssl.SSLSocketImpl.writeRecordInternal(SSLSocketImpl.java:837)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:808)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at java.io.DataOutputStream.flush(DataOutputStream.java:123)
at com.avocent.kvm.c.d.g.b(Unknown Source)
at com.avocent.kvm.c.d.i.run(Unknown Source)
And here is the command:
sudo spctl --master-disable
./jre1.7-mac/Contents/Home/bin/java -cp avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip="10.0.0.100" kmport=5900 vport=5900 user=*** passwd="****" apcp=1 version=2 reconnect=2 vmprivilege=true "helpurl=https://10.0.0.100:443/help/contents.html"
Hi
I'm not on macos but could this be just working directory ambiguity with the lib directory,, i.e.
sudo spctl --master-disable
cd ./jre1.7-mac/Contents/Home
./bin/java -cp avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip="10.0.0.100" kmport=5900 vport=5900 user=*** passwd="****" apcp=1 version=2 reconnect=2 vmprivilege=true "helpurl=https://10.0.0.100:443/help/contents.html"
Alternativey fully qualified lib path
sudo spctl --master-disable
./jre1.7-mac/Contents/Home/bin/java -cp avctKVM.jar -Djava.library.path=./jre1.7-mac/Contents/Home/lib com.avocent.idrac.kvm.Main ip="10.0.0.100" kmport=5900 vport=5900 user=*** passwd="****" apcp=1 version=2 reconnect=2 vmprivilege=true "helpurl=https://10.0.0.100:443/help/contents.html"
Apologies if already checked this is correct directory
@jimfrench I havent tried this yet but i ll check if it works. Though, I don't think this would be the cause because it works until tls connection phase. Thanks for the advice anyway.
@ardabeyazoglu Yes I should have explained my reasoning, it could have been using libraries from the wrong java version, but you might be correct in that it probably wouldn't get that far if so, it would error out sooner than during the connection. Hope someone else can step in good luck.
I tried many different combinations, java versions, etc., and finally discovered that iDRAC 6 is compatible with IE v8 on Win 7 SP1. I downloaded Win 7 SP1 and installed it on a virtual machine. It installs its ActiveX to IE 8 on the first run. Then I put the website on trusted sites. and voila!
:)
For those non java-savvy of us that are reading this and stumped on the Virtual Media/Keyboard capture errors above, you're missing a step;
After downloading avctKVMIOMac64.jar & avctVMMac64.jar from the iDRAC service, unzip them and move to the lib folder. Jar files are just glorified Zips, the real lib treasure is inside
unzip -d avctKVMIOMac64 avctKVMIOMac64.jar
unzip -d avctVMMac64 avctVMMac64.jar
mkdir lib
cp avctKVMIOMac64/libavctKVMIO.jnilib ./lib/
cp avctVMMac64/libavmMac.jnilib ./lib/
Thanks to https://github.com/DaveCorder/ikvm-osx for the java-for-dummies explanation.
Works for me allowing me to connect to the virtual console on my R710. Glad I no longer need to dig out a VGA monitor. Thank you!
I am getting java/lang/NoClassDefFoundError: java/lang/Object anyone else?
Does anyone have this running with the separate Java version so I do not need to modify my Java Config? Ifso can you please share the working files as the things in this thread do not seem to work properly at the time im posting this or if anyone is willing to help me diagnose the issue that is more familiar with Java that would be amazing.
I have 20 Servers we have running IDRAC6 and would like to be able to use the feature but DO NOT want to run a unsecured install of Java if we can start a portable version for this.
Does anyone have this running with the separate Java version so I do not need to modify my Java Config? Ifso can you please share the working files as the things in this thread do not seem to work properly at the time im posting this or if anyone is willing to help me diagnose the issue that is more familiar with Java that would be amazing.
I have 20 Servers we have running IDRAC6 and would like to be able to use the feature but DO NOT want to run a unsecured install of Java if we can start a portable version for this.
Hi, I'm currently using a docker container version which is maintained, and seems to work very well without having to change any java versions manually - it is a "portable version" but dockerised
I was able to connect doing this (iDRAC 6 Enterprise):
- Downloaded this file from Oracle website: server-jre-7u80-windows-x64.tar.gz (https://www.oracle.com/java/technologies/javase/javase7-archive-downloads.html#license-lightbox)
- Created a folder on my drive (C:\idrac)
- Expanded the tar file and copied all content from this directory: .\server-jre-7u80-windows-x64.tar\jdk1.7.0_80\jre\ to C:\idrac\
Here's how my directory ended:
Then I'm using this PowerShell script:
Set-Location -Path C:\idrac
$ServerHost = Read-Host "Type the name of the host that you want to connect to"
$HostPassword = Read-Host "Type the password of the host that you want to connect to"
Write-Host "nDownloading files..." wget.exe -N --no-check-certificate "https://$ServerHost/software/avctKVM.jar" -q wget.exe -N --no-check-certificate "https://$ServerHost/software/avctVMWin64.jar" -P lib -q wget.exe -N --no-check-certificate "https://$ServerHost/software/avctKVMIOWin64.jar" -P lib -q Write-Host "nExpanding files to initiate connection..."
Rename-Item .\lib\avctVMWin64.jar avctVMWin64.zip
Rename-Item .\lib\avctKVMIOWin64.jar avctKVMIOWin64.zip
Expand-Archive .\lib\avctVMWin64.zip -DestinationPath .\lib
Remove-Item .\lib\META-INF -Recurse -Confirm:$False
Expand-Archive .\lib\avctKVMIOWin64.zip -DestinationPath .\lib
Remove-Item .\lib\META-INF -Recurse -Confirm:$False
Remove-Item .\lib*.zip
Start-Process -FilePath .\bin\java -ArgumentList "-cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=$ServerHost kmport=5900 vport=5900 user=root passwd=$HostPassword apcp=1 verison=2 vmprivilege=true 'helpurl=https://$($ServerHost):443/help/contents.html'"
Remove-Item .\lib*.dll
Remove-Item .\avctKVM.jarIt worked without modifying my PC java.security file.
The only problems until now is that I didn't find a way to pass the password using PowerShell in a secure way (I have tried the -AsSecureString), so for now the password is in plain text... =/ And I have tried to use this code to download the files:
Invoke-WebRequest https://$ServerHost/software/avctKVM.jar -OutFile .\avctKVM.jarBut sometimes worked, sometimes don't, I think that I need to initiate the connection first... Meanwhile I'm using wget as other users commented previously.
Anyway, thanks a lot for your time to help a lot of people!!!
JAN 29 2023 / WINDOWS 10: Took your script and made changes to get it to work on my PC.
Steps:
- Downloaded the same JRE you mentioned first from Oracle website
- Created C:\IDRAC and expanded as you suggested
- Created C:\IDRAC\idrac.ps1 file using notepad with the following contents. Notice that I exit before the last 2 remove commands. It works now, I don't have time to spruce it up. WARNING: in my script, Credentials are exposed in the script -- so NOT A SECURE implementation. You can use the prompt based commands from the original poster.
==================
Set-Location -Path C:\idrac
$ServerHost = "192.168.1.92"
$HostPassword = "calvin"
$username = "root"
$password = ConvertTo-SecureString "calvin" -AsPlainText -Force
$psCred = New-Object System.Management.Automation.PSCredential -ArgumentList ($username, $password)
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls, [Net.SecurityProtocolType]::Tls11, [Net.SecurityProtocolType]::Tls12, [Net.SecurityProtocolType]::Ssl3
[Net.ServicePointManager]::SecurityProtocol = "Tls, Tls11, Tls12, Ssl3"
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
Write-Host "`nDownloading files..."
Invoke-WebRequest -Credential $psCred -Uri "https://$ServerHost/software/avctKVM.jar" -outfile "avctKVM.jar"
Invoke-WebRequest -Credential $psCred -Uri "https://$ServerHost/software/avctVMWin64.jar" -outfile "lib\avctVMWin64.jar"
Invoke-WebRequest -Credential $psCred -Uri "https://$ServerHost/software/avctKVMIOWin64.jar" -outfile "lib\avctKVMIOWin64.jar"
Write-Host "`nExpanding files to initiate connection..."
Move-Item -Force .\lib\avctVMWin64.jar avctVMWin64.zip
Move-Item -Force .\lib\avctKVMIOWin64.jar avctKVMIOWin64.zip
Expand-Archive -Force .\lib\avctVMWin64.zip -DestinationPath .\lib
Remove-Item -Force .\lib\META-INF -Recurse -Confirm:$False
Expand-Archive -Force .\lib\avctKVMIOWin64.zip -DestinationPath .\lib
Remove-Item -Force .\lib\META-INF -Recurse -Confirm:$False
Remove-Item -Force .\lib*.zip
&Start-Process -FilePath .\bin\java -ArgumentList "-cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=$ServerHost kmport=5900 vport=5900 user=root passwd=$HostPassword apcp=1 verison=2 vmprivilege=true 'helpurl=https://$($ServerHost):443/help/contents.html'"
exit
Remove-Item .\lib*.dll
Remove-Item .\avctKVM.jar
This is by far the easiest: https://github.com/DomiStyle/docker-idrac6
I was able to connect doing this (iDRAC 6 Enterprise):
Here's how my directory ended:
Then I'm using this PowerShell script:
It worked without modifying my PC java.security file.
The only problems until now is that I didn't find a way to pass the password using PowerShell in a secure way (I have tried the -AsSecureString), so for now the password is in plain text... =/
And I have tried to use this code to download the files:
Invoke-WebRequest https://$ServerHost/software/avctKVM.jar -OutFile .\avctKVM.jarBut sometimes worked, sometimes don't, I think that I need to initiate the connection first...
Meanwhile I'm using wget as other users commented previously.
Anyway, thanks a lot for your time to help a lot of people!!!