Skip to content

Instantly share code, notes, and snippets.

@xbb
Last active March 22, 2024 23:00
Show Gist options
  • Save xbb/4fd651c2493ad9284dbcb827dc8886d6 to your computer and use it in GitHub Desktop.
Save xbb/4fd651c2493ad9284dbcb827dc8886d6 to your computer and use it in GitHub Desktop.
IDRAC6 Virtual Console Launcher
Use this as an example on how to start the virtual console without the need of Java Web Start or accessing it from the web interface.
You can use the user and password that you use for the web interface.
You need an old JRE... I used 1.7.0_80 from the Server JRE package, also I have tested successfully 1.7.0_79 with MacOS.
You don't need to install it, just extract it or copy the files in "jre" folder.
Open the viewer.jnlp file that you get by launching the virtual console from the web interface with a text editor.
Note the urls to the jar files. Download the main jar file avctKVM.jar and the libs for your operating system and architecture.
Extract the dlls (.so Linux, .jnilib MacOS) from the jar libs.
If you don't see the MacOS libs in the file make sure you download it from MacOS.
Edit the bat/sh file according to your needs.
The file structure should look like this:
start-virtual-console.bat (.sh if Linux/MacOS)
avctKVM.jar
jre/<jre home here>
lib/avctKVMIO.dll (.so if Linux, .jnilib if MacOS)
lib/avmWinLib.dll (.so if Linux, .jnilib if MacOS)
@echo off
set /P drachost="Host: "
set /p dracuser="Username: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
$BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
[System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (`%psCommand%`) do set dracpwd=%%p
.\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"
#!/bin/bash
echo -n 'Host: '
read drachost
echo -n 'Username: '
read dracuser
echo -n 'Password: '
read -s dracpwd
echo
./jre/bin/java -cp avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip=$drachost kmport=5900 vport=5900 user=$dracuser passwd=$dracpwd apcp=1 version=2 vmprivilege=true "helpurl=https://$drachost:443/help/contents.html"
@kmarfurt
Copy link

Worked perfectly for me with the ...Win64... files. Many Thanks to everyone!

@dylanmtaylor
Copy link

dylanmtaylor commented Sep 4, 2020

Thank you for this! Works in Arch Linux using the jdk-7u79-linux-x64.tar.gz tarball from https://www.oracle.com/java/technologies/javase/javase7-archive-downloads.html#license-lightbox

@j0mbie
Copy link

j0mbie commented Sep 17, 2020

So, I had to jump through a lot of hoops to get this to work, but it DID work. That said, in case others are having the same issues I had, I'm posting here to tell you what I did. Note that this was on an x64 Windows machine.

  1. Create a folder that you can easily navigate to using the command line. I will use "C:\idracfix" for this example.
  2. Create subdirectories "jre" and "lib" within "C:\idracfix". (In other words, create "C:\idracfix\jre" and "C:\idracfix\lib".)
  3. Create the "start-virtual-console.bat" file that is posted above and put it in your "C:\idracfix" folder.
  4. Download the older version of Java from the Oracle webpage. I used this page to download "Java SE Development Kit 7u80" (jdk-7u80-windows-x64.exe). You will have to create an Oracle account. You may be able to find this same file elsewhere on the internet if you Google for it. If you have a 32-bit system, download the x86 (i586) file instead.
  5. Extract the files from the executable you just downloaded. I used 7-Zip to do this.
  6. You'll end up with a "tools.zip" file. Extract the files from "tools.zip". I again used 7-Zip but since it's a regular .zip file, you can use Windows built-in unzipping/extraction utility.
  7. Put all the files and folders from "tools.zip" into your "C:\idracfix\jre" directory.
  8. Download your "viewer.jnlp" file from your iDRAC by clicking the "Launch" button on the iDRAC System Summary page. It will actually be named something fairly crazy. You can rename it to "viewer.jnlp" if you like, but it doesn't ultimately matter.
  9. Open your "viewer.jnlp" file in a text editor. I used Notepad++ so I could easily double-click the links you'll need from within the file, but regular Notepad works if you don't mind cutting and pasting into a browser.
  10. Find the first "resources" section. There will be a link within it to pull your "avctKVM.jar" file from your iDRAC. Use that link to download your "avctKVM.jar" file, and place it directly in your "C:\idracfix" folder.
  11. In your "viewer.jnlp" file, below the link to your "avctKVM.jar" file, there is more "resources" sections. Look for the one with your OS and architecture. If you're using 32-bit Windows, you want the architecture of "x86", and if you're using 64-bit Windows, you want the architecture of "amd64" or "x86_64". (Those last two should end up linking to the same files.) Using the same process you used to download your "avctKVM.jar", download "avctKVMIOWin64.jar" (32-bit: "avctKVMIOWin32.jar") and "avctVMWin64.jar" (32-bit: "avctVMWin32.jar").
  12. Extract the files from "avctKVMIOWin64.jar" (32-bit: "avctKVMIOWin32.jar") and "avctVMWin64.jar" (32-bit: "avctVMWin32.jar"). I again used 7-Zip for this.
  13. From the resulting files you extracted,, copy the .dll files and paste them in the "C:\idracfix\lib" folder. My .dll files were named "avmWinLib.dll" and "avctKVMIO.dll" but I cannot guarantee that yours will be the same names.
  14. You should now have a file/folder structure similar to this:

C:\idracfix\start-virtual-console.bat
C:\idracfix\avctKVM.jar
C:\idracfix\lib\avmWinLib.dll
C:\idracfix\lib\avctKVMIO.dll
C:\idracfix\jre\(A bunch of files from tools.zip)

  1. Open Command Prompt, as Administrator, and navigate to your "C:\idracfix" folder. ("cd C:\idracfix")
  2. Run the "start-virtual-console.bat" file from within Command Prompt. (Just type in "start-virtual-console.bat" and hit enter.)
  3. Fill in the requested information. However, it is at this point that I got the following error:

Error occurred during initialization of VM
java/lang/NoClassDefFoundError: java/lang/Object

  1. This likely means that various .jar files need to be unpacked. This happens by itself when you run the actual installer, but since we needed to manually extract the files, it didn't happen.
  2. You can do this manually using the below command in Command Prompt from the "C:\idracfix" directory. Thanks go out to MultiplyByZer0 and Rigg802 at this link.

for /r %f in (*.pack) do "jre\bin\unpack200.exe" -r -q "%f" "%~pf%~nf.jar"

  1. Run "start-virtual-console.bat" again from the Command Prompt.
  2. Your iDRAC console should launch successfully this time!

@xsolutions-taylor
Copy link

Worked perfectly when I could not access with JNLP. Legend.

@ismar-baseit
Copy link

@j0mbie:
i did everything like you described but i get following error:
image
can you help me please?
thanks in advance!

@LaurentiuBoblea
Copy link

Here is my batch file for windows 10 (64-bit, but easily changed for 32-bit)... it automatically downloads the jar files and unzips the .dll files if they don't exist so it can use the native dll libraries:

Also, keep in mind if you still have to update the java settings to allow the older TLS to work:
Java location .\jre\lib\security\java.security
Remove SSLv3 and 3DES_EDE_CBC from jdk.tls.disabledAlgorithms, should end up like so:
jdk.tls.disabledAlgorithms=RC4, MD5withRSA, DH keySize < 1024,
EC keySize < 224, DES40_CBC, RC4_40

@echo off

set /P drachost="Host: "
set /p dracuser="Username: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
    $BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
        [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (`%psCommand%`) do set dracpwd=%%p

IF NOT EXIST "avctKVM.jar" (
ECHO Grabbing avctKVM.jar from host...
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVM.jar','.\avctKVM.jar')"
)

IF NOT EXIST "lib" (
ECHO Creating lib directory
mkdir "lib"
)

IF NOT EXIST ".\lib\avmWinLib.dll" (
  IF NOT EXIST ".\lib\avctVMWin64.zip" (
    IF NOT EXIST ".\lib\avctVMWin64.jar" (
      ECHO Grabbing avctKVMWin64.jar from host...
      powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctVMWin64.jar','.\lib\avctVMWin64.jar')"
    )
    ECHO Renaming avctVMWin64.jar to avctVMWin64.zip
    rename ".\lib\avctVMWin64.jar" avctVMWin64.zip
  )
  ECHO Unzipping avctKVMWin64.zip
  powershell Expand-Archive ".\lib\avctVMWin64.zip" -DestinationPath ".\lib"
  rmdir ".\lib\META-INF" /s /q
  erase ".\lib\avctVMWin64.zip" /q
)

IF NOT EXIST ".\lib\avctKVMIO.dll" (
  IF NOT EXIST ".\lib\avctKVMIOWin64.zip" (
    IF NOT EXIST ".\lib\avctKVMIOWin64.jar" (
      ECHO Grabbing avctKVMIOWin64.jar from host...
      powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVMIOWin64.jar','.\lib\avctKVMIOWin64.jar')"
    )
    ECHO Renaming avctKVMIOWin64.jar to avctKVMIOWin64.zip
    rename ".\lib\avctKVMIOWin64.jar" avctKVMIOWin64.zip
  )
  ECHO Unzipping avctKVMIOWin64.zip
  powershell Expand-Archive ".\lib\avctKVMIOWin64.zip" -DestinationPath ".\lib"
  rmdir ".\lib\META-INF" /s /q
  erase ".\lib\avctKVMIOWin64.zip" /q
)

java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

You saved me, this is awesome. Thanks

@Mister-A
Copy link

A thousand thank yous! Finally a solution. I'll mop up the blood, sweat and tears and move on with my life.

@neofutur
Copy link

neofutur commented Nov 5, 2020

worked for me ! many thanks you saved my ass ! its a shame for java and dell we have to do all that to use their sh**ty products !

@raje2411
Copy link

Cool, this help me to access my Dell R620 from my Mac OS.

@almas
Copy link

almas commented Nov 24, 2020

Finally it is worked on Windows 10. Thank you very much guys :) Specially thank you to @j0mbie

@Yamakuzure
Copy link

Hey, thank you very much for your script.
It did not work for a DELL PowerEdge R715 out of the box, but I made it work with the following adaptation:

#!/bin/bash

echo -n 'Host: '
read drachost

echo -n 'Username: '
read dracuser

echo -n 'Password: '
read -s dracpwd
echo

JRE="$HOME/jre-7u79/jdk1.7.0_79/"

$JRE/jre/bin/java \
    -cp $JRE/lib:$JRE/jre/lib:$JRE/lib/avctKVM.jar:$JRE/lib/avctVMLinux64.jar:$JRE/lib/avctKVMIOLinux64.jar \
    -Djava.library.path=$JRE/lib \
    com.avocent.idrac.kvm.Main \
    ip=$drachost  \
    user=$dracuser \
    passwd=$dracpwd \
    kmport=4900 vport=4900 \
    apcp=1 version=2 vmprivilege=true \
    "helpurl=https://$drachost:443/help/contents.html"

As you can see, the kmport and vport are 4900 on my server, not 5900. I got that information out of the jnlp file.

It complained about the native IO lib not working, but keyboard worked just fine despite that complaint.

@Gamer08YT
Copy link

Gamer08YT commented Dec 17, 2020

12/17/2020 02:28:18:947: User login response: 0
Failed to open video connection.
java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.(Unknown Source)
at java.net.Socket.(Unknown Source)
at com.avocent.kvm.b.l.a(Unknown Source)
at com.avocent.kvm.b.l.b(Unknown Source)
at com.avocent.kvm.b.r.z(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.y.run(Unknown Source)

Getting that by running the script :|

@PrestonHack
Copy link

12/17/2020 02:28:18:947: User login response: 0
Failed to open video connection.
java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.(Unknown Source)
at java.net.Socket.(Unknown Source)
at com.avocent.kvm.b.l.a(Unknown Source)
at com.avocent.kvm.b.l.b(Unknown Source)
at com.avocent.kvm.b.r.z(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.y.run(Unknown Source)

Getting that by running the script :|

It is refusing the connection, i'm sure you see that. There isn't much to gain from the error message. I would suggest checking your firewall settings. Or find out why that port if refusing the connection otherwise. It looks like a configuration issue not the software.

@Gamer08YT
Copy link

12/17/2020 02:28:18:947: User login response: 0
Failed to open video connection.
java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.(Unknown Source)
at java.net.Socket.(Unknown Source)
at com.avocent.kvm.b.l.a(Unknown Source)
at com.avocent.kvm.b.l.b(Unknown Source)
at com.avocent.kvm.b.r.z(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.n.a(Unknown Source)
at com.avocent.kvm.b.y.run(Unknown Source)
Getting that by running the script :|

It is refusing the connection, i'm sure you see that. There isn't much to gain from the error message. I would suggest checking your firewall settings. Or find out why that port if refusing the connection otherwise. It looks like a configuration issue not the software.

I have no firewall between my pc and my server...

I used another script from GitHub, and it worked for me, don't know if it relies on my IDrac6 Version...

But thanks for your fast Answer 👍

@PrestonHack
Copy link

Post your version of Java to make sure you are using the right one and maybe someone else has an idea for you.

@Yamakuzure
Copy link

12/17/2020 02:28:18:947: User login response: 0
Failed to open video connection.
java.net.ConnectException: Connection refused: connect

I have no firewall between my pc and my server...

I had this, too, because my server listens on a different port. Got the correct one out of the jnlp file.

@Gamer08YT
Copy link

Thanks for your replies, i think the script has a section were the session between idrac and pc gets started.
I only copied the Java Command because I like to use the script without Input, i know it's not secure but it's only a trashy testserver :)

@lx1
Copy link

lx1 commented Dec 18, 2020

Hi!

I'd like to make a big Thanks!
The method works for me with an iDRAC7 on a T320. The only thing I had to change to make it work with iDRAC7 are the arguments passed to java.exe, which should be the ones listed in the lines in the .jnlp.
My command line for iDRAC7 is below. In particular, if I omit reconnect=2, the console stays in "Reconnecting..." state, then times out.

bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% vm=1 title=idrac-%2C+PowerEdge+T320%2C+User%3A+root user=%dracuser% passwd=%dracpwd% kmport=5900 vport=5900 apcp=1 reconnect=2 chat=1 F1=1 custom=0 scaling=15 minwinheight=100 minwinwidth=100 videoborder=0 version=2 "helpurl=https://%drachost%:443/help/contents.html"

@Durrok
Copy link

Durrok commented Feb 4, 2021

@j0mbie Thank you so much for writing that all out. Worked like a charm.

@patrickmrennie
Copy link

thanks for this, followed the instructions and worked perfectly on win10 64 latest.

@itzsimpl
Copy link

itzsimpl commented May 6, 2021

Thank you! Works like a charm.

Here is my batch file for windows 10 (64-bit, but easily changed for 32-bit)... it automatically downloads the jar files and unzips the .dll files if they don't exist so it can use the native dll libraries:

Also, keep in mind if you still have to update the java settings to allow the older TLS to work:
Java location .\jre\lib\security\java.security
Remove SSLv3 and 3DES_EDE_CBC from jdk.tls.disabledAlgorithms, should end up like so:
jdk.tls.disabledAlgorithms=RC4, MD5withRSA, DH keySize < 1024,
EC keySize < 224, DES40_CBC, RC4_40

@echo off

set /P drachost="Host: "
set /p dracuser="Username: "
set "psCommand=powershell -Command "$pword = read-host 'Enter Password' -AsSecureString ; ^
    $BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pword); ^
        [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /f "usebackq delims=" %%p in (`%psCommand%`) do set dracpwd=%%p

IF NOT EXIST "avctKVM.jar" (
ECHO Grabbing avctKVM.jar from host...
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVM.jar','.\avctKVM.jar')"
)

IF NOT EXIST "lib" (
ECHO Creating lib directory
mkdir "lib"
)

IF NOT EXIST ".\lib\avmWinLib.dll" (
  IF NOT EXIST ".\lib\avctVMWin64.zip" (
    IF NOT EXIST ".\lib\avctVMWin64.jar" (
      ECHO Grabbing avctKVMWin64.jar from host...
      powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctVMWin64.jar','.\lib\avctVMWin64.jar')"
    )
    ECHO Renaming avctVMWin64.jar to avctVMWin64.zip
    rename ".\lib\avctVMWin64.jar" avctVMWin64.zip
  )
  ECHO Unzipping avctKVMWin64.zip
  powershell Expand-Archive ".\lib\avctVMWin64.zip" -DestinationPath ".\lib"
  rmdir ".\lib\META-INF" /s /q
  erase ".\lib\avctVMWin64.zip" /q
)

IF NOT EXIST ".\lib\avctKVMIO.dll" (
  IF NOT EXIST ".\lib\avctKVMIOWin64.zip" (
    IF NOT EXIST ".\lib\avctKVMIOWin64.jar" (
      ECHO Grabbing avctKVMIOWin64.jar from host...
      powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; $WebClient = New-Object System.Net.WebClient ; $WebClient.DownloadFile('https://%drachost%/software/avctKVMIOWin64.jar','.\lib\avctKVMIOWin64.jar')"
    )
    ECHO Renaming avctKVMIOWin64.jar to avctKVMIOWin64.zip
    rename ".\lib\avctKVMIOWin64.jar" avctKVMIOWin64.zip
  )
  ECHO Unzipping avctKVMIOWin64.zip
  powershell Expand-Archive ".\lib\avctKVMIOWin64.zip" -DestinationPath ".\lib"
  rmdir ".\lib\META-INF" /s /q
  erase ".\lib\avctKVMIOWin64.zip" /q
)

java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

@jelewis666
Copy link

I tried what lxi did and I keep getting a connection error. I did set the java (which is version 7u80 x64) with the listed exceptions.
The last part is slightly different because if I used it as is, it kept saying path not found, even when I included the full path. The only difference is the last part is

C:\idrac\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 reconnect=2 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

As described, I set the java security to
jdk.tls.disabledAlgorithms=RC4, MD5withRSA, DH keySize < 1024, EC keySize < 224, DES40_CBC, RC4_40

The error I get is the following (I omitted the login parts)
`KVM/VM Client Version: 5.04.04 (Build 488)
replace numpad
** Max Size: W = 1366 H = 728
** Window Pref Size: W = 1040 H = 823
** Max Size: W = 1366 H = 728
** Window Pref Size: W = 1040 H = 823
ProtocolAPCP.receieveSessionSetup : v1.2 APCP = true
APCP Version = 260

Supported protocols: [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2]

Enabled protocols: [SSLv3, TLSv1]

Supported ciphers: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_
AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128
CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC
SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SH
A, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_EC
DSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AE
S_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_C
BC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_
ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RS
A_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIAT
ION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_C
BC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, S
SL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES
CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EX
PORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPO
RT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL

SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH
_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_an
on_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB
5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, T
LS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5]

Enabled ciphers: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AE
S_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_C
BC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SH
A256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDS
A_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_
128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC
SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_EC
DH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA

WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATIO
N_INFO_SCSV, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC
_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL
_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_C
BC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPO
RT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT
_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SH
A256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_N
ULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon
WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5
WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS
_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5]

Exception in server handshake
java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:196)
at java.net.SocketInputStream.read(SocketInputStream.java:122)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
at sun.security.ssl.InputRecord.read(InputRecord.java:480)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.
java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359
)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343
)
at com.avocent.d.a.a.a(Unknown Source)
at com.avocent.d.a.a.a(Unknown Source)
at com.avocent.d.a.a.c(Unknown Source)
at com.avocent.d.d.b.a(Unknown Source)
at com.avocent.a.b.w.g(Unknown Source)
at com.avocent.a.b.w.a(Unknown Source)
at com.avocent.app.c.l.m(Unknown Source)
at com.avocent.app.c.l.e(Unknown Source)
at com.avocent.idrac.kvm.a.e(Unknown Source)
at com.avocent.idrac.kvm.Main.a(Unknown Source)
at com.avocent.idrac.kvm.Main.main(Unknown Source)
java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:196)
at java.net.SocketInputStream.read(SocketInputStream.java:122)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
at sun.security.ssl.InputRecord.read(InputRecord.java:480)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.
java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359
)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343
)
at com.avocent.d.a.a.a(Unknown Source)
at com.avocent.d.a.a.a(Unknown Source)
at com.avocent.d.a.a.c(Unknown Source)
at com.avocent.d.d.b.a(Unknown Source)
at com.avocent.a.b.w.g(Unknown Source)
at com.avocent.a.b.w.a(Unknown Source)
at com.avocent.app.c.l.m(Unknown Source)
at com.avocent.app.c.l.e(Unknown Source)
at com.avocent.idrac.kvm.a.e(Unknown Source)
at com.avocent.idrac.kvm.Main.a(Unknown Source)
at com.avocent.idrac.kvm.Main.main(Unknown Source)
CoreSessionListener : connection failed
in CoreSessionListner : fireOnSessionStateChanged
KVM session state SESSION_FAILED
KVM session state SESSION_CLOSING
calling clenaup from CloseViewerClient`

This is on Server 2012 R2 and I'm trying to connecto to an iDrac enterprise on a Dell 720.

The method works for me with an iDRAC7 on a T320. The only thing I had to change to make it work with iDRAC7 are the arguments passed to java.exe, which should be the ones listed in the lines in the .jnlp.
My command line for iDRAC7 is below. In particular, if I omit reconnect=2, the console stays in "Reconnecting..." state, then times out.

bin\java -cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=%drachost% vm=1 title=idrac-%2C+PowerEdge+T320%2C+User%3A+root user=%dracuser% passwd=%dracpwd% kmport=5900 vport=5900 apcp=1 reconnect=2 chat=1 F1=1 custom=0 scaling=15 minwinheight=100 minwinwidth=100 videoborder=0 version=2 "helpurl=https://%drachost%:443/help/contents.html"

@lx1
Copy link

lx1 commented May 22, 2021

@jelewis666 : did you put on your java command line all the arguments found in your viewer.jnlp, in the form of key=value? Because your command line seems to lack some arguments I had found in my viewer.jnlp. I remember that omitting some arguments, lead to weird results. HTH, Lux.

@9swampy
Copy link

9swampy commented Aug 25, 2021

Awesome. For the umpteenth time I was jumping through the JavaWS hoops and just couldn't get any of the usual tricks to work. I set the files up in a folder as you described, parameterised the commandline in Remote Desktop Manager and for first time ever now have secure one click access to all my iDracs alongside everything else and using the same credential store. Awesome. Just awesome. Thanks.

@bmatthewshea
Copy link

I had to enable SSLv3 in java, I always got the error "connection failed"
Comment out "jdk.tls.disabledAlgorithms=SSLv3 in /lib/security/java.security

This fixed it for me. too with latest java. Nice to have it in its own folder as a "portable"

Same here.
Added wget to WIndows and added to script-

 echo "Grabbing jar file from host."
 wget.exe -N --no-check-certificate "https://%drachost%/software/avctKVM.jar"

And still didn't work:
Then saw that about SSL3..

Glad I kept reading down this comment thread before I gave up!

@wouterdebruijn
Copy link

Worked perfectly! (Linux)

Used JRE 1.7 extracted from tar.

@vandreytrindade
Copy link

vandreytrindade commented Oct 22, 2021

I was able to connect doing this (iDRAC 6 Enterprise):

Here's how my directory ended:

Directory.png

Then I'm using this PowerShell script:

Set-Location -Path C:\idrac
$ServerHost = Read-Host "Type the name of the host that you want to connect to"
$HostPassword = Read-Host "Type the password of the host that you want to connect to"

Write-Host "`nDownloading files..."
wget.exe -N --no-check-certificate "https://$ServerHost/software/avctKVM.jar" -q
wget.exe -N --no-check-certificate "https://$ServerHost/software/avctVMWin64.jar" -P lib -q
wget.exe -N --no-check-certificate "https://$ServerHost/software/avctKVMIOWin64.jar" -P lib -q

Write-Host "`nExpanding files to initiate connection..."
Rename-Item .\lib\avctVMWin64.jar avctVMWin64.zip
Rename-Item .\lib\avctKVMIOWin64.jar avctKVMIOWin64.zip
Expand-Archive .\lib\avctVMWin64.zip -DestinationPath .\lib
Remove-Item .\lib\META-INF -Recurse -Confirm:$False
Expand-Archive .\lib\avctKVMIOWin64.zip -DestinationPath .\lib
Remove-Item .\lib\META-INF -Recurse -Confirm:$False
Remove-Item .\lib*.zip

Start-Process -FilePath .\bin\java -ArgumentList "-cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=$ServerHost kmport=5900 vport=5900 user=root passwd=$HostPassword apcp=1 verison=2 vmprivilege=true 'helpurl=https://$($ServerHost):443/help/contents.html'"

Remove-Item .\lib*.dll
Remove-Item .\avctKVM.jar

It worked without modifying my PC java.security file.

The only problems until now is that I didn't find a way to pass the password using PowerShell in a secure way (I have tried the -AsSecureString), so for now the password is in plain text... =/
And I have tried to use this code to download the files:

Invoke-WebRequest https://$ServerHost/software/avctKVM.jar -OutFile .\avctKVM.jar

But sometimes worked, sometimes don't, I think that I need to initiate the connection first...
Meanwhile I'm using wget as other users commented previously.

Anyway, thanks a lot for your time to help a lot of people!!!

@lx1
Copy link

lx1 commented Oct 23, 2021

@vandreytrindade: generally, for these old servers, I find it convenient to use an old Java version. I downloaded a portable old java from here https://sourceforge.net/projects/portableapps/files/Java%20Portable/ and I unpack it only when I have to use it. If I remember well, I found jPortable_8_Update_40_Rev_2.paf.exe to behave well with iDRAC 6 and 7.

@vandreytrindade
Copy link

@vandreytrindade: generally, for these old servers, I find it convenient to use an old Java version. I downloaded a portable old java from here https://sourceforge.net/projects/portableapps/files/Java%20Portable/ and I unpack it only when I have to use it. If I remember well, I found jPortable_8_Update_40_Rev_2.paf.exe to behave well with iDRAC 6 and 7.

Thanks!

@ready4droid
Copy link

ready4droid commented Oct 25, 2021 via email

@29039
Copy link

29039 commented Oct 25, 2021

I can't use your script as there is no WinZip.

@tyler56895

Why are you using WinZip. Windows has ZIP built in, powershell, or even the fully free 7-zip. No one needs to be using WinZip anymore in 2020 or 2021, they will sue you for using it in business without paying.

@wizdude
Copy link

wizdude commented Oct 25, 2021

I can't use your script as there is no WinZip.

@tyler56895

Why are you using WinZip. Windows has ZIP built in, powershell, or even the fully free 7-zip. No one needs to be using WinZip anymore in 2020 or 2021, they will sue you for using it in business without paying.

the script uses a specific version of powershell to expand the file, and tyler56895 didn't meet this requirement.

in any event they managed to work around the problem manually the next day and posted to confirm they are all now ok.

@assadniang
Copy link

Hello everyone, I have the remote console working on a dell R710 with the enterprise idrac. Thanks to MathieuW here: https://www.dell.com/community/Systems-Management-General/iDRAC6-Virtual-Console-Connection-Failed/td-p/5144021/page/2

I am running the latest java version as of 10/01/2018. Version 8 Update 181 (build 1.8.0_181-b13)

Go to here or wherever you installed java. C:\Program Files\Java\jre1.8.0_181\lib\security\java.security

Comment out this line in java.security with a # jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, and add the IP address (https://IPhere) and (https://IPhere:443) to the security tab of the java control pannel.

I don't know what security implications this has but it works.

This worked for me
Thank you!

@kbhuinfo
Copy link

Hello everyone, I have the remote console working on a dell R710 with the enterprise idrac. Thanks to MathieuW here: https://www.dell.com/community/Systems-Management-General/iDRAC6-Virtual-Console-Connection-Failed/td-p/5144021/page/2

I am running the latest java version as of 10/01/2018. Version 8 Update 181 (build 1.8.0_181-b13)

Go to here or wherever you installed java. C:\Program Files\Java\jre1.8.0_181\lib\security\java.security

Comment out this line in java.security with a # jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, and add the IP address (https://IPhere) and (https://IPhere:443) to the security tab of the java control pannel.

I don't know what security implications this has but it works.

This worked for me
Thank you!

And for me as well!

@Manit-Chanthavong
Copy link

@lx1 thank that worked for iDrac 7.

@jimfrench
Copy link

jimfrench commented Dec 24, 2021

Hi,
For those concerned about changing global java security settings, they can be overridden on the command line like so:
java -Djava.security.properties=idrac.java.security -cp avctKVM.jar com.avocent.idrac.kvm.Main ip=$IP kmport=$port vport=$port user=$user passwd=$pass apcp=1 version=2 vmprivilege=true "helpurl=https://$IP:443/help/contents.html"

The -D switch uses a file which needs to be created idrac.java.security
e.g.

`#idrac.java.security
#Custom java.security overrides for DELL IDRAC Virtual Console

jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, anon, NULL, include jdk.disabled.namedCurves`

If done correctly this will override this one setting for this one time JVM instance instead of changing global settings, this is much preferred.

Notice also there is only one algorithm which prevents the console from running (at least on my system, java version 14) and that the specific culprit seems to be 3DES_EDE_CBC which is the only flag which needs to be missing from the original list for the JVM to run.

Other operating systems and java versions might need different attention but I hope this helps.

@pinguinfuss
Copy link

pinguinfuss commented Jan 22, 2022

Here's my short little function, to either install the requirements or open the iDRAC session. It assumes, that there's a installed version of 7zip.

function Connect-iDRACRemoteConsole {
    <#
        .SYNOPSIS
            Install and launch a Dell iDRAC Remote console using java.

        .DESCRIPTION
            This function will prepare the necessary files as well as launch (when told to) a Dell iDRAC Remote Console window.

        .PARAMETER ProgramFolder
            Program folder, where files are stored. Will default to: $env:LOCALAPPDATA\Dell iDRAC

        .PARAMETER ServerHost
            Either the FQDN or IP address of a iDRAC system.

        .PARAMETER Credential
            PowerShell credential object, allowing for passing of somewhere else stored credentials.

        .PARAMETER Install
            Using this switch, the function will then download the necessary files, unzip them and remove a few unnecessary files.

        .INPUTS
            [None]

        .OUTPUTS
            [None]

    #>

    [CmdletBinding()]

    Param(
        [Parameter(Mandatory = $false, ParameterSetName = 'Connect')]
        [Parameter(Mandatory = $false, ParameterSetName = 'Install')]
        [string] $ProgramFolder = '{0}\Dell iDRAC' -f $env:LOCALAPPDATA,

        [Parameter(Mandatory = $true, ParameterSetName = 'Connect')]
        [Parameter(Mandatory = $true, ParameterSetName = 'Install')]
        [string] $ServerHost,

        [Parameter(Mandatory = $true, ParameterSetName = 'Connect')]
        [pscredential] $Credential,

        [Parameter(Mandatory = $true, ParameterSetName = 'Install')]
        [switch] $Install
    )

    begin {
        $ErrorActionPreference = 'Stop'
        $InformationPreference = 'Continue'
        $libdir = '{0}\clientlib' -f $ProgramFolder

        if ($PSCmdlet.ParameterSetName -ne 'install') {
            try {
                Set-Location -Path $ProgramFolder
            }
            catch {
                $_.Exception.Message | Write-Warning
                throw ('Unable to change directory to {0}' -f $ProgramFolder)
            }
        }
        elseif ($PSCmdlet.ParameterSetName -eq 'install') {
            $7zipPath = "$env:ProgramFiles\7-Zip\7z.exe"

            if (-not (Test-Path -Path $7zipPath -PathType Leaf)) {
                throw ('7zip file {0} not found' -f $7zipPath)
            }

            Set-Alias 7zip $7zipPath
            $tempdir = '{0}\temp' -f $ProgramFolder
        }
    }

    process {
        if ($PSCmdlet.ParameterSetName -eq 'install') {
            # try and create the program folder.
            try {
                if (-not (Get-Item -Path $ProgramFolder -ErrorAction 'SilentlyContinue')) {
                    New-Item -ItemType 'Directory' -Path $ProgramFolder
                }
                if (-not (Get-Item -Path $libdir -ErrorAction 'SilentlyContinue')) {
                    New-Item -ItemType 'Directory' -Path $libdir
                }

                if (-not (Get-Item -Path $tempdir -ErrorAction 'SilentlyContinue')) {
                    New-Item -ItemType 'Directory' -Path $tempdir
                }
            }
            catch {
                $_.Exception.Message | Write-Warning
                throw ('Unable to create program directory {0}' -f $ProgramFolder)
            }

            # Start the download into the program folder.
            $FileUrls = @(
               [PSCustomObject]@{
                    Uri = 'https://master.dl.sourceforge.net/project/portableapps/Java%20Portable/jPortable64_8_Update_40_Rev_2.paf.exe?viasf=1'
                    FileName = 'jPortable64_8_Update_40_Rev_2.paf.exe'
                    UnzipDir = '\'
                    UnzipParams = ''
                    SkipCertificateCheck = $false
                    SkipUnzip = $false
                    HashAlgorithm = 'SHA256'
                    Hash = 'A4AAC39FC458C3D4E551C08B8896DD1CE3C373C910B0005F4C40485907791E05'
                    RemoveDirs = @('$PLUGINSDIR', 'App', 'Other')
                    RemoveFiles = @('release')
                },
                [PSCustomObject]@{
                    Uri = 'https://{0}/software/avctKVM.jar' -f $ServerHost
                    FileName = 'avctKVM.jar'
                    CopyDir = 'clientlib'
                    SkipUnzip = $true
                    SkipCertificateCheck = $true
                    
                },
                [PSCustomObject]@{
                    Uri = 'https://{0}/software/avctVMWin64.jar' -f $ServerHost
                    FileName = 'avctVMWin64.jar'
                    UnzipDir = 'clientlib'
                    UnzipParams = ''
                    SkipUnzip = $false
                    SkipCertificateCheck = $true
                    RemoveDirs = @('META-INF')
                },
                [PSCustomObject]@{
                    Uri = 'https://{0}/software/avctKVMIOWin64.jar' -f $ServerHost
                    FileName = 'avctKVMIOWin64.jar'
                    UnzipDir = 'clientlib'
                    UnzipParams = ''
                    SkipUnzip = $false
                    SkipCertificateCheck = $true
                    RemoveDirs = @('META-INF')
                }

            )

            # Loop through the file list and download them.
            foreach ($uri in $FileUrls) {
                $OutFile = '{0}\{1}' -f $tempdir, $uri.FileName
                $WebRequestArgs = @{
                    Uri = $uri.uri
                    OutFile = $OutFile
                    UserAgent = [Microsoft.PowerShell.Commands.PSUserAgent]::FireFox
                }
                try {
                    if ($uri.SkipCertificateCheck -eq $true) {
                        add-type @"
                            using System.Net;
                            using System.Security.Cryptography.X509Certificates;
                            public class TrustAllCertsPolicy : ICertificatePolicy {
                                public bool CheckValidationResult(
                                    ServicePoint srvPoint, X509Certificate certificate,
                                    WebRequest request, int certificateProblem) {
                                    return true;
                                }
                            }
"@
<#                        $AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
                        [System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols#>
                        [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
                    }

                    $res = Invoke-WebRequest @WebRequestArgs
                }
                catch {
                    $_.Exception.Message | Write-Warning
                    throw ('Unable to download {0} to {1}' -f $uri.uri, $OutFile)
                }

                # The download finished, now we can make sure, that if HashAlgorithm and Hash have been given to verify them.
                if (-not [string]::IsNullOrWhiteSpace($uri.HashAlgorithm) -and -not [string]::IsNullOrWhiteSpace($uri.Hash)) {
                    # Get a comparsion hash value of the file we've just downloaded.
                    try {
                        $hash = Get-FileHash -Algorithm $uri.HashAlgorithm -Path $OutFile

                        # Now check if the computed hash is the same as the one we got from the file list.
                        if ($hash.Hash -eq $uri.Hash) {
                            Write-Verbose ('Hash values of download {0} matches stored hash value' -f $uri.FileName)
                        }
                        else {
                            Write-Warning -Message ('Hash values of download {0} do not match. Deleting' -f $uri.FileName)
                            Remove-Item -Confirm:$false -Path $OutFile
                        }
                    }
                    catch {
                        $_.Exception.Message | Write-Warning
                        throw ('Failure during hash verification of file {0}' -f $uri.FileName)
                    }
                }

                # Since we've gotten this far, we need to extract the files using 7z.
                try {
                    if ($uri.SkipUnzip -eq $false) {
                        $null = 7zip x -y $uri.UnzipParams ('-o"{0}\{1}"' -f $ProgramFolder, $uri.UnzipDir) "$OutFile"
                    }
                    elseif ($uri.SkipUnzip -eq $true -and -not [string]::IsNullOrEmpty($uri.CopyDir)) {
                        $Destination = '{0}\{1}\{2}' -f $ProgramFolder, $uri.CopyDir, $uri.FileName
                        Copy-Item -Path $OutFile -Destination $Destination -Confirm:$false
                    }

                    # Check if the current file has RemoveDirs set. If so, loop through them and do as requested.
                    if ($uri.RemoveDirs -is [System.Array] -and $uri.RemoveDirs.Count -eq 0) {
                        Write-Verbose -Message 'No files to delete after extraction.'
                    }
                    elseif ($uri.RemoveDirs -is [System.Array] -and $uri.RemoveDirs.Count -ge 1) {
                        foreach ($dir in $uri.RemoveDirs) {
                            # Now we need to construct the absolute path.
                            $RemovalPath = '{0}\{1}\{2}' -f $ProgramFolder, $uri.UnzipDir, $dir
                            
                            if (Get-Item -Path $RemovalPath -ErrorAction 'SilentlyContinue') {
                                Remove-Item -Path $RemovalPath -Recurse -Confirm:$false
                            }
                        }
                    }
                    else {
                        Write-Warning -Message ('Invalid RemoveDirs variable for file {0}' -f $uri.uri)
                    }
                }
                catch {
                    $_.Exception.Message | Write-Warning
                    throw ('Unable to extract {0} to {1}' -f $OutFile, $uri.UnzipDir)
                }

                # Now remove the download file.
                try {
                    Remove-Item -Path $OutFile -Confirm:$false
                }
                catch {
                    $_.Exception.Message | Write-Warning
                    throw ('Unable to remove {0}' -f $OutFile)
                }


                # Clear the content, so it'll not spill into the next loop.
                $OutFile, $WebRequestArgs, $FileName = $null
            }

            # Create the java security override.
            $Content = 'jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, anon, NULL, include jdk.disabled.namedCurves'
            $Content | Out-File -FilePath ('{0}\{1}' -f $ProgramFolder, 'idrac.java.security')
        }
        elseif ($PSCmdlet.ParameterSetName -eq 'Connect') {
            # Make sure, there is the necessary set of tools.
            $files = @('bin\java.exe', 'clientlib\avctKVM.jar', 'clientlib\avctKVMIO.dll', 'clientlib\avmWinLib.dll')

            foreach ($folder in $folders) {
                try {
                    Get-Item -Path ('{0}\{1}' -f $ProgramFolder, $folder)
                }
                catch {
                    $_.Exception.Message | Write-Warning
                    throw ('Unable to locate {0}\{1}' -f $ProgramFolder, $folder)
                }
            }

            # Check file requisites.
            foreach ($file in $files) {
                try {
                    Get-Item -Path ('{0}\{1}' -f $ProgramFolder, $file)
                }
                catch {
                    $_.Exception.Message | Write-Warning
                    throw ('Unable to locate {0}\{1}' -f $ProgramFolder, $file)
                }
            }

            # Do connection stuff here.
            try {
                $ProcessArgs = @(
                    '"-Djava.security.properties=idrac.java.security"',
                    ('-cp "{0}\avctKVM.jar" "-Djava.library.path={0}"' -f $libdir),
                    'com.avocent.idrac.kvm.Main',
                    ('ip="{0}" user="{1}" passwd="{2}"' -f $ServerHost, $Credential.UserName, $Credential.GetNetworkCredential().Password),
                    'apcp=1 version=2 vmprivilege=true kmport=5900 vport=5900',
                    ('"helpurl=https://{0}:443/help/contents.html"' -f $ServerHost)
                )
                $proc = Start-Process -FilePath ('"{0}\{1}"' -f $ProgramFolder, 'bin\java.exe') -PassThru -Wait -ArgumentList $ProcessArgs
                return $proc
            }
            catch {
                $_.Exception.Message | Write-Warning
                throw ('Unable to start iDRAC Remote console.')
            }
        }
    }

    end {}
}

@29039
Copy link

29039 commented Jan 22, 2022

This is great work! I think that we are at the level where an actual GitHub project is warranted?

@TheTaoOfPhil
Copy link

For me this worked almost exactly as documented. The only issues I had are probably the result of my specific version of macos (Big Sur 11.5.2):

  • the Java package that worked for me is jre-7u80-macosx-x64.tar.gz (the server JRE package's Java executable is not compatible with Mac)
  • macos considers the author of this version of Java to be "untrusted" and will not open it:
    • the Open Anyway button in Privacy and Security settings no longer works;
    • What does work is:
      • Before running the idrac script, run sudo spctl --master-disable
      • Now when you run the idrac script, a security dialog will appear with a warning message; it has an Open button that really does allow you to run the script, and it only bothers you the first time you run it.

Once I got through these issues, it now works. Many thanks for the efforts that went into this!

@cepm-nate
Copy link

Does anyone have success getting the "Virtual Media" to work for iDrac6? I can connect and get keyboard input and video, but when I tap "Virtual Media -> Launch Virtual Media", I get an error about "The Virtual Media native library cannot be loaded". If someone has it working, can they share the exact version of JRE they have?

@greecemunky
Copy link

Does anyone have success getting the "Virtual Media" to work for iDrac6? I can connect and get keyboard input and video, but when I tap "Virtual Media -> Launch Virtual Media", I get an error about "The Virtual Media native library cannot be loaded". If someone has it working, can they share the exact version of JRE they have?

This may occur when library file avctKVMIO.dll isn't found or loaded properly e.g. attempting to use 32-bit library with 64-bit JRE. I just tested using both jre-8u212-windows-i586 and jre-8u212-windows-x64 on Windows 10 (pulling down 32-bit and 64-bit library files respectfully), and clicking Virtual Media -> Launch Virtual Media within an iDRAC6 session opens without error for me.

I've been working on a script based on https://gist.github.com/xbb/4fd651c2493ad9284dbcb827dc8886d6?permalink_comment_id=3428052#gistcomment-3428052 that supports both 32-bit and 64-bit Java and tries to detect the iDRAC's version to know which arguments to pass to avctKVM.jar. It's a mess right now and not fully tested, but once it's somewhat cleaned up I will post it here.

@cepm-nate
Copy link

I got it to work:

  • Installed JRE 7 from Oracle
  • Viewed the viewer.jnlp file to get the right .jar files
  • Downloaded files manually, renamed to .zip, and extracted them into the proper folder. (avctKVM.jar goes in same folder as console.bat, other .dlls go into /lib folder)
  • Edited the console.bat to include IP and username instead of prompting me each time.

The tricky part was trying various platform .jar files till I found one that worked. As @greecemunky said, it was just a matter of finding the right one.

@ardabeyazoglu
Copy link

On mac osx big sur, i couldnt manage to make it work with all the instructions properly done and java.security file patched. I downloaded and used jre1.7 as mentioned before. I commented disabledAlgorithms and left it empty, neither way worked as well. I can use the same script to connect on windows using jre1.6.

I still get the following error. Did anybody manage to solve it in big sur+ ?

07/24/2022 11:24:38:487:  User login response: 3
java.net.SocketException: Broken pipe
	at java.net.SocketOutputStream.socketWrite0(Native Method)
	at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:113)
	at java.net.SocketOutputStream.write(SocketOutputStream.java:159)
	at sun.security.ssl.OutputRecord.writeBuffer(OutputRecord.java:377)
	at sun.security.ssl.OutputRecord.write(OutputRecord.java:363)
	at sun.security.ssl.SSLSocketImpl.writeRecordInternal(SSLSocketImpl.java:837)
	at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:808)
	at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122)
	at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
	at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
	at java.io.DataOutputStream.flush(DataOutputStream.java:123)
	at com.avocent.kvm.c.d.g.b(Unknown Source)
	at com.avocent.kvm.c.d.i.run(Unknown Source)

And here is the command:

sudo spctl --master-disable

./jre1.7-mac/Contents/Home/bin/java -cp avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip="10.0.0.100" kmport=5900 vport=5900 user=*** passwd="****" apcp=1 version=2 reconnect=2 vmprivilege=true "helpurl=https://10.0.0.100:443/help/contents.html"

@jimfrench
Copy link

jimfrench commented Jul 24, 2022

Hi
I'm not on macos but could this be just working directory ambiguity with the lib directory,, i.e.

sudo spctl --master-disable
cd ./jre1.7-mac/Contents/Home

./bin/java -cp avctKVM.jar -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip="10.0.0.100" kmport=5900 vport=5900 user=*** passwd="****" apcp=1 version=2 reconnect=2 vmprivilege=true "helpurl=https://10.0.0.100:443/help/contents.html"

Alternativey fully qualified lib path

sudo spctl --master-disable

./jre1.7-mac/Contents/Home/bin/java -cp avctKVM.jar -Djava.library.path=./jre1.7-mac/Contents/Home/lib com.avocent.idrac.kvm.Main ip="10.0.0.100" kmport=5900 vport=5900 user=*** passwd="****" apcp=1 version=2 reconnect=2 vmprivilege=true "helpurl=https://10.0.0.100:443/help/contents.html"

Apologies if already checked this is correct directory

@ardabeyazoglu
Copy link

@jimfrench I havent tried this yet but i ll check if it works. Though, I don't think this would be the cause because it works until tls connection phase. Thanks for the advice anyway.

@jimfrench
Copy link

@ardabeyazoglu Yes I should have explained my reasoning, it could have been using libraries from the wrong java version, but you might be correct in that it probably wouldn't get that far if so, it would error out sooner than during the connection. Hope someone else can step in good luck.

@alatas
Copy link

alatas commented Sep 19, 2022

I tried many different combinations, java versions, etc., and finally discovered that iDRAC 6 is compatible with IE v8 on Win 7 SP1. I downloaded Win 7 SP1 and installed it on a virtual machine. It installs its ActiveX to IE 8 on the first run. Then I put the website on trusted sites. and voila!

@jimfrench
Copy link

:)

@brad82
Copy link

brad82 commented Nov 18, 2022

For those non java-savvy of us that are reading this and stumped on the Virtual Media/Keyboard capture errors above, you're missing a step;

After downloading avctKVMIOMac64.jar & avctVMMac64.jar from the iDRAC service, unzip them and move to the lib folder. Jar files are just glorified Zips, the real lib treasure is inside

unzip -d avctKVMIOMac64 avctKVMIOMac64.jar
unzip -d avctVMMac64 avctVMMac64.jar
mkdir lib
cp avctKVMIOMac64/libavctKVMIO.jnilib ./lib/
cp avctVMMac64/libavmMac.jnilib ./lib/

Thanks to https://github.com/DaveCorder/ikvm-osx for the java-for-dummies explanation.

@jamesjguthrie
Copy link

Works for me allowing me to connect to the virtual console on my R710. Glad I no longer need to dig out a VGA monitor. Thank you!

@f3rr311
Copy link

f3rr311 commented Jan 27, 2023

I am getting java/lang/NoClassDefFoundError: java/lang/Object anyone else?

@f3rr311
Copy link

f3rr311 commented Jan 28, 2023

Does anyone have this running with the separate Java version so I do not need to modify my Java Config? Ifso can you please share the working files as the things in this thread do not seem to work properly at the time im posting this or if anyone is willing to help me diagnose the issue that is more familiar with Java that would be amazing.

I have 20 Servers we have running IDRAC6 and would like to be able to use the feature but DO NOT want to run a unsecured install of Java if we can start a portable version for this.

@jimfrench
Copy link

jimfrench commented Jan 29, 2023

Does anyone have this running with the separate Java version so I do not need to modify my Java Config? Ifso can you please share the working files as the things in this thread do not seem to work properly at the time im posting this or if anyone is willing to help me diagnose the issue that is more familiar with Java that would be amazing.

I have 20 Servers we have running IDRAC6 and would like to be able to use the feature but DO NOT want to run a unsecured install of Java if we can start a portable version for this.

Hi, I'm currently using a docker container version which is maintained, and seems to work very well without having to change any java versions manually - it is a "portable version" but dockerised

https://hub.docker.com/r/domistyle/idrac6/

@cliffmathew
Copy link

I was able to connect doing this (iDRAC 6 Enterprise):

Here's how my directory ended:

Directory.png

Then I'm using this PowerShell script:

Set-Location -Path C:\idrac
$ServerHost = Read-Host "Type the name of the host that you want to connect to"
$HostPassword = Read-Host "Type the password of the host that you want to connect to"
Write-Host "nDownloading files..." wget.exe -N --no-check-certificate "https://$ServerHost/software/avctKVM.jar" -q wget.exe -N --no-check-certificate "https://$ServerHost/software/avctVMWin64.jar" -P lib -q wget.exe -N --no-check-certificate "https://$ServerHost/software/avctKVMIOWin64.jar" -P lib -q Write-Host "nExpanding files to initiate connection..."
Rename-Item .\lib\avctVMWin64.jar avctVMWin64.zip
Rename-Item .\lib\avctKVMIOWin64.jar avctKVMIOWin64.zip
Expand-Archive .\lib\avctVMWin64.zip -DestinationPath .\lib
Remove-Item .\lib\META-INF -Recurse -Confirm:$False
Expand-Archive .\lib\avctKVMIOWin64.zip -DestinationPath .\lib
Remove-Item .\lib\META-INF -Recurse -Confirm:$False
Remove-Item .\lib*.zip
Start-Process -FilePath .\bin\java -ArgumentList "-cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=$ServerHost kmport=5900 vport=5900 user=root passwd=$HostPassword apcp=1 verison=2 vmprivilege=true 'helpurl=https://$($ServerHost):443/help/contents.html'"
Remove-Item .\lib*.dll
Remove-Item .\avctKVM.jar

It worked without modifying my PC java.security file.

The only problems until now is that I didn't find a way to pass the password using PowerShell in a secure way (I have tried the -AsSecureString), so for now the password is in plain text... =/ And I have tried to use this code to download the files:

Invoke-WebRequest https://$ServerHost/software/avctKVM.jar -OutFile .\avctKVM.jar

But sometimes worked, sometimes don't, I think that I need to initiate the connection first... Meanwhile I'm using wget as other users commented previously.

Anyway, thanks a lot for your time to help a lot of people!!!

JAN 29 2023 / WINDOWS 10: Took your script and made changes to get it to work on my PC.
Steps:

  • Downloaded the same JRE you mentioned first from Oracle website
  • Created C:\IDRAC and expanded as you suggested
  • Created C:\IDRAC\idrac.ps1 file using notepad with the following contents. Notice that I exit before the last 2 remove commands. It works now, I don't have time to spruce it up. WARNING: in my script, Credentials are exposed in the script -- so NOT A SECURE implementation. You can use the prompt based commands from the original poster.

==================
Set-Location -Path C:\idrac
$ServerHost = "192.168.1.92"
$HostPassword = "calvin"

$username = "root"
$password = ConvertTo-SecureString "calvin" -AsPlainText -Force
$psCred = New-Object System.Management.Automation.PSCredential -ArgumentList ($username, $password)

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls, [Net.SecurityProtocolType]::Tls11, [Net.SecurityProtocolType]::Tls12, [Net.SecurityProtocolType]::Ssl3
[Net.ServicePointManager]::SecurityProtocol = "Tls, Tls11, Tls12, Ssl3"
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy

Write-Host "`nDownloading files..."
Invoke-WebRequest -Credential $psCred -Uri "https://$ServerHost/software/avctKVM.jar" -outfile "avctKVM.jar"
Invoke-WebRequest -Credential $psCred -Uri "https://$ServerHost/software/avctVMWin64.jar" -outfile "lib\avctVMWin64.jar"
Invoke-WebRequest -Credential $psCred -Uri "https://$ServerHost/software/avctKVMIOWin64.jar" -outfile "lib\avctKVMIOWin64.jar"

Write-Host "`nExpanding files to initiate connection..."
Move-Item -Force .\lib\avctVMWin64.jar avctVMWin64.zip
Move-Item -Force .\lib\avctKVMIOWin64.jar avctKVMIOWin64.zip
Expand-Archive -Force .\lib\avctVMWin64.zip -DestinationPath .\lib
Remove-Item -Force .\lib\META-INF -Recurse -Confirm:$False
Expand-Archive -Force .\lib\avctKVMIOWin64.zip -DestinationPath .\lib
Remove-Item -Force .\lib\META-INF -Recurse -Confirm:$False
Remove-Item -Force .\lib*.zip

&Start-Process -FilePath .\bin\java -ArgumentList "-cp avctKVM.jar -Djava.library.path=.\lib com.avocent.idrac.kvm.Main ip=$ServerHost kmport=5900 vport=5900 user=root passwd=$HostPassword apcp=1 verison=2 vmprivilege=true 'helpurl=https://$($ServerHost):443/help/contents.html'"
exit
Remove-Item .\lib*.dll
Remove-Item .\avctKVM.jar

@ElanHasson
Copy link

This is by far the easiest: https://github.com/DomiStyle/docker-idrac6

@NoahDar
Copy link

NoahDar commented Apr 28, 2023

For those non java-savvy of us that are reading this and stumped on the Virtual Media/Keyboard capture errors above, you're missing a step;

After downloading avctKVMIOMac64.jar & avctVMMac64.jar from the iDRAC service, unzip them and move to the lib folder. Jar files are just glorified Zips, the real lib treasure is inside

unzip -d avctKVMIOMac64 avctKVMIOMac64.jar
unzip -d avctVMMac64 avctVMMac64.jar
mkdir lib
cp avctKVMIOMac64/libavctKVMIO.jnilib ./lib/
cp avctVMMac64/libavmMac.jnilib ./lib/

Thanks to https://github.com/DaveCorder/ikvm-osx for the java-for-dummies explanation.

Thank you for this!! I was able to do the same for my Linux running Debian 11.

I unzipped the two files:

avctKVMIOLinux64.jar
avctVMLinux64.jar

Then I copied the two extracted files over to jdk1.7.0_80_x64/lib folder:

libavctKVMIO.so
libavmlinux.so

Boom it worked!

@thirdwheel
Copy link

thirdwheel commented Dec 13, 2023

Has anyone had any luck doing this with iDRAC 8? Even after downloading the relevant libraries and removing all disabled algorithms, I'm not having any luck. Output below:

KVM/VM Client Version: 5.04.04 (Build 488)
Dec 13, 2023 12:20:43 PM java.util.prefs.WindowsPreferences <init>
WARNING: Could not open/create prefs root node Software\JavaSoft\Prefs at root 0x80000002. Windows RegCreateKeyEx(...) returned error code 5.
replace numpad
** Max Size: W = 1920 H = 1032
** Window Pref Size: W = 1040 H = 823
** Max Size: W = 1920 H = 1032
** Window Pref Size: W = 1040 H = 823
ProtocolAPCP.receieveSessionSetup : v1.2 APCP = true
APCP Version = 260

Supported protocols: [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2]

Enabled protocols: [SSLv3, TLSv1]

Supported ciphers: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_anon_WITH_RC4_128_SHA, SSL_DH_anon_WITH_RC4_128_MD5, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_DH_anon_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_RC4_128_SHA, TLS_KRB5_WITH_RC4_128_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5, TLS_KRB5_EXPORT_WITH_RC4_40_SHA, TLS_KRB5_EXPORT_WITH_RC4_40_MD5]

Enabled ciphers: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_anon_WITH_RC4_128_SHA, SSL_DH_anon_WITH_RC4_128_MD5, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_DH_anon_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_RC4_128_SHA, TLS_KRB5_WITH_RC4_128_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5, TLS_KRB5_EXPORT_WITH_RC4_40_SHA, TLS_KRB5_EXPORT_WITH_RC4_40_MD5]

Exception in server handshake
java.net.SocketException: Connection reset
        at java.net.SocketInputStream.read(SocketInputStream.java:196)
        at java.net.SocketInputStream.read(SocketInputStream.java:122)
        at sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
        at sun.security.ssl.InputRecord.read(InputRecord.java:480)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
        at com.avocent.d.a.a.a(Unknown Source)
        at com.avocent.d.a.a.a(Unknown Source)
        at com.avocent.d.a.a.c(Unknown Source)
        at com.avocent.d.d.b.a(Unknown Source)
        at com.avocent.a.b.w.g(Unknown Source)
        at com.avocent.a.b.w.a(Unknown Source)
        at com.avocent.app.c.l.m(Unknown Source)
        at com.avocent.app.c.l.e(Unknown Source)
        at com.avocent.idrac.kvm.a.e(Unknown Source)
        at com.avocent.idrac.kvm.Main.a(Unknown Source)
        at com.avocent.idrac.kvm.Main.main(Unknown Source)
java.net.SocketException: Connection reset
        at java.net.SocketInputStream.read(SocketInputStream.java:196)
        at java.net.SocketInputStream.read(SocketInputStream.java:122)
        at sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
        at sun.security.ssl.InputRecord.read(InputRecord.java:480)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
        at com.avocent.d.a.a.a(Unknown Source)
        at com.avocent.d.a.a.a(Unknown Source)
        at com.avocent.d.a.a.c(Unknown Source)
        at com.avocent.d.d.b.a(Unknown Source)
        at com.avocent.a.b.w.g(Unknown Source)
        at com.avocent.a.b.w.a(Unknown Source)
        at com.avocent.app.c.l.m(Unknown Source)
        at com.avocent.app.c.l.e(Unknown Source)
        at com.avocent.idrac.kvm.a.e(Unknown Source)
        at com.avocent.idrac.kvm.Main.a(Unknown Source)
        at com.avocent.idrac.kvm.Main.main(Unknown Source)
CoreSessionListener : connection failed
in CoreSessionListner : fireOnSessionStateChanged
 KVM session state SESSION_FAILED
 KVM session state SESSION_CLOSING
calling clenaup from CloseViewerClient

@bmatthewshea
Copy link

@thirdwheel

From what I see:

  1. An error with windows registry. Not sure if this is hindering java functioning, though.

  2. Protocol issue?
    Supported protocols: [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2]
    Enabled protocols: [SSLv3, TLSv1]
    IIRC, idrac 8 needs TLSv1.1 enabled. I could be wrong about that.

@thirdwheel
Copy link

@bmatthewshea

Looks like tls1.2 is being used. I couldn't see how to enable tls1.2 in java 1.7, so I brought in OpenJRE 8, and I got in.

Thanks for the insight, I completely missed this in the log.

@bmatthewshea
Copy link

bmatthewshea commented Dec 18, 2023

@thirdwheel

Looks like tls1.2 is being used. I couldn't see how to enable tls1.2 in java 1.7, so I brought in OpenJRE 8, and I got in.

Thanks for the insight, I completely missed this in the log.

NP. Glad I could help!

@mduregon
Copy link

mduregon commented Feb 3, 2024

you can also avoid using Java and launch the HTML5 console ...

How to Launch the Integrated Dell Remote Access Controller (iDRAC) Virtual Console

Summary: The iDRAC virtual console can be launched using a web interface or URL.

@bmatthewshea
Copy link

bmatthewshea commented Feb 3, 2024

@mduregon - It doesn't work for me on v6. It probably is only supported on v7-9 - of course they fail to mention this in that article..

@Tampa
Copy link

Tampa commented Feb 27, 2024

The jar starts and sets some variables, but then says connection failed for the session state.

Update: Adding a idrac.java.security as described above did the trick, guess just removing TLS1 from disabled isn't enough

@SentientUmaru
Copy link

SentientUmaru commented Mar 22, 2024

Hello guys, I'm having issues using the script and I'm having errors trying to connect to an idrac6.

03/22/2024 03:52:18:067:  User login response: 3
java.net.SocketException: Connection reset by peer: socket write error
        at java.net.SocketOutputStream.socketWrite0(Native Method)
        at java.net.SocketOutputStream.socketWrite(Unknown Source)
        at java.net.SocketOutputStream.write(Unknown Source)
        at sun.security.ssl.OutputRecord.writeBuffer(Unknown Source)
        at sun.security.ssl.OutputRecord.write(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.writeRecordInternal(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source)
        at sun.security.ssl.AppOutputStream.write(Unknown Source)
        at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
        at java.io.BufferedOutputStream.flush(Unknown Source)
        at java.io.DataOutputStream.flush(Unknown Source)
        at com.avocent.kvm.c.d.g.b(Unknown Source)
        at com.avocent.kvm.c.d.i.run(Unknown Source)

With a popup saying, "Login failed, possibly due to slow connection."
For reference, Here's what i have.
On Windows 11, Folder structure

  • jre(1.7.0_80)
  • avctKVM
  • start-virtual-console.bat
  • jre/lib - avctKVMIO.dll & avmWinLib.dll
    Here's what my bat file has, .\jre\bin\java -cp avctKVM.jar -Djava.library.path=.\jre\lib com.avocent.idrac.kvm.Main ip=%drachost% kmport=5900 vport=5900 user=%dracuser% passwd=%dracpwd% apcp=1 version=2 vmprivilege=true "helpurl=https://%drachost%:443/help/contents.html"

I have tried the other solutions provided in the comments except for the docker ones and none of them have worked for me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment