Changing multiple drac passwords

HI John,

OME can be used to change DRAC passwords through remote scripts. Scripts need to be written and passed through OME generic command line task.

Other way would be do that used RACADM command line task. The racadm command to change password which has the new password needs to be passed in the text field for command and then select all the DRACs with same password. Provide the current credentials when asked for and you should be good to go.

The only thing to keep in mind is that Dell changed the index of the root user, for DRAC 5 and older the root user is on index 1 and iDRAC 6 and newer the root user is index 2.

Check the manuals at www.dell.com/idracmanuals

The command for DRAC 5 and older:
racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 1

The command for iDRAC 6 and newer:
racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 2

After that, it is necessary to launch new Discovery inventory or just update "Condition" ?

Thank you

Thx Pupul and Martijn.

Much appreciated!! And it's working now!

Batch file is

racadm -r %1 -u %2 -p %3 config -g cfgUserAdmin -o cfgUserAdminPassword -i 2 MyNewPassword!

BTW, When running the new Command Line Task, I have just copied over from another post the switches on the batch file, without really understanding it. (en.community.dell.com/.../20438657)

What does -r 1% refer to??

Thx,

John Bradshaw

Hi John,

Are you using generic CL task or RACADM CL task option in OME? The batscript you are using looks generic to be run from remote racadm tool and -r represents the IP address. You might need to tweak it a bit to accommodate in OME. 

Easier option would be to just use racadm CL task. You will not need to pass any IP address or credentials switch. If you have DRAC5 and iDRAC6 both in your datacenter, then you can have the commands running separately for them by creating two different groups.

Also keep in mind that you can't directly copy from the whitepaper you are referring to, because of Microsoft Word certain characters in the document have been auto replaced like the dashes that will give you weird errors.

Commands explanation

-r = Remote iDRAC
-u = Username remote iDRAC
-p = Password remote iDRAC

-g = Group
-o = Object
-i = Index

Thx guys. Typed in all the commands but they still don't work. I'm going to rebuild the old 2008 box to 2012r2.

======================

On another note, tried running a racadm command to do the same thing but get the following error

racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 2 What2Do

Results:  Exit code:2.
Output from command (stdout): Security Alert: Certificate is invalid - Certificate is not signed by Trusted Third Party
Continuing execution. Use -S option for racadm to stop execution on certificate-related errors.
                                                                          
ERROR: Invalid subcommand specified.

PS...I gather the Enter Remote Access Controller credentials for target actually means enter the CURRENT root password for the target DRAC?

Thx,

John Bradshaw

That is strange, on which model are you running the command and what is the iDRAC firmware version?

This is my output on a R630:

Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.

C:\Windows\system32>racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 2 What2Do
Object value modified successfully

RAC1169: The RACADM "config" command will be deprecated in a
future version of iDRAC firmware. Run the RACADM
"racadm set" command to configure the iDRAC configuration parameters.
For more information on the set command, run the RACADM command
"racadm help set".

The username and password that you specify with -u and -p are indeed the current username and password that you use to connect to a remote iDRAC.

If you are running racadm to configure the local iDRAC on a server you don't need to specify the username and password because you are logged on to the server OS with Administrator or root rights but that is only if the OS is installed bare metal on a server with an iDRAC.

Thx Martjn.

I  think there was a problem with the box I was using for the cert error. I have rebuilt it.

Cheers,

JB

Hi,

How to insert multiple idrac name list in this script 

In our environment we having 550plus dell physical boxes we are changing the idrac password every three months once manually. Please any one help me if you have script.

Thanks

Shalin