Skip to content

Using iDRAC 6 in 2021

Queue index.wma, we’re going back to 2008. I’ve been blessed with 3 Dell PowerEdge Servers (R710x2, T610). They’re not very fancy but they perform beautifully. Each server is equipped with an iDRAC 6 Enterprise card which I can use to access the servers remotely.

Unfortunately, they’re about 10 years old and use deprecated encryption algorithms and a funky Java WebStart (JWS) remote console. Any modern operating system will have short luck when attempting to get to the virtual console. I’m sure it’s possible, but realistically – how much time do you really want to spend screwing around with Java just so you can RC your server?

Versions

I will be referring to various software through this post, I would for context like to share with you the versions that I am running:

  • Ubuntu 21.04 (Linux Kernel 5.11.41) [Host Computer]
  • Firefox 95.0+build1-0ubuntu0.21.04.1 [Host Computer]
  • OpenJDK 17.0.1+12-Ubuntu-121.04 [Host Computer]
  • ipmitool version 1.8.18 [Host Computer]
  • iDRAC 6 2.92 (Build 05) [Dell PowerEdge R710]
  • ActiveX iDRAC6 VC 1.5 (Build 1.2.5.79) [Dell PowerEdge R710]
  • Windows XP Professional 5.1 (Build 2600.xpsp.080413-2111: SP3) [Local Guest VM]
  • Internet Explorer 6.0.2990.5512.xpsp.080413-2111 [Local Guest VM]

Virtual Console

There are two methods of accessing the iDRAC 6 Virtual Console; Java Web Start (javaws), or ol’ reliable ActiveX. I’ve found the easiest and most reliable method is to simply use ActiveX running within a Windows XP virtual machine on your local desktop.

Javaws appears to work once you get Java to ignore the millions of security issues and deprecated encryption algorithms. You will only be able to stream video, I could never get Mouse/Keyboard input to work and since have given up. Who knows, you may be luckier than I.

Using Windows XP

I first downloaded a copy of Windows XP from the Internet Archive and installed it into a VirtualBox VM, there are countless guides online if you require assistance on how to do this. You’ll also need to acquire a Activation Key or Licence from a legitimate source 😉

Configuring IE 6

Once you’ve got that all squared away, launch Internet Explorer and attempt to navigate to iDRAC’s webpage. If you are met with an error message from IE, try enabling TLS v1.0 in Tools > Internet Options > Advanced > Security > Use TLS 1.0.

While were in the Advanced tab, let’s also allow software to run even if the signature is invalid. In this case, iDRAC’s certificate will likely be out of date. In the Advanced tab, under security, check “Allow software to run or install even if the signature is invalid”.

Next, let’s add this server to our “Trusted sites” web content zone in Internet Explorer. Within Internet Options again, go to the Security tab and click “Trusted sites”, then “Sites”, and add the IP Address, hostname, domain name, or FQDN of your equipment.

Configuring iDRAC

Finally, lets login to iDRAC and go to the Console/Media tab at the top, then the Configuration tab. Set “Enabled”, set the “Plug-in Type” to “Native”, then click “Apply”. Jump back to the “Virtual Console and Virtual Media” tab, then click “Launch Virtual Console”.

A new window will pop-up, give it a moment and IE will present a warning – “To help protect your security, Internet Explorer stopped this site from installing an ActiveX control on your computer. Since we trust this server on our local network – click here for options”. Click the dialogue and then “Install ActiveX Control”.

Then, a security warning will pop-up saying “The publisher could not be verified”. Because we’ve allowed IE to install software with invalid certificates, we can click the “Install” button.

With luck, you should not be in your server! I’ve tested this with a clean install of Windows XP, so I hope I’ve covered all the steps. If not – the internet is your friend! Just copy the error message into your search engine of choice. Best of luck!

Intelligent Platform Management Interface (IMPI)

IPMI, otherwise known as Out-Of-Band-Management, is a way of remotely managing and monitoring a server. iDRAC is simply Dell’s name for IPMI, as is iLO to HPE, it’s all IPMI. The HTTP site you’re using to access iDRAC is in itself a management interface. Though it doesn’t have to be through HTTP. There are ways of managing your server programatically or through a shell.

Programatically Python

If you’re looking to develop something to access your server programatically, there are a couple neat Python libraries to assist you. One neat one I’ve seen is Python-IPMI on GitHub. The README offers some insight on how to use it.

Shell

If you’re in the mood for some BASH, ipmitool will work well.

I suggest that you create another account in iDRAC before using this tool, rather than authenticating as root. This can be done in iDRAC Settings > Network/Security > Users > [Avail. User ID] > Configure User. Enable and configure the user, and set it’s role to “Read-Only”.

[email protected]:~$ sudo apt install ipmitool
[email protected]:~$ ipmitool -I lanplus -H 10.20.30.40 -U ipmiRO -P secretpasswd sdr elist all
Temp             | 01h | ns  |  3.1 | Disabled
Temp             | 02h | ns  |  3.2 | Disabled
Temp             | 05h | ns  | 10.1 | Disabled
Temp             | 06h | ns  | 10.2 | Disabled
Ambient Temp     | 0Eh | ok  |  7.1 | 20 degrees C

IPMITool can be used over different interfaces, but most commonly over LAN. For this, we select lanplus, which supports IPMI v2.0 RMCP+. You can use USB, Serial, Intel IMB, or the Linux OpenIMPI Interface. Select the interface with the -I switch.

To print sensor data, we use the sdr command. list prints the Sensor Data Records (SDR), but if we do elist it will also print the sensor number. After this, we use the all type to print all the SDR records.

For further information on how to operate ipmitool, read the man page with man ipmitool.

Leave a Reply

Your email address will not be published. Required fields are marked *