Thursday, September 23, 2010

Reset Administrator password from HP Virtual Connect and Onbord Administrator

If you have some guys which makes fun to change password on a virtual connect there is a procedure to reset administrator password to it original setting.

This procedure comes from c00865618.pdf file page 28 HP Virtual Connect for c-Class BladeSystem User Guide

Resetting the Administrator password and DNS settings
-----------------------------------------------------
If the system maintenance switch 1 is in the ON position on a VC-Enet module, the firmware restores the Administrator account password and DNS settings to the original factory defaults as found on the module label (without disturbing any other local user accounts), and also displays the password on the VC-Enet module management console. For information on accessing the VC-Enet module management console, see the OA user guide. The default password is no longer displayed after switch 1 is in the OFF position.

Password restoration is done during each power-up sequence while switch 1 is in the ON position (and reserved switches are in the OFF position) and does not allow changes until the switch is placed back into the OFF position. For switch locations, see the appropriate system maintenance switch ("HP 1/10Gb VCEnet Module system maintenance switch" on page 15, "HP 1/10Gb-F VC-Enet Module system maintenance switch" on page 18, "HP Virtual Connect Flex-10 10Gb Ethernet Module system maintenance switch" on page 22).
After switch 1 is returned to the OFF position, users with appropriate privileges can then change the Administrator password.
Only reset the password on the module running the Virtual Connect Manager (and/or its backup), and not other modules in the domain.



The recommended password recovery procedure is as follows:

1. Remove the Virtual Connect Ethernet module from interconnect bay 1.

2. Remove the access panel from the Virtual Connect Ethernet module.

3. Set switch 1 to the ON position. Ensure that all other switches remain in the OFF position.

4. Install the access panel.

5. Insert the Virtual Connect Ethernet module into bay 1 and allow the module to power up and reach a fully booted and operational state (approximately 1 minute).

6. Remove the Virtual Connect Ethernet module from interconnect bay 2.
This causes interconnect bay 1 to become the module running the active VC Manager. Because switch 1 is set, the Administrator password remains at the factory default for interconnect bay 1 (not overwritten by the change of state because of the failover).

7. Wait to ensure that the VC Manager has had time to become active on interconnect bay 1. Log into the VC Manager to confirm it is up and functional on interconnect bay 1.

8. Insert the Virtual Connect Ethernet module into interconnect bay 2 and allow the module to power on and reach a fully booted and operational state (approximately 1 minute).

9. Remove the Virtual Connect Ethernet module from interconnect bay 1.

10. Remove the access panel from the Virtual Connect Ethernet module.

11. Set switch 1 to the OFF position. Ensure that all other switches remain in the OFF position.

12. Install the access panel.

13. Insert the Virtual Connect Ethernet module into interconnect bay 1 and allow the module to power up and reach a fully booted and operation state (approximately 1 minute).

14. Log into the VC Manager using the factory default user name and password to log in to the module (regardless of whether it is running on the module







[EDIT MARCH 12 2012] FOR ONBOARD ADMINISTRATOR

FOR OA this link http://h30499.www3.hp.com/t5/HP-BladeSystem-Management/Resetting-the-Onboard-Administrator-password/td-p/2304569 explain how to do on OA
I re-copy it for everyone:


Brian had an Onboard Administrator question:
**********************
I have two chassis were the customer has lost the passwords. They are not set to the default. Does anyone have password recovery procedures. Downtime and configuration is not any concern as this is a new install.
**********************
Bill had the process down:
********************
From the OA 3.10 user Guide, page 19...

Recovering the administrator password

If the administrator password has been lost, you can reset the administrator password to the factory default that shipped on the tag with the Onboard Administrator module. The Onboard Administrator resets a lost password to Lost Password/Flash Disaster Recovery (LP/FDR) mode. To recover the password and reset the administrator password to the factory default:

1. Connect a computer to the serial port of the Active Onboard Administrator using a null-modem cable.

2. With a null-modem cable (9600 N, 8, 1, VT100, locally connect to the Onboard Administrator).

3. Open HyperTerminal (in Microsoft(r) Windows(r)) or a suitable terminal window (in Linux), and then connect to the Active Onboard Administrator.

4. Press and hold in the Onboard Administrator reset button for 5 seconds.

5. To boot the system into Lost Password modem Press L. The password appears as the system reboots.

************************
from Ken:

*********************

I prefer to use a script on a thumb drive to recover lost OA passwords. I’ve attached 2 scripts. ResetPW resets the “Administrator” account password to “password”. The OA-Add-admin script adds use “admin” password “hpinvent” to the OA, and all ILOs in the enclosure.

To run the scripts:

Copy the scripts to a thumb drive
Place the thumb drive in the active OA
Run the script from the Insight Display

o USB Menu
o Restore Configuration
o usb://d1/script-name.cfg

Script 1:
ADD USER admin hpinvent
SET USER ACCESS admin ADMINISTRATOR
ASSIGN SERVER ALL admin
ASSIGN INTERCONNECT ALL admin
ASSIGN OA admin
ENABLE USER admin
HPONCFG all << end_marker
<RIBCL VERSION="2.0">
<LOGIN USER_LOGIN="adminname" PASSWORD="password">
<USER_INFO MODE="write">
<ADD_USER
USER_NAME="admin"
USER_LOGIN="admin"
PASSWORD="hpinvent">
<ADMIN_PRIV value ="Yes"/>
<REMOTE_CONS_PRIV value ="Yes"/>
<RESET_SERVER_PRIV value ="Yes"/>
<VIRTUAL_MEDIA_PRIV value ="Yes"/>
<CONFIG_ILO_PRIV value="Yes"/>
</ADD_USER>
</USER_INFO>
</LOGIN>
</RIBCL>
end_marker

Script 2:
SET USER PASSWORD "Administrator" "password"

13 comments:

Anonymous said...

WTF *IS* the default password? That's what I'm trying to find. Searching for "default password" only provides instructions on how to reset it... reset it to WHAT?

Franck RICHARD said...

There is tag and on recent Virtual Connect a sticker with the default logon credentials

arl said...

Oh tell me why it just cannot go through OA like resto of the systems?

Is it so hard?

Franck RICHARD said...

OA or VC have their own local user/password database, which is completly system independant. That means you can create an user "adm" on your OA that not exist on your operating system. And reciprocally, a user "root" on you system does not exist on your OA if you do not create it. One of common error is log with user "Administrator" but forget A must be uppercase. For information , you can also use ldap settings to permit, for example, to log to your OA with you AD account.

Anonymous said...

Richard, that's clear for me, but if the bloody sticker is unreadable??? The way it should be: ssh to OA, connect interconnect [VC Slot], reboot VC module (e.g. trouhg OA), send an break sequence to stop the VC Linux boot... what's the procedure if the sticker is unreadable or stickers are exchanged by accident?

Franck RICHARD said...

you can use brute force password tool like sshatter http://freecode.com/projects/sshatter?branch_id=70781&release_id=263196 or patator http://code.google.com/p/patator/

Anonymous said...

^^ LOL... yeah! BruteForce rU13z!!!

Did you ever try this out on particular module?

Franck RICHARD said...

I never need to use brute force for a OA or VC. I try to take time to test.
What you must to know: after resetting password
use Administrator like name and
password OA and VC seems to use 8 characters exactly and
only UPPERCASE LETTER + NUMBERS
(ex: P123PPPP or A1BC13D4)

Try also phone to HP. Perhaps they could give you password with your serial number

Franck RICHARD said...

FOR OA, there is 2 procedures in this link

http://h30499.www3.hp.com/t5/HP-BladeSystem-Management/Resetting-the-Onboard-Administrator-password/td-p/2304569

I copy solution on my post with reference

Lee Van Iderstine said...

Any idea how to reset the admin password/IP address on a VC-FC module? I have an 8Gb 24-port that has a legacy IP and password that we cannot seem to reset.

Franck RICHARD said...

ideas:
-Problem with VC firmware
-module in state "I am soon in out-of-order"
solutions:
verify firmware status with vcsu -a healthcheck (download: http://www.hp.com/support/vc)
Try to do reset manipulation with HP Support
Change this module

virtualcloudz said...

Nice one!! Thanks. I just referred to this article on my post ( Default Credentials for virtual connect) to reset OA and VC modules here.

http://goo.gl/YHZwlx

Cheers!!

Anonymous said...

Hey thanks for this. We have a VC Flex-10 Enet Module. We tried the "Reset Administrator password from HP Virtual Connect and Onbord Administrator" using the OA console. We were able to see the default password after switching the "1" position to On. However, after carefully following the procedure, the VC Flex-10 Enet Module wouldn't retain the default password (after switching it back to the "Off" position). We tried this on several VC Flex-10 Enet Modules. Is it something wrong with our OA? Or is they all just bad modules? Thanks!