Check your Onboard Administrator / Virtual Connect password

If you want to check your Onboard Administrator / Virtual Connect password, or test some passwords, because you don't really remember the real good one, I modified my previous script Plink_reg.cmd to make work for you.

For this, just change line 43 to 47 in file Plink_reg.cmd (or download TestOAVCPass.zip)

Echo Reg plink %1 (%date% %time%)
Echo ----------------------------- >> %LOGFILE% 2>>&1
Echo Reg plink %1 (%date% %time%) >> %LOGFILE% 2>>&1
plink.exe -ssh -l %2 -pw %3 -batch %1 "exit" >> %LOGFILE% 2>>&1
goto :EOF

with these lines

Echo Reg plink %1 (%date% %time%)
Echo ----------------------------- >> %LOGFILE% 2>>&1
Echo Reg plink %1 (%date% %time%)  %2 %3 >> %LOGFILE% 2>>&1
plink.exe -ssh -l %2 -pw %3 -batch %1 "exit" > temp.txt 2>>&1
set  passok=PASSWORD_KO
type temp.txt | findstr /i denied
if errorlevel 1 set passok=PASSWORD_IN_THIS_LINE
Echo ;%date% %time%;%1;%2;%3;%passok% >> resultpass.txt
goto :EOF

For example, to test password password1,password2,password3 and password4 in oa or vc with ip address 192.1.1.100 use a file "myipass.txt" with these entries:

192.1.1.100;manager;password1
192.1.1.100;manager;password2
192.1.1.100;manager;password3
192.1.1.100;manager;password4

Run "TestOAVCPass.exe myipass.txt" then you should have result like below (here password3 is the good oa password)

;31/07/2011 12:23:07,26;192.1.1.100;manager;password1;PASSWORD_KO 
;31/07/2011 12:23:10,10;192.1.1.100;manager;password2;PASSWORD_KO 
;31/07/2011 12:23:11,49;192.1.1.100;manager;password3;PASSWORD_IN_THIS_LINE 
;31/07/2011 12:23:13,94;192.1.1.100;manager;password4;PASSWORD_KO 

Get/ Set informations on multiple HP Onboard Administrator / Virtual Connect - Example with setting password and show all

When you need to get informations (like "SHOW ALL") on more than 400 Onboard Administrator or Virtual Connect, production team is always happy when you can give them an automatic solution.

Before give you main script for that, let's explain some details:
HP Onboard Administrator or Virtual Connect can be connect by SSH using tools like putty (Alternative Download). When you are connect on your OA or VC you can use some command line.

For more information about OA command line go to Onboard Administrator dedicated HP site and specifically to OA download manual on Manual OA site to download HP BladeSystem Onboard Administrator Command Line Interface User Guide(Alternative Download)

For more information about VC command line go to Manual VC site where you could find HP Virtual Connect Manager Command Line Interface (Alternative Download)

To use plink.exe (tool to do putty link), on OA or VC, I give you some examples below

To create a new OA administrator user named admin with password pass

plink -ssh -l Administrator -pw password -batch 192.168.1.254 -m OAadduser.txt

with OAadduser.txt

ADD USER "admin" "pass"
SET USER ACCESS "admin" ADMINISTRATOR
SET USER FULLNAME "admin" "Backup Administrator"
ASSIGN SERVER ALL "admin"
ASSIGN INTERCONNECT ALL "admin"
ASSIGN OA "admin"

To change admin OA user password to newpass

plink -ssh -l Administrator -pw password -batch 192.168.1.254 -m OAchangepassword.txt

with OAchangepassword.txt

SET USER PASSWORD "admin" "newpass"

To delete admin OA user

plink -ssh -l Administrator -pw password -batch 192.168.1.254 -m OAremoveuser.txt

with OAremoveuser.txt

REMOVE USER "admin"

To show all OA informations

plink -ssh -l Administrator -pw password -batch 192.168.1.254 -m OAshowall.txt

with OAremoveuser.txt

SHOW ALL

To create a new VC administrator user named admin with password pass

plink -ssh -l Administrator -pw password -batch 192.168.1.250 -m VCadduser.txt

with VCadduser.txt

add user admin Password=pass Privileges="domain,server,network,storage" FullName="Backup Administrator" Enabled=true

To change admin VC user password to newpass

plink -ssh -l Administrator -pw password -batch 192.168.1.250 -m VCchangepassword.txt

with VCchangepassword.txt

set user admin Password=newpass

To delete admin VC user

plink -ssh -l Administrator -pw password -batch 192.168.1.250 -m VCremoveuser.txt

with VCremoveuser.txt

remove user admin

To show all VC informations

plink -ssh -l Administrator -pw password -batch 192.168.1.250 -m VCshowall.txt

with VCshowall.txt

SHOW ALL

Now the best part: do all these actions on multiple Onboard Administrator or Virtual Connect. If you do not want to do copy/paste for each part, I encourage you to download GetSetHPOAVCInfos.zip file file.

First, you must create putty ssh keys. For this, execute plink_reg.cmd which will create these key then will export registry to plink.reg file
Why create ssh keys before ? That permit to avoid to answer yes to each OA or VC

@Echo OFF
Rem
Rem Generate plink reg
Rem
Rem F.RICHARD
Rem Initial Version: 2010 August
Rem modification 2011 March : add filename parameter
Rem

SET CURDIR=%~d0%~p0
SET FILENAME=%~n0%~x0
If "%1"=="" goto :ERRORNOFILE

cd /d %CURDIR%
set inputfile=%1
If NOT EXIST %inputfile% GOTO :ERRORFILE

SET LOGFILE="%CURDIR%plink_reg.log"

If NOT EXIST plink.exe GOTO :ERRFILEPLINK
echo Begin %date% %time% > %LOGFILE%




For /F "tokens=1,2,3 delims=;" %%i in (%inputfile%) do call :doit %%i %%j %%k 


echo End %date% %time% >> %LOGFILE%
regedit /E plink.reg "HKEY_CURRENT_USER\Software\SimonTatham"
goto :EOF




:doit
rem echo %1 %2 %3
IF {%1}=={} GOTO :ERRORLINE
IF {%2}=={} GOTO :ERRORLINE
IF {%3}=={} GOTO :ERRORLINE


Echo Reg plink %1 (%date% %time%)
Echo ----------------------------- >> %LOGFILE% 2>>&1
Echo Reg plink %1 (%date% %time%) >> %LOGFILE% 2>>&1
plink.exe -ssh -l %2 -pw %3 -batch %1 "exit" >> %LOGFILE% 2>>&1
goto :EOF



:ERRORLINE
Echo ERROR next line (something missing)
Echo %1;%2;%3
goto :EOF

:ERRORFILE
Echo ERROR file %inputfile% does not exist in %CURDIR% directory
goto :EOF

:ERRFILEPLINK
Echo ERROR: file plink.exe does not exist in %CURDIR% directory
Echo Execute plink.exe before executing this file
goto :EOF

:ERRORNOFILE
Echo ERROR You must specify a filename containing line with these informations
Echo ip_or_name;login;password
Echo Ex: run
Echo %FILENAME% myOA.txt
Echo with myOAVC.txt containing
Echo 192.168.1.251;Administrator;password
Echo 192.168.1.252;Administrator;password
echo.
goto :EOF

To use script GetSetHPOAVCInfos.cmd, which permit to execute command line on all VC or OA use for example

GetHPOAVCInfos.cmd testOAVC.txt testOAVCcmdline.txt

with file testOAVC.txt containing for example these lines

192.168.1.220;administrator;password
192.168.1.224;administrator;password

and file testOAVCcmdline.txt with these lines

show all

All informations are return in oa_or_vc.log file
If you want to separate each log (ex: oa_or_vc_192.168.1.220.log, oa_or_vc_192.168.1.224.log) add SEPARATELOG like this

GetHPOAVCInfos.cmd testOAVC.txt testOAVCcmdline.txt SEPARATELOG

GetSetHPOAVCInfos.cmd file

@Echo OFF
Rem
Rem Get Information in HP Onboard Administrator or Virtual Connect
Rem
Rem F.RICHARD
Rem August 2010
Rem modification 2011 March : add filename parameter
Rem

SET CURDIR=%~d0%~p0
SET FILENAME=%~n0%~x0
If "%1"=="" goto :ERRORNOFILE
If "%2"=="" goto :ERRORNOFILE
SET SEPARATELOG=NO
If "%3"=="SEPARATELOG" SET SEPARATELOG=YES

cd /d %CURDIR%
set inputfile=%1
If NOT EXIST "%inputfile%" GOTO :ERRORFILE

set actionfile=%2
If NOT EXIST "%actionfile%" GOTO :ERRORFILE2

SET separate=.log
SET LOGFILE=%CURDIR%oa_or_vc

If NOT EXIST plink.exe GOTO :ERRFILEPLINK
echo Begin %date% %time%
echo Begin %date% %time% > "%LOGFILE%%separate%"

If NOT EXIST plink.reg GOTO :ERRFILEPLINKREG
regedit /s plink.reg 

For /F "tokens=1,2,3 delims=;" %%i in (%inputfile%) do call :doit %%i %%j %%k

SET separate=.log
echo End %date% %time%
echo End %date% %time% >> "%LOGFILE%%separate%"
goto :EOF





:doit
IF {%1}=={} GOTO :ERRORLINE
IF {%2}=={} GOTO :ERRORLINE
IF {%3}=={} GOTO :ERRORLINE


Echo Use %actionfile% file on %1 (%date% %time%)
If "%SEPARATELOG%"=="YES" SET separate=_%1.log
If "%SEPARATELOG%"=="YES" echo.> "%LOGFILE%%separate%"
plink.exe -ssh -l %2 -pw %3 -batch "%1" -m "%actionfile%" >> "%LOGFILE%%separate%"
cscript //NOLOGO convertunix2dos.vbs "%LOGFILE%%separate%"
goto :EOF


:ERRORLINE
Echo ERROR: next line (something missing)
Echo %1;%2;%3
goto :EOF

:ERRORFILE
Echo ERROR: file %inputfile% does not exist in %CURDIR% directory
goto :EOF

:ERRORFILE2
Echo ERROR: file %actionfile% does not exist in %CURDIR% directory
goto :EOF

:ERRFILEPLINK
Echo ERROR: file plink.exe does not exist in %CURDIR% directory
Echo Execute plink.exe before executing this file
goto :EOF

:ERRFILEPLINKREG
Echo ERROR: file plink.reg does not exist in %CURDIR% directory
Echo Execute plink_reg.cmd before executing this file
goto :EOF

:ERRORNOFILE
Echo ERROR You must specify a filename containing line with these informations
Echo ip_or_name;login;password
Echo Ex: run
Echo %FILENAME% myOA.txt
Echo with myOAVC.txt containing
Echo 192.168.1.251;Administrator;password
Echo 192.168.1.252;Administrator;password
echo.
goto :EOF

For information, this script use convertunix2dos.vbs to convert unix OA or VC return carriage to windows (script found on the net, don't remember where, sorry for the author)

Dim fso, ts, s, arg, fil, fpath, s1
Set fso = CreateObject("Scripting.FileSystemObject")
arg = WScript.arguments.item(0)
Set ts = fso.OpenTextFile(arg, 1, False)
s = ts.ReadAll
ts.Close
Set ts = Nothing

s1 = Replace(s, vbCrLf, vbCr, 1, -1, 0)
s1 = Replace(s1, vbLf, vbCr, 1, -1, 0)
s1 = Replace(s1, vbCr, vbCrLf, 1, -1, 0)

Set ts = fso.CreateTextFile(arg, True)
ts.Write s1
ts.Close
Set ts = Nothing
Set fso = Nothing

Reset Administrator password from HP Virtual Connect and Onbord Administrator

If you have some guys which makes fun to change password on a virtual connect there is a procedure to reset administrator password to it original setting.

This procedure comes from c00865618.pdf file page 28 HP Virtual Connect for c-Class BladeSystem User Guide

Resetting the Administrator password and DNS settings
-----------------------------------------------------
If the system maintenance switch 1 is in the ON position on a VC-Enet module, the firmware restores the Administrator account password and DNS settings to the original factory defaults as found on the module label (without disturbing any other local user accounts), and also displays the password on the VC-Enet module management console. For information on accessing the VC-Enet module management console, see the OA user guide. The default password is no longer displayed after switch 1 is in the OFF position.

Password restoration is done during each power-up sequence while switch 1 is in the ON position (and reserved switches are in the OFF position) and does not allow changes until the switch is placed back into the OFF position. For switch locations, see the appropriate system maintenance switch ("HP 1/10Gb VCEnet Module system maintenance switch" on page 15, "HP 1/10Gb-F VC-Enet Module system maintenance switch" on page 18, "HP Virtual Connect Flex-10 10Gb Ethernet Module system maintenance switch" on page 22).
After switch 1 is returned to the OFF position, users with appropriate privileges can then change the Administrator password.
Only reset the password on the module running the Virtual Connect Manager (and/or its backup), and not other modules in the domain.



The recommended password recovery procedure is as follows:

1. Remove the Virtual Connect Ethernet module from interconnect bay 1.

2. Remove the access panel from the Virtual Connect Ethernet module.

3. Set switch 1 to the ON position. Ensure that all other switches remain in the OFF position.

4. Install the access panel.

5. Insert the Virtual Connect Ethernet module into bay 1 and allow the module to power up and reach a fully booted and operational state (approximately 1 minute).

6. Remove the Virtual Connect Ethernet module from interconnect bay 2.
This causes interconnect bay 1 to become the module running the active VC Manager. Because switch 1 is set, the Administrator password remains at the factory default for interconnect bay 1 (not overwritten by the change of state because of the failover).

7. Wait to ensure that the VC Manager has had time to become active on interconnect bay 1. Log into the VC Manager to confirm it is up and functional on interconnect bay 1.

8. Insert the Virtual Connect Ethernet module into interconnect bay 2 and allow the module to power on and reach a fully booted and operational state (approximately 1 minute).

9. Remove the Virtual Connect Ethernet module from interconnect bay 1.

10. Remove the access panel from the Virtual Connect Ethernet module.

11. Set switch 1 to the OFF position. Ensure that all other switches remain in the OFF position.

12. Install the access panel.

13. Insert the Virtual Connect Ethernet module into interconnect bay 1 and allow the module to power up and reach a fully booted and operation state (approximately 1 minute).

14. Log into the VC Manager using the factory default user name and password to log in to the module (regardless of whether it is running on the module







[EDIT MARCH 12 2012] FOR ONBOARD ADMINISTRATOR

FOR OA this link http://h30499.www3.hp.com/t5/HP-BladeSystem-Management/Resetting-the-Onboard-Administrator-password/td-p/2304569 explain how to do on OA
I re-copy it for everyone:


Brian had an Onboard Administrator question:
**********************
I have two chassis were the customer has lost the passwords. They are not set to the default. Does anyone have password recovery procedures. Downtime and configuration is not any concern as this is a new install.
**********************
Bill had the process down:
********************
From the OA 3.10 user Guide, page 19...

Recovering the administrator password

If the administrator password has been lost, you can reset the administrator password to the factory default that shipped on the tag with the Onboard Administrator module. The Onboard Administrator resets a lost password to Lost Password/Flash Disaster Recovery (LP/FDR) mode. To recover the password and reset the administrator password to the factory default:

1. Connect a computer to the serial port of the Active Onboard Administrator using a null-modem cable.

2. With a null-modem cable (9600 N, 8, 1, VT100, locally connect to the Onboard Administrator).

3. Open HyperTerminal (in Microsoft(r) Windows(r)) or a suitable terminal window (in Linux), and then connect to the Active Onboard Administrator.

4. Press and hold in the Onboard Administrator reset button for 5 seconds.

5. To boot the system into Lost Password modem Press L. The password appears as the system reboots.

************************
from Ken:

*********************

I prefer to use a script on a thumb drive to recover lost OA passwords. I’ve attached 2 scripts. ResetPW resets the “Administrator” account password to “password”. The OA-Add-admin script adds use “admin” password “hpinvent” to the OA, and all ILOs in the enclosure.

To run the scripts:

Copy the scripts to a thumb drive
Place the thumb drive in the active OA
Run the script from the Insight Display

o USB Menu
o Restore Configuration
o usb://d1/script-name.cfg

Script 1:
ADD USER admin hpinvent
SET USER ACCESS admin ADMINISTRATOR
ASSIGN SERVER ALL admin
ASSIGN INTERCONNECT ALL admin
ASSIGN OA admin
ENABLE USER admin
HPONCFG all << end_marker
<RIBCL VERSION="2.0">
<LOGIN USER_LOGIN="adminname" PASSWORD="password">
<USER_INFO MODE="write">
<ADD_USER
USER_NAME="admin"
USER_LOGIN="admin"
PASSWORD="hpinvent">
<ADMIN_PRIV value ="Yes"/>
<REMOTE_CONS_PRIV value ="Yes"/>
<RESET_SERVER_PRIV value ="Yes"/>
<VIRTUAL_MEDIA_PRIV value ="Yes"/>
<CONFIG_ILO_PRIV value="Yes"/>
</ADD_USER>
</USER_INFO>
</LOGIN>
</RIBCL>
end_marker

Script 2:
SET USER PASSWORD "Administrator" "password"