Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC9 - 3.0x Series
51525354555657585960
You must set the Salt attribute when the associated hash is set.
NOTE: The attributes are not applicable to the INI configuration file.
Hash password in server configuration profile
The new hash passwords can be optionally exported in the server configuration profile.
When importing server configuration profile, you can uncomment the existing password attribute or the new password hash attribute(s).
If both are uncommented an error is generated and the password is not set. A commented attribute is not applied during an import.
Generating hash password without SNMPv3 and IPMI authentication
Hash password can be generated without SNMPv3 and IPMI authentication with or without salt. Both require SHA256.
To generate hash password with salt:
1. For the iDRAC user accounts, you must salt the password using SHA256.
When you salt the password, a 16-bytes binary string is appended. The Salt is required to be 16 bytes long, if provided. Once
appended, it becomes a 32 character string. The format is "password"+"salt", for example:
Password = SOMEPASSWORD
Salt = ALITTLEBITOFSALT—16 characters are appended
2. Open a Linux command prompt, and run the following command:
Generate Hash-> echo-n SOMEPASSWORDALITTLEBITOFSALT|sha256sum -><HASH>
Generate Hex Representation of Salt -> echo -n ALITTLEBITOFSALT | xxd –p -> <HEX-SALT>
set iDRAC.Users.4.SHA256Password <HASH>
set iDRAC.Users.4.SHA256PasswordSalt <HEX-SALT>
3. Provide hash value and salt in the imported server configuration profile, the RACADM commands, Redfish, or WSMan.
NOTE:
If you wish to clear a previously salted password, then ensure that the password-salt is explicitly set to an
empty string i.e.
set iDRAC.Users.4.SHA256Password
ca74e5fe75654735d3b8d04a7bdf5dcdd06f1c6c2a215171a24e5a9dcb28e7a2
set iDRAC.Users.4.SHA256PasswordSalt
4. After setting the password, the normal plain text password authentication works except that SNMP v3 and IPMI authentication fails
for the iDRAC user accounts that had passwords updated with hash.
Modifying local administrator account settings
After setting the iDRAC IP address, you can modify the local administrator account settings (that is, user 2) using the iDRAC Settings
utility. To do this:
1. In the iDRAC Settings utility, go to User Configuration.
The iDRAC Settings User Configuration page is displayed.
2. Specify the details for User Name, LAN User Privilege, Serial Port User Privilege, and Change Password.
For information about the options, see the iDRAC Settings Utility Online Help.
3. Click Back, click Finish, and then click Yes.
The local administrator account settings are configured.
Setting up managed system location
You can specify the location details of the managed system in the data center using the iDRAC Web interface or iDRAC Settings utility.
Setting up managed system
51