Symptoms
Systems with an integrated Dell Remote Access Control (iDRAC) have a default user name and password, but you can also configure them with a secure password.
Default iDRAC login
In the iDRAC’s default configuration, the login credentials are as follows:
- Username: root
- Password: calvin
Secure Password
For iDRAC9, a new feature called secure password is available during the purchase configuration.
- If you have opted for secure default access to iDRAC, the iDRAC secure password is available on the back of the system information tag (Service Tag) under “iDRAC Default Password.”
- If you have not opted for secure default access to iDRAC, then the default password should be blank. In this case, the default username and password (root/calvin) apply.
- Information tag (Top view)
- Information tag (Bottom view)
- OpenManage Mobile (OMM) label
- iDRAC MAC address and iDRAC secure password label
You can reset the password through the iDRAC settings by pressing F2 at startup.
Also, you can reset the password to its factory default with the following racadm command:
racadm racresetcfg -all
To reset the password to the legacy password, use the following racadm command:
racadm racresetcfg -rc
Cause
What is the “Default Password Warning” on iDRAC? (SEC0701)
The default iDRAC username and password are widely known, and any user can access the server and make changes using the default credentials. The Default Password Warning feature in iDRAC warns you if the default login credentials are still in place.
Whenever a user with Configure User privileges logs in to iDRAC or SSH/Telnet or executes racadm commands remotely using the default login credentials, the system displays a warning message (SEC0701). Because GUI and SSH/Telnet users log in once per session, they see a single warning message for each session. Because remote racadm users log in for every command, they see a warning message for every command.
An iDRAC with default login credentials is even less secure if the system is Internet-accessible or part of a large network with different trust boundaries. If any of the following items is configured, the possibility exists that iDRAC could become accessible on the Internet.
Whenever a user with Configure User privileges logs in to iDRAC via Web GUI using the default login credentials, the Default Password Warning Message displays. From this page, the user can either change the password for a root user, or they can change nothing and continue logging in to iDRAC. The option to disable the Default Password WarningMessage appears on this page if the user does not change the password.
iDRAC9:
iDRAC8:
Figure 2: Default Password Warning
The Default Password Warning can be enabled or disabled from the iDRAC Overview -> iDRAC Settings -> User Authentication -> Local Users page, under the section titled “Default Password Warning.”
Source Reference: Dell Support
Phương Nguyễn Collect
No comment yet, add your voice below!