Remotely Reset Administrator Password on iLO without Reboot

Last night I got locked out of my Compaq DL360’s iLO. I searched the web to find how to reset the Administrator password and read that, for the most part, I’d have to be at the console. Bah! My servers are in San Jose and I’m up here in San Francisco, I didn’t want to make a trip just to reset my passwords. I continued to look around the web for a solution and found that I could reset the Administrator password (or even add another user with admin privs) using Compaq’s Remote Insight Board Command Language. Apparently, if you are processing RIBCL commands through your given operating sytem so long as you have the rights to login to the server. I logged in as my Windows Domain Admin and performed the following steps (Linux users, you can download the RPM for HPONCFG):

1. I installed SNMP because it was a preprequesite for HP Insight Management Agents.
2. I dowloaded and installed the HP Insight Management Agents.
3. I then downloaded HP Lights-Out Online Configuration Utility.
4. I ran into NTVDM errors trying to run the file so I just used WinRAR to extract the contents into C:\hp\ilo. I also extracted the zip file contained within the initial archive.
5. I then downloaded the HP Lights-Out XML Scripting Sample for Windows (Linux users can download the files in tgz format here or here.) extracted it and found the file I was looking for —

6. Using notepad, I opened up the sample file and modified it slightly. Initially, I just removed the LOGIN and ran the file but HPONCFG gave me a syntax error. I then added it back and gave the Administrator a bogus password. Apparently, the LOGIN line is required for syntax reasons but it is not actually processed.
7. Next, I opened a command line and changed directories to C:\hp\ilo and typed the following:

HPONCFG.exe /f Administrator_reset_pw.xml /l log.txt > output.txt

8. I opened up Firefox, navigated to my iLO machine and voila! I was able to login as Administrator.

If changing Administrator’s password seems too scary, you can also add another user with administrator privileges. You can then login as that user and change the Administrator password via the web console. Use the following code, suited to your liking:

Here’s a zip of just hponcfg.exe, add_user.xml, and Administrator_reset_pwd.xml. Since it’s an exe with no apparent supporting files, y ou may be able to just use that.

I see quite a few people have hit this page..if you found it useful, please let me know! If not, drop me a note and I’ll see how I can help.

Chrissy is a PowerShell MVP who has worked in IT for nearly 20 years, and currently serves as a Sr. Database Engineer in Belgium. Always an avid scripter, she attended the Monad session at Microsoft’s Professional Developers Conference in Los Angeles back in 2005 and has worked and played with PowerShell ever since. Chrissy is currently pursuing an MS in Systems Engineering at Regis University and helps maintain RealCajunRecipes.com in her spare time. She holds a number of certifications, including those relating to SQL Server, SuSE Linux, SharePoint and network security. She recently became co-lead of the SQL PASS PowerShell Virtual Chapter. You can follow her on Twitter at @cl.

Posted in Security
239 comments on “Remotely Reset Administrator Password on iLO without Reboot
  1. Wilson says:

    PERFECT! I lost the iLO password on our test server and your tutorial worked perfectly. I was logged in and working in just a matter of minutes. Thank you and have a great evening!

  2. Shane says:

    Wonderful!
    Thank you. It worked perfect.

  3. Steve says:

    Found your link & followed the process exactly as well, and I too was successful. Took over many HP servers w/ILO configured, but had no documentation from previous person on passwords. Now I can make the changes AND document them as well. Thanks so much for posting this!!!

  4. Mark says:

    Many thanks for this information.

    Am in a very similar situation to Steve in the post above.
    This has saved me many hours of work !

  5. langballe says:

    Nice guide. It helped alot

  6. Chrissy says:

    Great! Glad I could help (And glad HP provides this capability!)

  7. WolfgangD says:

    Gratulation

    this guide works perfectly for ux and ms

    THX!!

  8. RGB says:

    Thank you, thank you!

  9. PositiveMentalAttitude says:

    I’m contracting were there has been a lot of turn over and could not access any servers via iLO.

    That made for too many trips to the office nights and weekends.

    Your steps worked like a lucky charm! Now I can do server updates remotely from home.

    Thanks…u-R-a-rock*!!!!

  10. Rich says:

    Chrissy – that was awesome! Thanks for the help!

  11. Mike Pierce says:

    This is great for a 32-Bit but do you know if there is a solution for x64 ??

    Thanks,

    Mike

  12. Mike Pierce says:

    This is great for a 32-Bit but do you know if there is a solution for x64 ??

    Thanks,

    Mike

  13. OverSeer says:

    I love you!! This is exactly what I was looking for!!!

  14. Jim D says:

    Yes this works good for 32 bit Windows but will not work on 64 bit. DOH!

  15. Chrissy says:

    Jim and Mike, I’ll email you both with a follow-up but what if you used CPQLOCFG.EXE (direct links) on a 32-bit machine and connected remotely to your 64-bit machines?

  16. Chris says:

    Excellent,

    This worked a treat

  17. Steve says:

    I was hoping this would work but I keep getting the following in output.txt:

    No RILOE II board found.
    Firmware Revision = 1.820000 Device type = ILO Driver name = cpqci
    Script succeeded

    Will it support older hardware?
    Thanks

  18. Steve says:

    I was hoping this would work but I keep getting the following in output.txt:

    No RILOE II board found.
    Firmware Revision = 1.820000 Device type = ILO Driver name = cpqci
    Script succeeded

    Will it support older hardware?
    Thanks

  19. Mike says:

    I am trying to put this XML file to ILO via VBS. It fails with the error that is listed below the script. Anyone know what I am missing? I tried adding to the front of the XML string but got the same error.

    Set oXMLHTTP = CreateObject("MSXML2.ServerXMLHTTP")
    Set oXMLDOM = CreateObject("MSXML2.DOMDocument")

    sXML = ""

    oXMLDOM.LoadXML sXML
    oXMLHTTP.Open "POST", "https://",False,"Administrator","Password"
    oXMLHTTP.setOption 2, 13056
    oXMLHTTP.Send oXMLDOM.XML
    WScript.echo oXMLHTTP.responseText

    Remote Insight
    Request Error
    HTTP/1.1 405 Method Not Allowed

  20. Mike says:

    I am trying to put this XML file to ILO via VBS. It fails with the error that is listed below the script. Anyone know what I am missing? I tried adding to the front of the XML string but got the same error.

    Set oXMLHTTP = CreateObject(“MSXML2.ServerXMLHTTP”)
    Set oXMLDOM = CreateObject(“MSXML2.DOMDocument”)

    sXML = “”

    oXMLDOM.LoadXML sXML
    oXMLHTTP.Open “POST”, “https://”,False,”Administrator”,”Password”
    oXMLHTTP.setOption 2, 13056
    oXMLHTTP.Send oXMLDOM.XML
    WScript.echo oXMLHTTP.responseText

    Remote Insight
    Request Error
    HTTP/1.1 405 Method Not Allowed

  21. Mike says:

    Looks like the sXML didn’t populate with the script. Let’s try again:

    sXML = “”

  22. Mike says:

    well it didn’t work…

    sXML is suppose to equal the following. I replaced all the ” with “”

  23. Mike says:

    sXML equals Administrator_reset_pw.xml from the original post. All the ” have been replaced with “”

  24. mitch says:

    Wow! Thanks it work and got me out of a jam.

  25. Steve says:

    I tried your solution both ways (administrator and add user) and whenever I run the command, I get a “memory refrenced at (bla bla bla) could not be written.”
    I tried to upgrade the support pack but have not yet rebooted the server due to office hours. Any idea if this is the reason for the error?

  26. Ricardo says:

    Your hot and smart!! Thanks for the help, it worked. I have over a dozen server to set this information from. Now I dont have to spend all that time afterhours shutting these things down and going into CMOS.

    Thanks

  27. Fabrizio says:

    Great

    very useful and well written article.

    Many thanks, I will offer a coffee to you.

    Ciao
    Fabrizio

  28. Fabrizio says:

    Can I give you a suggestion?

    Add to your article the way to get ILO ip address

    HPONCFG /w config.txt

    If you have many servers (like me) it is useful.

    Ciao
    Fabrizio

  29. Steven Hill says:

    I am getting the following error. I am just not sure which software to use for whatever version I have. BL20p G2

    No RILOE II board found.
    ERROR: The current firmware version (1.20) is not supported by HPONCFG.
    Version 1.41 or greater is required.

    Thanks

  30. Tokyo_skippy says:

    Thank you!

    I inherited some servers and nobody could remember what the password on the RILOE had been changed to. After using this I’ve been able to not only reset the passwords, but create the necessary accounts we needed.

  31. Chuck Sisson says:

    Thank you!

    Worked like a champ!

  32. Michel says:

    it works fine
    tu es la meilleure
    i love you ;)

  33. Wendy says:

    Worked so perfectly and documented so clearly made a puzzle become a straightforward one…
    Thanks!

  34. Alexander Suhovey says:

    Hey, thanks for the info.

    Looking at the commanets, I guess this is a quite popular issue/scenario lol…

  35. Tiago Viana says:

    5 Stars!!!!
    You’re the BEST.
    RESPECT!!!!!! :)

  36. Mia says:

    Chrissy,
    You have just saved me masses of time. Thanks for this!

  37. Didier Piter says:

    Great and environmental friendly !!
    Thanks

  38. Jennifer says:

    This solved my problem – You are awesome

  39. Hans says:

    Great site, usefull information that help me a lot, and save some time.
    Keep up the good work.
    Thanks.

  40. Walter says:

    Thanks! Saved my day:-)

  41. Kenton says:

    This is the error I get. Any ideas as to what it means and how to fix/get around it?

    C:\temp\HP iLO pw reset utility>HPONCFG.EXE /f CFTCXO_admin_pw_reset.xml /w log3
    .txt
    No RILOE II board found.
    Firmware Revision = 1.620000 Device type = ILO Driver name = cpqci
    RILOE-II/iLO configuration successfully written to file “log3.txt”

    any help will be appreciated, Thanks.

  42. Kenton says:

    …oh, and here’s the XML file I’ve been using.

  43. Kenton says:

    Apparently it didn’t like what I copied and pasted. basically it’s the same as the one you’ve posted above.

  44. Oaktree says:

    You are THE BEST!!!

  45. Trouble says:

    If the host operating system is NetWare6.5 and the iLo password is lost am I hosed?

  46. Chrissy says:

    Hey Trouble, I don’t know poo about Netware..but if it runs any sort of virtualization software, you can install linux or windows on top, run the hponcfg and reset it that way ;)

    this thread has a solution too… good luck!

    Oaktree, glad i could help :-D

  47. Devin Trotter says:

    This was EXTREMELY useful. Thank you VERY much! I really was not able to bring the server offline to resolve this issue so I was ecstatic when this worked! THANK YOU SOOO MUCH.

    Devin

  48. Jay says:

    Chrissy,

    Thanks for explaining it straightforwardly! I’ve been pouring over the documentation trying to get it to work. For others, note that there’s an 8 character minimum on the password.

    I owe you a brewski.

  49. marc louis says:

    i know it warns you but easy to overlook. but username as well as password are case sensetive, and i belive the default username is “Administrator” with a capital “a”.
    it threw me for a while.
    another thing is default folder is not c:\hp as the other agents, but in “prog files\hp”.

  50. Vince says:

    Is there a solution for SCO Unixware v7.1.3?

    Thanks

  51. John says:

    Hi Chrissy,

    This info helped me fast track access to an ilo. In this day and age – one does not have to know anything! Just how to find stuff when they need it.

    Thanks,

  52. Terry says:

    Chrissy,
    Thanks so much for sharing. This was exactly what I was looking for and it worked perfectly!

  53. Adam says:

    Awesome! Got 30+ servers with unknown ILO configs that we are attempting to roll out, and this is going to make things a LOT easier.

    Merci beaucoup, from a fellow Coonass.

  54. Dennis says:

    Thanks Chrissi!

    Your .xml is a lot cleaner than what comes with the tool. Worked like a charm and my thanks to you for that.

  55. Rainer says:

    Thank you, worked well for me…

  56. Tiana says:

    Hi, i tried everything. and it’s kind of hard to understand. i downloaded everything but i cant open up files and its very confusing. please help me. i cant do anything without my administrator account. is there another way to do it? please help me.please

  57. Didier says:

    Hi Chrissy and other iLO maniacs out there,

    You could add the following line before your hponcfg config:

    hponcfg /reset

    This would simply reset the iLO to factory settings, including the Administrator’s password located on the asset tag of the server.

    More scripts to use HPONCFG on: http://h18000.www1.hp.com/support/files/server/us/download/25058.html

    Cheers

  58. Chris says:

    This seems to work for iLO and RILOE II boards. Is there a viable way to reset passwords on RILOE I boards?

  59. Billi says:

    Hi Chrissy,

    it worked great and saved me a lot of time.

    TNX!!

  60. Lonnie says:

    Thanks Chrissy!

    That worked PERFECTLY on the first try.

    Saved me a trip from Millbrae to SF!

    Lonnie

  61. Damien says:

    Hi Chrissy,
    thanks for that bit of info, it worked perfectly. i had the same issue as “marc louis”, but other than that it was fine.

    i can now relax a little for the rest of the day.. :)

    Thanks Again
    Damien

  62. Wim says:

    Hi,

    In my case one server gave the error message:

    ——
    HPONCFG RILOE-II/iLO setup and configuration utility
    Version 1.2 (c) Hewlett-Packard Company, 2005

    ERROR: Unable to establish communication with iLO/RILOE-II.
    ——

    The other problem with the server is that it has no cable support so we cannot pull it out to open the cover and reset the iLO switch.

    After a good time thinking I was wondering if the error message was due to the fact that I was running HPONCFG in a MetaFrame session.

    Afterwards on the same server I tried it through a RDP-session and even than I got the same error.

    At last I ran the same command from the console directly and it worked fine.

    Thanks for pointing me at this tools – it works great.

  63. HappyAdmin says:

    Wow this saved me alot of time. Thanks a million Chrissy.

  64. Craig says:

    Chrissy thanks. Is there a way to do this remotely if you do not know the orginal password? Using CPQLOCFG.EXE you can do this remotely but you have to know the password or have another account to log on with.

  65. Kathryn says:

    THANKYOU. This saved me a day of headaches.

  66. Niceguy says:

    Thanks alot. It saved me a fortune

  67. Jakob says:

    Many thanks for this one! Made my day (night)…

  68. Barry says:

    incase you get a random “script failed” error, try adding a user instead. You’re probably trying to reset the password for an account that doesnt exist. Remember, both login and pw are case sensitive!

    Other errors can probably be solved by updating the ilo firmware or drivers with the vc agent

  69. Mike says:

    Thank you very much! Changing the Administrator password was indeed a bit too scary for me, especially because this particular server is 2,000 miles away, so I opted for adding a new user with administrative privileges and I was able to log into the iLO console in less than a minute.

    Thanks again!

  70. Mark says:

    Chrissy,

    You rock! When you come to New York, the lunch is on me :)
    Keep up the good work.

    Mark

  71. FeWiBeF says:

    I found this article very interesting and ussefull.

    Thanks a lot.

  72. L0B0 says:

    Great scripts and tutorial.
    Thanx a lot!

  73. Mace says:

    Love ya. This script is a life saver. Was able to terminal services into all of my servers and reset many unknown iLO passwords.

    iLOs are a lifesaver when it comes to the patch of the month from Microsoft.

  74. Bo says:

    I was amazed how easy this was!
    I definitely thought I was doomed, with no physical access to the server. Adding a new user worked like a charm!

    Just a quick note, the links to hp.com does not go to the latest version, and does not work in x64 Windows, just search for windows x64 and you’ll get the right one.

  75. Peter says:

    You’re a godsend!! Thanks for posting this. Admins that don’t share suck, especially if they leave and don’t share critical passwords like iLO accounts….

    If you come to Houston, lunch is on me!!

  76. Mike Day says:

    Thanks so much … you are awesome!

  77. LT says:

    Worked like a charm! Thank you very much!

  78. Billy says:

    Looks dood.

    however I can not get it to work.

    I have followed the instructions to a T.

    I keep getting the error:
    No RILOE II board found.

    the server has ILO 2 with the latest firmware.

    Any tips?

    This will help a LOT with all the server the previous admin left without documenting the iLO passwords…

  79. Billy says:

    Well here is an update.

    The procedure seems to work flawlessly on all iLO (1) servers.
    Which is great and helping cut down the load a bit. :)

    However, on ALL iLO 2 servers I get the constant error:

    ERROR :firmware flash is in progress.Please wait for a while.
    If this happened just once – ok; but on all of them?? hmmmm suspicious…

    The scripts and hponcfg.exe distributed by hp.com specify that ILO 2 is supported.

    Does anyone have any ideas?? Still about 30 servers to go… :(

  80. Darleen says:

    I am receiving a very similar error to Billy’s, any suggestions:

    Error:

    No RILOE II Board found.
    ERROR :firmware flash is in progress.Please wait for a while

  81. Bino says:

    Thanks a lot….
    Works perfectly……

    Saved me a lot of time and the best part was I could use it when the server is online…. :)

  82. Babul says:

    Fantastic!! Worked like a champ!! Thanks for posting this…

  83. sandeep says:

    Hi,

    I ran the command mentioned above and got this in the output.txt

    Firmware Revision = 1.88 Device type = iLO Driver name = CpqCiDrv
    Script succeeded

    But if i try to login it says unauthorized.

    Please help.
    This is my xml:

    Thanks
    sandeep

  84. Eef says:

    Thanks, works great! (saves me a lot of time ;-)

    Grtx,

    Eef

  85. Worked on CentOS 4.4 x86_64, although I had to also download and install hprsm and hpasm as well as hponcfg. These were findable through the HP website search from the linked RPM download page above.

    Thanks for the heads-up.

  86. Donovan says:

    Hey Chrissy,

    Thank you for your words of wisdom as I too was handed a number of blade servers without ILO password information.
    I am now curious to learn what other options are available with the HP ILO scripting capability.
    Cheers.

  87. Robert Gowdey says:

    Worked perfectly. Thanks!

  88. Mike says:

    Well written solution. Thanks for the help.

  89. Mike says:

    I’m going to combine this with psexec to get iLO configuration info from about 300 servers. The data is returned in what appears to be xml format. Any ideas on how to convert these into some semblance of a readable report?

  90. Mike says:

    Another question…wow 3 in a row from me. Sorry. In the sample scripts provided by HP, there’s one called license.xml. But it’s designed only to SET the activation key to a value that’s provided within the script. I want to GET the activation key, but according to the RIBCL section of the command-line resource guide, the only parameter available for the LICENSE command within a RIB_INFO block are ACTIVATE and DEACTIVATE. Does anyone know of an undocumented GET-type command that will simply retrieve the current activation key from an ilo MP?

  91. Tony says:

    If you get the error message “ERROR :firmware flash is in progress.Please wait for a while”, you need to download a later version of HPONCFG from HP.COM and install it.

  92. Casey says:

    Thanks man! Saved me a 4 hour trip!

  93. Nafania says:

    Thanks, pal, this is still usefull as hell!

  94. jeutix says:

    Marvelous! Thank you very much for saving time!

  95. TomH says:

    Thanks, once I’m back in I will configure them for AD integration (logon by AD group membership), if the iLO firmware is up to date it can be done without having to update your AD schema ! Then you never need to documnet control the Administrator password again, access can be granted with a group

  96. JACQUE says:

    Can you use this remotely, if you can only access ILO port, not ethernet. I have a remote server where network crashed somehow, and all I can get is ILO port. Hoping I can reset this from another server remotely????

  97. Carl says:

    Chrissy, I have one with no operating system on it. Is there a way to reset the password on this box remotely?

  98. Petr says:

    Well written article, most helpful too. Thanks!

  99. Martin says:

    Thanks a lot. Saved me quite a bit of travelling time.

  100. Derek says:

    Everyone who is having the issue of No RILOE II board found.

    the server has ILO 2 with the latest firmware.

    install the latest support pack/firmware. this fixed a few that i had that had this issue.

  101. Marcin says:

    It works just fine! Thanks!

  102. dk says:

    THX from Russia! :)

  103. Mukesh says:

    Chrissy you are just awesome…………I just took over a project and my ex project managers and engineers did not leave behind the ILO password…Now i have abt 300 odd server to manage but we cannot re-boot all the servers for re-setting and ur idea works mate :)…

  104. TheTick says:

    Thank you for your great documentation on this. It worked!

  105. Vinh Luu says:

    Awesome…just tried it and worked like a charm. Many thanks!!!!

  106. Paul says:

    Can you disable the ILO with this tool?

    Thanks.

  107. chungisheh says:

    Hi,

    I use the same process but seems not working.
    Nothing is written in output.txt file.

  108. Quu says:

    Thanxx! I take this in my Blog too > in German and do a Trackback.
    Great Job!

  109. Simon says:

    Thankyou for this tip. It worked perfectly. People like yourself who provide this information to the IT world free aqainst the general trend of information for money are the real IT proffesionals. Makes us more determined to help others as well. Cheers

  110. Mike Ragusa says:

    Your howto worked wonders!!! thanks so much

  111. Ozgur says:

    I am getting :
    No RILOE II board found.
    ERROR: No RILOE-II/iLO was found.
    But when I browse via browser I can see login page. I am als able to login via telnet. with admin and admin.
    Also this is brand new server which is HP DL140 G2. Could it be something other than admin / admin.
    Thanks

  112. Will Derrick says:

    Thanks, once I realised the password needs to be above a specific length, this worked a treat!

  113. Taiwo says:

    I changed the iLO password from the logging to the machine locally but everytime i restart the server, i lose the password. Also when i add a new user i cannot use the login details when i restart the server.

    Is this normal or im i missing something here?

  114. Christophe says:

    Thanks a lot. I’ve been dropped into the HP iLO world today, and i needed something like your explanation badly in order to do some troubleshooting. Thanks for the comprehensive tutorial.

    Friendly regards from Belgium,
    Christophe

  115. Wallis Short says:

    Hello Chrissy
    Fantastic article – Also had to fix ilo password but miles away from location. The tutorial was first class and I was able to reset 2 of my DL380 servers ILO admin passwords!!
    The only problem is that your hyperlinks to the software has moved – but it wasn’t hard to find the updated versions from HP website.
    Thanks dude – you saved me from a long trip in :)
    Cheers
    Wallis

  116. Chris Allen says:

    This worked great and helped me out.
    Thanks for posting the information.

  117. andrew says:

    wrked for me, great

  118. Dmitry says:

    Wow…talk about time saver! Thx.

  119. Mijnschoen says:

    Hi,
    This howto looks great.
    Although I failed to use it on my server (HP Proliant DL145 G2, Centos 5.1) Also, it is a hell of a job to find the right files at the hp site. I think hp might be a little more of a helping hand than it is now… but your howto made me at least smile for a while, so thank you ;)

    B.t.w. If anyone knows how to help me further, please contact me at mijnschoen (the-known-sign) hotmail.com.

  120. jmac1270 says:

    This solution works. Thanks for posting this one!

  121. whome says:

    If you are unable to change the password please check the log.txt as it might be that the password “newpass” is too short. Also you can ignore the “No RILOE II board found” message.

  122. rancor says:

    I got this “error message” when I’m trying to do this on a brand new DL360G5… I forgot to set password on 6 machines and I’m now 50 miles away from them :(

    [CUT]
    START_OPEN_TAG
    LOGIN
    USER_LOGIN
    EQUALS
    Administrator
    PASSWORD
    EQUALS
    boguspass
    END_TAG
    CPQLOCFG: Response received from the RIB: (137):

    [CUT]

    I seems like this security hole is corrected in new version that’s are shipped now days.

    Can anyone confirm this?

    // rancor

  123. rancor says:

    hm… I also tried on a much older mashine with ILO 1.70 from 02/11/2005 and the injection did not work with the same error message.

    What is the version of the one with success?

    // rancor

  124. Abell R. says:

    Excellent! It worked perfectly. I created a new user, logged in and then allowed full administration.

    Thanks a lot!

  125. Excellent Thanks.

    Just a quick note initially got ‘Script Failed’ but this was due to password length.

    Password needs to be 8 characters or longer

    Regards

    Phil

  126. richcj says:

    Thanks I inherited 100+ servers with custom ILO usernames and passwords that were not documented. I was able to reset them quickly via this method.

  127. Henri says:

    Hi,

    Worked great on our DL380 G3 -server – thank you very much!

  128. Alek says:

    Thanks! Good Soul!

  129. Robin Seeländer says:

    Thanks Chrissy,

    though i had to exchange the HPONCFG.exe, with the newest version, and change the password to be longer than 8 chars, the rest worked perfectly.
    Now management is a lot easier.

    Have a graet time.

    Robin.

  130. BenN says:

    Incredible! Thanks so much!

  131. Jaremy says:

    THANKYOUTHANKYOUTHANKYOUTHANKYOUI love you! –well, ok, that’s taking it a little far… but definitely thanks!

    man, I tell ya, try finding these instructions on HP’s site!

  132. Jaremy says:

    …by the way, I hope you fared well in Gustav’s wake

  133. Ian Roberts says:

    Just what I was looking for. Worked perfectly.

  134. Donna Fleming says:

    Hello,

    When we got our servers the tickets were taken off my mistake. All my MS DC’s I was able to get working expect my Exchange Mail Server. Of course thats another one of my critical servers I need to get to. I ran your script and it worked like a charm!

    Thanks so much!!!

    Donna

  135. harvey says:

    You are awesome – just saved me a 2 hour round-trip drive at 1AM. I owe you at least a beer.

  136. Sriram says:

    Hi,
    You are a life saver!!! Thank you. 1 suggestion though.. can you make this link more google friendly? I found this after some time on the net

  137. BJ says:

    Chrissy, thanks. Your post is deservedly at the top of the google results for reset ilo lost password.

    BJ

  138. Gratefull says:

    Thank you. Thank you. Thank you so much!

  139. Jay W. says:

    Thanks – just used this on an integrated iLO 2 and it worked perfectly to recover from unknown Administrator password.

  140. Shon says:

    this is a great fix i reset 10 of my hp servers production servers with out rebooting the server. thank you

  141. Rastaman75 says:

    Merci Beaucoup !!!!

  142. Denda says:

    You are awesome!!! Thank you so much and thanks to the people that added the pwd length issue.. Saved me TONS of time.

  143. iLO_Newbie says:

    Great article. Way to benefit others (including myself)!

  144. wajahat says:

    it worked for me on 3 servers (HP Dl380 G3)..Thanks..!!

  145. jockmcgonzo says:

    Thanks, this site has just made me look like a genius to my technical manager :o)

  146. Campbell says:

    Thanks Heaps!

    a nice cheat guide for something i could not find on HP’s site

  147. Vinod says:

    After running the script , the output.txt shows
    script failed!!!

    What would be the reason..
    Please help!

  148. Steve says:

    Chrissy you’re a goddess–beautiful and a geek. I knew about the utilities, but you helped me get the xml syntax right. I have a bunch of servers which I __can_not__ reboot, and now I can fix what the dspa (a=admin, you can guess the rest) did. Schweet!

  149. Moe says:

    It worked great… Marry me..

  150. Jana says:

    There is a GUI available now in the new version of PSP, which does exactly the same as the command line. Except that it is very convenient and easy to use!!

  151. Chris says:

    Worked like a charm!! Much appreciated!!

  152. AJ says:

    Nice guide, worked perfectly!!

    Q: Is there a way to recover a password instead of changing it?

  153. jitender says:

    Hi,

    Its a little of the topic, hope you’ll help me out.

    i am trying to configure “HP Integrity” servers through “cpqlocfg”
    but i am getting same error for all the xml scripts i have tried with,

    Connecting to Server..
    Negotiated cipher: 168-bit Triple DES with RSA and a SHA1 MAC
    cpqlocfg.exe: ERROR: Malformed RIB response: (146):
    501 Not Implemented
    501 Not Implemented
    The requested method is not recognized by this server.

    do we need to install advanced license to use cpqlocfg on integrity servers ?

    same cpqlocfg and xml scripts are working for proliant servers with advanced license .
    (newbie to ilo)
    please let me know where its going wrong, thanks in advance !!

  154. Bjorn says:

    Fantastic, you just saved me a trip to the server room :)

  155. Tom McGuigan says:

    BRAVO!! Saved us multi-server outages (scheduling nightmare) on dozens of our servers with “inaccessible ILOs”. MANY MANY THANKS!!!

    In gratitude, have summarized (below) most helpful responses.
    Also, note this issue vanishes with cClass – assuming alternative ILO access/account-management via OA logon to each enclosure.

    HP should consider broadcast of your workaround as an alert. At a minimum (if not done already) it should be linked/posted in the HP Support forum.
    Tom
    ____________________________________________________________________
    If you get a “script failed” error, try;
    1) Check the log.txt. It might be that the password is too short.
    2) Verify the password length is at least 8 characters.
    3) Add/create a new user (instead of modifying an existing user).

    If attempts to reset the password of an EXISTING ILO user fails;
    1) You may be trying to reset the password for an account that does not exist.
    2) Remember, both login and password are case sensitive!
    3) Update the ilo firmware and/or drivers.
    _____________________________________________________________________
    If you get the error message “ERROR :firmware flash is in progress. Please wait for a while”, download and install a later version of HPONCFG from HP.COM.
    _____________________________________________________________________
    If you get “No RILOE II board found” error.
    Install the latest HP PSP (aka HP support pack/firmware).
    _____________________________________________________________________
    HPONCFG should be executed from the target server console session –
    It may, or may NOT work properly via alternatives (RDP/Terminal Services session, Citrix/Metaframe session, etc.)
    _____________________________________________________________________
    HPONCFG.exe is specific to the OS platform (32 vs. 64 bit)…there is a different version for x64 Windows, search for windows x64 (on hp.com).
    _____________________________________________________________________
    Suggestion – First reset the ILO to factory settings…then, reset the password. This ensures an account named “Administrator” exists, thus avoiding failed password reset of non-existent/renamed Administrator accounts!!

    Execute the following line before attempting Administrator account password reset:
    hponcfg /reset
    This resets the iLO to factory settings, including the Administrator’s password to the original (asset tag of the server).

  156. Hagrat says:

    Thanks Chrissy, works a treat.

  157. Pulga says:

    Thanks very much it worked perfectly !!!!

  158. Marco says:

    Thank you very much for this solution. I initially received a “password is too short” error and had to lengthen the password to eight alpha-numeric characters with at least one capital letter.

  159. Jassim Raja says:

    Very nice. I really appreciate for such a nice post!

  160. Jens says:

    Thank you very much for this perfect solution. It even works with ribcl Version 2.1.

  161. Danyc says:

    Hi all,

    I’ve tried to download the rpm so i can reset the pass on linux but the link above is not working.

    Do you have any idea where i can find it ?

    Many thanks

  162. Danyc says:

    It worked for me as well using the command

    hponcfg -f

    The utility i got it from Proliant Pack CD

    Thanks,
    Dani

  163. Jay says:

    on one of my servers I get the following messages in my output.txt.

    sm2user.dll not found

    Any idea?

  164. Moshe Korach says:

    You saved my day. Many thx!

  165. Super info – just what i needed – thanks :o)

  166. Martin says:

    Youre my Hero! Thank you many times!

  167. Chrissy says:

    That’s awesome, Daniel! Thanks for the info.

  168. Daniel Smith says:

    Chrissy – thanks for the helpful info, worked like a champ and since I have DC’s and servers all across the US this sure makes life alot easier. You rock

  169. Banzai1975 says:

    This is very helpfull but i ahve a problem.. i have a OLD ILO and not a ILOII.. any ideas?….

  170. eric says:

    20 responses and none of them talking about how cute you are.

  171. Preetam Zare says:

    Thank you..so much..it helped me also

  172. Natalie says:

    Hi Chrissy,
    I just wanted to say thanks — your post saved me from an undesired drive to my datacenter as well. Awesome!! :-)

    I also wanted to say how stoked I was to see another female in the IT industry. We are a rarity. =)

    Take care and thanks again!
    Natalie

  173. Alessandro says:

    User addition worked from an Oracle Enterprise Linux 4U8 x86_64 box using hponcfg from the command line. Thanks !

  174. ONDA says:

    nice but i have a system but i can’t touch OS, I have no jumpers on the server to reset ilo password. The model is DL140 G3.

    how can reset ilo psw?!

  175. anon says:

    latest proliant support pack powered down the machine halfway through install. i lold.

  176. Mike says:

    I get an error when I run it on my HP Proliant DL 360.

    It says “No ILO 2 board found”

    All my servers have iLO 1 boards. Anyone know of a way to reset iLO 1 administrator passwords?

  177. Mike says:

    BINGO the new Proliant Support Pack includes a ilo online utlity that resets ilo 1 baords too!!!

    I am in, thanks guys.

  178. Guerreru says:

    great help, thanks a lot!!

  179. Shri says:

    I am getting following error. Can you help me with this?

    Syntax error: Line #0: syntax error near “<" in the line: "”
    Firmware Revision = 1.41 Device type = iLO Driver name = CpqCiDrv
    Script failed

  180. Albert says:

    I write a version in Chinese for RHEL4 user. For Chinese reader to follow.
    http://freelamp.com/58718

  181. John says:

    Thanks Mate, saved me a lot of reading.

  182. durga says:

    Hi

    need help in RILOE reset
    HPONCF doesnt work with RILOE 1…

    thanks

  183. manny says:

    Worked for me. Thanks a bunch.

  184. Glenn says:

    Amazingly helpfull, thanks

  185. Mike says:

    Fantastic hint! I just had to gather physical info for servers spread all over the country…

    For those having trouble with the version of hponcfg.exe provided by Crissy and/or Brandon, there’s a good chance your server already has the HP management software installed. Just do a search for hponcfg.exe and if it shows up somewhere on the hard drive, use that instance (don’t forget to enable search in hidden folders.) Just move the xml file you need to the same directory where the exe lives and you should be good to go.

  186. Martin K. says:

    Saviour of the day ;) Thanks!!

  187. ivan says:

    my apple computer screen is blank with only a (?) question mark in the middle ,tried every thing what can i do to resolve this

  188. Derek says:

    I’ve created a utility that will allow the hponcfg utility to be ran on remote systems. You can change the passwords remotely on many systems at once. If anyone needs it let me know. dbov21@yahoo.com

  189. Anoop says:

    Very Useful……….

  190. Cris says:

    how about changing the iLO IP address from within the Windows UI?? so that I don’t need to reboot the servers… anybody please?? thanks in advance.

  191. Mark says:

    You’re cool :O)

  192. Roberto says:

    Thank You for this!!

  193. Brian says:

    Worked like a charm. I had to update the server to the latest PSP (Proliant Support Pack), installed the HPONCFG app, and then was able to get it to work. At first i couldn’t talk to the card, so i ran the latest Firmware update (using RDP to the server as its at another location) on the iLO card itself, then tried the HPONCFG. it icomplained about updating the PSP, so I did. Now everything works great. Thanks!!

  194. jpm says:

    Thanks, works as described using equivalent hponcfg for Solaris 10 x86. Saved me a trip to the other side of London!

  195. Podilarius says:

    Very Nice .. had to load a standard kernel so that hp services start, but once that is started up, the scripted worked out just fine.

  196. sitek says:

    god job! :) thx

  197. stucked says:

    Allright!!!

  198. MrSencie says:

    Thanks a lot you have saved a the day and a lot of petrol money

    ;-)

  199. Evan says:

    Does anyone know if this will work for VMware ESX 3.5?

  200. sayovi says:

    there is a server which is down and we have no iLO info :(
    We are trying to reset the password using cpqlocfg.exe but it's not working..
    Do you have any suggestions ?

  201. Pur3 says:

    Used the add_user.xml and edited it for my needs. Worked perfectly!!! Thank you very much!

  202. Blake says:

    4m421n9!!! 571Ll w0rx l1k3 4 Ch4Mp 5 y34r2 L473R!

  203. G Edwards says:

    Worked well – no porblems. Great step-by-step guide!!!

    Best Wishes from New Zealand.

  204. ErikH says:

    This is just what I was looking for!!!!

  205. Jens says:

    Hello, that's nice if you're locked on to the server. Is it able to do this remote? I search for a way to change about 200 ILO local Admin passwords from remote.

  206. I followed your instructions and hponcfg is telling me the script was successful in adding a new user, but attempts to logon as that user fail. Re-running hponcfg tells me user already exists, thus apparently confirming I was right the first time round. Can you suggest any reason why the logon fails?

  207. Jon says:

    Nice job…this worked and saved me a lot of trouble.

  208. deepak says:

    is there any way to recover adminstrator password with this tool

  209. SiRu says:

    Thank you very much, it solved my issue :)

    Thanks again

  210. Andy says:

    Chrissy, yet again you rock! Hostile takeover meant I needed to reset the ilo passwords. Now to see if I can change the ILO password on a remote machine.

  211. David says:

    This worked perfect for ILO 1 (Firmware 1.94 = newest) on DL360 G3 server in Linux.

    Don’t forget after you reset the password (or change just about any setting) ILO generates a new self-signed certificate. DON’T USE FIREFOX because there’s a serious bug that will lock you out of ILO. But if you are using Chrome or IE you might have to exit the browser and load it again.

  212. powderhound says:

    Great help – thanks. Glad I found this link :-)

  213. norm says:

    I'm afraid that this no longer works to reset a lost Administrator password, even on ilo 2.

  214. @pajtas11 says:

    Guys, this worked like a charm! Thank you very much!

  215. lucasb says:

    Hi, I am familiar with that resource to change or add users. Do you have any idea on how to set the password age via hponcfg? I couldn't find that option in the web interface :(

    Thanks!

  216. Aaron says:

    Worked great! Thanks

  217. Dave O says:

    I got a replacment system board from a vendor that had no iLO tag attached. I just added the pertinent information into a file created by hponcfg /w saved it, then ran hponcfg /f. Worked like a charm. Thanks for the info!!!

  218. xxx says:

    Let me know if anyone gets this to work w/ ILO3

  219. xxx says:

    Unfortunately you have to be logged into the affected server in order to reset the admin password. Not only is my server down, I'm locked out of ILO. Let me know if you know of a way to recovery access to ILO if the host is down.

  220. Lukas says:

    All good, but whe I run the reset-request in the log in find that C:WindowsSystem32SM2User.dll is missing…but ist there and Password didn't get reset!

  221. Filipe says:

    Fuck yeahh, thanks bro, It works!

  222. Mate,

    Thanks for the knowledge sharing.

    Scenario # I have lost my password of Administrator Account for iLO. Resolution # But with your script I was able to modify it without knowing the old password.
    Comments # Do you think it works in that way?

  223. Srinivas says:

    Hello All,

    I need the script to get the ILO details of all the HP Servers in the environment (almost 500 HP Servers) like, IP Address, ILO Name, DNS IP, UserName, Password.

    Please help.

    Regards,
    Srinivas.K

  224. Daniel says:

    Can someone help me with the scrip and process for resetting the admin P/W on a HP DL380P Gen 8 server? assuming I have never done this before so as much detail as possible. Thanks for your help in advance.

    Daniel

  225. coolirc says:

    Thanks for The Great tutorial … the add user as admin solution worked for me , i’m running ESXI 6.0 and have HP DL380 G8 and G7 as server i have reset the ilo password using ssh on the esxi servers.

    Great Job , the first solution always giving me syntax error while the second one worked very well, and when accessing the web page you can reset the administrator pass and allow more privilege for the new user.

    Thanks

  226. Jim Keel says:

    Thank for the ilo reset Adm. Save me time on myProliant G8

  227. wolfeyes says:

    Chrissy. I love you.

  228. Tudor says:

    Hello,

    I am trying to change the admin password of our ILO DL380p g8 server with the info provided, but after completing all the steps and the log info shows all succeeded, the new credential are not working, I can’t access the Bios settings, only remote access, can you give me an advice please?

  229. Michel says:

    old post , but still saving lives !! :)
    I just installed hponcfg rpm and ran “hponcfg -w ‘filename'” to get current iLO configuration written down to a file. User/pass was there and access became easy! Tks for the post!!

  230. Bram says:

    Thanks, this helped me get back to my console.

    Used the hponcfg utility on linux.

    Change pass didn’t work but adding a new user with admin privs did.

    Cheers,
    Bram

  231. Vadim says:

    Chrissy, many thanks! This post is still actual! B-)

12 Pings/Trackbacks for "Remotely Reset Administrator Password on iLO without Reboot"
  1. […] If you&#8217;ve lost your HP iLO login or inherited a new server and can&#8217;t get into iLO, here are the instructions you need:&nbsp; http://blog.netnerds.net/2006/04/ribcl-reset-administrator-password-on-ilo/ […]

  2. […] If that doesn’t work, here are the instructions you need graciously provided by Chrissy:  http://blog.netnerds.net/2006/04/ribcl-reset-administrator-password-on-ilo/ […]

  3. […] So I forgot the ILO password .. and rather than opening up the machine and flipping the switch thingy, I gave this a whirl which worked wonders! http://blog.netnerds.net/2006/04/ribcl-reset-administrator-password-on-ilo/ […]

  4. HP DL380 G5 -> Reset ILO Adminpasswort

    Wer das Admin-Login für ILO nicht mehr weiss, kann dies zurücksetzen mit folgenden Schritten:
    1. Installieren der Windows-Komponente SNMP – wird verwendet für die HP Insight Management Agents.
    2. Download und Installation HP Insight Management A…

  5. […] How to hack HP ILO Thanks to Pete [PS] […]

  6. […] CISCO – Password Recovery Jun 03 Reset Administrator Password on iLO By shirajAdd commentsNetworking, Password http://blog.netnerds.net/2006/04/ribcl-reset-administrator-password-on-ilo/ […]

  7. […] Reset iLO password iLO card password reset page_revision: 5, last_edited: 1225179701|%e %b %Y, %H:%M %Z (%O ago) edittags history files print site tools+ options edit sections append backlinks view source parent block rename delete help | terms of service | privacy | report a bug | flag as objectionable Hosted by Wikidot.com — get your free wiki now! Unless stated otherwise Content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License Click here to edit contents of this page. Click here to toggle editing of individual sections of the page (if possible). Watch headings for an “edit” link when available. Append content without editing the whole page source. Check out how this page has evolved in the past. If you want to discuss contents of this page – this is the easiest way to do it. View and manage file attachments for this page. A few useful tools to manage this Site. See pages that link to and include this page. Change the name (also URL address, possibly the category) of the page. View wiki source for this page without editing. View/set parent page (used for creating breadcrumbs and structured layout). Notify administrators if there is objectionable content in this page. Something does not work as expected? Find out what you can do. General Wikidot.com documentation and help section. Wikidot.com Terms of Service – what you can, what you should not etc. Wikidot.com Privacy Policy. _uff = false; _uacct = “UA-68540-5″; _udn=”wikidot.com”; urchinTracker(); […]

  8. […] I came across this post that detailed how to use software to change the password, and you don’t even need to know the […]

  9. […] to netnerds.net Posted by irwan on Thursday, August 25, 2011, at 5:17 pm. Filed under Linux, […]

  10. […] of netnerds.net Rate this: Share this:EmailPrintMoreFacebookStumbleUponDiggRedditLike this:LikeBe the first to […]

Leave a Reply

Your email address will not be published. Required fields are marked *

*