Nov 2, 2017
Synopsis and Purpose
I got a great deal on a used SuperMicro server motherboard. Unfortunately there was some work to be done on it. I contacted the seller and they were unresponsive to my query. The motherboard had settings that were locked behind the IPMI login screen and I didn’t have the credentials. This presents a security risk as well as a big inconvenience. There could be VPN settings or other odd settings in the IPMI. So we’ll need to find a way to reset it to factory defaults and gain access to our system. Resetting the BIOS on the system doesn’t reset any IPMI settings, which are probably stored on the NVRAM in the system, which is persistent, even after power deprivation.
Documentation on this was sparse from what I could see but I did find a guide that talked about doing this process and some more stuff on the board with a DOS CD. However, I’ll have to compile my own to do this and I’m not really familiar with the process of building a FreeDOS project. The guide I found had a reference to a FTP server hosted by SuperMicro that had a utility called IPMIconfig. That sounds exactly like what we need. There is a user guide for the utility in the directory and in the zip archive as well.
Here is a link to the FTP resource ftp://ftp.supermicro.com/utility/IPMICFG/
So we’ll use a Live CD to use the utility and run the Linux version of IPMICFG to fix this problem. I have an abundance of Ubuntu Live CD’s lying around from all my distrohopping. In this case, I’m going to be using a Ubuntu 16.04 LTS x64 Live CD.
Setting up the peripherals and media
So get your monitor, keyboard, and maybe a mouse setup to your server. In my case I also had to add an external USB cd/dvd reader as well. Make sure its hooked up to the Internet so we can grab the IPMIConfig utility. If you don’t have net access, you can always just download it on a separate device and mount the media.
Reboot your server and select your boot option that has the Linux LiveCD media inserted.
Booting to the right device with a locked BIOS.
If you need to select your boot devices, but forgot or never had the BIOS password, you can reset the BIOS by removing the CMOS battery and unplugging the system and waiting it out, or you can use a jumper / switch on the BIOS.
I couldn’t select a boot option without a password (I had forgotten the one I setup, but then remembered). So we’ll have to either deprive the system of other preferred boot options or replace its preferred option with our LiveCD / USB / Hard Disk installation so we can get into a Linux environment.
Once I removed the typical USB that the system normally boots to, system booted to the LiveCD and external USB reader I had hooked up and started loading Ubuntu 16.04 x64.
Just in case someone is using a terminal only environment, I’ll use terminal instructions just for universality. You can do all these in Linux desktop environment as well. If you’re not familiar with the terminal, I’ll include a description of the commands we are executing as well.
Open terminal and type the following to download the IPMICFG utility.
Once its finished downloading, we’ll unzip the archive.
Now, lets change our working directory to the folder we just unzipped.
We’re using Linux so we’ll change into utility folder for Linux.
I’m using a 64-bit system so we’ll change into the 64bit folder.
Now we’ll execute the command that will restore our IPMI to factory default settings. It needs superuser permissions so we’ll include sudo.
sudo ./IPMICFG-Linux.x86_64 -fd
In my case, this worked. I restarted the machine and the IPMI interface was accessible from the IP address that it was previously configured for. The interface credentials had been reset to their factory default of ADMIN/ADMIN.
A Note on other IPMICONFIG functions
IPMICFG-Linux.x86_64 (the utility we used) also has a lot of other options and functions it can do. You can use these to reset users credentials without resetting the whole IPMI to factory defaults. In my case, I didn’t need anything preserved. You can view other functions and reference their use in the terminal output or in the user manual for the utility. To print the functions, just execute the following in the working directory of the utility.
A note on the CMOS / BIOS
This does not reset the CMOS BIOS in away. So any credentials stored on there will still be in place. If you need to reset that, you can simply remove the CMOS battery and unplug the device or use a jumper / switch on the motherboard. The BIOS will re-flash and go back to factory defaults. This could affect your boot devices and other settings so be prepared before doing this.
I hope this guide helped you reclaim control of your system! It was a smooth experience for me and I’m glad I don’t have to worry about my IPMI system anymore. I put this off for too long. Its so simple to do. Let me know if this helped of if you have any feedback. I always look forward to getting comments from people who used these guides. Take care!