1

I need to remove all existing user accounts and configuration from iLO2 on many old HP blade servers. As far as can do config/log clearance with hponcfg <bay number> << EOF and pasting my script, I cannot remove all user accounts. I tried with 

<USER_INFO MODE="write">
  <DELETE_USER USER_LOGIN=*>
</USER_INFO>

but I get syntax error because of *, seems like it only accepts a single username. I found a GET_ALL_USERS command that returns all usernames, but I don't know how to parse it in a loop. How can I do it?

Edit: Even though there already is an accepted answer, if someone bumps on this thread and knows how to just remove users without factory reset, I'd appreciate the hint. Sometimes removing all users except for admin one might be useful.

adamczi
  • 153
  • 1
  • 6
  • 1
    Just loop externally with multiple calls to that command in a script. Also be careful and check what happens if you delete all user names - can you still login in some way? – Sven Aug 19 '17 at 09:22
  • These devices are about to get scrapped so it's not an issue, but thanks for the point. What do you mean by 'loop externally'? The only thing that comes to my mind is to loop ssh connections with first returning list of users, then parse the list to get them, and then run ssh for each user with hponcfg and appropriate `SUBSTITUTE` parameter. It seems quite complicated as for what I think is a simple task. – adamczi Aug 19 '17 at 09:31

2 Answers2

2

Why don't you run the command to factory reset the ILO units?

See here.

Something like:

hponcfg “Insert Blade Bay Number” << @


<RIBCL VERSION="2.0">
  <LOGIN USER_LOGIN="Dontcare" PASSWORD="UsingAutologin">
    <RIB_INFO MODE="write">
      <FACTORY_DEFAULTS/>
    </RIB_INFO>
  </LOGIN>
</RIBCL>
ewwhite
  • 197,159
  • 92
  • 443
  • 809
1

Here is a simple script to remove all user accounts except for Administrator...

#!/bin/bash

HPONCFG=/usr/sbin/hponcfg
[ -x $HPONCFG ] || exit 1
MYTMPDIR="$(mktemp -d)"
trap 'rm -rf -- "$MYTMPDIR"' EXIT

GETUSER=$MYTMPDIR/get_user.xml
DELUSER=$MYTMPDIR/del_user.xml

cat > $GETUSER << EOF
<RIBCL VERSION="2.0">
 <LOGIN USER_LOGIN="admin" PASSWORD="password">
  <USER_INFO MODE="read">
   <GET_ALL_USERS/>
  </USER_INFO>
 </LOGIN>
</RIBCL>
EOF

cat > $DELUSER << EOF
<RIBCL VERSION="2.0">
 <LOGIN USER_LOGIN="admin" PASSWORD="password">
  <USER_INFO MODE="write">
   <DELETE_USER USER_LOGIN="%username%"/>
  </USER_INFO>
 </LOGIN>
</RIBCL>
EOF

LIST=$($HPONCFG -f $GETUSER | sed -n '/USER_LOGIN/p' | awk -F\" '{print $2}')
if (( $(echo $LIST | wc -w ) \< 2 )); then
        echo "Nothing to remove"
        exit
fi
for item in $LIST; do
        if [ "$item" != "Administrator" ]; then
                echo "Removing user: ${item}"
                $HPONCFG -f ${DELUSER} -s username=${item} >/dev/null 2>&1
        fi
done

The first section reads in all the users in the iLO configuration then the second part removes all but Administrator.

Marcos
  • 11
  • 3