Automating the basic configuration of IPMI interfaces : To reduce the risk of misconfiguration

Abstract: In this report the lack of basic security of IPMI devices when freshly received from the manufacturer will be discussed and analysed. Furthermore, the rest of the report will focus on attempting to find a solution on how to automate configuration of IPMI devices (and iDRACs due to hardware being borrowed from Ericsson Linköping) to avoid misconfigurations and to change the default credentials shipped. Three proposed workflows will be implemented and compared, and a fourth is further proposed in this report. All three workflows prove to work but the first using OME is found being slower, needing an additional license per iDRAC and require manual intervention while the other two workflows works fully automated. Considering how the three first workflows all require AutoConfig regardless of the rest of the steps the second workflow is recommended as its way faster than the other two methods. In theory the fourth workflow would be even better as it does not require AutoConfig to work nor would it necessarily only work for iDRACs but work for any IPMI device which supports the REDFISH API. Lastly getting better basic security should be something that the manufacturers should strive for as it only strengthens their brand and should they do so in the future then this automation may be unnecessary but could be repurposed to change any setting in the IPMI device.