Dell iDRAC 400 Bad Request Error After Firmware Update
July 2025
Gotta love updates... They fix things only to break them. I updated my iDRAC on my Dell Poweredge R730XD and my iDRAC web GUI no longer worked... After a little bit of troubleshooting and research I found that it was an easy fix. All I had to do was fix a DNS entry since I use DNS for my iDRAC, which I was able to modify by SSHing into iDRAC
Prerequisites:
Dell Poweredge server with outdated iDRAC, another device to remote into the server, and patience.
Updating iDRAC
My server is a little bit newer, so there is still firmware available on Dell's website. If your server is a little older, Dell no longer hosts the iDRAC firmware,
but there is a kind soul that hosts a FTP server will all the firmware for older servers if needed.
Note: This is an unoffical firmware source, exercise caution when downloading and installing
firmware/software/anything from unknown and untrusted sources. Use at your own risk
That site can be found here: Update Yo Dell, foo!
I used the official Dell website as my firmware was available there. To find your device, you can use Dell's official support page.
When you are at your device firmware selection page, the download type you want to select is firmware, and the category is iDRAC with lifecycle controller.
When you go to download the firmware, choose the Other Formats option, and download the .exe firmware type, even if the OS on your server is not windows. We will
be extracting this EXE and removing the firmware file.
Once the .exe file has downloaded, change the file extension to .zip. (Some .exe files are structured like a .zip folder and can be decompressed) Unzip the folder, and
navigate to the payload directory. There should be a file named firmimg.d7 in that directory. That is the firmware file that we want.
Once you have grabbed this file, use your web browser to sign into your iDRAC GUI. Once you are signed in, navigate to the menu for iDRAC Settings -> Update and Rollback.
Upload the firmimg.d7 file and let the upload run. It took mine about 30 minutes for the update job to run. After it is complete, you may or may not be able to access iDRAC from your web GUI. Yay.
Fixing DNS for iDRAC
This is the point where my iDRAC broke. When I would go to access the web GUI, I would receive a 400 bad request error when I tried to access the GUI from its DNS domain name.
However, when I accessed the iDRAC GUI from its IP address, there was no error. So this issue appears to be isolated to using a domain name. To resolve this error, you will
first want to ssh into your iDRAC. You can do this with the following command:
ssh username@xxx.xxx.xxx.xxx. Replace the username with your iDRAC username, and the password
with that users password. I ran into the following issue when trying to SSH into iDRAC from windows, but I received no errors attemping to SSH from a Kali box.
Corrupted MAC on input.
ssh_dispatch_run_fatal: Connection to xxx.xxx.xxx.xxx port xx: message authentication code incorrect
There is an issue with the Message Authentication Code algorithm for SSH. To solve this issue, I needed to change the SSH algorithm that was used between my client and the server. To list available algorithms, you can use the following command:
ssh -Q mac
this command lists the SSH algorithms
I decided to use the hmac-sha2-512 algorithm, and it solved the issue for me. Now you can include the algorithm in the ssh command like this:
ssh -m hmac-sha2-512 username@xxx.xxx.xxx.xxx
Once you run that command and enter your password, it should let you into Dell iDRAC's weird ssh terminal. They use their own command language called RACADM.
You can find the RACADM documentation here. Note:
you may need to seek out documentation if your iDRAC firmware is a different major and minor version than mine, as there may be different commands utilized.
Once you are able to SSH in, we want to look at the configuration file for the iDRAC webserver. We can do that by running the following command:
racadm get idrac.webserver
When you run this command, you should have output similar to the following:
The ManualDNSEntry line should be empty. That is where you want to include the domain name that your iDRAC IP address is mapped to. You can add the DNS entry
to the configuration using the following command:
racadm set idrac.webserver.ManualDNSEntry
After running that command, hopefully the terminal output states that the object was changes successfully. If you want to verify that the command did work, you can run
racadm get idrac.webserver again and check the ManualDNSEntry value for your domain name. After these steps have been completed,
iDRAC should be accessable through the web interface again!