Supported User Authentication Configuration Options

Language:

Before choosing and configuring how to you want to implement user authentication in Oracle ILOM, consider the following information.

Table 8 User Authentication Configuration Options

Option

Features and Considerations

Local User Account Authentication

Up to 10 configurable user accounts stored locally in Oracle ILOM.
Two preconfigured user accounts are shipped for quick deployment and maintenance: root user account and default user account (see Preconfigured User Accounts Enabled by Default).
Configurable user role privileges granting either read-only or read and write access to discrete Oracle ILOM features (see Assignable Oracle ILOM User Roles).
Secure user authentication and authorization for local and remote management.
Oracle ILOM user credentials are maintained separately for each SP and CMM.

For additional information about configuring local user accounts in Oracle ILOM, see Configuring Local User Accounts .

Authentication Directory Service

Provides users access to Oracle ILOM beyond 10 local user accounts.
Enables system administrators to centrally create and maintain user credentials for all Oracle ILOM instances (all managed server SPs and CMMs in local network environment).
Enables authenticated Oracle ILOM users to have access to all Oracle ILOM instances.
Enables system administrators to configure user authentication rules for using features within Oracle ILOM.

Table 9 Supported Authentication Directory Services

Authentication Service	Description
Active Directory	Active Directory is a distributed service that is provided with Microsoft Windows Server operating systems. The Active Directory service is secure by default. For additional information about configuring Oracle ILOM to use the Active Directory authentication service, see Configuring Active Directory .
LDAP/SSL	The LDAP/SSL authentication service is secure by default. It supports an optional strict certification mode that requires the use of a security certificate. For information about configuring Oracle ILOM as an LDAP/SSL client, see Configuring LDAP/SSL.
LDAP	The LDAP (v2) authentication service is less secure than LDAP/SSL. Configure this service only if you understand and accept the security limitations. For additional information about configuring Oracle ILOM as a LDAP client, see Configuring LDAP.
RADIUS	Remote Authentication Dial In User Service (RADIUS) is a networking protocol that uses a client-server model to provide user authentication and authorization. For additional information about configuring Oracle ILOM to use the RADIUS authentication service, see Configuring RADIUS .