Go to main content

Oracle® ILOM Security Guide For Firmware Releases 3.x and 4.x

Exit Print View

Updated: December 2019

Avoid the Creation of Shared User Accounts

Maintain a secure environment by avoiding the creation of shared accounts. Shared accounts are user accounts that share a given user account password. Instead of creating shared accounts, the ideal method for handling user accounts is to create a unique password for each user who has access to Oracle ILOM. Ensure that each user account and password combination are known only to one user.

Note - Oracle ILOM supports up to 10 local user accounts. If you require more users to access Oracle ILOM, you can configure directory services, such as LDAP or Active Directory, to support more accounts using a centralized database. For more details, see Remote Authentication Services and Security Profiles.

After establishing individual user accounts with unique passwords, the system administrator should ensure that a unique password was assigned to the preconfigured Administrator root account. Otherwise, without a unique password, the preconfigured Administrator root account is considered a shared account. To ensure that unauthorized users do not use the preconfigured Administrator root account, you must modify the password or remove the preconfigured root account from Oracle ILOM. For further details about the preconfigured Administrator root account, see Modify Default Password for root Account at First Login.

For further guidance about establishing secure accounts with unique passwords, refer to the Security Guidelines for Managing User Accounts and Passwords.

For user account configuration information, see Configuring User Access for Increased Security.