Users or management agents can access the Oracle ILOM SP and its components only through authorized user interfaces. Users and agents cannot access any of the underlying operating system interfaces, and users cannot install individual software components on the SP.
Oracle ILOM can authenticate user accounts through local accounts that you configure, or against a remote user authentication database such as Active Directory or LDAP/SSL. With remote authentication, you can use a centralized user database rather than configuring local accounts on each Oracle ILOM instance.
You also can remotely authenticate and authorize user access based on a user's membership in a host group. A user can belong to more than one host group, and on these servers, you can configure up to 10 host groups using the Oracle ILOM web interface, the CLI, or SNMP.
You can use Active Directory or LDAP/SSL to configure host groups for remote user authentication.
The tasks involved in configuring host groups include managing certificates (LDAP/SSL), administrator groups, operator groups, custom groups, and user domains.
For details, refer to Oracle ILOM Administrator's Guide for Configuration and Maintenance, Firmware Release 4.0.x at https://www.oracle.com/goto/ilom/docs.