Go to main content

Oracle® ILOM Security Guide For Firmware Releases 3.x and 4.x

Exit Print View

Updated: December 2019
 
 

Remote Authentication Services and Security Profiles

Oracle ILOM can be configured to use an external centralized user store rather than having to configure local users on each Oracle ILOM instance. This provides the added convenience of being able to centrally create and modify user credentials and enable users to gain access to many different systems.

Before choosing and configuring an authentication service, understand how these services work and how each needs to be configured. In addition to authentication, each of the supported services provide the ability to configure authorization rules that define how the Oracle ILOM user privileges get assigned for a given remote user. Ensure that the proper user role or privilege gets assigned.

The following table describes the user authentication services supported by Oracle ILOM.

Table 8  Remote Authentication Services and Security Profiles
Service Name
Security Profile
Information
Active Directory
High
  • This service is secure by default.

  • Using strict certification mode requires a certificate server, but adds an additional layer of security.

Lightweight Directory Access Protocol/Secure Socket Layer (LDAP/SSL)
High
  • This service is secure by default.

  • Using strict certification mode requires a certificate server, but adds an additional layer of security.

Legacy LDAP
Low
  • Use this service on private, secure networks where there are no suspected malicious users.

Remote Authentication Dial In User Service (RADIUS)
Low
  • Use this service on private, secure networks where there are no suspected malicious users.

Services with a high security profile can be used in very secure environments as they are secured by certificates and other forms of strong encryption to protect the channel. The services with a low security profile are disabled by default. Enable these low security profiles only if you understand and accept the limitations of this low level of security.

For remote authentication service configuration details, refer to the appropriate Oracle ILOM documentation below:

  • Setting Up and Maintaining User Accounts, Oracle ILOM Administrator's Guide for Configuration and Maintenance (Firmware 3.2.x)

  • Setting Up and Maintaining User Accounts, Oracle ILOM 3.1 Configuration and Maintenance Guide

  • Managing User Accounts, Oracle ILOM 3.0 Daily Management - CLI Procedures Guide

  • Managing User Accounts, Oracle ILOM 3.0 Daily Management - Web Procedures Guide