Go to main content

Oracle® ILOM Getting Started Guide Firmware Release 3.2.x

Exit Print View

Updated: May 2016
 
 

Add New Users to Oracle ILOM

Before You Begin

  • On most server SPs and CMMs, you can create up to 10 local user accounts. On some SPARC SPs and CMMs, you can create up to 60 local user accounts.

    Note -  To determine the maximum number of user accounts supported on the SP or CMM, click the More details... link in the ILOM Administration → User Management → User Account page in the web interface.
    Note -  To locate Oracle ILOM instructions for configuring remote user authentication directory services (such as Active Directory, LDAP, or RADIUS), see the Related Information section following this procedure.

  • You can use the CLI, web interface, SNMP interface, or IPMI interface to manage the server SP or CMM local user accounts. The following procedure identifies how to perform this task using the web interface and the CLI. To locate instructions on how to perform this task using an SNMP or IPMI interface, see the Related Information section following this procedure.

  • The following procedure assumes you are logged in to Oracle ILOM as a root user. For root user login instructions, see Log In to Oracle ILOM.

To add new local user accounts to Oracle ILOM, perform one of the following procedures:

  • Add new local user accounts – Web Procedure 1

  • Add new local user accounts – CLI Procedure 2

  1. Add New Local User Accounts – Web Procedure
    1. In the Oracle ILOM web interface, click ILOM Administration > User Management > User Accounts.
    2. In the Users table, click Add.

      The Add User dialog box appears.

    3. Specify a name and new password for the user account, and then select a user role profile.

      Oracle ILOM enables you to select one of three user role profiles from the web interface: Administrator, Operator, or Advanced. For a description of each user role profile, see Example 1, Oracle ILOM User Profile and Role Descriptions.

    4. To add the new user account properties, click Save.
  2. Add New Local User Accounts – CLI Procedure
    1. At the Oracle ILOM CLI prompt, type either:
      —> create /SP/users/username password=password
      —> create /CMM/users/username password=password

      For example:

      -> create /SP/users/user5
      Creating user...
      Enter new password: ********
      Enter new password again: ********
      Created /SP/users/user5
    2. To assign a role to the user account, type either:
      —> set /SP/users/username role=aucr
      —> set /CMM/users/username role=aucr

      For example:

      To grant all read and write privileges to user5 on the server SP, type:

      -> set /SP/users/user5 role=aucro
      Set 'role' to 'aucro'
      Note -  aucro is equivalent to the setting the Administrator (administrator) profile.

      For more information about the user roles and privileges supported in Oracle ILOM, see the following table.

Example 1  Oracle ILOM User Profile and Role Descriptions
Assignable Profiles and Roles
Privileges Granted
Administrator
(administrator)
The Administrator profile grants privileges for the following predefined user roles:

  • Admin (a)

  • User Management (u)

  • Console (c)

  • Reset and Host Control (r)

  • Read-Only (o)
Operator
(operator)
The Operator profile grants privileges for the following predefined user roles:

  • Console (c)

  • Reset and Host Control (r)

  • Read-Only (o)
Advanced Roles
(a|u|c|r|o|s)
The Advanced Roles profile is configurable from the web interface only. Use this profile to grant privileges for any of the following predefined user roles:

  • Admin (a)

  • User Management (u)

  • Console (c)

  • Reset and Host Control (r)

  • Services (s)

  • Read-Only (o)
admin (a)
The Admin (a) role, when enabled, grants read and write permissions to all Oracle ILOM system management functions with the exception of the functions that would require the Admin (a) role to have these additional user roles enabled: User Management (u), Reset and Host Control (r), Console (c), and Services (s).
user (u)
The User Management (u) role, when enabled, grants read and write permissions to all Oracle ILOM user management authentication features.
console (c)
The Console (c) role, when enabled, grants read and write permissions to perform these remote console management functions: remote console lock options, SP console history log options, launch and use the remote console feature, and launch and use the Oracle ILOM Storage Redirection CLI.
reset and host control (r)
The Reset and Host Control (r) role, when enabled, grants read and write permissions to perform these host management functions: host boot device control, run and configure diagnostics utilities, reset SP, reset CMM, sub-component service actions, fault management actions, SPARC TPM management actions, and SNMP MIB download operation.
read-only (o)
The Read-Only (o) user role grants read-only permissions to view the state of all Oracle ILOM configuration properties and to change the account password properties assigned to the individual user account.
service (s)
The Services (s) user role, when enabled, grants read and write permissions to assist Oracle service engineers if on-site service is required.
administrator (aucro)
A combination of all these user roles (aucro), when enabled, grant read and write permissions to perform backup and restore configuration functions in Oracle ILOM.

Related Information

Copyright © 2014, 2016, Oracle and/or its affiliates. All rights reserved. 
Previous
Next