User Accounts Enabled by Default
Oracle ILOM arrives with a preconfigured Administrator user
account known as root, and a password-recovery
user account known as default. For further information
about the use of these accounts, see the following table.
Table 6 Local User Accounts Enabled by Default
The Oracle ILOM root user
account is a persistent local user account that is available on
all Oracle ILOM interfaces,
unless, you choose to delete the persistent root user
Built-in administrative privileges – The root account
includes built-in administrative privileges (read and write) for
all Oracle ILOM features, functions, and commands.
Recommended security practice
access to the managed server or CMM, you should either:
Modify the default root password
(changeme) provided on each Oracle ILOM service
processor (SP) or chassis monitoring module (CMM).
- or -
Delete the preconfigured root account
provided on the Oracle ILOM SP and Oracle ILOM CMM.
Prior to removing the preconfigured root account,
you must replace the root account with a customer-configurable
local user account or a directory service such as LDAP or Active Directory.
Note. When the root account
password is set to changeme (default password),
a warning message appears in the CLI upon logging in and a warning message
appears in the top portion of the web interface page.
The preconfigured default user
account provided in Oracle ILOM is limited to password recovery.
Local serial console use only – The
preconfigured default user account is available
for use through a local serial connection only. Also, you must be
able to prove physical presence at the server or CMM.
Usage Scenario – If
you delete the root account in Oracle ILOM
prior to replacing the root account with a customer-configurable
account, you can use the default account to
log in to Oracle and use the normal Oracle ILOM commands to create
a new account.