Skip to main content

User accounts

Use the information in this topic to create, modify, and view user accounts that have access to the IMM2 console.

Select the Users Accounts tab to create, modify, and view user accounts (as shown in the following illustration).
Note
The IMM2 subsystem comes with one login profile.

user accounts page

Create user

Click the Create User... tab to create a new user account. Complete the following fields: User name, Password, and Confirm Password (as shown in the following illustration).

create new user page

User properties

Click the User Properties tab to modify existing user accounts (as shown in the following illustration).

user properties page

User authority

Click the Authority tab to set the user authority level. The following user authority levels are available:
Supervisor
The Supervisor user authority level has no restrictions.
Read only
The Read only user authority level has read-only access and cannot perform actions such as file transfers, power and restart actions, or remote presence functions.
Custom
The Custom user authority level allows a more customized profile for user authority with settings for the actions that the user is allowed to perform.
Select one or more of the following Custom user authority levels:
User Account Management
A user can add, modify, or delete users, and change the global login settings.
Remote Console Access
A user can access the remote console.
Remote Console and Virtual Media Access
A user can access the remote console and the virtual media feature.
Remote Server Power/Restart Access
A user can perform power-on and restart functions for the remote server.
Ability to Clear Event Logs
A user can clear the event logs. Anyone can look at the event logs; but, this authority level is required to clear the logs.
Adapter Configuration - Basic
A user can modify configuration parameters on the Server Properties and Events pages.
Adapter Configuration - Networking & Security
A user can modify configuration parameters on the Security, Network, and Serial Port pages.
Adapter Configuration - Advanced
A user has no restrictions when configuring the IMM2. In addition, the user is said to have administrative access to the IMM2. Administrative access includes the following advanced functions: firmware updates, PXE network boot, restoring IMM2 factory defaults, modifying and restoring IMM2 settings from a configuration file, and restarting and resetting the IMM2.
When a user sets the authority level of an IMM2 login ID, the resulting IPMI privilege level of the corresponding IPMI User ID is set according to the following priorities:
  • If a user sets the IMM2 login ID authority level to Supervisor, the IPMI privilege level is set to Administrator.
  • If a user sets the IMM2 login ID authority level to Read Only, the IPMI privilege level is set to User.
  • If a user sets the IMM2 login ID authority level to any of the following types of access, the IPMI privilege level is set to Administrator:
    • User Account Management Access
    • Remote Console Access
    • Remote Console and Remote Disk Access
    • Adapter Configuration - Networking & Security
    • Adapter Configuration - Advanced
  • If a user sets the IMM2 login ID authority level to Remote Server Power/Restart Access or Ability to Clear Event Logs, the IPMI privilege level is set to Operator.
  • If a user sets the IMM2 login ID authority level to Adapter Configuration - Basic, the IPMI privilege level is set to User.

SNMP access rights

Click the SNMPv3 tab to set SNMP access for the account. The following user access options are available:
Authentication protocol
SpecifyHMAC-SHA as the authentication protocol. These are the algorithms used by the SNMPv3 security model for authentication. If the Authentication Protocol is not enabled, no authentication protocol will be used. MD5 authentication is no longer an option due to security problem
Privacy protocol
The data transfer between the SNMP client and the agent can be protected using encryption. The supported methods are DES and AES. Privacy protocol is valid only if the authentication protocol is set toHMAC-SHA. Auth/NoPriv is not an option
Privacy password
Specify the encryption password in this field.
Confirm privacy password
Specify the encryption password again for confirmation.
Access type
Specify either Get or Set as the access type. SNMPv3 users with Get as the access type can perform only query operations. SNMPv3 users with Set as the access type, can perform query operations and modify settings (for example, setting the password for a user).
Hostname/IP address for traps
Specify the trap destination for the user. This can be an IP address or hostname. Using traps, the SNMP agent notifies the management station about events, (for example, when a processor temperature exceeds the limit).