Sun Microsystems, Inc.  Oracle System Handbook - ISO 7.0 May 2018 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-71-2132935.1
Update Date:2017-04-07
Keywords:
Solution Type  Technical Instruction Sure

Solution  2132935.1 :   How to create/delete/modify SP users , using ilomconfig tool , for the SPARC T-X(T3/T4/T5) servers  

Related Items 
    

  • SPARC T4-1
    •  
  • SPARC T3-2
    •  
  • Sun SPARC Enterprise T5120 Server
    •  
  • SPARC T5-2
    •  
  • Sun SPARC Enterprise T5140 Server
    •  
  • Sun SPARC Enterprise T5440 Server
    •  
Related Categories 
    

  • PLA-Support>Sun Systems>SPARC>CMT>SN-SPARC: T5xx0
    •  






In this Document


Goal


Solution




Applies to:  

SPARC T4-1 - Version All Versions to All Versions [Release All Releases]
Sun SPARC Enterprise T5120 Server - Version All Versions to All Versions [Release All Releases]
Sun SPARC Enterprise T5140 Server - Version All Versions to All Versions [Release All Releases]
Sun SPARC Enterprise T5440 Server - Version All Versions to All Versions [Release All Releases]
SPARC T3-2 - Version All Versions to All Versions [Release All Releases]
Information in this document applies to any platform.



Goal


 This is a quick guide is about how to create/delete/modify SP users, using the ilomconfig tool (part of the OHMP suite)


Solution


Starting from Solaris 11.2 , OHMP (Oracle Hardware Management Pack), is installed by default in the OS distribution


The tool can be used also in Solaris 10, but must be downloaded and installed


Open MOS
Go to Patches and Updates
Select product tab
In the Product Field type : "Oracle Hardware Management Pack"
Select Release and download.
Executables placed in dir: /usr/sbin


This software suite offers a set of tools used to manage daily system administration (system firmware upgrade, disk firmware upgrade, ilom configuration , hardware raid management) among other things.


To verify the supported servers that can be managed by this tool, you can see the following link


http://www.oracle.com/technetwork/server-storage/servermgmt/tech/hardware-management-pack/support-matrix-423358.html


We will focus in ilomconfig tool


First we can see the SP users created in the System


root@nt5-1b:/# ilomconfig list user


Users
=====
Username Role   Password
-----------------------------------------------
root       aucro     *****
jack       aucros    *****
peter      au        *****
test        auo       *****


The roles define the type of privileges that the user has, in order to execute some tasks on the server


a: Admin
u: User management
c: Console
r: Reset and Host Control
o: Read Only
s: Service (only used in special cases for Oracle Engineers)


 


Create User


To verify the options , when we create a user , we can type this


root@nt5-1b:/# ilomconfig create user help



Usage: ilomconfig create user <username> [options]


Operands:
<username> : Username of ILOM user to create


Options:
--role=role : Role for ILOM user (example: aucro)
--xmlfile=filename : Create in specified XML file rather than in ILOM


General Options:
-h, --help : help
-H, --remote-hostname : hostname or IP address of the remote SP.
-U --remote-username : username to login remote SP.
-V, --version : Show the version of the command.
-q, --quiet : Suppress informational message output and only return error codes.
-y, --yes : Execute command without prompting for confirmation.


As we can see , we can create the user and the role assigned to it


For example we will create an user with no roles assigned


root@nt5-1b:/# ilomconfig create user newuser
Enter password (8 to 16 characters):
************
Created /SP/users/newuser


We can see that by default the tool assigns only read options, when there's no role defined


root@nt5-1b-sca11-a:/# ilomconfig list user | grep newuser


newuser o *****


root@nt5-1b-sca11-a:/#


 


Now we will create another user with full privileges (aucro)


 


root@nt5-1b/# ilomconfig create user fulluser --role=aucro


root@nt5-1b/# ilomconfig list user | grep fulluser
fulluser aucro *****
root@nt5-1b/#


We can test our new user (fulluser), connecting to the ilom


login as: fulluser
Using keyboard-interactive authentication.
Password:


Oracle(R) Integrated Lights Out Manager


Version 3.2.5.6.b r103360


Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.


Warning: The system appears to be in manufacturing test mode.
Contact Service immediately.


Warning: HTTPS certificate is set to factory default.


Hostname: nt5-1b


-> show /SP/users/fulluser/


/SP/users/fulluser
Targets:
ssh


Properties:
role = aucro <---
password = *****


Commands:
cd
set
show


 


Delete User


To delete a user, let see the options available


root@nt5-1b:/# ilomconfig delete user help



Usage: ilomconfig delete user <username> [options]


Operands:
<username> : Username of ILOM user to delete


Options:
--xmlfile=filename : Delete from specified XML file rather than from ILOM


General Options:
-h, --help : help
-H, --remote-hostname : hostname or IP address of the remote SP.
-U --remote-username : username to login remote SP.
-V, --version : Show the version of the command.
-q, --quiet : Suppress informational message output and only return error codes.
-y, --yes : Execute command without prompting for confirmation.


In our case, let's delete the fulluser account


root@nt5-1b:/# ilomconfig delete user fulluser
Are you sure you want to delete user 'fulluser'? [y/n]? y



Deleted /SP/users/fulluser


This user cannot be listed anymore by the tool


root@nt5-1b:/# ilomconfig list user


Username Role Password
-----------------------------------------------
root aucro *****
jack aucros *****
peter au *****
test auo *****
newuser o *****


We cannot login to the ilom neither


login as: fulluser
Using keyboard-interactive authentication.
Password:
Access denied
Using keyboard-interactive authentication.
Password


 


Modify User


Let see the options available:


root@nt5-1b:/# ilomconfig modify user help
Usage: ilomconfig modify user <username> [options]


Operands:
<username> : Username of ILOM user to modify


Options:
-p : prompt for password
--role=role : Role for ILOM user (example: aucro)
--xmlfile=filename : Modify specified XML file rather than ILOM


General Options:
-h, --help : help
-H, --remote-hostname : hostname or IP address of the remote SP.
-U --remote-username : username to login remote SP.
-V, --version : Show the version of the command.
-q, --quiet : Suppress informational message output and only return error codes.
-y, --yes : Execute command without prompting for confirmation.


In this case we can modify the password and the role of the user


In our case we will modify the newuser account changing the password and adding full acess to the SP (aucro)


For example


Modifying password


root@nt5-1b:/# ilomconfig modify user newuser -p
Enter password (8 to 16 characters):
********
New password was successfully set for user /SP/users/newuser


Changing role


root@nt5-1b:/# ilomconfig modify user newuser --role=aucro
Set 'role' to 'aucro'


Now we can verify the new status


root@nt5-1b-sca11-a:/# ilomconfig list user
Users
=====
Username Role Password
-----------------------------------------------
root aucro *****
jack aucros *****
peter au *****
test auo *****
newuser aucro ***** <----


 


 


 



Attachments

This solution has no attachment


















       

Copyright © 2018 Oracle, Inc.  All rights reserved.

 Feedback