The domainadm, domainmgr, and domainop privileges must include the domain number, numbers, or range of numbers to associate with a particular user account.
A user can have multiple privileges, and a user can have privileges on multiple domains.
User privileges are authenticated locally by default. You can set up the Service Processor to use an LDAP server for authentication instead. For information about setting up the Service Processor to use the LDAP service, refer to “LDAP Service” on page 21.
If no privileges are specified for a user, no local privilege data will exist for that user; however, the user’s privileges can be looked up in LDAP, if LDAP is being used. If a user’s privileges are set to none, that user does not have any privileges, regardless of privilege data in LDAP.
XSCF Firmware UpdateThe Service Processor firmware can only be updated as an entire image, known as an XCP image. The image includes the XSCF firmware, OpenBoot PROM firmware, POST firmware, and miscellaneous files. Only valid images authorized by Sun Microsystems or Fujitsu can be installed.
The XCP image is installed in the Service Processor flash memory. You need platadm or fieldeng privilege to update an XCP image. More information on updating an XCP image is contained in the SPARC Enterprise M4000/M5000/M8000/M9000 Servers XSCF User’s Guide.
XSCF Shell Procedures for Access ControlThis section describes these procedures:
■To Log in Initially to the XSCF Console
■To Create a Password for an XSCF User
■To Configure an XSCF Password Policy
Chapter 2 Access Control | 11 |