No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionServer Pro E9000 Server iBMC (Earlier Than V250) User Guide 31

This document describes the underlying management software Intelligent Baseboard Management Controller (iBMC) of the servers.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
User Management Commands

User Management Commands

Querying All User Information (userlist/list)

Function

The userlist command is used to query information about all iBMC users.

Format

ipmcget -d userlist

ipmcget -t user -d list

Parameters

None

Usage Guidelines

None

Example

# Query information about all iBMC users.

iBMC:/->ipmcget -t user -d list
ID      Name              Privilege      Interface                                       PublicKeyHash
2       root              ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Local,Redfish            NA
3       xxx               CUSTOM ROLE1   Web,SNMP,IPMI,SSH,SFTP,Local,Redfish            NA
4       commonuser        USER           Web,SNMP,IPMI,SSH,SFTP,Local,Redfish            NA
5       admin             ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Local,Redfish            NA
6       operator          OPERATOR       Web,SNMP,IPMI,SSH,SFTP,Local,Redfish            NA
7       custom1           CUSTOM ROLE1   Web,SNMP,IPMI,SSH,SFTP,Local,Redfish            NA
8       test              USER           Web,SNMP,IPMI,SSH,SFTP,Local                    NA
9                         NO ACCESS                                                      NA
10                        NO ACCESS                                                      NA
11                        NO ACCESS                                                      NA
12                        NO ACCESS                                                      NA
13                        NO ACCESS                                                      NA
14                        NO ACCESS                                                      NA
15                        NO ACCESS                                                      NA
16                        NO ACCESS                                                      NA
17                        NO ACCESS  

Adding a User (adduser)

Function

The adduser command is used to add a user.

Format

ipmcset [-t user] -d adduser -v <username>

Parameters

Parameter Description Value
username Specifies the user to be added.

A string of up to 16 characters meeting the following requirements

  • Allow digits, letters, special characters.
  • Avoid the following special characters:

    :<>&,'"/\%

  • Avoid number sign (#) at the beginning.

Usage Guidelines

Only administrators can add users, and the administrator's password is required.

A maximum of 15 users can be added. The default rights of a newly added user is No Access, which supports access to all login interfaces.

A password must be set for the newly added user. The password setting rules vary depending on whether password complexity check is enabled. To query whether password complexity check is enabled, run the passwordcomplexity command.

  • If password complexity check is disabled, the password cannot be empty and exceed 20 characters.
  • If password complexity check is enabled, the password must meet the following requirements:

    • Contain 8 to 20 characters
    • Contain at a space or one of the following special characters:

      `~!@#$%^&*()-_=+\|[{}];:'",<.>/?

    • Contain at least two types of the following characters:

      • Uppercase letters A to Z
      • Lowercase letters a to z
      • Digits 0 to 9
    • Cannot be the same as the user name or the user name in reverse order.
    • Have at least two new characters when compared with the previous password.

Example

# Add user test.

iBMC:/->ipmcset -d adduser -v test
Input your password:
Password:
Confirm password:
Add user successfully.

# Query user information.

iBMC:/->ipmcget -d userlist
ID      Name              Privilege      Interface                               PublicKeyHash                    
2       root              ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Local,Redfish    NA                               
3       test              NO ACCESS      Web,SNMP,IPMI,SSH,SFTP,Local,Redfish    NA                               
4                         NO ACCESS                                              NA                               
5                         NO ACCESS                                              NA                               
6                         NO ACCESS                                              NA                               
7                         NO ACCESS                                              NA                               
8                         NO ACCESS                                              NA                               
9                         NO ACCESS                                              NA                               
10                        NO ACCESS                                              NA                               
11                        NO ACCESS                                              NA                               
12                        NO ACCESS                                              NA                               
13                        NO ACCESS                                              NA                               
14                        NO ACCESS                                              NA                               
15                        NO ACCESS                                              NA                               
16                        NO ACCESS                                              NA                               
17                        NO ACCESS                                              NA    

User test is added successfully.

Changing the User Password (password)

Function

The password command is used to change the user password.

Format

ipmcset [-t user] -d password -v username

Parameters

Parameter Description Value
username Specifies the user whose password needs to be changed. -

Usage Guidelines

Administrators can change the password of any user. Operators and common users can only change their own passwords. The password of the current user is required.

Run the passwordcomplexity command to check whether password complexity check is enabled.

  • If password complexity check is disabled, the password cannot be empty and exceed 20 characters.
  • If password complexity check is enabled, the password must meet the following requirements:

    • Contain 8 to 20 characters
    • Contain at a space or one of the following special characters:

      `~!@#$%^&*()-_=+\|[{}];:'",<.>/?

    • Contain at least two types of the following characters:

      • Uppercase letters A to Z
      • Lowercase letters a to z
      • Digits 0 to 9
    • Cannot be the same as the user name or the user name in reverse order.
    • Have at least two new characters when compared with the previous password.

Example

# Change the password of user.

iBMC:/->ipmcset -d password -v user
Input your password:
New password:
Confirm password:
Set user password successfully.

Deleting a User (deluser)

Function

The deluser command is used to delete a user.

Format

ipmcset [-t user] -d deluser -v username

Parameters

Parameter Description Value
username Specifies the user to be deleted. -

Usage Guidelines

Only administrators can delete users, and the administrator's password is required.

Example

# Delete user test.

iBMC:/->ipmcset -d deluser -v test
Input your password:
Delete user successfully.

Setting User Rights (privilege)

Function

The privilege command is used to set user rights.

Format

ipmcset [-t user] -d privilege -v <username> <privalue>

Parameters

Parameter Description Value
username Specifies the user to be set. -
privalue Specifies user rights.
  • 15: No Access
  • 2: User
  • 3: Operator
  • 4: Administrator
  • 5: Custom Role 1
  • 6: Custom Role 2
  • 7: Custom Role 3
  • 8: Custom Role 4

Usage Guidelines

  • Only administrators can set user rights, and the administrator's password is required.

  • This command cannot be used to set rights of default users.

  • This command cannot be used to set the rights of online users.

Example

# Grant user test with the Administrator rights.

iBMC:/->ipmcset -d privilege -v test 4
Input your password:
Set user privilege successfully.

Querying and Setting Password Complexity Check Status (passwordcomplexity)

Function

The passwordcomplexity command is used to query and set the status of the password complexity check function.

Format

ipmcget [-t user] -d passwordcomplexity

ipmcset [-t user] -d passwordcomplexity -v <enabled | disabled>

Parameters

Parameter Description Value
enabled Enables password complexity check. -
disabled Disables password complexity check. -

Usage Guidelines

Only administrators can enable or disable password complexity check.

Password complexity check is enabled by default. Disabling password complexity check poses security risks.

  • If password complexity check is disabled, the password cannot be empty and exceed 20 characters.
  • If password complexity check is enabled, the password must meet the following requirements:

    • Contain 8 to 20 characters
    • Contain at a space or one of the following special characters:

      `~!@#$%^&*()-_=+\|[{}];:'",<.>/?

    • Contain at least two types of the following characters:

      • Uppercase letters A to Z
      • Lowercase letters a to z
      • Digits 0 to 9
    • Cannot be the same as the user name or the user name in reverse order.
    • Have at least two new characters when compared with the previous password.

Example

# Query the status of password complexity check.

iBMC:/->ipmcget -d passwordcomplexity
Password complexity check state : enabled

# Enable password complexity check.

iBMC:/->ipmcset -d passwordcomplexity -v enabled
Set password complexity check state successfully.

Unlocking a User (user -d unlock)

Function

The unlock command is used to unlock a user in locked state.

Format

ipmcset -t user -d unlock -v username

Parameters

Parameter Description Value
username Specifies the user to be unlocked. -

Usage Guidelines

Switch modules do not support this command.

Only administrators can perform this operation, and the administrator's password is required.

Example

# Unlock user root.

iBMC:/->ipmcset -t user -d unlock -v root
Input your password:
Set user:root unlock status successfully.

Querying and Setting the Minimum Password Age (minimumpasswordage)

Function

The minimumpasswordage command is used to query or set the minimum password age.

The minimum password age is the shortest time period for which a password must be used after it was set. During this period, the password cannot be changed.

Format

ipmcget -d minimumpasswordage

ipmcset -d minimumpasswordage -v time

Parameters

Parameter Description Value
time Specifies the minimum password validity period.

Value range: 0 to 365

The value 0 indicates that the passwords do not have a minimum password age.

Usage Guidelines

Switch modules do not support this command.

Only the system administrator can set the minimum password validity period.

Example

# Set the minimum password validity period to one day.

iBMC:/->ipmcset -d minimumpasswordage -v 1
Set minimum password age successfully, minimumpasswordage(1) days.

Specifying an Emergency User (emergencyuser)

Function

The emergencyuser command is used to specify an emergency user, who is not restricted by any login rule. Only one emergency user can be specified.

Format

ipmcset [-t user] -d emergencyuser -v username

Parameters

Parameter Description Value
username Specifies the name of the emergency user. -

Usage Guidelines

Only administrators can specify the emergency user.

Example

# Set user root as the emergency user.

iBMC:/->ipmcset -d emergencyuser -v root
Set emergency user to (root) successfully.

Importing an SSH Public Key for a User (addpublickey)

Function

The addpublickey command is used to import an SSH public key for a user.

Format

ipmcset -t user -d addpublickey -v username filepath file URL

Parameters

Parameter Description Value
username Specifies the user for whom the SSH public key is to be imported. An existing user name.
filepath Specifies the path from which the public key will be imported. The value must be in the /Path/File name format. For example, /tmp/id_dsa_1024.key
file URL Specifies the URL of the public key file to be imported.

A value in the following format:

protocol://username:password@IP:[port]/directory/filename

Where:

  • protocol must be https or http.
  • username and password are the user name and password for accessing the target server.
  • directory/filename is the path of the public key file on the target server.

Usage Guidelines

Switch modules do not support this command.

Before running this command, use a file transfer tool that supports SFTP, for example WinSCP, to transfer the SSH public key file to the specified directory (for example /tmp) of the iBMC file system.

The administrators can import SSH public keys for all users. Common users can import only their own SSH public keys.

Example

# Import an SSH public key for user ssh_user.

iBMC:/->ipmcset -t user -d addpublic -v ssh_user /tmp/id_dsa_1024.key
Input your password:
Add user public key successfully.

Deleting the SSH Public Key of a User (delpublickey)

Function

The delpublickey command is used to delete the SSH public key of a user.

Format

ipmcset -t user -d delpublickey -v username

Parameters

Parameter Description Value
username Specifies the user whose SSH public key is to be deleted.

Usage Guidelines

The administrators can delete the SSH public keys of all users. Common users can delete only their own SSH public keys.

Switch modules do not support this command.

Example

# Delete the public key of user ssh_user_01.

iBMC:/->ipmcset -t user -d delpublickey -v ssh_user_01
Input your password:
Delete user public key successfully.

Querying and Setting the Password Authentication Status for SSH Users (sshpasswordauthentication)

Function

The sshpasswordauthentication command is used to enable or disable password authentication for SSH users.

Format

ipmcget -t user -d sshpasswordauthentication

ipmcset -t user -d sshpasswordauthentication -v <enabled | disabled>

Parameters

Parameter Description Value
enabled Enables password authentication for SSH users.
disabled Disables password authentication for SSH users.

Usage Guidelines

None

Example

# Enable password authentication for SSH users.

iBMC:/->ipmcset -t user -d sshpasswordauthentication -v enabled
Set SSH password authentication successfully.

# Query the status of password authentication for SSH users.

iBMC:/-> ipmcget -t user -d sshpasswordauthentication
SSH Password Authentication : enabled

Setting IBMC Login Interfaces (interface)

Function

The interface command is used to set the types of interfaces through which users can access the iBMC.

Format

ipmcset -t user -d interface -v username <enabled | disabled> <option1 option2 ... optionN>

Parameters

Parameter Description Value
username Specifies the user to be configured.
enabled Enables the specified interfaces.
disabled Disables the specified interfaces.
option1 option2 ... optionN Specifies the types of login interfaces. Values:
  • 1: Web
  • 2: SNMP
  • 3: IPMI
  • 4: SSH
  • 5: SFTP
  • 7: Local
  • 8: Redfish

Usage Guidelines

None

Example

# Enable user test to access the iBMC through web, SNMP, IPMI, SSH, SFTP, and local interfaces.

iBMC:/->ipmcset -t user -d interface -v test enabled 1 2 3 4 5 7
Input your password:
Set user login interface successfully.

# Query information about user test.

iBMC:/->ipmcget -t user -d list
ID      Name              Privilege      Interface                                       PublicKeyHash
2       root              ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Local,Redfish            NA
3       xxx               CUSTOM ROLE1   Web,SNMP,IPMI,SSH,SFTP,Local,Redfish            NA
4       commonuser        USER           Web,SNMP,IPMI,SSH,SFTP,Local,Redfish            NA
5       admin             ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Local,Redfish            NA
6       operator          OPERATOR       Web,SNMP,IPMI,SSH,SFTP,Local,Redfish            NA
7       custom1           CUSTOM ROLE1   Web,SNMP,IPMI,SSH,SFTP,Local,Redfish            NA
8       test              USER           Web,SNMP,IPMI,SSH,SFTP,Local                    NA
9                         NO ACCESS                                                      NA
10                        NO ACCESS                                                      NA
11                        NO ACCESS                                                      NA
12                        NO ACCESS                                                      NA
13                        NO ACCESS                                                      NA
14                        NO ACCESS                                                      NA
15                        NO ACCESS                                                      NA
16                        NO ACCESS                                                      NA
17                        NO ACCESS  
Translation
Download
Updated: 2019-08-01

Document ID: EDOC1000058833

Views: 204314

Downloads: 1934

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next