No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionServer Pro E9000 Server iBMC (Earlier Than V250) User Guide 31

This document describes the underlying management software Intelligent Baseboard Management Controller (iBMC) of the servers.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
User Management Commands

User Management Commands

This topic describes all user management commands.

Querying the Information About All Users (userlist/list)

Function

The userlist command is used to query the information about all the users.

Format

ipmcget -d userlist

ipmcget -t user -d list

Parameters

None

Usage Guidelines

None

Example

# Query the information about all the users.

iBMC:/->ipmcget -d userlist
ID      Name              Privilege      Interface                               PublicKeyHash
2       root              ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Telnet,Local     NA
3       test              ADMINISTRATOR  SSH,SFTP,Telnet,Local                   NA
4       ab                NO ACCESS      Web,SNMP,IPMI,SSH,SFTP,Telnet,Local     NA
5       ssh_user_01       ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Telnet,Local     NA
6       zdd               ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Telnet,Local     NA
7       liusongs          ADMINISTRATOR  Web,IPMI,SSH,SFTP,Telnet,Local          NA
8       huyan             ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Telnet,Local     NA
9       oper              OPERATOR       Web,SNMP,IPMI,SSH,SFTP,Telnet,Local     NA
10                        NO ACCESS                                              NA
11                        NO ACCESS                                              NA
12                        NO ACCESS                                              NA
13                        NO ACCESS                                              NA
14                        NO ACCESS                                              NA
15                        NO ACCESS                                              NA
16                        NO ACCESS                                              NA
17                        NO ACCESS                                              NA

Adding a User (adduser)

Function

The adduser command is used to add a user.

Format

ipmcset [-t user] -d adduser -v <username>

Parameters

Parameter Description Value
username Indicates the user name to be added. The value is a string of up to 16 characters.
  • The string can contain digits, letters, and other characters excluding spaces and the following special characters:

    , \ : < > & ' " / %

  • The string cannot start with a number sign (#).

Usage Guidelines

You can add a maximum of 15 users. You are required to set passwords with different complexities for the new users based on whether the password complexity check function is enabled (queried using passwordcomplexity command).

  • When the password complexity check function is disabled, the password can not be empty, and can be a string of up to 20 characters.
  • When the password complexity check function is enabled, the password must meet the following requirements:
    • Must contain 8 to 20 characters.
    • Must contain at least one space or one of the following special characters:

      ` ~ ! @ # $ % ^ & * () - _ = + \ | [{}] ; : ' " ,<.> / ?

    • Must contain at least two types of the following characters:
      • Letters: a to z
      • Letters: A to Z
      • Digits: 0 to 9
    • Must not be the user name or the user name in reverse order.
    • The new password must differ from the old password in two character positions.

Only the administrators can add a new user, and the password of the current user is needed.

NOTE:
The default privilege of a new user is No Access, and the default login interfaces include Web, SNMP, IPMI, SSH, SFTP, and Local.

Example

# Add a user and set the name to test.

iBMC:/->ipmcset -d adduser -v test
Input your password:
Password:
Confirm password:
Add user successfully.

# Query the user list after addition.

iBMC:/->ipmcget -d userlist
ID      Name              Privilege      Interface                               PublicKeyHash                    
2       root              ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Telnet,Local     NA                               
3       test              NO ACCESS      Web,SNMP,IPMI,SSH,SFTP,Local            NA                               
4                         NO ACCESS                                              NA                               
5                         NO ACCESS                                              NA                               
6                         NO ACCESS                                              NA                               
7                         NO ACCESS                                              NA                               
8                         NO ACCESS                                              NA                               
9                         NO ACCESS                                              NA                               
10                        NO ACCESS                                              NA                               
11                        NO ACCESS                                              NA                               
12                        NO ACCESS                                              NA                               
13                        NO ACCESS                                              NA                               
14                        NO ACCESS                                              NA                               
15                        NO ACCESS                                              NA                               
16                        NO ACCESS                                              NA                               
17                        NO ACCESS                                              NA    

The preceding information indicates that test is added successfully.

Changing the User Password (password)

Function

The password command is used to change the user password.

Format

ipmcset [-t user] -d password -v username

Parameters

Parameter Description Value
username Indicates the existed user whose password is to be changed. -

Usage Guidelines

You can change the passwords with different complexities based on whether the password complexity check function is enabled (queried using passwordcomplexity command).

  • When the password complexity check function is disabled, the password can not be empty, and can be a string of up to 20 characters.
  • When the password complexity check function is enabled, the password must meet the following requirements:
    • Must contain 8 to 20 characters.
    • Must contain at least one space or one of the following special characters:

      `~!@#$%^&*()-_=+\|[{}];:'",<.>/?

    • Must contain at least two types of the following characters:
      • Letters: a to z
      • Letters: A to Z
      • Digits: 0 to 9
    • Must not be the user name or the user name in reverse order.
    • The new password must differ from the old password in two character positions.

Administrators have the right to change the passwords of all users, and operators and common users have the permission to change only their own passwords. The password of the current user is needed when a password is changed.

Example

# Change the password of user.

iBMC:/->ipmcset -d password -v user
Input your password:
New password:
Confirm password:
Set user password successfully.

Deleting a User (deluser)

Function

The deluser command is used to delete a user.

Format

ipmcset [-t user] -d deluser -v username

Parameters

Parameter Description Value
username Indicates the existed user name to be delete. -

Usage Guidelines

Only the administrators can delete a user, and the password of the current user is needed.

Example

# Delete a user whose name is test.

iBMC:/->ipmcset -d deluser -v test
Input your password:
Delete user successfully.

Setting User Rights (privilege)

Function

The privilege command is used to set user rights.

Format

ipmcset [-t user] -d privilege -v <username> <privalue>

Parameters

Parameter Description Value
username Indicates the existed user whose right is to be set. -
privalue Rights
  • 15: no access rights
  • 2: the user rights
  • 3: the operator rights
  • 4: the administrator rights
  • 5: Custom Role1 rights
  • 6: Custom Role2 rights
  • 7: Custom Role3 rights
  • 8: Custom Role4 rights

Usage Guidelines

  • Only the administrators can set user rights, and the password of the current user is needed.

  • This command cannot be used to set rights of default users.

  • This command cannot be used to set the rights of online users.

Example

# Grant test with the Administrator rights.

iBMC:/->ipmcset -d privilege -v test 4
Input your password:
Set user privilege successfully.

Querying and Setting the Status of the Password Complexity Check Function (passwordcomplexity)

Function

The passwordcomplexity command is used to query and set the status of the password complexity check function.

Format

ipmcget [-t user] -d passwordcomplexity

ipmcset [-t user] -d passwordcomplexity -v <enabled | disabled>

Parameters

Parameter Description Value
enabled Enables the password complexity check function. -
disabled Disables the password complexity check function. -

Usage Guidelines

  • The password complexity check function is enabled by default.
  • Disabling the password complexity check function reduces the system security. Set the parameter with caution.
  • When the password complexity check function is disabled, the password can not be empty, and can be a string of up to 20 characters.
  • When the password complexity check function is enabled, the password must meet the following requirements:
    • Must contain 8 to 20 characters.
    • Must contain at least one space or one of the following special characters:

      `~!@#$%^&*()-_=+\|[{}];:'",<.>/?

    • Must contain at least two types of the following characters:
      • Letters: a to z
      • Letters: A to Z
      • Digits: 0 to 9
    • Must not be the user name or the user name in reverse order.
    • The new password must differ from the old password in two character positions.

Only the administrators can set the status of the password complexity check function.

Example

# Query the status of the password complexity check function.

iBMC:/->ipmcget -d passwordcomplexity
Password complexity check state : enabled

# Enable the password complexity check function.

iBMC:/->ipmcset -d passwordcomplexity -v enabled
Set password complexity check state successfully.

Unlocking a User (user -d unlock)

Function

The unlock command is used to unlock a user that fails to enter a correct password within the maximum allowed attempts.

Format

ipmcset -t user -d unlock -v username

Parameters

Parameter Description Value
username Specifies the name of the user to be unlocked. -

Usage Guidelines

The switch module does not support the command.

Only administrators have the permission to unlock a user.

Enter the password of the current administrator when unlocking a user.

Example

# Unlock user root.

iBMC:/->ipmcset -t user -d unlock -v root
Input your password:
Set user:root unlock status successfully.

Setting an Emergency User (emergencyuser)

Function

The emergencyuser command is used to set an emergency user, which is not restricted by any login rule.

Format

ipmcset [-t user] -d emergencyuser -v username

Parameters

Parameter Description Value
username Emergency user name. -

Usage Guidelines

Only an administrator can set an emergency user.

Example

# Set root as an emergency user.

iBMC:/->ipmcset -d emergencyuser -v root
Set emergency user to (root) successfully.

Adding a Public Key for an SSH User (addpublickey)

Function

The addpublickey command is used to add a public key for an SSH user.

Format

ipmcset -t user -d addpublickey -v username filepath

Parameters

Parameter Description Value
username Specifies the name of the SSH user for whom you want to import a public key. SSH user name
filepath Specifies the path from which the public key will be imported. The value must be in the /Path/File name format. For example, /tmp/id_dsa_1024.key

Usage Guidelines

Switch modules do not support this command.

Before running this command, use a file transfer tool that supports SFTP, for example WinSCP, to transfer the SSH public key file to the specified directory (for example /tmp) of the iBMC file system.

The administrators can import SSH public keys for all users. Common users can import only their own SSH public keys.

Example

# Import a public key for the ssh_user user.

iBMC:/->ipmcset -t user -d addpublic -v ssh_user /tmp/id_dsa_1024.key
Input your password:
Add user public key successfully.

Deleting the Public Key of an SSH User (delpublickey)

Function

The delpublickey command is used to delete the public key of an SSH user.

Format

ipmcset -t user -d delpublickey -v username

Parameters

Parameter Description Value
username Specifies the name of the SSH user with the public key to be deleted.

Usage Guidelines

Administrators can delete the public keys of all SSH users. Common users can only delete their own public keys.

Switch modules do not support this command.

Example

# Delete the public key of the ssh_user_01 user.

iBMC:/->ipmcset -t user -d delpublickey -v ssh_user_01
Input your password:
Delete user public key successfully.

Querying and Setting the SSH User Password Authentication Enablement Status (sshpasswordauthentication)

Function

The sshpasswordauthentication command is used to enable or disable SSH user password authentication.

Format

ipmcget -t user -d sshpasswordauthentication

ipmcset -t user -d sshpasswordauthentication -v <enabled | disabled>

Parameters

Parameter Description Value
enabled Indicates that SSH user password authentication will be enabled.
disabled Indicates that SSH user password authentication will be disabled.

Usage Guidelines

None

Example

# Enable SSH user password authentication.

iBMC:/->ipmcset -t user -d sshpasswordauthentication -v enabled
Set SSH password authentication successfully.

# Query the enablement status of SSH user password authentication.

iBMC:/-> ipmcget -t user -d sshpasswordauthentication
SSH Password Authentication : enabled

Setting the User Interfaces for Logging to iBMC (interface)

Function

The interface command is used to set the user interfaces that can be used by specified users to log in to iBMC.

Format

ipmcset -t user -d interface -v username <enabled | disabled> <option1 option2 ... optionN>

Parameters

Parameter Description Value
username Name of the user to be configured.
enabled Indicates that the interfaces will be enabled.
disabled Indicates that the interfaces will be disabled.
option1 option2 ... optionN Indicates the interface types to be configured. You can set multiple interface types at a time. The options are:
  • 1: Web
  • 2: SNMP
  • 3: IPMI
  • 4: SSH
  • 5: SFTP
  • 6: Telnet
  • 7: Local

Usage Guidelines

None

Example

# Enable the iBMC login interfaces Web and SSH for the ssh_user_01 user.

iBMC:/->ipmcset -t user -d interface -v ssh_user_01 enabled 1 4
Input your password:
Set user login interface successfully.

# Query information about the ssh_user_01 user.

iBMC:/->ipmcget -t user -d list
ID      Name              Privilege      Interface                               PublicKeyHash
2       root              ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Telnet,Local     NA
3       test              USER           SSH,SFTP,Telnet,Local                   NA
4       ab                NO ACCESS      Web,SNMP,IPMI,SSH,SFTP,Telnet,Local     NA
5       ssh_user_01       USER           Web,SSH                                 NA
6       zdd               ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Telnet,Local     NA
7       liusongs          ADMINISTRATOR  Web,IPMI,SSH,SFTP,Telnet,Local          NA
8       huyan             ADMINISTRATOR  Web,SNMP,IPMI,SSH,SFTP,Telnet,Local     NA
9       oper              OPERATOR       Web,SNMP,IPMI,SSH,SFTP,Telnet,Local     NA
10                        NO ACCESS                                              NA
11                        NO ACCESS                                              NA
12                        NO ACCESS                                              NA
13                        NO ACCESS                                              NA
14                        NO ACCESS                                              NA
15                        NO ACCESS                                              NA
16                        NO ACCESS                                              NA
17                        NO ACCESS                                              NA
Translation
Download
Updated: 2019-08-01

Document ID: EDOC1000058833

Views: 207766

Downloads: 1935

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next