Login

Function Description

The Login page provides access to the iBMC WebUI.

• A maximum of four users can log in to the iBMC WebUI at the same time.
• By default, the system timeout period is 5 minutes. If no operation is performed on the WebUI within 5 minutes, the user will be automatically logged out of the WebUI.
• If the number of consecutive incorrect password attempts reaches the specified value, the system locks the user account. The user can log in to the system only after the locking duration expires.
• For security purposes, change the initial password after the first login and change your password periodically.
• Improper display may be caused on the iBMC WebUI when resources fail to be obtained due to network fluctuation. If this occurs, refresh the browser and log in to the iBMC WebUI again.

Before using Internet Explorer to log in to the iBMC WebUI, enable the compatibility view and select Use TLS 1.2.

Procedure:

• Enable the compatibility view as follows:
  1. Click in the upper right corner of the web browser.
  2. Choose Compatibility View Settings from the shortcut menu.
  3. In the Compatibility View Settings dialog box, enter the iBMC IP address in the Add this website text box, and click Add.
  4. Deselect Use Microsoft compatibility lists.

     After the compatibility view is enabled, the iBMC WebUI can be properly displayed if you log in to iBMC using Internet Explorer.

• Select Use TLS 1.2.
  1. Choose Internet Options > Advanced.
  2. Ensure that Use TLS 1.2 is selected in the Security area.

Parameter Description

Procedure

This section uses Internet Explorer 11 as an example to describe how to log in to the iBMC WebUI.

1. Check that the OS and browser versions of the iBMC client (a local PC) are as per requirements. If the remote control function needs to be used, ensure that the Java Runtime Environment (JRE) version is as per requirements.

   See Table 3-70 for version requirements.

2. Configure an IP address for the client (PC) to enable communication between the client and the iBMC.
3. Connect the PC to the iBMC management network port using a network cable.
4. Open Internet Explorer, enter https://ipaddress/ in the address box, and press Enter.

   ipaddress indicates the IP address of the iBMC management network port. It can be in either of the following formats:

   • IPv4 address, for example, 192.168.100.1
   • IPv6 address, for example, [fc00::64]
   Information shown in Figure 3-1 is displayed.

   Figure 3-1 Website security alert
   

   If a website security alert is displayed, you can ignore this message or perform any of the following to shield this alert:

   • Import a trust certificate and a root certificate to the iBMC. For details, see Importing the iBMC Trust and Root Certificates.
   • If no trust certificate is available, add the iBMC to the Exception Site List on Java Control Panel. This operation, however, poses security risks.

5. Click Continue to this website (not recommended).
   The login page is displayed, as shown in Figure 3-2.

   Figure 3-2 iBMC login page
   

6. Log in to the iBMC WebUI.
   • Logging In as a Local User
   • Logging In as an LDAP User
   • Logging In as a Kerberos User

Logging In as a Local User

1. On the login page, select the language to be used.
2. Enter the user name and password.

   The default iBMC user name and the default password see Atlas Hardware Product User List.

3. Select Local iBMC or Automatic matching from the Domain drop-down list.
4. Click Log In.

   The Information page is displayed, showing the user name in the upper right corner.

   • The system may display a message indicating incorrect user name or password when you attempt to log in using Internet Explorer after the system is upgraded. If this occurs, press Ctrl+Shift+DEL, click Delete in the displayed dialog box to clear the browser cache, and attempt to log in again.
   • If the login still fails, choose Tools > Internet Options > Advanced in the menu bar and click Reset to restore default settings of Internet Explorer. Then attempt to log in again.

Logging In as an LDAP User

Before login, ensure that the following settings meet the requirements:

• A domain controller exists on the network, and a user domain and LDAP users have been created on the domain controller.

  For details about how to create a domain controller, a user domain, and LDAP users, see domain controller documents. The iBMC provides only the access function for LDAP users.

• LDAP function has been enabled in User & Security > LDAP, and a user domain and LDAP users have been set.

1. (Optional) Select the language to be used.
2. Enter the LDAP user name and password.
   • To log in as an LDAP user, the user name can be in either of the following formats:
     • LDAP user name

       If an LDAP user name is entered, Domain can be Automatic matching or a specified domain.

     • LDAP user name@domain name

       If LDAP user name@domain name is entered, Domain can be Automatic matching or a specified domain.

   • The maximum length of the password for an LDAP user to log in to the iBMC WebUI is 255 characters.

3. Select the LDAP user domain from the Domain drop-down list.

   The Domain drop-down list contains the following options:

   • Local iBMC: Select this option to log in as a local user. The iBMC automatically locates the user account from the local user list.
   • Configured domain server: Select a domain server to log in as an LDAP user. The iBMC automatically locates the user account from the domain server.
   • Automatic matching: If this option is selected, the iBMC searches for the user account from the local user list first. If no match is found, the iBMC searches from the domain servers in the sequence displayed in the Domain drop-down list.

4. Click Log In.

   The Information page is displayed, showing the user name in the upper right corner.

Logging In as a Kerberos User

Kerberos running environment:

• The client runs Windows 10 64-bit and Internet Explorer 11.
• The Kerberos server supports Windows Server 2012 R2 64-bit and Windows Server 2016 64-bit.

The following login modes are supported:

• Log in using a Kerberos domain account
• SSO

Before the login, ensure that the following conditions are met:

• Kerberos has been enabled in User & Security > Kerberos on the iBMC WebUI, and the Kerberos function and user group have been configured.
• The Kerberos user group and user name have been created on the Kerberos server, and the user has been added to the Kerberos user group. This user is a user who logs in to the OS of the client.

To log in to the iBMC WebUI using a Kerberos domain account, perform the following steps:

1. (Optional) On the iBMC WebUI login page, select the language to be used.
2. Enter the Kerberos user name and password. For details, see Parameter Description.
3. In the domain drop-down list, select the Kerberos user domain, for example ADMIN.COM(KRB), or Automatic matching.

4. Click Log In.

   If the login is successful, the Home page is displayed.

To log in using SSO, perform the following steps:

1. Use the Kerberos user name and password configured on the Kerberos server to log in to the client OS.
2. Open the browser, enter the iBMC FQDN, for example https://Host name.Domain name, in the address box, and press Enter.

   The iBMC login page is displayed.

3. Click SSO.

   If the login is successful, the Home page is displayed.