8 SPARC Enterprise Mx000 Servers Administration Guide • April 2007
Logging in to the System
There are two entities that can be logged in to on the system, a Service Processor and
a Solaris domain.
You initially log in to the Service Processor using a serial connection from a terminal
device. A terminal device can be an ASCII terminal, a workstation, or a PC. For
details on serial port connections, see the Installation Guide for your server or the
SPARC Enterprise M4000/M5000/M8000/M9000 Servers XSCF User’s Guide.
A unique login account with the user name of default exists on the Service
Processor. This account is unique in the following ways:
■ It can never be logged in to using the standard UNIX user name and password
authentication or SSH public key authentication.
■ It can only be logged in to using a procedure that requires physical access to the
system.
■ Its privileges are fixed to be useradm and platadm; you cannot change these
privileges.
■ It cannot be deleted, it has no password, and no password can be set for it.
After initial configuration, you can log in to the Service Processor using a serial
connection or an Ethernet connection. You can redirect the XSCF console to a domain
and get a Solaris console. You can also log in to a domain directly using an Ethernet
connection to access the Solaris OS.
When a user logs in, the user establishes a session. Authentication and user
privileges are valid only for that session. When the user logs out, that session ends.
To log back in, the user must be authenticated once again, and will have the
privileges in effect during the new session. See “Privileges” on page 9 for
information on privileges.
XSCF User Accounts
A user account is a record of an individual user that can be verified through a user
name and password.
When you initially log in to the system, add at least one user account with a
minimum of one privilege, useradm. This user with useradm privileges can then
create the rest of the user accounts. For a secure log in method, enable SSH service.
Refer to “To Enable or Disable the Service Processor SSH Service” on page 42 and to
“To Generate a Host Public Key for SSH Service” on page 43 for more information.
XSCF supports multiple user accounts for log in to the Service Processor. The user
accounts are assigned privileges; each privilege allows the user to execute certain
XSCF commands. By specifying privileges for each user, you can control which