Fujitsu M9000 Server User Manual


 
Chapter 2 Access Control 9
operations each XSCF user is allowed to perform. On its own, a user account has no
privileges. To obtain permission to run XSCF commands and access system
components, a user must have privileges.
You can set up the Service Processor to use an LDAP server for authentication
instead. To use LDAP, the Service Processor must be set up as an LDAP client. For
information about setting up the Service Processor to use the LDAP service, refer to
“LDAP Service” on page 21. If you are using an LDAP server for authentication, the
user name must not be in use, either locally or in LDAP.
XSCF Passwords
User passwords are authenticated locally by default unless you are using an LDAP
server for authentication.
Site-wide policies, such as password nomenclature or expiration dates, make
passwords more difficult to guess. You can configure a password policy for the
system using the setpasswordpolicy command. The setpasswordpolicy
command describes the default values for a password policy.
If you have lost password access to your system, use the procedure “To Log in
Initially to the XSCF Console” on page 12.
Privileges
Privileges allow a user to perform a specific set of actions on a specific set of
components. Those components can be physical components, domains, or physical
components within a domain.