Chapter 2 Access Control 11
The domainadm, domainmgr, and domainop privileges must include the domain
number, numbers, or range of numbers to associate with a particular user account.
A user can have multiple privileges, and a user can have privileges on multiple
domains.
User privileges are authenticated locally by default. You can set up the Service
Processor to use an LDAP server for authentication instead. For information about
setting up the Service Processor to use the LDAP service, refer to “LDAP Service” on
page 21.
If no privileges are specified for a user, no local privilege data will exist for that user;
however, the user’s privileges can be looked up in LDAP, if LDAP is being used. If a
user’s privileges are set to none, that user does not have any privileges, regardless
of privilege data in LDAP.
XSCF Firmware Update
The Service Processor firmware can only be updated as an entire image, known as an
XCP image. The image includes the XSCF firmware, OpenBoot PROM firmware,
POST firmware, and miscellaneous files. Only valid images authorized by Sun
Microsystems or Fujitsu can be installed.
The XCP image is installed in the Service Processor flash memory. You need
platadm or fieldeng privilege to update an XCP image. More information on
updating an XCP image is contained in the SPARC Enterprise
M4000/M5000/M8000/M9000 Servers XSCF User’s Guide.
XSCF Shell Procedures for Access
Control
This section describes these procedures:
■ To Log in Initially to the XSCF Console
■ To Add an XSCF User Account
■ To Create a Password for an XSCF User
■ To Configure an XSCF Password Policy
■ To Assign Privileges to an XSCF User
■ To Display the Version of Installed Firmware