Advanced management module user profile settings

You can specify up to 12 login profiles that can access the advanced management module.

For each login profile, specify:
  • Login ID.
  • Password.
  • Role or Authority level. The role or authority level defines the command areas that a user can access, based on the access scope defined for that user. You can specify one of the following for each login ID:
    • Supervisor
    • Operator
    • Custom
  • Access scope. The access scope defines where the role or user authority defined for a user is valid, such as a specific BladeCenter S chassis or a group of blade servers.
In addition, you can specify an SNMP v3 profile for each user profile that includes the following information:
  • Name of the context in which this SNMP v3 user is working
  • Authentication protocol used
  • Privacy protocol used
  • Privacy password to be used
  • Access type (Get, Set, or Trap)
  • Hostname/IP address for traps

Security settings

There are three levels of account security, which is set globally and applies to all user profiles:
  • Legacy security. This level of security has the following settings:
    • No password is required.
    • No password expiration.
    • No restrictions on reusing passwords.
    • No password change frequency restrictions.
    • User accounts are locked for two minutes after five login failures.
    • Passwords must adhere to simple password rules.
    • No account inactivity monitoring.
  • High security. This level of security has the following settings:
    • A Password is required.
    • The password for the factory default USERID must be changed on next login.
    • The password for all user IDs must be changed on first login, and passwords expire in 90 days.
    • There are restrictions on reusing passwords (last 5 passwords kept in history).
    • There is a minimum interval of 24 hours between password changes.
    • Account is locked for 60 minutes after five login failures.
    • Passwords must adhere to complex password rules (at least two degrees of difference from previous password).
    • An alert is issued on account inactivity after 120 days.
    • Accounts disabled after 180 days of inactivity.
  • Custom security. With this level of security, you can specify the following:
    • Whether a user login password required.
    • Password expiration period.
    • Minimum password reuse cycle.
    • Minimum password change interval.
    • Maximum number of login failures.
    • Lockout period after maximum login failures.
    • Complex password rules.
    • Minimum different characters in passwords.
    • Whether the factory default 'USERID' account password must be changed on next login.
    • Whether to force users to change their password on the first login.
    • Inactivity alert period.
    • Inactivity alert and disable period.
Parent topic: Planning for advanced management module configuration
Related reference:
Advanced management module configuration worksheet