users command

This command displays and configures user accounts, also called user profiles, of the primary management module.

Important: Command authority definitions might change between firmware versions. Make sure that the command authority level set for each user is correct after updating management-module firmware.
Table 1. users (management-module users) command
Function What it does Command Valid targets
Display all user profiles Displays all 12 management-module user profiles. Returned values are:
  • User name
  • Authority level
 users 
                           -T system:mm[x]

where x is the primary management-module bay number.
Display single user profile Displays the specified management-module user profile. Returned values are:
  • User name
  • Authority level
  • Context name
  • Authentication protocol
  • Privacy protocol
  • Access type
  • Hostname/IP address
 users - user_number

where user_number is a number from 1 to 12 that corresponds to the user number assigned in the "Display all user profiles" list.

 
                           -T system:mm[x]

where x is the primary management-module bay number.
Delete user profile Delete the specified management-module user profile. users - user_number -clear

where user_number is a number from 1 to 12 that corresponds to the user number assigned in the "Display all user profiles" list. It is possible to delete an empty user profile.

Command use restricted (see Commands and user authority).

 
                           -T system:mm[x]

where x is the primary management-module bay number.

Create user profile

Create the specified management-module user profile.

All fields must be specified when creating a user profile for the BladeCenter T management module.

For management modules other than those installed in a BladeCenter T unit, only the following user-profile fields are required:

  • -user_number
  • -n user_name
  • -a user_authority
  • -p user_password
users - user_number -n user_name -p user_password -a user_authority -cn context_name -ap auth_protocol -pp privacy_protocol -ppw privacy_pwd -at access_type -i ip_addr/hostname

where:

  • user_number is a number from 1 to 12 that corresponds to an unused user number in the "Display all user profiles" list.
  • user_name is a alphanumeric string up to 15 characters in length that can include periods ( . ) and underscores ( _ ). Each of the 12 user names must be unique.
  • user_password can be blank or an alphanumeric string up to 15 characters in length that can include periods ( . ) and underscores ( _ ), and must include at least one alphabetic and one non-alphabetic character.
  • user_authority is one of the following:
  • context_name is a string for SNMPv3 context that is up to 31 characters in length. Each of the 12 context names must be unique.
(continued on next page) 
                           -T system:mm[x]

where x is the primary management-module bay number.
Create user profile (continued)  
  • auth_protocol is an SNMPv3 authentication protocol of
    • sha
    • md5
    • blank (no entry) for none
  • privacy_protocol is an SNMPv3 privacy protocol of des or blank (no entry) for none. If the privacy protocol is set to none, no -ppw command option (privacy password) is required.
  • privacy_pwd is an SNMPv3 privacy password string of up to 31 characters in length. If the privacy protocol is set to none, the -ppw command option does not need to be used unless a privacy password is required.
  • access_type is an SNMPv3 access type of
    • read
    • write
    • traps
  • ip_addr/hostname is a valid SNMPv3 static IP address or an alphanumeric hostname string up to 63 characters in length.

Command use restricted (see Commands and user authority).

  
Set user name Sets a user name in the specified management-module user profile. users - user_number -n user_name

where:

  • user_number is a number from 1 to 12 that corresponds to the user number assigned in the "Display all user profiles" list.
  • user_name is a alphanumeric string up to 15 characters in length that can include periods ( . ) and underscores ( _ ). Each of the 12 user names must be unique.

Command use restricted (see Commands and user authority).

 
                           -T system:mm[x]

where x is the primary management-module bay number.
Set user password Sets a user password in the specified management-module user profile. users - user_number -p user_password

where:

  • user_number is a number from 1 to 12 that corresponds to the user number assigned in the "Display all user profiles" list.
  • user_password can be blank or an alphanumeric string up to 15 characters in length that can include periods ( . ) and underscores ( _ ), and must include at least one alphabetic and one non-alphabetic character.

Command use restricted (see Commands and user authority).

 
                           -T system:mm[x]

where x is the primary management-module bay number.

Set user authority level

Sets a user authority level in the specified management-module user profile. users - user_number -a user_authority

where:

  • user_number is a number from 1 to 12 that corresponds to the user number assigned in the "Display all user profiles" list.
  • user_authority is
    • operator (read-only)
    • rbs (custom)

The custom authority level parameter is specified using the following syntax:

                           rbs:levels:devices
where the levels are one or more of the following authority levels, separated by a vertical bar ( | ):
  • super (Supervisor)
  • cam (Chassis User Account Management)
  • clm (Chassis Log Management)
  • co (Chassis Operator)
  • cc (Chassis Configuration)
  • ca (Chassis Administration)
  • bo (Blade Operator)
  • brp (Blade Remote Present)
  • bc (Blade Configuration)
  • ba (Blade Administration)
  • so (I/O Module Operator)
  • sc (I/O Module Configuration)
  • sa (I/O Module Administration)
(continued on next page) 
                           -T system:mm[x]

where x is the primary management-module bay number.

Set user authority level

(continued) 		  where the devices are one or more of the following devices, separated by a vertical bar ( | ). Ranges of devices are separated by a dash ( - ).
  • c n (Chassis n, where n is a valid chassis number. Use c1 for single-chassis environments.)
  • b n (Blade n, where n is a valid blade bay number in the chassis)
  • s n (I/O module n, where n is a valid I/O module bay number in the chassis)

Command use restricted (see Commands and user authority).

  
Set SNMPv3 user context name Sets an SNMPv3 context name in the specified management-module user profile.

The context name defines the context the SNMPv3 user is working in. A context name can be shared by multiple users.

 users - user_number -cn context_name

where:

  • user_number is a number from 1 to 12 that corresponds to the user number assigned in the "Display all user profiles" list.
  • context_name is a string up to 31 characters in length. Each of the 12 context names must be unique.

Command use restricted (see Commands and user authority).

 
                           -T system:mm[x]

where x is the primary management-module bay number.
Set SNMPv3 user authentication protocol Sets the SNMPv3 authentication protocol to be used for the specified management-module user profile. users - user_number -ap auth_protocol

where:

  • user_number is a number from 1 to 12 that corresponds to the user number assigned in the "Display all user profiles" list.
  • auth_protocol is
    • sha,
    • md5
    • blank (no entry) for none

Command use restricted (see Commands and user authority).

 
                           -T system:mm[x]

where x is the primary management-module bay number.
Set SNMPv3 user privacy protocol Sets the SNMPv3 privacy protocol to be used for the specified management-module user profile.

If the privacy protocol is set to none, no -ppw command option (privacy password) is required.

 users - user_number -pp privacy_protocol

where:

  • user_number is a number from 1 to 12 that corresponds to the user number assigned in the "Display all user profiles" list.
  • privacy_protocol is des or blank (no entry) for none.

Command use restricted (see Commands and user authority).

 
                           -T system:mm[x]

where x is the primary management-module bay number.
Set privacy password for SNMPv3 user Sets an SNMPv3 privacy password in the specified management-module user profile. users - user_number -ppw privacy_pwd

where:

  • user_number is a number from 1 to 12 that corresponds to the user number assigned in the "Display all user profiles" list.
  • privacy_pwd is a string up to 31 characters in length.

Command use restricted (see Commands and user authority).

 
                           -T system:mm[x]

where x is the primary management-module bay number.
Set access type for SNMPv3 user Sets an SNMPv3 access type for the specified management-module user profile.

This command supports the following access types:

  • read: the user can query Management Information Base (MIB) objects and receive traps.
  • write: the user can query and set MIB objects and receive traps.
  • traps: the user can only receive traps.
 users - user_number -at access_type

where:

  • user_number is a number from 1 to 12 that corresponds to the user number assigned in the "Display all user profiles" list.
  • access_type is
    • read
    • write
    • traps

Command use restricted (see Commands and user authority).

 
                           -T system:mm[x]

where x is the primary management-module bay number.
Set IP address or hostname for SNMPv3 trap receiver Sets the IP address or hostname that will receive SNMPv3 traps for the specified management-module user profile. users - user_number -i ip_addr/hostname

where:

  • user_number is a number from 1 to 12 that corresponds to the user number assigned in the "Display all user profiles" list.
  • ip_addr/hostname is a valid static IP address or an alphanumeric hostname string up to 63 characters in length.

Command use restricted (see Commands and user authority).

 
                           -T system:mm[x]

where x is the primary management-module bay number.
Example: To create user number 3 with a user name of user3 who has supervisor rights to all BladeCenter components, while management module 1 is set as the persistent command environment, at the system:mm[1]> prompt, type 
                  users -3 -n user3 -p passw0rd -a rbs:super:c1|b1-b14|s1-s4 -cn joe -ap md5 -pp des
               
                  -ppw passw0rd -at read -I 192.168.70.129
Note: The entry beginning with users -3 -n... is shown with a line break after -pp des. When this command is entered, the entire entry must all be on one line.
To set the command authority for an existing user number 4 to Blade Operator for blade 1, blade 2, and blade 3 and Chassis Log Management, while management module 1 is set as the persistent command environment, at the system:mm[1]> prompt, type 
                  users -4 -rbs:bo|clm:b1-b3|c1
To display all users, while management module 1 is set as the persistent command environment, at the system:mm[1]> prompt, type 
                  users

The following example shows the information that is returned from these two commands:

               system:mm[1]> users -3 -n user3 -p passw0rd -a rbs:super:c1|b1-b14|s1-s4
-cn joe -ap md5 -pp des -ppw passw0rd -at read -I 192.168.70.129
OK
system:mm[1]> users -4 -rbs:bo|clm:b1-b3|c1
OK
system:mm[1]> users
1. USERID
   Role:supervisor
   Blades:1|2|3|4|5|6|7|8|9|10|11|12|13|14
   Chassis:1
   Switches:1|2|3|4
2. <not used>
3. user3
   Role:supervisor
   Blades:1|2|3|4|5|6|7|8|9|10|11|12|13|14
   Chassis:1
   Switches:1|2|3|4
4. user4
   Role:blade operator|chassis log management
   Blades:1|2|3
   Chassis:1
   Switches:N/A
5. <not used>
6. <not used>
7. <not used>
8. <not used>
9. <not used>
10. <not used>
11. <not used>
12. <not used>
system:mm[1]>
Note: The entry beginning with users -3 -n... is shown with a line break after -a rbs:super:c1|b1-b14|s1-s4. When this command is entered, the entire entry must all be on one line.
Parent topic: Command syntax