NVIDIA BlueField BMC Software v24.04
NVIDIA BlueField BMC Software v24.04

User Management

General Information

General information about the BMC account services

Copy
Copied!
            

curl -k -u root:'<password>' -H 'Content-Type: application/json' -X GET https://<IP>/redfish/v1/AccountService

Example output:

Copy
Copied!
            

{ "@odata.id": "/redfish/v1/AccountService", "@odata.type": "#AccountService.v1_10_0.AccountService", "AccountLockoutDuration": 600, "AccountLockoutThreshold": 4, "Accounts": { "@odata.id": "/redfish/v1/AccountService/Accounts" }, .. "MaxPasswordLength": 20, "MinPasswordLength": 13, "Name": "Account Service", "Oem": { .. "Roles": { "@odata.id": "/redfish/v1/AccountService/Roles" }, "ServiceEnabled": true }


List Supported User Roles

List supported user roles in the system:

Copy
Copied!
            

curl -k -u root:'<password>' -H 'Content-Type: application/json' -X GET https://<IP>/redfish/v1/AccountService/Roles

Example output:

Copy
Copied!
            

{ "@odata.id": "/redfish/v1/AccountService/Roles", "@odata.type": "#RoleCollection.RoleCollection", "Description": "BMC User Roles", "Members": [ { "@odata.id": "/redfish/v1/AccountService/Roles/Administrator" }, { "@odata.id": "/redfish/v1/AccountService/Roles/Operator" }, { "@odata.id": "/redfish/v1/AccountService/Roles/ReadOnly" }, { "@odata.id": "/redfish/v1/AccountService/Roles/NoAccess" } ], "Members@odata.count": 4, "Name": "Roles Collection" }


List User Accounts

Copy
Copied!
            

curl -k -u root:'<password>' -H 'Content-Type: application/json' -X GET https://<IP>/redfish/v1/AccountService/Accounts

Example output:

Copy
Copied!
            

{ "@odata.id": "/redfish/v1/AccountService/Accounts", "@odata.type": "#ManagerAccountCollection.ManagerAccountCollection", "Description": "BMC User Accounts", "Members": [ { "@odata.id": "/redfish/v1/AccountService/Accounts/NvdBluefieldUefi" }, { "@odata.id": "/redfish/v1/AccountService/Accounts/root" } ], "Members@odata.count": 2, "Name": "Accounts Collection" }


Create New User

Create a new user on the BMC:

Copy
Copied!
            

curl -k -u root:'<password>' -H 'Content-Type: application/json' -X POST https://<IP>/redfish/v1/AccountService/Accounts -d '{ "UserName":"<USER>", "Password":"<PASSWORD>", "RoleId":"<ROLE>", "Enabled":true}'

Example output:

Copy
Copied!
            

{ "@Message.ExtendedInfo": [ { "@odata.type": "#Message.v1_1_1.Message", "Message": "The resource has been created successfully.", "MessageArgs": [], "MessageId": "Base.1.15.0.Created", "MessageSeverity": "OK", "Resolution": "None." } ] }


Delete User

Delete user form the system:

Copy
Copied!
            

curl -k -u root:'<password>' -H 'Content-Type: application/json' -X DELETE https://<IP>/redfish/v1/AccountService/Accounts/<USER>

Example output:

Copy
Copied!
            

{ "@Message.ExtendedInfo": [ { "@odata.type": "#Message.v1_1_1.Message", "Message": "The account was successfully removed.", "MessageArgs": [], "MessageId": "Base.1.15.0.AccountRemoved", "MessageSeverity": "OK", "Resolution": "No resolution is required." } ] }


List Users

Copy
Copied!
            

ipmitool user list [<channel-number>]

For example:

Copy
Copied!
            

ipmitool user list 1


Create User

Copy
Copied!
            

ipmitool user set name <user-id> <username>

For example:

Copy
Copied!
            

ipmitool user set name 2 Admin


Set User Password

Copy
Copied!
            

ipmitool user set password <user-id> <password>

For example:

Copy
Copied!
            

ipmitool user set password 2 AdminPass_123


Enable User

Copy
Copied!
            

ipmitool user enable <user-id>

For example:

Copy
Copied!
            

ipmitool user enable 2


Disable User

Copy
Copied!
            

ipmitool user disable <user-id>

For example:

Copy
Copied!
            

ipmitool user disable 2


Set User Privilege

Copy
Copied!
            

ipmitool user priv <user-id> <privilege level(1-4)> [<channel-number>]

Where "privilege level":

  • 1 – callback level (currently not supported)

  • 2 – user level

  • 3 – operator level

  • 4 – administrator level

For example:

Copy
Copied!
            

ipmitool user priv 2 0x3 1


Enable Remote IPMI for User

Enable remote IPMI command functionality for user:

Copy
Copied!
            

ipmitool channel setaccess [<channel-number>] <user id> ipmi = on| off

For example:

Copy
Copied!
            

ipmitool channel setaccess 1 2 ipmi=on


Lanplus Commands to Execute IPMI Commands Remotely for Admin Users

Lanplus commands to execute IPMI commands remotely for users with admin permissions:

Copy
Copied!
            

ipmitool -C 17 -I lanplus -U <user> -P <password> -H <bmc-ip-address> <ipmi-command>

For example:

Copy
Copied!
            

ipmitool -C 17 -I lanplus -U ADMIN -P AdminPass_123! -H 10.10.10.10 user list 1


Lanplus Commands to Execute IPMI Commands Remotely for Non-admin Users

Lanplus commands to execute IPMI commands remotely for users with a non-administrator role:

Copy
Copied!
            

ipmitool -C 17 -I lanplus -U <user> -P <password> -H <bmc-ip-address> -L <privilege (operator|user)> <ipmi-command>

For example:

Copy
Copied!
            

ipmitool -C 17 -I lanplus -U operator1 -P operator123 -H 10.10.10.10 -L operator user list 1 ipmitool -C 17 -I lanplus -U user1 -P user123 -H 10.10.10.10 -L user chassis status


Delete User

Copy
Copied!
            

ipmitool user set name <user-id> ""

For example:

Copy
Copied!
            

ipmitool user set name 2 ""


© Copyright 2024, NVIDIA. Last updated on May 10, 2024.