CHAPTER 3. IPMI INTERFACES
IPMI PRIVILEGE CALLBACK (1)
IPMI PRIVILEGE USER (2)
IPMI PRIVILEGE OPERATOR (3)
IPMI PRIVILEGE ADMIN (4) IPMI PRIVILEGE OEM (5)
The user is only allowed to request that the IPMI system call back home. A “read-only” user. The user can look at system state, but not change anything. For instance, the user can fetch SEL entries, but not delete them. This user can do everything but configuration commands. For instance, they can clear the SEL and configure sensors, but they cannot add users or configure LAN parameters. This user can do pretty much anything on an IPMI system. Undefined by the spec, it’s whatever the OEM wants.
Table 3.18: Privilege levels in IPMI
Serial over PPP
Table 3.17: Serial Configuration Parameters
IPMI uses users for access control on IPMI systems with LAN or serial interfaces. The local system interface has no access controls, but the more external interfaces require authentication to be able to use the interface. Users may be able to authenticate links and send and recieve IPMI messages.
Users have a defined maximum privilege level. They may not negotiate a connection with a higher privilege level than that. The privilege levels are defined in table 3.18 and they affect what messages the system will accept from the user. In addition to that, the user may be restricted to only work in a callback session.
The systems have two ways of identifying users: by number and by name. A BMC will have a set of users (up to 63, but the BMC may have a lower limit) indexed by number. User 0 is reserved. User 1 is a special user that is defined to not have a name. This provides a simple but insecure way to access the system, especially if user 1 does not have a password. All the other user numbers may be assigned names. The name is used for system authentication.
Users may have passwords assigned to them. If no password is assigned, then an empty password is able to authenticate the user. The passwords are used to authenticate the link and the messages.
The user number, name, password and enable are global for all channels in an BMC. The link/message authentication enables are done per-channel.