HP 3PAR StoreServ 7400 2-node HP 3PAR Command Line Interface Administrator& - Page 17
Default User Accounts, Authenticating and Authorizing CLI Users, Viewing User Roles and Rights
View all HP 3PAR StoreServ 7400 2-node manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 17 highlights
Table 2 HP 3PAR CLI User Roles (continued) User Roles Rights Assigned to Roles 3PAR AO Rights are limited to internal use by HP for Adaptive Optimization operations. 3PAR RM Rights are limited to internal use by HP for Recovery Manager operations. Default User Accounts During the HP 3PAR storage system's moment of birth operation, the following HP 3PAR CLI user accounts are created: • 3paradm is a user account with Super rights. This user account is not used by HP personnel and you can modify or delete this user account. Use the 3paradm user account to create new CLI users. You should change the password of this user. • 3parcim is a user account with Browse rights. This user account is reserved for use by the HP 3PAR administration tools. The 3parcim user account and password must not be modified or deleted if you intend to use CIM. If CIM will never be used, then the account may be modified or deleted. • 3parbrowse is a user account with Browse rights. No HP personnel or service providers have access to this user account. The password is randomly created and is unknown to anyone. This user account is not used by HP personnel and you can modify or delete this user account. • 3paredit is a user account with Edit rights. No HP personnel or service providers have access to this user account. The password is randomly created and is unknown to anyone. This user account is not used by HP personnel and you can modify or delete this user account. • 3parsvc is a user account with Super rights. This Super user account is used by the HP 3PAR Service Processor (SP) to monitor the HP 3PAR storage system. The 3parsvc user account should not be removed. If the SP is being used to monitor the storage server, the SP resets the default password to a randomized value. Changing the password prevents the SP from performing monitoring operations. If the SP is not being used for monitoring and is only used for maintenance activities, the password can be changed. When a maintenance activity takes place, the password for 3parsvc should be set to a defined value; after the maintenance, the SP changes the password to a randomized value again. Once the maintenance is complete, the password can again be changed. • 3parservice is a user account with Super rights. This Super user account is used by HP personnel and authorized service providers to perform service and diagnostic functions on the system through the interactive CLI. The 3parservice user account should not be removed. The password can be modified by the system administrator. During SP maintenance activities, the password may be reset by the system to allow service to proceed. After the maintenance activities are complete, the password can be reset by the system administrator. Authenticating and Authorizing CLI Users Users accessing the system with the HP 3PAR CLI client or Secure Shell (SSH) connections are authenticated and authorized directly on the system. These users are referred to as local users. An LDAP user is authenticated and authorized using information from a Lightweight Directory Access Protocol (LDAP) server. A domain user is a user with access to a specific domain. For more information about user accounts, domains, and LDAP, see the HP 3PAR StoreServ Storage Concepts Guide. For more information about configuring LDAP connections , see "Configuring LDAP Connections" (page 21). Viewing User Roles and Rights The showrole command displays information about the roles and rights defined on a system. For more information about the showrole command, see the HP 3PAR Command Line Interface Viewing User Roles and Rights 17