[Freeipmi-devel] How to enable users on the BMC

freeipmi-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Freeipmi-devel] How to enable users on the BMC

From:	Albert Chu
Subject:	[Freeipmi-devel] How to enable users on the BMC
Date:	Tue, 23 Dec 2003 14:21:19 -0800

Hey Ian,

I figured it out and I was able to enable a user on one of our test
nodes and was able to successfully power status that node with that user.

The bug is in your bmc-make-user program.  

If you take a look at the set-user-password command on 18.27 of the IPMI
spec, you need to execute the set-user-password command TWICE.

One time, you set the user-password by setting the second byte of the
command 0x02...

Then, you have to call set-user-password again, setting the second byte
of the command to 0x01.

Here's what I did to make it work on our system (after I used your
bmc-make-user command to setup a user):


  net_fn_t net_fn;
  u_int8_t pkt[20];

  net_fn.fn  = IPMI_NET_FN_APP_RQ;
  net_fn.lun = IPMI_BMC_IPMB_LUN_BMC;
    
  pkt[0] = ipmi_netfn2byte (net_fn);
  pkt[1] = IPMI_CMD_SET_USER_PASSWORD_CMD;
  pkt[2] = 0x02;
  pkt[3] = 0x01;
  // no need to put data in password buffer

  if (ipmi_kcs_write (pkt, 20) == -1)
    {
      printf("Error writing cmd\n");
      exit(1);
    }

  if (ipmi_kcs_read (pkt, 3) == -1)
    {
      printf("Error reading cmd\n");
      exit(1);
    }
  
  if (pkt[2] != IPMI_COMMAND_SUCCESS)
    {
      printf("Command did not succeed\n");
      exit(1);
    }

Al

--
Albert Chu
address@hidden
Lawrence Livermore National Laboratory

----- Original Message -----
From: Albert Chu <address@hidden>
Date: Tuesday, December 23, 2003 1:25 pm
Subject: [llnl-devel] enabling BMC users

> Hey Ian,
> 
> I got some of your code.  I've been playing with it.  I tried the "get
> user access command" for the user we use to power off/power on our 
> testcluster.   And the results I got were:
> 
> bit 7 - reserved
> bit 6 - user access available during call-in or callback direction
> communication
> bit 5 - user enabled for link authentication
> bit 4 - user disabled for IPMI messaging
> bit3-0: 0xF (no access).
> 
> This is a username that we definitely use on our test cluster.  So
> needless to say, the data I got back was surprising.  So perhaps 
> the set
> user access command isn't the right command to use?
> 
> I'll keep playing around, see what I can come up with.  Let me know 
> howthings are going for you.
> 
> Al
> 
> 
> 
> 
> 
> --
> Albert Chu
> address@hidden
> Lawrence Livermore National Laboratory
> 
> 
> _______________________________________________
> llnl-devel mailing list
> address@hidden
> http://californiadigital.com/cgi-bin/mailman/listinfo/llnl-devel
>

[Prev in Thread]

Current Thread

[Next in Thread]

[Freeipmi-devel] How to enable users on the BMC, Albert Chu <=
- [Freeipmi-devel] Re: [llnl-devel] How to enable users on the BMC, brian . lavender, 2003/12/23
  - [Freeipmi-devel] Re: [llnl-devel] How to enable users on the BMC, Anand Babu, 2003/12/23

Prev by Date: Re: [llnl-devel] Re: [Freeipmi-devel] ipmipower status
Next by Date: RE: [Freeipmi-devel] Re: How can we get MAC address during node
Previous by thread: [Freeipmi-devel] new member to our team
Next by thread: [Freeipmi-devel] Re: [llnl-devel] How to enable users on the BMC
Index(es):
- Date
- Thread