Name
user — Manages BMC users.
Syntax
user list
user add <USERNAME> <ROLE>
user del <USERNAME>
user changepw <USERNAME>
user ldap [show | modify] [ad | openldap]
Options
listLists the users in the BMC and their privilege level.
add<USERNAME><ROLE>Creates a new user, by specifying their username and role (admin or operator). A password is required.
Passwords must be 8-32 characters (no spaces) containing at least one number, one uppercase letter, one lowercase letter, and one special character: !@#$%^&*
del<USERNAME>Deletes the specified user. Requires a confirmation.
changepw<USERNAME>Changes the password of the specified user.
ldapManages OpenLDAP/Active Directory user authentication.
Options:
showShows the current configuration for the specified option:
adoropenldap.Refer to parameters under "modify".
modifyModifies the current configuration for the specified option:
adoropenldap.Parameters include:
LDAPServerURI: Specifies the location of LDAP server, with prefix (usually ldap:// or ldaps://)
LDAPBindDN: Specifies the credential to LDAP server
LDAPBindDNPassword: Specifies the password associated to the BindDN to access the server
LDAPBaseDN: Specifies the starting point for user searches
LDAPSearchScope: Specifies the portion of the target subtree that should be considered. either
*.base,*.one, or*.sub, such asxyz.openbmc_project.User.Ldap.Config.SearchScope.sub(refer to https://ldap.com/the-ldap-search-operation/)LDAPType: Specifies the type of ldap server, either OpenLdap or ActiveDirectory, such as
xyz.openbmc_project.User.Ldap.Config.OpenLdapGroupNameAttribute: Specifies the attribute that contains group name
UserNameAttribute: Specifies the attribute name that contains user name
adConfigures Active Directory.
openldapConfigures OpenLDAP.
Examples
user list user add alice admin user del bob user changepw charlie user ldap show ad user ldap modify openldap