White Papers
PAGE 7 OF 24
Authentication and Authorization
Log in via Local Account
The DRAC 5 ships with a default local user account that is pre-configured with an administrator
role. This default user name is “root” and the password is “calvin” for this user.
Dell strongly recommends changing this default setting during deployment of the DRAC 5.
DRAC 5 supports up to 16 local users. Each user can be enabled or disabled. You can secure the
DRAC 5 by disabling all local user accounts and using only Microsoft
®
Active Directory
®
users since
Active Directory is considered to have stronger secure policy management.
Local users’ user names and passwords can be changed. DRAC 5 local users’ account policy is as
follows:
Anonymous user is NOT supported
NULL user name is NOT supported
NULL password is NOT supported
Maximum user name length is 16 characters
Maximum user password length is 20 characters
DRAC 5 local user account information is stored on NVRAM and is encrypted via a proprietary
algorithm.
DRAC 5 supports privilege-based access to a DRAC. Every local user or Active Directory user has
a privilege set associated with it. The privilege is per channel per user. The privilege set decides
what kind of rights a user has on the DRAC 5 on each of the access channels.
There are three types of access channels on DRAC 5:
IPMI LAN channel
IPMI Serial channel
RAC channel – including RAC web GUI, RAC serial/telnet/SSH console, RACADM CLI, RAC
SM-CLP, RAC virtual media, RAC console redirection
IPMI LAN and IPMI serial channel privilege are defined in the IPMI 2.0 specification. (See IPMI
Out-of-band Access Security
for further information.)