Manualshelf

Product data

ManualsBrandsSDMC ManualsMedia PlayerTMP-3T
221222223224225226227228229230
198 IBM Systems Director Management Console: Introduction and Overview
9.1 User management and security
Virtualization means that more than one system is running on the same
hardware. Often, different systems are owned by different entities, for example,
finance or human resources departments. Depending on the company’s
structure, security measurements may require that one user administering the
Virtual Server for the finance department must not administer the Virtual Server
for the human resources department, even if it is running on the same hardware
or in the same pool. Also, it might be required that users work with different
permissions, for example, operations personnel can start and stop the Virtual
Server but not configure it. A user and security concept has to be put in place.
This configuration was already possible on the HMC, but the naming and flow of
operations has changed considerably in the SDMC. This section maps the known
concepts in HMC to those used in the SDMC and how to use them.
9.1.1 Hardware Management Console concepts
On the HMC, there were predefined users and tasks and roles. Users were
created and managed on the HMC itself and confined to the machine on which
they were created. The SDMC instead uses the concept of a
user registry, just
like IBM Systems Director, because the IBM Systems Director component of the
SDMC is used for it. A user registry can be the user management base of the
underlying operating system, LDAP, or a domain controller. For more information
about how IBM Systems Director handles users and security, refer to
Implementing IBM Systems Director 6.1, SG24-7694.
Hardware Management Console users, roles, and tasks
To manage different aspects of the HMC and attached systems, the HMC used
user roles and HMC tasks to manage access and permissions to the HMC itself
as well as the attached systems.
For the SDMC, the IBM Systems Director concept was extended to create and
manage users with either registry. For a quick mapping of default users, refer to
Table 9-1.
Table 9-1 Default users on HMC and SDMC
HMC SDMC
root root
hscroot sysadmin
hscpe pe