Users Guide
– [7:4]-Reserved
– [3:0]-User simultaneous session limit. 1=based. oh=only limited by the implementations support for simultaneous sessions.
• Response data byte 1—Completion code
NOTE: If the user access level is set higher than the privilege limit for a given channel, the implementation does not return
an error completion code. If required, It is up to the software to check the channel privilege limits set using the Set
Channel Access command and provide notication of any mismatch.
Set User Name Command
• Request date byte 1—User ID
– [7:6]-reserved
– [5:0]-User ID. 000000b-reserved. User ID 1 is permanently associated with User 1, the null user name.
• Request date byte 2:17—User Name String in ASCII, 16 bytes maximum. Strings with fewer then 16 characters terminate with a null
(00h) character. The 00h character is padded to 16 bytes. When the string is read back using the Get User Name command, those
bytes return as 0s.
• Response data byte 1—Completion code
Set User Password Command
• Request data byte 1—User ID. For IPMI v20, the BMC supports 20-byte passwords (keys) for all user IDs that have congurable
passwords. The BMC maintains an internal tag indicating if the password is set as a 16-byte or 20-byte password.
Use a 16-byte password in algorithms that require a 20-byte password. The 16-byte password is padded with 0s to create 20-bytes.
If an attempt is made to test a password that is stored as a 20-byte password as a 16-byte password, and vice versa, the test
password operation returns a test failed error completion code.
You cannot use a password stored as a 20-byte password to establish an IPMI v1.5 session. You must set the password as a 16-byte
password to congure the same password for both IPMI v20 and IPMI v1.5 access. The password is padded with 0s as necessary.
Use the test password operation to determine if a password is stored as 16-bytes or 20-bytes.
• Request data byte 2—
– [7:2] Reserved
– [1:0] Operation
◦ 00b-disable user
◦ 01b-enable user-10b-set password
◦ 11b-test password. This compares the password data give in the request with the presently stored password and returns an OK
completion code if it matches. Otherwise, an error completion code returns.
• Request data byte 3:18—For 16-byte passwords. Password data. This is a xed-length required led used for setting and testing
password operations. If the user enters the password as an ASCII string, it must be null (00h) terminated 00h padded if the string is
shorter than 16 bytes. This eld is not needed for the disable user or enable user operation. If the eld is present, the BMC
ignores the data.
• Request data byte 3:22—For 20-byte passwords. This is a xed-length required led used for setting and testing password operations.
If the user enters the password as an ASCII string, it must be null (00h) terminated 00h padded if the string is shorter than 20 bytes.
This eld is not needed for the disable user or enable user operation. If the eld is present, the BMC ignores the data.
• Response data byte 1—Completion code. Generic plus the following command-specic completion codes:
– 80h-mandatory password test failed. Password size is correct but the password data does not match the stored value.
– 81h-mandatory password test failed. Wrong password size.
56
Conguration methods