From: Rob De L. <rob...@tw...> - 2011-11-09 19:02:26
|
hi Holger, thanks for your reply ! I tried the option "-L", but the program does not support it : ./ipmitool -H 192.168.1.NN -vv -I lan -U OEM -L OEM sunoem fan speed 90 ipmitool: illegal option -- L ipmitool version 1.8.11 usage: ipmitool [options...] <command> -h This help -V Show version information -v Verbose (can use multiple times) -c Display output in comma separated format -d N Specify a /dev/ipmiN device to use (default=0) -I intf Interface to use -H hostname Remote host name for LAN interface -p port Remote RMCP port [default=623] -U username Remote session username -f file Read remote session password from file -S sdr Use local file for remote SDR cache It is the "ipmitool" that I got from SourceForge, version (as you can see in its reply) 1.8.11 Is there some other version that supports this option "-L" ? rgds Rob Citeren "Liebig, Holger" <hol...@ts...>: > Rob, > > there is a difference between a user's maximum privilege and the maximum session privilege which is requested during initial session handshake. Ipmitool defaults to a session privilege of administrator. Please try again with the OEM user and add ?L OEM. > > Holger > > FROM: Rob De Langhe [mailto:rob...@tw...] > SENT: Monday, November 07, 2011 8:41 PM > TO: ipm...@li... > SUBJECT: [Ipmitool-devel] authorization problems with SUN smdc card > > hi all, > > this is my first post here, so I hope that I respect this mailing list's policies... > > I got a SUN X2100 server with the optional SMDC card, and managed to get it to work : that is, I had to boot off the X2100 Supplementary CD, and configure the card's IP settings and passwords for the 4 default accounts (blank, operator, admin and oem). > > Now I can access the card via the Solaris-bundled "/usr/sbin/ipmitool", as well as via the SourceForge "ipmitool". All this on Solaris-10, and using the "lan" interface, not the "bmc" interface. > > The main reasons for the SMDC card are: > - providing me a remote console access to the server : this is fine, works correctly via the "ipmitool" > - being able to adjust the fan speeds, a topic that has been widely discussed on the web by a vast amount of (deaf, by now) X2100 owners complaining about extreme fan speed/noise. This still doesn't work for me. > > The settings of the fan speed, by lack of any documentation, seems to be done via some "ipmitool" command that sets some percentage : > /usr/sbin/ipmitool -H 192.168.1.NN -I lan -U OEM sunoem fan speed 90 > Password: > Sun OEM Set Fan Speed command failed: Insufficient privilege level > > Curious, since this "OEM" account has got the highest privilege level for such commands: > > % ipmitool -H 192.168.1.NN -I lan -U Admin user list 2 > Password: > ID Name Callin Link Auth IPMI Msg Channel Priv Limit > 1 true true true USER > 2 Operator true true true OPERATOR > 3 Admin true true true ADMINISTRATOR > 4 OEM true true true OEM > (the last argument "2" to "ipmitool" is the so-called channel number; the output is the same for channels 0 and 1) > > However, when I ask more verbose output from the command, I see that it doesn't use the "OEM" user, but instead the "Administrator" user, which obviously hasn't the right privileges to make such fan adjustments: > > % ipmitool -H 192.168.1.NN -vv -I lan -U OEM sunoem fan speed 90 > Password: > ipmi_lan_send_cmd:opened=[0], open=[134824980] > IPMI LAN host 192.168.1.NN port 623 > Sending IPMI/RMCP presence ping packet > Received IPMI/RMCP response packet: > IPMI Supported > ASF Version 1.0 > RMCP Version 1.0 > RMCP Sequence 255 > IANA Enterprise 4542 > > ipmi_lan_send_cmd:opened=[1], open=[134824980] > Channel 02 Authentication Capabilities: > Privilege Level : ADMINISTRATOR > Auth Types : MD5 PASSWORD > Per-msg auth : enabled > User level auth : enabled > Non-null users : enabled > Null users : enabled > Anonymous login : disabled > > Proceeding with AuthType MD5 > ipmi_lan_send_cmd:opened=[1], open=[134824980] > Opening Session > Session ID : 392b5cca > Challenge : ................................. > Privilege Level : ADMINISTRATOR > Auth Type : MD5 > ipmi_lan_send_cmd:opened=[1], open=[134824980] > > Session Activated > Auth Type : MD5 > Max Priv Level : ADMINISTRATOR > Session ID : 392b5cca > Inbound Seq : 00000001 > > ipmi_lan_send_cmd:opened=[1], open=[134824980] > Set Session Privilege Level to ADMINISTRATOR > > opened=[1], open=[134824980] > Sun OEM Set Fan Speed command failed: Insufficient privilege level > ipmi_lan_send_cmd:opened=[1], open=[134824980] > Closed Session 392b5cca > > Do you notice the > Privilege Level : ADMINISTRATOR > line, instead of OEM ? > > ==> Has anyone any clue about why this might refuse to consider the OEM user ? > > many thanks in advance for any hints or tips > > Rob > > ---------------------------------------------------------------- > This message was sent using IMP, the Internet Messaging Program. ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. |