IBM Power Connect, learn, share, and engage with IBMPower. Join / Log in
When attaching multiple Power10 servers to a HMC, is there a need
for using multiple different ASMI passwords, or may I use identical
ASMI passwords for a number of servers ?
i. A. Dr. Rolf DiekkämperSenior Consultant Tel: +49 40 636699-2217 Mobil: +49 172 7313275 Fax: +49 40 636699-2229 E-Mail: R.Diekkaemper@profi-ag.de
PROFI Engineering Systems AG Hammerbrookstraße 90 20097 Hamburg
There is no technical requirement to use different passwords and to be honest you wont use it often, so just make sure to document it somewhere safe ;)
Hello RolfAsmi menus are mainly used for maintenance purpose ( log & resource deconfiguration verification or some concurent maintenance...) ; admin credentials should be provided to technician upon request.Yes, you can use same credentials for all your systems and agree with Henrik by keeping tracks of passwords safely.Best regards,Christophe Ducrocq
I would argue that IBM technicians should use the celogin account.To the original question, yes you can use the same password across the board, however I would only ever consider doing that if you are using a private network between the HMC and the systems. I would also encourage using different passwords for the different accounts, admin, general and hmc. Of course best-practice would be to use a vault and all separate passwords.
As others said, there's no technical requirement (other than some minimal password requirements), but it's a best practice to have different passwords for every system/user combination. At the very least, you should stash the "admin" password on a secure vault.
As has been stated there is no technical requirement to use different passwords but security best practices usually prefer them all to be different and stored in a secure location. Note that for IBM technicians to gain service/celogin authority to a P10 eBMC system it requires an administrator to install an IBM provided ACF to enable the service account so it is important to not lose those credentials.
For eBMC based P10 systems you can also disable the default admin account and create a new userid with administrator privileges if so desired. More information on securing an eBMC system can be found here : https://www.ibm.com/docs/en/power10?topic=systems-security-guidelines