Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1826
Views
0
Helpful
1
Replies

UCS-B KVM access without read-only access to rest of system.

James Lake
Level 1
Level 1

‎06-24-2014 06:48 AM

I have a client that is a hosting provider. They would like to give multiple clients access to the UCS KVM without allowing them to see configuration of the UCS or access to other clients KVMs

Here is what we have done so far

  • We have upgraded to the 2.2 code to enable Direct-KVM
  • We have created Sub-Orgs
  • We have created users with access only to Sub-Orgs

Here are the challenges that we are facing

  • If one of the created users logs into UCSM they are able to see the system configuration and other clients configurations.
  • If we provide the clients with Direct-KVM access we have to allow the clients access to the UCS management IP space

We have discussed creating NATs and ACLs for limiting access to the IP space.

I wanted to see if anyone else has encountered this and what they did as a solution.

0 Helpful
1 Reply 1

ericwill
Cisco Employee
Cisco Employee

‎07-16-2014 12:15 PM

The only real way to do this without giving them UCSM access is via IPMI users definition.  Everyone that logs into UCS Manager gets a read-only access privilege.  Secondly, you could use UCS Central, which does mask areas that aren't defined in a user's locale (both domain groups and orgs in UCS Central).  That level of capability has not been added yet into UCS Manager.     You can launch KVM's for local or global SP's from UCS Central.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Review Cisco Networking products for a $25 gift card