| Privilege | Capabilities |
| None | None. When the local privilege for a user is set to none, that user has no privileges, even if privileges for that user are defined in LDAP. Setting a user’s local privilege to none prevents the user’s privileges from being looked up in LDAP. |
| useradm | Can create, delete, disable, and enable user accounts. Can change a user’s password and password properties. Can change a user’s privileges. Can view all platform states. |
| platadm | Can perform all Service Processor configuration other than the useradm and auditadm tasks. Can assign and unassign hardware to or from domains. Can perform domain and Service Processor power operations. Can perform Service Processor failover operations on systems with more than one Service Processor. Can perform all operations on domain hardware. Can view all platform states. |
| platop | Can view all platform states. |
| domainadm | Can perform all operations on hardware assigned to the domain(s) on which this privilege is held. Can perform all operations on the domain(s) on which this privilege is held. Can view all states of the hardware assigned to the domain(s) on which this privilege is held. Can view all states of the domain(s) on which this privilege is held. |
| domainmgr | Can perform domain power operations. Can view all states of the hardware assigned to the domain(s) on which this privilege is held. Can view all states of the domain(s) on which this privilege is held. |
| domainop | Can view all states of the hardware assigned to the domain(s) on which this privilege is held. Can view all states of the domain(s) on which this privilege is held. |
| auditadm | Can configure auditing. Can delete audit trail. |
| auditop | Can view all audit states and the audit trail. |
| fieldeng | Can perform all operations reserved for field engineers. |
The domainadm, domainmgr, and domainop privileges must include the domain number,numbers, or range of numbers to associate with a particular user account.
A user can have multiple privileges, and a user can have privileges on multiple domains.
domainadm设置示例:
XSCF> setprivileges user domainadm@1-4, 6, 9
