This privilege allows a user to perform provisioning operations related to Authentication, Authorization and Accounting. This includes managing users and roles, and configuring services that are exposed to the management interfaces.

Aaa (aaa)

Allows a user to perform provisioning operations related to Authentication, Authorization, and Accounting.

• Configure Key Ring and manage certificates

• Configure communication policy resolution

• Configure DNS providers and domains

• Configure SNMP policies, users, and traps

• Manage users, roles, locales, sessions, and login banners

• Configure management connectivity (HTTP/S, SSH, Telnet, etc.)

Admin (admin)

Provides a user with full access to all operations in Cisco UCS Manager.

Ext Lan Config (ext-lan-config)

Allows configuration of LAN settings on a fabric interconnect, including border ports, VLANs, and PIN groups.

• Configure Ethernet PIN Groups and MAC aging

• Enable/Disable VLAN compression and Ethernet ports

• Configure Fabric Interconnect system name and LACP policy

• Configure NetFlow policies and Ethernet monitoring sessions

Service Profile Compute (ls-compute)

Configures most aspects of service profiles, excluding vNIC/vHBA creation.

• Configure Service Profile BIOS policies and storage profiles

• Create/modify/delete Service Profiles and templates

• Configure VMQ policies and maintenance tasks

• Assign usNIC policies and configure scriptable vMedia

Server Maintenance (pn-maintenance)

Performs physical server maintenance operations.

• Acknowledge, decommission, and recover blade/rack servers

• Reset CIMC, KVM, CMOS, and BIOS passwords

• Configure locator and health LEDs

• Reset IO Modules and FEX