Authentication for computer system management
First Claim
Patent Images
1. A method of managing a managed computer system, the method comprising:
- authenticating a user requesting access to a service processor to direct the service processor to perform a set of management operations on the managed computer system, the authenticating including;
obtaining, on the service processor, a set of proposed credentials for the user requesting to direct the service processor to perform the set of management operations on the managed computer system, wherein the set of proposed credentials correspond to a set of credentials that enable the user to directly access the managed computer system, wherein the service processor comprises at least one computing device, distinct from the managed computer system, configured to enable the user to manage the managed computer system over a network without use of a communications path of the managed computer system;
providing the set of proposed credentials from the service processor for authentication by the managed computer system in response to obtaining the set of proposed credentials for the user; and
receiving an authentication result on the service processor based on the set of proposed credentials in response to providing the set of proposed credentials.
2 Assignments
0 Petitions
Accused Products
Abstract
An improved solution for authenticating a user seeking to manage a computer system is provided according to aspects of the invention. A user seeking to perform out-of-band management of the computer system can provide a set of credentials to a service processor, which in turn provides them to the computer system for authentication. Additionally, a user seeking to perform in-band management of the computer system can provide a set of credentials to a management agent executing on the computer system for authentication. In either case, the computer system can authenticate the set of credentials, e.g., using an operating system interface.
189 Citations
20 Claims
-
1. A method of managing a managed computer system, the method comprising:
authenticating a user requesting access to a service processor to direct the service processor to perform a set of management operations on the managed computer system, the authenticating including; obtaining, on the service processor, a set of proposed credentials for the user requesting to direct the service processor to perform the set of management operations on the managed computer system, wherein the set of proposed credentials correspond to a set of credentials that enable the user to directly access the managed computer system, wherein the service processor comprises at least one computing device, distinct from the managed computer system, configured to enable the user to manage the managed computer system over a network without use of a communications path of the managed computer system; providing the set of proposed credentials from the service processor for authentication by the managed computer system in response to obtaining the set of proposed credentials for the user; and receiving an authentication result on the service processor based on the set of proposed credentials in response to providing the set of proposed credentials. - View Dependent Claims (2, 3, 4, 5, 20)
-
6. A system comprising:
a service processor for managing a managed computer system, the service processor including; at least one computing device, distinct from the managed computer system, configured to enable a user to access the service provider to direct the service processor to perform a set of management operations on the managed computer system over a network without use of a communications path of the managed computer system by performing a method comprising authenticating the user requesting access to the service processor to direct the service processor to perform the set of management operations on the managed computer system, the authenticating including; obtaining, on the service processor, a set of proposed credentials for the user requesting to direct the service processor to perform the set of management operations on the managed computer system, wherein the set of proposed credentials correspond to a set of credentials that enable the user to directly access the managed computer system; providing the set of proposed credentials for authentication by the managed computer system in response to obtaining the set of proposed credentials for the user; and receiving an authentication result based on the set of proposed credentials in response to providing the set of proposed credentials. - View Dependent Claims (7, 8, 9, 10, 11)
-
12. A system comprising:
a managed computer system including; at least one computing device; and a device driver installed on the at least one computing device for use in conjunction with a service processor, the device driver including a set of authentication commands for authenticating a user requesting to access the service processor, wherein the service processor is distinct from the managed computer system and is configured to enable the user to direct the service processor to perform the set of management operations on the managed computer system over a network without use of a communications path of the managed computer system, and wherein the set of authentication commands enable the service processor to authenticate the user requesting access to the service processor by performing a method including; providing a set of proposed credentials for authentication by the managed computer system, wherein the set of proposed credentials correspond to a set of credentials that enable the user to directly access the managed computer system; and receiving an authentication result based on the set of proposed credentials in response to providing the set of proposed credentials. - View Dependent Claims (13, 14, 15, 16)
-
17. A method of generating a system, the method comprising:
-
obtaining a managed computer system; and installing a service processor for managing the managed computer system, the service processor including; at least one computing device, distinct from the managed computer system, configured to enable a user to access the service provider to direct the service processor to perform a set of management operations on the managed computer system over a network without use of a communications path of the managed computer system by performing a method comprising authenticating the user requesting access to the service processor to direct the service processor to perform the set of management operations on the managed computer system, the authenticating including; obtaining, on the service processor, a set of proposed credentials for the user requesting to direct the service processor to perform the set of management operations on the managed computer system, wherein the set of proposed credentials correspond to a set of credentials that enable the user to directly access the managed computer system; providing the set of proposed credentials for authentication by the managed computer system in response to obtaining the set of proposed credentials for the user; and receiving an authentication result based on the set of proposed credentials in response to providing the set of proposed credentials. - View Dependent Claims (18, 19)
-
Specification