Service and support access

One of the traditional user classifications is that of service personnel. By default the HMC is shipped with a default user ID of SERVICE for use by service personnel. The user roles that are associated with this default user evolved over time. Table 1 lists the user roles that are assigned to default user SERVICE over various HMC versions.
Table 1. Default user SERVICE's resource and task roles
HMC version 2.16.0 HMC version 2.15.0 HMC version 2.14.0 and 2.14.1 HMC versions 2.11 and 2.12 HMC version 2.10 or prior
All System Managed Objects All System Managed Objects All System Managed Objects All zCPC Managed Objects All Managed Objects
      All Directors/Timers Managed Objects All Directors/Timers Managed Objects
      All Fiber Saver Managed Objects All Fiber Saver Managed Objects
    BladeCenter Objects BladeCenter Objects  
    DPXI50z Blade Objects DPXI50z Blade Objects (version 2.12 only)  
    Ensemble Object Ensemble Object  
    IBM® Blade Objects IBM Blade Objects  
    IBM Blade Virtual Server Objects IBM Blade Virtual Server Objects  
      ISAOPT Blade Objects (version 2.11 only)  
      Service Fiber Saver tasks Service Fiber Saver tasks
      Service Representative Director/Timer Tasks Service Representative Director/Timer Tasks
Service Representative Tasks Service Representative Tasks Service Representative Tasks Service Representative Tasks Service Representative Tasks

This default setup provides service representatives with all the tasks needed to service the HMC and its associated system resources. This user is just like every other HMC user; that is, it can be altered or deleted to meet the security needs of the customer. Making radical changes in this area can affect IBM's ability to service the HMC and associated system resources, so any changes should be communicated to your service representative.

In addition to the service representative's normal usage of the HMC, there are rare cases where more detailed problem determination is required. For this reason, a special HMC user can be used by product engineering to perform in-depth problem determination. This user, PEMODE, differs from other HMC users in a couple ways:
  • The customer cannot alter or delete this user
  • For systems prior to 2.14.1 the password for this user ID is unique for each HMC and changes daily
  • For systems 2.14.1 or later the password for this user ID is unique and must be obtained from the service representative.

The system administrator cannot manage this user like other users, but the HMC does provide the Customize Product Engineering Access task, which the customer can use to disable this user ID. Disabling product engineering access makes this user unusable, which prevents any unauthorized access to the HMC by product engineering.

For systems 2.14.1 or later, the Manage Product Engineering Access Control File task is available to the service representative to enable the ability to login using this user ID. Once this task is used and an access control file is imported to the HMC/SE the service representative can log onto the HMC/SE using a password unique to the control file being used.

Note: The product engineering user ID requires the user to revalidate the password every 2 hours while it is being used.