Edit: The link still works, and it is still a good idea to set up roles.
Originally posted August 14, 2018 on AIXchange
You probably have users in your environment who need access to the Hardware Management Console (HMC), and if so, it’s very likely you want to limit what they can do with this access. The IBM Knowledge Center lays out HMC user roles and other pertinent information in this document that was most recently updated in June:
Each HMC user has an associated task role and a resource role. The task role defines the operations the user can perform. The resource role defines the systems and partitions for performing the tasks. The users may share task or resource roles. The HMC is installed with five predefined task roles. The single predefined resource role allows access to all resources. The operator can add customized task roles, customized resource roles, and customized user IDs. The page includes six tables, though the first table is merely a list of headings for the next four. Those tables cover user roles, IDs, commands and control panel functions. The sixth table is a list of tasks that can only be performed from the command line:
Table 1. HMC task groupings
Table 2. HMC Management tasks, commands, and default user roles
Table 3. Service Management tasks, commands, and default user roles
Table 4. Systems Management tasks, commands, and default user roles
Table 5. Control Panel Functions tasks, commands, and user roles
Table 6. Command line tasks, associated commands, and user roles
Each table covers these default roles and IDs:
Operator (hmcoperator)
Super Administrator (hmcsuperadmin)
Viewer (hmcviewer)
Service Representative (hmcservicerep)
These tables provide a good overview of HMC commands and appropriate default user roles.