I have a HP ProLiant 685c G7 with iLO3 that I need to monitor over IPMI.

If I configure Zabbix to use account with Administrator-level access, it works just fine.
If I create an iLO3 account with only User-level access and configure Zabbix to use this account instead, it stops working:
[IP address and hostname edited out]

26615:20130108:120809.007 In substitute_key_macros() data:'ipmi.proliant.Inlet_Ambient'
26615:20130108:120809.007 End of substitute_key_macros():SUCCEED data:'ipmi.proliant.Inlet_Ambient'
26615:20130108:120809.007 In get_value() key:'ipmi.proliant.Inlet_Ambient'
26615:20130108:120809.007 In get_value_ipmi() key:'myhost:ipmi.proliant.Inlet_Ambient'
26615:20130108:120809.007 In init_ipmi_host() host:'[x.x.x.x]:623'
26615:20130108:120809.007 In get_ipmi_host() host:'[x.x.x.x]:623'
26615:20130108:120809.007 End of get_ipmi_host():(nil)
26615:20130108:120809.007 In allocate_ipmi_host() host:'[x.x.x.x]:623'
26615:20130108:120809.007 End of allocate_ipmi_host():0x2059f30
26615:20130108:120809.012 EINF: 0 ipmi_lan.c(got_rmcpp_open_session_rsp): Expected privilege 2, got 4
26615:20130108:120809.013 End of init_ipmi_host():0x2059f30
26615:20130108:120809.013 Item [myhost:ipmi.proliant.Inlet_Ambient] error: cannot connect to IPMI host: [22] Invalid argument
26615:20130108:120809.013 query [txnlev:1] [update hosts set ipmi_error='cannot connect to IPMI host: [22] Invalid argument',ipmi_disable_until=1357646949 where hostid=10099]

Same thing happens if I use the account with Admin-level access, but select "user" privilege in Zabbix host configuration.

Access via Linux utility 'ipmitool' works just fine using the account with User-level access:
myhost/root)#ipmitool -H myhost -U zabbix -I lanplus -L USER sdr
Password:
UID Light | 0 unspecified | ok
Health LED | 0 unspecified | ok
VRM 1 | 0 unspecified | cr
VRM 2 | 0 unspecified | cr
[...]

I would prefer Zabbix to work with restricted accounts, following the common "least required privilege" security concept.