Hardware manual
Group Administration Group security
4–4
Administrators accounts have these restrictions:
• You cannot change the name of an administration account. In
stead, you must delete the account and then re-
create it with the new name.
• You cannot disable, delete, change the name, or change the type of the
grpadmin account.
• Only group administrator accounts can change the attributes
of accounts, with the exception of the grpadmin
account restrictions above.
• Volume administrator, pool administrator, and read-only accounts can only change
the password, description,
and contact information for their accounts.
Administration account attributes
Table 4-5 displays the attributes of administration accounts. The first column lists the attributes, the second column
describes them. Gather this information before crea
ting an account.
Volume administrator Assigned a quota of storage to manage within one or more pools. They can create and manage
volumes within their quota, and can perform all operations on volumes they own.
Volume administrators can view information only for pools and volumes to which they have
access. For sec
urity purposes, the volume administrator has a limited view of group and pool
configuration settings, and cannot view information, such as the SNMP Community Name or
event log, that might enable them to gain additional access.
Group and pool administrators can assign existing volumes to a volume administrator. If a volume
is assi
gned to
another administrator account, the volume administrator can no longer view or
modify it.
Volume administrators cannot exceed their quotas by
creating or modifying volumes, and cannot
be assigned volumes by group or pool administrators if the capacity of the volume exceeds the
free space within the quota.
Volume administrators cannot modify their quotas, reassign volumes to other administrators, or
chang
e
the pools, volumes, or replication partners to which they have access.
Table 4-5: Administration Account Attributes
Attribute Description
Name Name of the account, up to 16 alphanumeric characters, includi
ng period (.), hyphen (-), and
underscore (_). The first character must be a letter or number. The last character cannot be a period.
Password Password for the account. The password must be from 3 to
16 a
lphanumeric characters and is case-
sensitive. However, validation occurs only for the first 8 characters.
Description Optional description for the account.
Table 4-4: Types of Administrator Accounts (Continued)
Account Type Description