Manualshelf

Brocade Fabric OS Command Reference Manual Supporting Fabric OS v6.4.0 (53-1001764-01, March 2010)

ManualsBrandsHP ManualsStorageBrocade 8/24c SAN Switch for BladeSystem c-Class
31323334353637383940
Fabric OS Command Reference 1
53-1001764-01
Chapter
1
Using Fabric OS Commands
In this chapter
Understanding role-based access control . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Understanding Virtual Fabric restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Understanding Admin Domain restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Using the command line interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Understanding role-based access control
Fabric OS implements Role-Based Access Control (RBAC) to control access to all Fabric OS
operations.
Seven roles are supported, as defined in Table 1. Role definitions are guided by perceived common
operational situations and the operations and effects a role is permitted to have on a fabric and
individual fabric elements.
Appendix A, “Command Availability” explains the Role-Based Access Control checks in place to
validate command execution, and provides the RBAC permissions for the commands included in
this manual.
Additional command restrictions apply depending on whether Virtual Fabrics or Admin Domains
are enabled in a fabric.
TABLE 1 Role definitions
Role Name Definition
User Non-administrative use, such as monitoring system activity. In Fabric
OS v6.2.0 and later, the user account gains access to Fabric ID 128.
This is the default Logical Fabric after a firmware upgrade.
Operator A subset of administrative tasks typically required for routine
maintenance operations.
SwitchAdmin Administrative use excluding security, user management, and zoning.
ZoneAdmin Zone management only.
FabricAdmin Administrative use excluding user management and Admin Domain
management.
BasicSwitchAdmin A subset of administrative tasks, typically of a more limited scope and
effect.
Admin All administrative tasks, including encryption and chassis commands.
SecurityAdmin Administrative use including admin, encryption, security, user
management, and zoning.