Home » HP Manuals » Storage Devices » HP StorageWorks 2/16V » Manual Viewer

HP StorageWorks 2/16V Brocade Web Tools Administrator's Guide - Supporting Fab - Page 33

Admin Domains and switch WWN, Admin domains and zoning, Role-Based access control

View all HP StorageWorks 2/16V manuals

Add to My Manuals
Save this manual to your list of manuals

Page 33 highlights

Role-Based access control 1 ADMIN DOMAINS AND SWITCH WWN Admin Domains are treated as fabrics. Because switches cannot belong to more than one fabric, switch WWNs (world-wide names) are converted so that they appear as unique entities in different Admin Domains (fabrics). The switch WWN is in the following format: 10:00:nn:nn:nn:nn:nn:nn In an Admin Domain context, the switch WWN is converted from NAA=1 to NAA=5 format, with the Admin Domain number added, using the following syntax: 5n:nn:nn:nn:nn:nn:n9:xx where xx is the AdminDomain_number. For example, if the switch WWN is: 10:00:00:60:69:e4:24:e0 then the converted WWN for that switch in AD1 is: 50:06:06:9e:42:4e:09:01 ADMIN DOMAINS AND ZONING Each Admin Domain has its own zone database, with both defined and effective zone configurations and all related zone objects (zones, zone aliases, and zone members). Within an Admin Domain, you can configure zoning only with the devices that are present in that Admin Domain. Before you implement Admin Domains, you must set the default zoning mode. See "Implementing administrative domains" on page 83 for additional information. You cannot perform any zoning operations from AD255. Role-Based access control Role-Based Access Control (RBAC) defines the capabilities that a user account has based on the role the account has been assigned. For each role, there is a set of pre-defined permissions on the jobs and tasks that can be performed on a fabric and its associated fabric elements. When you log in to a switch, your user account is associated with a pre-defined role. The role that your account is associated with determines the level of access you have on that switch and in the fabric. Following is a description of each of the roles: admin You have full access to all of the Web Tools features. operator You can perform any actions on the switch that do not affect the stored configuration. securityadmin You can perform actions that do not affect the stored configuration. Web Tools Administrator's Guide 11 Publication Number: 53-1000435-01

Section	Page
Contents	5
About This Document	13
How this document is organized	13
Supported hardware and software	14
What’s new in this document	15
Document conventions	16
Text formatting	16
Notes, cautions, and warnings	16
Key terms	16
Additional information	17
Brocade resources	17
Optional Brocade features	19
Other industry resources	20
Getting technical help	20
Document feedback	21
Introducing Web Tools	23
In this chapter	23
Requirements, installation, and support	23
Requirements	23
Installing a Web Tools license	28
Value line licenses	30
Launching Web Tools	30
Administrative domains	31
Admin domains and login	32
Admin Domains and switch WWN	33
Admin domains and zoning	33
Role-Based access control	33
Session management	34
Logging In	34
Logging out	36
Requirements for IPv6 support	37
Using the Web Tools Interface	39
In this chapter	39
Viewing Switch Explorer	39
Tasks	41
Fabric Tree	41
Admin Domain Context	42
Switch View buttons	43
Switch View	43
Switch Events and Switch Information	44
Displaying tool tips	44
Refresh rates	46
Displaying switches in the fabric	46
Using Web Tools and secure mode	47
Web Tools Access and HTTP_POLICY	47
Opening modules in a secure fabric	47
Primary-FCS-only functionality	48
Disabled functionality	48
Working with Web Tools: recommendations	48
Managing Fabrics and Switches	51
In this chapter	51
Managing fabrics and switches using Web Tools	51
Opening the Switch Administration window	53
Refreshing the Switch Administration window	53
Opening the telnet window	53
Configuring IP and netmask information	54
Configuring a syslog IP address	55
Filtering IP Addresses	56
Managing blades	56
Enable or disable a blade	57
Configuring a switch	59
Enabling and disabling a switch	59
Changing the Switch Name	59
Changing the Switch Domain ID	60
Viewing and printing a switch report	60
Rebooting the switch	61
Performing a fast boot	61
Performing a reboot	61
Changing system configuration parameters	61
Configuring fabric parameters	61
Enabling insistent domain ID mode	63
Configuring virtual channel settings	64
Configuring arbitrated loop parameters	64
Configuring system services	65
Managing licensed features	65
Activating a license on a switch	66
Removing a license from a switch	67
Administering High Availability	67
Launching the High Availability Module	67
Synchronizing Services on the CP	68
Initiating a CP Failover	69
Monitoring events	70
Displaying Fabric Events	71
Displaying Switch Events	72
Filtering Fabric and Switch Events	73
Displaying a fabric summary report	75
Displaying the Name Server entries	75
Physically locating a switch using beaconing	77
Maintaining Configurations and Firmware	79
Maintaining configurations	79
Backing Up a configuration file	80
Restoring a configuration	81
Performing a firmware download	82
Managing Your Ports	85
In this chapter	85
Viewing and managing ports using Web Tools	85
Port Administration window components	87
Identifying controllable ports	88
Configuring ports	89
Configuring FC ports	89
Configuring FCIP ports	91
Configuring GbE ports	92
Assigning a name to a port	92
Enabling and disabling a port	93
Persistent enabling and disabling ports	93
Enabling and disabling NPIV ports	94
Activating ports	95
Swapping port index	97
Administering ISL Trunking	99
In this chapter	99
About Interswitch Link Trunking	99
Displaying trunk group information	100
Disabling or reenabling trunking mode on a port	100
Managing Administrative Domains	103
In this chapter	103
About administrative domains	103
Requirements for admin domains	103
User-defined admin domains	104
System-defined admin domains	104
Admin domain membership	105
Implementing administrative domains	105
Using the Admin Domain window	106
Opening the Admin Domain window	108
Refreshing fabric information	109
Refreshing admin domain information	109
Saving local admin domain changes	109
Closing the Admin Domain window	110
Creating and populating domains	110
Managing administrative domains	113
Adding and removing members	113
Renaming admin domains	115
Deleting admin domains	115
Administering Zoning	117
In this chapter	117
Introducing zoning	117
Zoning and admin domains	118
Configuring zoning	118
Opening the Zone Administration window	118
Setting the default zoning mode	119
Managing zoning with Web Tools	119
Refreshing fabric iNFOrmation	121
Refreshing Zone Administration window Information	121
Saving local zoning changes	122
Closing the Zone Administration window	123
Zoning views	123
Managing zone aliases	124
Creating and populating zone aliases	124
Adding and removing members of a zone alias	125
Renaming zone aliases	125
Deleting zone aliases	125
Managing zones	126
Creating and populating zones	126
Adding and removing members of a zone	127
Renaming zones	127
Copying zones	128
Deleting zones	128
Managing zone configurations	128
Creating zone configurations	129
Adding or removing zone configuration members	130
Renaming zone configurations	130
Copying zone configurations	131
Deleting zone configurations	131
Enabling zone configurations	131
Disabling zone configurations	132
Displaying enabled zone configurations	132
Displaying zone configuration summaries	134
Creating configuration analysis reports	135
Displaying zones Initiator/Target accessibility	135
Managing the zoning database	136
Adding a WWN to multiple aliases and zones	136
Removing a WWN from multiple aliases and zones	137
Replacing a WWN in Multiple Aliases and Zones	137
Searching for zone members	137
Clearing the Zoning Database	138
Using Zoning Wizards	138
Best practices for zoning	141
Monitoring Performance	143
In this chapter	143
Monitoring performance using Web Tools	143
Predefined performance graphs	144
User-defined graphs	147
Canvas configurations	148
Opening the Performance Monitoring window	148
Creating basic performance monitor graphs	149
Customizing basic monitoring graphs	149
Creating advanced performance monitoring graphs	151
Creating SID-DID Performance Graphs	151
Creating an SCSI vs. IP Traffic Graph	152
Creating SCSI Command Graphs	153
Creating AL_PA Error Graphs	154
Managing performance graphs	154
Saving graphs to a canvas	154
Adding graphs to a canvas	155
Printing graphs	155
Modifying graphs	156
Using the FC-FC Routing Service	157
In this chapter	157
Supported switches for fibre channel routing	157
About fibre channel routing	157
McData interoperability	158
Setting up FC-FC routing	159
Managing FC-FC routing with Web Tools	160
Launching the FC Routing module	160
Viewing and managing LSAN fabrics	161
Viewing and configuring EX_Ports	162
Viewing and configuring FCR router port cost	164
Viewing and configuring LSAN zones	164
Viewing LSAN Devices	165
Configuring the backbone fabric ID	166
Working With Diagnostic Features	169
In this chapter	169
Managing trace dumps	169
How a trace dump Is used	170
Setting up automatic trace dump transfers	170
Disabling automatic trace uploads	171
Displaying switch information	171
Displaying detailed fan hardware status	172
Displaying the temperature status	173
Displaying the power supply status	173
Checking the physical health of a switch	174
Interpreting port LEDs	176
Port icon colors	177
LED representations	177
Brocade 48000 Director LEDs	178
Administering Fabric Watch	179
In this chapter	179
Introduction to Fabric Watch	179
Using Fabric Watch with Web Tools	180
Configuring Fabric Watch thresholds	181
Configuring threshold traits	181
Configuring threshold alarms	183
Enabling or disabling threshold alarms for individual elements	183
Configuring alarms for FRUs	184
Displaying Fabric Watch alarm information	185
Displaying an alarm configuration Report	185
Displaying alarms	185
Configuring email notifications	186
Configuring the email server on a switch	186
Configuring the email alert recipient	186
Administering Extended Fabrics	189
In this chapter	189
About extended link buffer allocation	189
Configuring a port for long distance	191
Administering the iSCSI Target Gateway	193
In this chapter	193
Supported platforms for iSCSI	193
About the iSCSI service	193
Common Functions in the iSCSI Target Gateway Admin module	194
Terminology	195
Saving Changes	196
Setting up iSCSI Target Gateway Services	196
Launching the iSCSI Target Gateway Admin Module	197
Activating the iSCSI Feature	198
Configuring the IP Interface	198
Managing the iSCSI Virtual Targets	201
Viewing iSCSI Initiators	203
Managing Discovery Domains	204
Configuring CHAP	207
Configuring an iSCSI Fibre Channel Zone	209
Managing and Troubleshooting Accessibility	211
Using the Access Gateway	213
Enabling Access Gateway mode	213
Displaying the port mapping	214
Configuring port maps	215
Enabling failover and failback policies	215
Converting ports	216
Routing Traffic	219
In this chapter	219
About routing	219
Displaying FSPF routing	220
Enabling and disabling dynamic load sharing	221
Specifying frame order delivery	221
Configuring link cost	222
Configuring Standard Security Features	223
In this chapter	223
Creating and maintaining user-defined accounts	223
Creating and Deleting User-Defined Accounts	225
Changing Account Parameters	227
Maintaining Passwords	228
Configuring access control list policies	231
Configuring SNMP	233
Setting SNMP Trap Levels	233
Configuring SNMP Information	234
Managing RADIUS service	235
Enabling and Disabling RADIUS Service	237
Configuring the RADIUS Service	238
Modifying the RADIUS Server	238
Modifying the RADIUS Server Order	239
Removing a RADIUS Server	239
Administering FICON CUP Fabrics	241
In this chapter	241
About FICON CUP fabrics	241
Enabling port-based routing on the Brocade 4100, 5000, and 48000	242
Enabling or disabling FMS mode	243
Configuring FMS parameters	244
Displaying code page information	245
Displaying the control device state	245
Configuring CUP port connectivity	246
Displaying CUP Port Connectivity Configurations	247
Creating or Editing CUP Port Connectivity Configurations	248
Activating a CUP Port Connectivity Configuration	250
Copying a CUP Port Connectivity Configuration	250
Deleting a CUP Port Connectivity Configuration	250
Limitations	253
In this chapter	253
General Web Tools limitations	253
Platform-specific limitations	257

Match case Limit results 1 per page

Web Tools Administrator’s Guide

Publication Number: 53-1000435-01

Role-Based access control

ADMIN DOMAINS AND SWITCH WWN

Admin Domains are treated as fabrics. Because switches cannot belong to more than one fabric,

switch WWNs (world-wide names) are converted so that they appear as unique entities in different

Admin Domains (fabrics).

The switch WWN is in the following format:

10:00:

In an Admin Domain context, the switch WWN is converted from NAA=1 to NAA=5 format, with the

Admin Domain number added, using the following syntax:

where

is the AdminDomain_number.

For example, if the switch WWN is:

10:00:00:60:69:e4:24:e0

then the converted WWN for that switch in AD1 is:

50:06:06:9e:42:4e:09:01

ADMIN DOMAINS AND ZONING

Each Admin Domain has its own zone database, with both defined and effective zone

configurations and all related zone objects (zones, zone aliases, and zone members). Within an

Admin Domain, you can configure zoning only with the devices that are present in that Admin

Domain.

Before you implement Admin Domains, you must set the default zoning mode. See

“Implementing

administrative domains”

on page 83 for additional information.

You cannot perform any zoning operations from AD255.

Role-Based access control

Role-Based Access Control (RBAC) defines the capabilities that a user account has based on the

role the account has been assigned. For each role, there is a set of pre-defined permissions on the

jobs and tasks that can be performed on a fabric and its associated fabric elements.

When you log in to a switch, your user account is associated with a pre-defined role. The role that

your account is associated with determines the level of access you have on that switch and in the

fabric. Following is a description of each of the roles:

admin

You have full access to all of the Web Tools features.

operator

You can perform any actions on the switch that do not affect the stored

configuration.

securityadmin

You can perform actions that do not affect the stored configuration.