HP StorageWorks 2/32 Brocade Fabric OS Command Reference Manual (53-1000240-01 - Page 598
secModeEnable, Operands, currentpwd, lockdown, lockdown=scc
View all HP StorageWorks 2/32 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 598 highlights
2 Note: Enter commands in lowercase only; mixed case is for readability. secModeEnable Note Ensure that all users (using Fabric OS CLI or Web Tools) are logged off the fabric before enabling secure mode; otherwise, users on non-FCS switches lose their telnet sessions. It is recommended that a maximum of 80 WWNs be specified in the FCS policy using the secModeEnable command. To add more WWNs use the secPolicyAdd command. User accounts that are forcefully expired while in non-secure mode cannot be used when secure mode is enabled. Passwords of such user accounts can be changed only after secure mode is disabled. Use the userRename command to change the user-level ID to "user" and the admin-level ID to "admin" on the local switch if the following error message displays after you issue the secModeEnable command: Switch does not have all default account names. Operands This command has the following operand: list_of_switches Specify a list of switches for the FCS policy. The list of switches must be enclosed in quotation marks, and each member switch must be separated from the others by semicolons. The members can be specified using domain, WWN, or switch name format, as follows: "5; 10:00:00:60:69:00:00:20; star1" If a member is specified by domain or switch name, the switch must be in the fabric or the command fails. This operand is optional. If no operand is specified, the session becomes interactive and you are prompted to enter FCS member values. --fcs list_of_switches Specify a list of switches for the FCS policy. Specifying "*" defaults this to all the switches currently present in the fabric. If a member is specified by domain or switch name, the switch must be in the fabric or the command fails. If the list of FCS switches is not specified, the session becomes interactive and the user is prompted to enter FCS members. --currentpwd Use the current passwords of the switch the command is run on (the primary FCS switch) for root, factory, admin and user accounts. Non-FCS admin account password is set the same as FCS admin account password. The command does not prompt for new passwords. Only sessions whose account password has changed are logged out. This option can be used only on a fabric with secure mode disabled and only when the command is run on the switch specified as the primary FCS switch. --lockdown[=scc |=dcc] Create SCC and DCC policies to lockdown the fabric. SCC policy is populated with all the switches present in the fabric when the command is executed. DCC policies are populated with the devices present in the fabric when the command is executed, locking down devices on a per port basis. Ports with no devices attached to them also are locked down with an empty DCC policy so no device can be connected to them, preserving the fabric as is. The lockdown operand creates both SCC and DCC policies, with the optional argument of --lockdown=scc or --lockdown=dcc, only the specified policy is created. This operand can be used only on a fabric with secure mode disabled and only when the command is run on the switch specified as the primary FCS switch. 2-564 Fabric OS Command Reference Manual Publication Number: 53-1000240-01