HP StorageWorks 8/80 HP StorageWorks Fabric OS 6.1.x administrator guide (5697 - Page 55
Managing user accounts
View all HP StorageWorks 8/80 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 55 highlights
2 Managing user accounts This chapter provides information and procedures on managing authentication and user accounts for the switch management channel. Overview In addition to the default accounts-root, factory, admin, and user-Fabric OS supports up to 252 additional user-defined accounts in each logical switch (domain). These accounts expand your ability to track account access and audit administrative activities. Each user-defined account is associated with the following: • Admin Domain list-Specifies what Admin Domains a user account is allowed to log in to. • Home Admin Domain-Specifies the Admin Domain that the user is logged in to by default. The home Admin Domain must be a member of the user's Admin Domain list. • Role-Determines functional access levels within the bounds of the user's current Admin Domain. Fabric OS provides three options for authenticating users-remote RADIUS services, remote LDAP service, and the local switch user database. All options allow users to be centrally managed using the following methods: • Remote RADIUS servers-Users are managed in a remote RADIUS server. All switches in the fabric can be configured to authenticate against the centralized remote database. • Remote LDAP servers-Users are managed in a remote LDAP server. All switches in the fabric can be configured to authenticate against the centralized remote database. • Local user database-Users are managed using the local user database. The local user database is manually synchronized using the distribute command to push a copy of the switch's local user database to all other Fabric OS 5.3.0 and later switches in the fabric. Accessing the management channel The total number of sessions on a switch may not exceed 32. Table 7 shows the number of simultaneous login sessions allowed for each role. The roles are displayed in alphabetic order which does not reflect their importance. Table 7 Maximum number of simultaneous sessions Role name Maximum sessions Admin 2 BasicSwitchAdmin 4 FabricAdmin 4 Operator 4 SecurityAdmin 4 SwitchAdmin 4 User 4 ZoneAdmin 4 Fabric OS 6.1.x administrator guide 55