HP StorageWorks 8/80 HP StorageWorks Fabric OS 6.2 administrator guide (5697-0 - Page 195

• Have a separate zone database for each Admin Domain. See "Admin Domains, zones, and zone databases" on page 210 for more information. • Move devices from one Admin Domain to another without traffic disruption, cable reconnects, or discontinuity in zone enforcement. • Provide strong fault and event isolation between Admin Domains. • Have visibility of all physical fabric resources. All switches, E_Ports, and FRUs (including blade information) are visible. • Implement Admin Domains in a fabric with some switches running non-AD-capable firmware versions (that is, firmware versions earlier than Fabric OS 5.2.0). • Continue to run existing third-party management applications. Prior and existing versions of third party management applications continue to work with admin and user IDs. IMPORTANT: The Admin Domain administrator can define up to 254 ADs (AD1 - AD254) in the AD database; however, HP recommends that no more than 16 active Admin Domains run concurrently. More than 16 active Admin Domains might cause performance degradation and unpredictable system behavior. Requirements for Admin Domains Implementing Admin Domains in a fabric has the following requirements: • One or more switches in the fabric must be running Fabric OS 5.2.0 or later. • Switches running Fabric OS versions earlier than 6.1.0 must have a valid Advanced Zoning license. • The default zone mode setting must be set to No Access before you create Admin Domains (see "Setting the default zone mode" on page 200 for instructions). • Virtual Fabrics must be disabled before you create Admin Domains (see "Disabling Virtual Fabrics" on page 184 for instructions). • The fabric must be in the native operating mode. Admin Domains are not supported in interoperability mode. • Gigabit Ethernet (GbE) ports cannot be members of an Admin Domain. • Traffic Isolation is supported within Admin Domains, with some restrictions, as described in "Admin Domain considerations for Traffic Isolation Routing" on page 347. • To use Admin Domains and the FC-FC Routing Service in the same fabric, the switches connecting to the FC router must be running Fabric OS 5.2.0 or later. • If the fabric includes LSAN zones: • The LSAN zone names must not end with "_ADn". • The LSAN zone names must not be longer than 57 characters. See Chapter 17 "Using the FC-FC routing service" on page 367, for more information. Admin Domain access levels Admin Domains offer a hierarchy of administrative access. To manage Admin Domains, you must be a physical fabric administrator. A physical fabric administrator is a user with the admin role and access to all Admin Domains (AD0 through AD255). Only a physical fabric administrator can perform Admin Domain configuration and management. Other administrative access is determined by your defined RBAC role and AD membership. Your RBAC role determines your access level and permission to perform an operation. Your AD membership determines the fabric resources that you can operate on. Fabric OS 6.2 administrator guide 193