Dell PowerEdge M820 8/4 Gbps FC SAN Module Administrator's Guide - Page 45
Understanding role-based access control
View all Dell PowerEdge M820 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 45 highlights
Command Reference Appendix B Understanding role-based access control The FC SAN Module commands use Role-Based Access Control (RBAC) to control access to all FC SAN Module OS operations. Seven roles are supported, as defined in Table 6. Role definitions are guided by perceived common operational situations and the operations and effects a role is permitted to have on a fabric and individual fabric elements. TABLE 6 Role definitions Role Name Definition User Non-administrative use, such as monitoring system activity. In OS v6.2.0 and later, the user account gains access to Fabric ID 128. This is the default Logical Fabric after a firmware upgrade. Operator A subset of administrative tasks typically required for routine maintenance operations. SwitchAdmin Administrative use excluding security, user management, and zoning. ZoneAdmin Zone management only. FabricAdmin Administrative use excluding user management and Admin Domain management. BasicSwitchAdmin A subset of administrative tasks, typically of a more limited scope and effect. Admin May perform all administrative tasks, including encryption and chassis commands. SecurityAdmin Administrative use including admin, encryption, security, user management, and zoning. Additional command restrictions apply depending on whether Virtual Fabrics or Admin Domains are enabled in a fabric. NOTE Virtual Fabrics and Admin Domains are mutually exclusive and are not supported at the same time on a switch. To use Admin Domains, you must first disable Virtual Fabrics; to use Virtual Fabrics, you must first delete all Admin Domains. Use ad --clear -f to remove all Admin Domains. Dell 8/4Gbps FC SAN Module Administrator's Guide 31 53-1001345-01