HP Brocade 8/12c Brocade Network Advisor SMI Agent Developer's Guide - Page 13
Connecting to the Fabric, In this Role-Based Access Control
![]() |
View all HP Brocade 8/12c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 13 highlights
Connecting to the Fabric Chapter 1 In this chapter •Role-Based Access Control 1 •Admin Domains and Brocade Network Advisor SMI Agent 2 •Connecting to the Brocade Network Advisor SMI Agent 2 •Discovering a fabric and a host 3 Role-Based Access Control Role-Based Access Control (RBAC) defines the capabilities that a user account has based on the role the account has been assigned. For each role, there is a set of pre-defined permissions on the jobs and tasks that can be performed on a fabric and its associated fabric elements. The RBAC check is performed based on the value of the Storage Management Initiative (SMI) Agent Operations privilege for Common Information Model Object Manager (CIMOM) client requests. The following responses are received for the different values of the SMI Agent Operations privilege: • No Access - If you query the CIMOM without the SMI Agent Operations privilege, the following WBEM Exception is returned. CIM_ERR_ACCESS_DENIED: The specified principal does not have access to perform this operation. • Read Only Access - If you have the Read Only Access privilege and try to perform any write operation on any of the profiles, the following WBEM Exception is returned. CIM_ERR_ACCESS_DENIED: The specified principal does not have access to perform this operation. The user is not restricted to perform the WBEM queries. • Read/Write Access - No restriction is imposed on any user who has Read/Write Access for the SMI Agent Operations privilege. • All the Resource Grouping (fabrics and hosts) performed through the user management dialog boxes is honored by the CIMOM. The resource grouping is not be applicable for filtering out indications. The indications from all the fabrics managed by Brocade Network Advisor is delivered irrespective of the resource grouped by the user. • If you select the Authentication mode as No Authentication, then all the previously specified RBAC checks are performed on the credentials provided by you in the Authentication tab of the Configuration Tool and the previously described behavior is observed. • If a user A changes the password of a user B who has logged in to CIMOM, the user B can continue querying the CIMOM until Brocade Network Advisor expires the user B session. You can retrieve all the information from the interop namespace and can perform the getclass operations even if there is no access for the SMI Agent Operations privilege. Refer to the Brocade Network Advisor User Manual for more information about RBAC. Brocade Network Advisor SMI Agent Developer's Guide 1 53-1002169-01
![](/manual_guide/products/hewlettpackard-brocade-812c-brocade-network-advisor-smi-agent-developer039s-guide-v1110-53100216901-2011-7dd45ca/13.png)