Brocade OS Command Reference Manual Supporting Fabric OS v6.0.0 (53-1000599-01, October 2007)

ManualsBrandsHP ManualsComputer AccessoriesHP DC SAN Director Switch Multiprotocol Extension Blade Option

721

722

723

724

725

726

727

728

729

730

Fabric OS Command Reference 699

53-1000599-01

Appendix

Command Availability

This appendix explains how a command is validated when it is typed at the command prompt.

Command Validation Checks

Before a command is executed, it is validated against the following checks:

1. Active/Standby availability: on chassis-based systems, check that the command is available on

the Control Processor (CP).

2. Role Based Access Control (RBAC) availability: check that the invoking user’s role is permitted

to invoke the command. If the command modifies system state, the user's role must have

modify permission for the command. If the command only displays system state, the user's role

must have observe permission for the command. Some commands both observe and modify

system state and thus require observe-modify permission. The following RBAC permissions are

supported:

• O = observe

• OM = observe-modify,

• N = none/not available

3. Admin Domain availability: check that the command is allowed in the currently selected Admin

Domain. For information on Admin Domain concepts and restrictions, refer to the Fabric OS

Administrator’s Guide.

Admin Domain Types are one or more of the following. If more than one AD type is listed for a

command, the AD type is option specific. Display options may be allowed, but set options may

be subject to Admin Domain restrictions.

• SwitchMember = Allowed to execute only if the local switch is part of the current AD.

• Allowed = Allowed to execute in all ADs.

• PhysFabricOnly = Allowed to execute only in AD255 context (and the user should own

access to AD0-AD255 and have admin RBAC privilege).

• Disallowed = Only allowed to execute in AD0 or AD255 context, not allowed in

AD1-AD254 context.

• PortMember = All control operation allowed only if the port or the local switch is part

of the current AD. View access allowed if the device attached to the port is part of

current AD.

• AD0Disallowed = Allowed to execute only in AD255 and AD0 (if no ADs are

configured).

• AD0Only = Allowed to execute only in AD0 when ADs are not configured.

4. Command-specific: checks such as whether the command is supported on the platform for

which it is targeted, etc.