Developers Guide

62 Fabric OS Troubleshooting and Diagnostics Guide
53-1003141-01
Device authentication
6
Password recovery options
Table 12 describes the options available when one or more types of passwords are lost.
Symptom User is unable to modify switch settings.
Probable cause and recommended action
The most common error when managing user accounts is not setting up the default Admin Domain
and access control list or Role-Based Access Control (RBAC).
Errors such as a user not being able to run a command or modify switch settings are usually related
to what role the user has been assigned.
Device authentication
Symptom Switch is unable to authenticate device.
Probable cause and recommended action
When the device authentication policy is set to ON, the switch expects a FLOGI with the FC-SP bit
set. If this bit is not set, the switch rejects the FLOGI with reason LS_LOGICAL_ERROR (0x03), in the
switch log with the explanation of “Authentication Required”(0x48), and disables the port. Set the
device authentication policy mode on the switch to ON.
Symptom Switch is unable to form an F_Port.
Probable cause and recommended action
Regardless of the device authentication policy mode on the switch, the F_Port is disabled if the
DH-CHAP protocol fails to authenticate. If the HBA sets the FC-SP bit during FLOGI and the switch
sends a FLOGI accept with FC-SP bit set, then the switch expects the HBA to start the
AUTH_NEGOTIATE. From this point on until the AUTH_NEGOTIATE is completed, all ELS and CT
frames, except the AUTH_NEGOTIATE ELS frame, are blocked by the switch. During this time, the
Fibre Channel driver rejects all other ELS frames. The F_Port does not form until the
AUTH_NEGOTIATE is completed. It is the HBA's responsibility to send an Authentication Negotiation
ELS frame after receiving the FLOGI accept frame with the FC-SP bit set.
TABLE 12
Password recovery options
Topic Solution
If all the passwords are forgotten, what is the
password recovery mechanism? Are these
procedures non-disruptive recovery procedures?
Contact your switch service provider. A non-disruptive
procedure is available.
If a user has only the root password, what is the
password recovery mechanism?
Use the passwd command to set other passwords.
Use the passwdDefault command to set all passwords to
default.
How to recover boot PROM password? Contact your switch service provider and provide the
recovery string.
How to recover a user, admin, or factory password? Refer to “Passwords” on page 61 for more information on
recovering these passwords.