Brocade Fabric OS Command Reference Manual Supporting Fabric OS v6.3.0 (53-1001337-01, July 2009)
Fabric OS Command Reference 1
53-1001337-01
Chapter
1
Using Fabric OS Commands
In this chapter
•Understanding role-based access control . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
•Understanding Virtual Fabric restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
•Understanding Admin Domain restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
•Using the command line interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Understanding role-based access control
Fabric OS implements Role-Based Access Control (RBAC) to control access to all Fabric OS
operations.
Seven roles are supported, as defined in Table 1. Role definitions are guided by perceived common
operational situations and the operations and effects a role is permitted to have on a fabric and
individual fabric elements.
TABLE 1 Role definitions
Role Name Definition
User Non-administrative use, such as monitoring system activity.
In Fabric OS v6.2.0 and later, the user account gains
access to Fabric ID 128. This is the default Logical Fabric
after a firmware upgrade.
Operator A subset of administrative tasks typically required for
routine maintenance operations.
SwitchAdmin Administrative use excluding security, user management,
and zoning.
ZoneAdmin Zone management only.
FabricAdmin Administrative use excluding user management and Admin
Domain management.
BasicSwitchAdmin A subset of administrative tasks, typically of a more limited
scope and effect.
Admin May perform all administrative tasks, including encryption
and chassis commands.
SecurityAdmin Administrative use including admin, encryption, security,
user management, and zoning.