Manualshelf

Brocade Web Tools Administrator's Guide v6.0.0 (53-1000606-01, April 2008)

ManualsBrandsHP ManualsStorageBrocade BladeSystem 4/24 SAN Switch
221222223224225226227228229230
Web Tools Administrator’s Guide 209
53-1000606-01
Chapter
18
Configuring Standard Security Features
In this chapter
This chapter contains the following information:
Creating and maintaining user-defined accounts . . . . . . . . . . . . . . . . . . . . 209
Configuring access control list policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Configuring an authentication policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
Configuring SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
Managing RADIUS service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Creating and maintaining user-defined accounts
In addition to the default accounts—root, factory, admin, and user—Fabric OS supports up to 256
user-defined accounts in each logical switch (domain). These accounts expand your ability to track
account access and audit administrative activities.
Each user-defined account is associated with the following:
Admin Domain list—Specifies what Admin Domains a user account is allowed to log in to.
Home Admin Domain—Specified the Admin Domain that the user is logged in to by default. The
home Admin Domain must be a member of the user’s Admin Domain list.
Role—Determines functional access levels within the bounds of the user’s current Admin
Domain.
Access rights for any user session are determined both by the user’s role-based access rights and
by the contents of the currently selected Admin Domain. See Chapter 1, “Introducing Web Tools” for
additional information about Admin Domains and Role-Based Access Control (RBAC).
The User tab of the Switch Administration window (see Figure 99 on page 211) displays account
information. You can create and manage accounts depending on your role:
TABLE 14 User role and permissions
Role Permissions
admin Create and manage all predefined and user-defined accounts
operator Change your own password and cannot create, modify, or view predefined or
user-defined accounts
securityadmin Create and manage all security roles.
switchadmin Change your own password and cannot create, modify, or view predefined or
user-defined accounts
zoneadmin Change your own password and cannot create, modify, or view predefined or
user-defined accounts