Manualshelf

Brocade Web Tools Administrator's Guide v6.0.0 (53-1000606-01, April 2008)

ManualsBrandsHP ManualsStorageBrocade BladeSystem 4/24 SAN Switch
31323334353637383940
Web Tools Administrator’s Guide 15
53-1000606-01
Role-Based Access Control
1
Before you implement Admin Domains, you must set the default zoning mode. See “Enabling
administrative domains” on page 83 for additional information.
You cannot perform any zoning operations from AD255.
Role-Based Access Control
Role-Based Access Control (RBAC) defines the capabilities that a user account has based on the
role the account has been assigned. For each role, there is a set of pre-defined permissions on the
jobs and tasks that can be performed on a fabric and its associated fabric elements.
When you log in to a switch, your user account is associated with a pre-defined role. The role that
your account is associated with determines the level of access you have on that switch and in the
fabric. Following is a description of each of the roles:
For information about changing user account roles, see “Creating and maintaining user-defined
accounts” on page 209.
Session management
A Web Tools session is the connection between the Web Tools client and its managed switch. A
session is established when you log in to a switch through Web Tools. When you close Switch
Explorer, Web Tools ends the session.
A session remains in effect until one of the following happens:
You log out
You close the Switch Explorer window
The session ends due to inactivity (time out)
A session automatically ends if there has been no information sent to the switch for more than two
hours. Because user key strokes are not sent to the switch until you apply or save the information,
it is possible for your session to end while you are entering information in the interface. For
example, entering a zoning scheme in the Zoning module does not require you to send information
to the switch until you save the scheme.
admin You have full access to all of the Web Tools features.
operator You can perform any actions on the switch that do not affect the stored configuration.
securityadmin You can perform actions that do not affect the stored configuration.
switchadmin You can perform all actions on the switch, except the following:
You cannot modify zoning configurations.
You cannot create new accounts.
You cannot view or change account information for any accounts. You can only view
your own account and change your account password.
zoneadmin You can only create and modify zones.
fabricadmin You can do everything the Admin role can do except create new users.
basicswitchadmin You have a subset of Admin level access.
user You have nonadministrative access and can perform tasks such as monitoring system
activity.