Cisco MDS 9000 Family Storage Media Encryption Configuration Guide - Release 4.x (OL-18091-01, February 2009)

ManualsBrandsHP ManualsStorageCisco MDS 9140 Multilayer Fabric Switch Chassis

Send documentation comments to mdsfeedback-doc@cisco.com

2-12

Cisco MDS 9000 Family Storage Media Encryption Configuration Guide

OL-18091-01, Cisco MDS NX-OS Release 4.x

Chapter 2 Getting Started

Before You Begin

Step 4 From the role drop-down menu, select either sme-admin, sme-kmc-admin, sme-stg-admin, or

sme-recovery.

Step 5 Click Add.

Creating and Assigning Cisco SME Roles Using the CLI

For detailed information on creating and assigning roles, refer to the Cisco MDS 9000 Family CLI

Configuration Guide.

To create a Cisco SME role or to modify the profile for an existing Cisco SME role, follow these steps:

Note Only users belonging to the network-admin role can create roles.

Note The four security roles required by Cisco SME can be implicitly created by using the setup sme

command. For VSAN-based access control, you must create the custom roles.

Installing Fabric Manager, Fabric Manager Client, and Enabling HTTPS

To be able to manage Cisco SME, you need to install Fabric Manager Server Enterprise edition. For

information on installing Cisco Fabric Manager, refer to the installation chapters of the

Cisco MDS 9000

Family Fabric Manager Configuration Guide.

Note To configure Cisco SME, the Fabric Manager user credentials must be the same as the switch user.

Command Purpose

Step 1

switch# config t

Enters configuration mode.

Step 2

switch(config)# role name sme-admin

switch(config-role)#

Places you in the mode for the specified role (sme-admin).

Note: The role submode prompt indicates that you are

now in the role submode. This submode is now specific to

Cisco SME.

Step 3

switch(config)# no role name

sme-admin

Deletes the role called sme-admin.

Step 4

switch(config-role)# rule 1 permit

read-write feature sme-stg-admin

Allows you to add Cisco SME configuration commands.

Step 5

switch(config-role)# rule 2 permit

read feature sme-stg-admin

Allows you to add Cisco SME show commands.

Step 6

switch(config-role)# rule 3 permit

debug feature sme

Allows you to add Cisco SME debug commands to the

sme-admin role.

Step 7

switch(config-role)# description SME

Admins

Assigns a description to the new role. The description is

limited to one line and can contain spaces.

Step 8

switch(config)# username usam role

sme-admin

Adds the specified user (usam) to the sme-admin role.