Manualshelf

HP StorageWorks Fabric OS 6.x administrator guide (5697-7344, March 2008)

ManualsBrandsHP ManualsStorageHP DC04 Power Pack+ SAN Director Switch
51525354555657585960
Fabric OS 6.x administrator guide 53
2 Managing user accounts
This chapter provides information and procedures on managing authentication and user accounts for the
switch management channel.
Overview
In addition to the default accounts—root, factory, admin, and user—Fabric OS supports up to 252
additional user-defined accounts in each logical switch (domain). These accounts expand your ability to
track account access and audit administrative activities.
Each user-defined account is associated with the following:
Admin Domain list—Specifies what Admin Domains a user account is allowed to log in to.
Home Admin Domain—Specifies the Admin Domain that the user is logged in to by default. The home
Admin Domain must be a member of the user’s Admin Domain list.
Role—Determines functional access levels within the bounds of the user’s current Admin Domain.
Fabric OS provides three options for authenticating users—remote RADIUS services, remote LDAP service,
and the local switch user database. All options allow users to be centrally managed using the following
methods:
Remote RADIUS servers—Users are managed in a remote RADIUS server. All switches in the fabric
can be configured to authenticate against the centralized remote database.
Remote LDAP servers—Users are managed in a remote LDAP server. All switches in the fabric can
be configured to authenticate against the centralized remote database.
Local user database—Users are managed using the local user database. The local user database
is manually synchronized using the distribute command to push a copy of the switch’s local user
database to all other Fabric OS 5.3.0 and later switches in the fabric.
Accessing the management channel
Table 7 shows the number of simultaneous login sessions allowed for each role. The roles are displayed in
alphabetic order which does not reflect their importance.
Table 7 Maximum number of simultaneous sessions
Role name Maximum sessions
Admin 2
BasicSwitchAdmin 4
FabricAdmin 4
Operator 4
SecurityAdmin 4
SwitchAdmin 4
User 4
ZoneAdmin 4