Manualshelf

HP StorageWorks Fabric OS 6.x administrator guide (5697-7344, March 2008)

ManualsBrandsHP ManualsStorageHP DC04 SAN Director Switch
61626364656667686970
Fabric OS 6.x administrator guide 61
Configuring the local user database
This section covers the following topics:
Distributing the local user database” on page 61
Protecting the local user database from distributions” on page 61
Configuring password policies” on page 62
Distributing the local user database
Distributing the local switch user database and passwords to other switches in the fabric causes the
distributed database to replace (overwrite) the database on the target switch. The ‘Locked’ status of a user
account is not distributed as part of local user database distribution.
When distributing the user database, the database may be rejected for one of the following reasons:
One of the target switches does not have Fabric OS 5.3.0 or later.
One of the target switch’s user database is protected.
Distribute the user database and password policies only to Fabric OS 5.2.0 or later switches; the
distribution command fails if any of the target switches are an earlier version.
To distribute the local user database:
When distributing the local user database, all user-defined accounts residing in the receiving switches will
be logged out of any active sessions.
1. Connect to the switch and log in using an admin account.
2. Enter the following command:
distribute -p PWD -d <switch_list>
where <switch_list> is a semicolon-separated list of switch Domain IDs, switch names, or switch WWN
addresses. You can also specify -d “*” to send the local user database only to Fabric OS 5.2.0 or later
switches in the fabric.
Protecting the local user database from distributions
Fabric OS 5.2.0 and later allows you to distribute the user database and passwords to other switches in
the fabric. When the switch accepts a distributed user database, it replaces the local user database with
the user database it receives.
By default, Fabric OS 6.x switches accept the user databases and passwords distributed from other
switches. This section explains how to protect the local user database from being overwritten.
To accept distribution of user databases on the local switch:
1. Connect to the switch and log in using an admin account.
2. Enter the following command:
fddCfg --localaccept PWD
where PWD is the user database policy. Other supported policy databases are SCC, DCC, AUTH,
FCS, and IPFILTER.
To reject distributed user databases on the local switch:
1. Connect to the switch and log in using an admin account.
2. Enter the following command:
fddCfg --localreject PWD