Brocade Fabric OS Command Reference Manual (53-1000240-01, November 2006)
Fabric OS Command Reference Manual A-1
Publication Number: 53-1000240-01
Appendix
A
RBAC Command Availability
This appendix explains how a command is validated when it is typed at the command prompt.
A command must be validated based on the user accountâs role before the command is executed.
Validation is done with these checks, in this order:
1. Active/Standby availability: on chassis-based systems, check that the command is available on the
Control Processor (CP).
2. RBAC availability: check that the invoking userâs role is permitted to invoke the command. If the
command modifies system state, the user's role must have modify permission for the command. If
the command only displays system state, the user's role must have observe permission for the
command. Some commands both observe and modify system state and thus require observe-modify
permission.
3. Admin Domain availability: check that the command is allowed in the currently selected Admin
Domain.
4. Command-specific: checks such as whether the command is supported on the platform for which it
is targeted, etc.
Refer to Table 1-1 for the RBAC availability of all commands, as used by Fabric OS in Step 2.
Table 1-1 RBAC Availability of All Commands (O = observe, OM = observe-modify, N =
none/not available)
Command Name User Oper
ator
Switch
Admin
Zone
Admin
Fabric
Admin
Basic
Switch
Admin
Admin
authUtil N N N N N N OM
aaaConfig N N N N N N OM
ad N N N N N N OM
agshow O OM OM O OM O OM
agtcfgDefault O O OM N OM O OM
agtcfgSet OOOM N OM O OM
agtcfgShow OOOM N OM O OM
aliAdd O O O OM OM O OM
aliCreate O O O OM OM O OM
aliDelete O O O OM OM O OM
aliRemove O O O OM OM O OM
aliShow O O O OM OM O OM