HP StorageWorks Fabric OS 6.1.1 administrator guide (5697-0235, December 2009)
164 Managing administrative domains
• If you do not specify one, the home Admin Domain is the lowest valid Admin Domain in the
numerically-sorted AD list.
• Users can log in to their Admin Domains and create their own Admin Domain-specific zones and zone
configurations.
• Adding an Admin Domain list, home Admin Domain, and role to a user configuration is backward
compatible with pre-Fabric OS 5.2.0 firmware. When you downgrade to pre-Fabric OS 5.2.0
firmware, the userConfig command records are interpreted using legacy logic.
To create a new user account for managing Admin Domains:
1. Connect to the switch and log in as admin.
2. Issue the userconfig
--add command using the -r option to set the role, the -a option to provide
access to Admin Domains, and the -h option to specify the home Admin Domain.
userconfig --add username -r role -h home_AD -a "AD_list"
where username is the name of the account, role is the user account role, home_AD is the home Admin
Domain, and AD_list is the list of Admin Domains to which the user account will have access.
The following example creates new user account ad1admin with an admin role and assigns one Admin
Domain, blue_ad1, to it. This example also assigns blue_ad1 as the user’s home Admin Domain.
switch:admin> userconfig --add ad1admin -r admin -h blue_ad1 -a "blue_ad1"
The next example creates new user account ad2admin with an admin role, access to Admin Domains 1
and 2, and home Admin Domain set to 2.
switch:admin> userconfig --add ad2admin -r admin -h 2 -a "1,2"
To assign Admin Domains to an existing user account:
1. Connect to the switch and log in as admin.
2. Issue the userConfig
--addad command using the -a option to provide access to Admin Domains
and the -h option to specify the home Admin Domain.
userconfig --addad username -h home_AD -a "AD_list"
where username is the name of the account, home_AD is the home Admin Domain, and AD_list is the
list of Admin Domains to which the user account will have access.
The following example assigns Admin Domain green_ad2 to the existing user account ad1admin.
switch:admin> userconfig --addad ad1admin -r admin -a "green_ad2"
To create a new physical fabric administrator user account:
1. Connect to the switch and log in as admin.
2. Issue the userconfig
--add command using the -r option to set the role to admin and the -a
option to provide access to Admin Domains 0 through 255.
userconfig --add username -r admin -h home_AD -a "0-255"
where username is the name of the account and home_AD is the home Admin Domain.
The following example creates new user account pf_admin1 with an admin role, access to all Admin
Domains (AD0 through AD255), and home Admin Domain set to 255. This user account is now a
physical fabric administrator.
switch:admin> userconfig --add pf_admin1 -r admin -h 255 -a "0-255"
Removing an Admin Domain from a user account
When you remove an Admin Domain from an account, all of the currently active sessions for that account
are logged out.
1. Connect to the switch and log in using an account assigned to the admin role.
2. Issue the following command:
userconfig --deleted username [-h admindomain_ID] [-a
admindomain_ID_list]