Brocade Web Tools Administrator's Guide (53-0000194-01, November 2006)

Web Tools Administrator’s Guide 17-1
Publication Number: 53-0000194-01
Chapter
17
Configuring Standard Security Features
This chapter contains the following information:
“Creating and Maintaining User-Defined Accounts,”
“Configuring Access Control List Policies” on page 17-9
“Configuring SNMP” on page 17-12
“Managing RADIUS Service” on page 17-15
Creating and Maintaining User-Defined Accounts
In addition to the default accounts—root, factory, admin, and user—Fabric OS supports up to 256 user-
defined accounts in each logical switch (domain). These accounts expand your ability to track account
access and audit administrative activities.
Each user-defined account is associated with the following:
Admin Domain list—Specifies what Admin Domains a user account is allowed to log in to.
Home Admin Domain—Specified the Admin Domain that the user is logged in to by default. The
home Admin Domain must be a member of the users Admin Domain list.
Role—Determines functional access levels within the bounds of the user’s current Admin Domain.
Access rights for any user session are determined both by the user’s role-based access rights and by the
contents of the currently selected Admin Domain. See Chapter 1, “Introducing Web Tools” for
additional information about Admin Domains and Role-Based Access Control (RBAC).
The User tab of the Switch Admin module (see Figure 17-1 on page 17-3) displays account
information. You can create and manage accounts depending on your role:
Table 17-1 User Role and Permissions
Role Permissions
Admin Create and manage user all predefined and user-defined accounts
Operator Change your own password and cannot create, modify, or view predefined or
user-defined accounts
SwitchAdmin Change your own password and cannot create, modify, or view predefined or
user-defined accounts