Understanding admin domain restrictions, Using the command line interface – Dell POWEREDGE M1000E User Manual

Page 35

Advertising
background image

Fabric OS Command Reference

3

53-1001764-02

Understanding Admin Domain restrictions

1

Understanding Admin Domain restrictions

A subset of Fabric OS commands is subject to Admin Domain restrictions that may be in place. In
order to execute an AD-restricted command on a switch or device, the switch or device must be
part of a given Admin Domain, and the user must be logged in to that Admin Domain.

Six Admin Domain types are supported, as defined in

Table 4

.

Refer to

Appendix A, “Command Availability”

for a listing of Admin Domain restrictions that apply to

the commands included in this manual.

Using the command line interface

The Fabric OS command line interface (accessed via Telnet, SSH, or serial console) provides full
management capability on a Brocade switch. The Fabric OS CLI enables an administrator to
monitor and manage individual switches, ports, and entire fabrics from a standard workstation.
Selected commands must be issued from a secure Telnet or SSH session.

Access is controlled by a switch-level password for each access level. The commands available
through the CLI are based on the user’s login role and the license keys used to unlock certain
features.

The Fabric OS CLI provides the following capabilities:

Access to the full range of Fabric OS features, given the license keys installed.

Assistance with configuration, monitoring, dynamic provisioning, and daily management of
every aspect of storage area networks (SANs).

A deeper view of the tasks involved in managing a Brocade SAN.

Identification, isolation, and management of SAN events across every switch in the fabric.

Management of Brocade licenses.

The documentation for each command includes a synopsis of its syntax, a description of command
use, and a set of examples. The same information can be accessed by issuing help command on a
Brocade switch or director. This command displays the help page for the specified command. For
example, to display the help page for ad, type:

switch:admin>

help ad

TABLE 4

AD types

AD Type

Definition

Allowed

Allowed to execute in all ADs.

PhysFabricOnly

Allowed to execute only in AD255 context (and the user should own
access to AD0-AD255 and have admin RBAC privilege).

Disallowed

Only allowed to execute in AD0 or AD255 context, not allowed in
AD1-AD254 context.

PortMember

All control operations allowed only if the port or the local switch is part
of the current AD. View access allowed if the device attached to the
port is part of current AD.

AD0Disallowed

Allowed to execute only in AD255 and AD0 (if no ADs are configured).

AD0Only

Allowed to execute only in AD0 when ADs are not configured.

Advertising
Popular Brands
Popular manuals