Table 4-1, Table 4-2, Table 4-3 – Dell Emulex Family of Adapters User Manual

OneCommand™ Manager Application

P010066-01A Rev. A

4. Using the OneCommand Manager Application

Using OneCommand Manager Secure Management

84

for each user. The following table defines the OneCommand Manager application user

groups and each group's management capabilities.

On Linux or Solaris systems, the UNIX "getent group" utility can be run on the target

host system’s command shell to verify the correct configuration of the groups. The

groups, and users within the groups, appear in the output of this command.

Note: Although users may belong to the administrator group or be root users, they do

not have full privileges to run the OneCommand Manager application unless

they are also members of the ocmadmin group. Otherwise, when secure

management is enabled, a root users or administrators can only manage local

adapters (similar to the ocmlocaladmin users).

Remote management operations between two machines is allowed or denied

depending on the OneCommand Manager secure management status of the machines,

and the domains to which the machines belong. The following tables list the behavior

(assuming appropriate user credentials are used).

Table 4-1 Secure Management User Privileges

Group Name

OneCommand Manager
Capability

ocmadmin

Allows full active management of
local and remote adapters.

ocmlocaladmin

Permits full active management of
local adapters only.

ocmuser

Permits read-only access of local and
remote adapters.

ocmlocaluser

Permits read-only access of local
adapters.

Table 4-2 Active Commands: machines on same domain

Remote Server
(Secure)

Remote Server
(Not Secure)

Client (Secure)

Allowed

Denied *

Client (Not Secure)

Denied

Allowed

Table 4-3 Active Commands: machines on different domain

Remote Server
(Secure)

Remote Server
(Not Secure)

Client (Secure)

Denied**

Denied *

Client (Not Secure)

Denied

Allowed