Using fabric os commands, Using the command line interface, Understanding role-based access control – Brocade Fabric OS Command Reference (Supporting Fabric OS v7.3.0) User Manual
Page 31: Chapter 1, Chapter 1, “using fabric os commands, Chapter
Fabric OS Command Reference
Using Fabric OS Commands
Using the command line interface
The Fabric OS command line interface (CLI), accessed via Telnet, SSH, or serial console, provides
full management capability on a Brocade switch. The Fabric OS CLI enables an administrator to
monitor and manage individual switches, ports, and entire fabrics from a standard workstation.
Selected commands must be issued from a secure Telnet or SSH session.
Access is controlled by a switch-level password for each access level. The commands available
through the CLI are based on the user’s login role and the license keys used to unlock certain
The Fabric OS CLI provides the following capabilities:
Access to the full range of Fabric OS features, given the license keys installed.
Assistance with configuration, monitoring, dynamic provisioning, and daily management of
every aspect of storage area networks (SANs).
A deeper view of the tasks involved in managing a Brocade SAN.
Identification, isolation, and management of SAN events across every switch in the fabric.
Management of Brocade licenses.
The documentation for each command includes a synopsis of its syntax, a description of command
use, and a set of examples. The same information can be accessed by issuing the help command
followed by the command name on a Brocade switch or director. This command displays the help
page for the specified command. For example, to display the help page for portCfg, enter:
switch:admin> help portCfg
Understanding Role-Based Access Control
Fabric OS implements Role-Based Access Control (RBAC) to control access to all Fabric OS
Eight predefined roles are supported, as described in
. These predefined role definitions are
guided by perceived common operational situations and the operations and effects a role is
permitted to have on a fabric and individual fabric elements.
Role definitions
Role name
Non-administrative use, such as monitoring system activity. In Fabric
OS v6.2.0 and later, the user account gains access to Fabric ID 128.
This is the default logical fabric after a firmware upgrade.
A subset of administrative tasks typically required for routine
maintenance operations.
Administrative use excluding security, user management, and zoning.