Creating and maintaining user-defined accounts, Displaying account information, Creating a user-defined account – HP StorageWorks 2.128 SAN Director Switch User Manual
Page 43: Creating, And maintaining user-defined accounts, Creating and maintaining user-defined, Accounts
Fabric OS 5.x administrator guide
43
Creating and maintaining user-defined accounts
In addition to the default administrative and user accounts, Fabric OS supports up to 15 user-defined
accounts in each logical switch (domain). These accounts expand your ability to track account access and
audit administrative activities.
User-defined accounts can be assigned either admin-, switchAdmin-, or user-level roles. Admin-level
accounts allow up to two simultaneous login sessions. User-level accounts allow up to four simultaneous
login sessions. The total number of simultaneous login sessions allowed per logical switch is 15.
You can change passwords on user-defined accounts as described in ”
page 45.
If the TC feature is enabled, the system keeps track of account names and login attempts. (See ”
and controlling switch changes
” on page 35 for details on enabling the TC feature.)
For large enterprises, Fabric OS also supports RADIUS services, as described in ”
The following procedures are for operations you can perform on user-defined accounts.
NOTE:
If you are operating in secure mode, you can perform these operations only on the primary FCS
switch.
Displaying account information
1.
Connect to the switch and log in as admin.
2.
Issue one of the following commands:
•
userConfig --show -a
to show all account information for a logical switch
•
userConfig --show -b
to show all backup account information for a logical switch
•
userConfig --show username
to show account information for the specified account name
Accounts with the admin role can display information about all accounts on the logical switch. Accounts
with the switchAdmin role can display information about all accounts on the logical switch; however, they
cannot display information about security, user management, or zoning. Accounts with the user role can
display information only about themselves.
Creating a user-defined account
Accounts with the admin role can create accounts. Accounts with the user role cannot.
1.
Connect to the switch and log in as admin.
2.
Issue the following command:
userConfig --add username -r rolename [-d description]
where:
username
Specifies the account name, which must begin with an alphabetic
character. The name can consist of 8 to 40 characters. It is case-sensitive
and can contain alphabetic and numeric characters, the dot, and the
underscore. It must be different from all other account names on the
logical switch.
-r
rolename
Specifies the role: either
admin
,
switchAdmin
, or
user
in nonsecure
mode;
admin
,
user
, or
nonfcsadmin
in secure mode.
-d
description
Is an optional argument that adds a description to the account. The
description field can be up to 40 printable ASCII characters. The
following characters are not allowed: asterisk (*), quotation mark (“),
exclamation point (!), semicolon (;), and colon (:).