beautypg.com

Checking resource authorities, Target commands, Target resources – HP XP P9500 Storage User Manual

Page 56

background image

Checking resource authorities

If the access is not permitted by comparing the access authorities of the resource groups configured
on the user roles and the specified resource, RAID Manager rejects the command with an error
code "EX_EGPERM". If the resource groups are defined among the large storage systems, the
specified resource is compared with the resource specified by obtaining the access authority
configured to each large storage system.

Target commands

RAID Manager checks resource authorities on the following commands that use command devices.

raidcom commands (commands for setting configurations)

horctakeover, horctakeoff, paircurchk, paircreate, pairsplit, pairresync, pairvolchk, pairevtwait,
pairsyncwait, pairmon

raidscan (-find verify, -find inst, -find sync except for [d]), pairdisplay, raidar, raidqry (except
for -l and -r)

raidvchkset, raidvchkscan (except for -v jnl), raidvchkdsp

Relation between user authentication and resource groups

In user authentication mode, RAID Manager verifies the access authority of the relevant resource
based on the user authentication and the role of it. Also, on the user authentication unnecessary
mode and the undefined resource groups, RAID Manager checks the access authorities shown in
the following table.

Table 14 Relations between resource groups and command devices

Commands

Resources

raidcom

pairXX

1

Authenticated user

Not authenticated user

2

Authenticated user

Not authenticated user

2

Permitted by the
authority of resource ID
0

EX_EPPERM

4

Permitted by the
authority of resource
ID 0

Permitted

Undefined
resource

3

Permitted by the
authority of the relevant
resource ID

EX_EGPERM

4

EX_EPPERM

Permitted by the
authority of the
relevant resource ID

EX_EGPERM

4

Defined resource

Notes:

1.

Above-described commands except for the raidcom command

2.

User who uses the mode without the command authentication

3.

Undefined as the resource group

4.

Command execution is rejected by the relevant error

Target resources

The following objects are arbitrarily defined as the resource groups by each user.

LDEV

Physical port

Host group

RAID group

External connection group

56

RAID Manager functions on the P9500

This manual is related to the following products:
See also other documents in the category HP Storage: