Admin domain features, Requirements for admin domains, Admin domain access levels – Dell POWEREDGE M1000E User Manual
Page 435
Fabric OS Administrator’s Guide
435
53-1002745-02
Administrative Domains overview
17
Admin Domain features
Admin Domains allow you to do the following:
•
Define the scope of an Admin Domain to encompass ports and devices within a switch or a
fabric.
•
Share resources across multiple Admin Domains. For example, you can share array ports and
tape drives between multiple departments. In
on page 434, one of the storage
devices is shared between AD1 and AD2.
•
Have a separate zone database for each Admin Domain. Refer to
on page 458 for more information.
•
Move devices from one Admin Domain to another without traffic disruption, cable reconnects,
or discontinuity in zone enforcement.
•
Provide strong fault and event isolation between Admin Domains.
•
Have visibility of all physical fabric resources. All switches, E_Ports, and FRUs (including blade
information) are visible.
•
Continue to run existing third-party management applications. Prior and existing versions of
third-party management applications continue to work with admin IDs and user IDs.
Requirements for Admin Domains
Implementing Admin Domains in a fabric has the following requirements:
•
Admin Domains are not supported on the Brocade 8000. The Brocade 8000 can be in AD0
only.
•
The default zone mode setting must be set to No Access before you create Admin Domains
(refer to
“Setting the default zoning mode for Admin Domains”
on page 443 for instructions).
•
Virtual Fabrics must be disabled before you create Admin Domains (refer to
on page 290 for instructions).
•
Gigabit Ethernet (GbE) ports cannot be members of an Admin Domain.
•
Traffic Isolation Zoning is supported within Admin Domains, with some restrictions, as
described in
“Admin Domain considerations for Traffic Isolation Zoning”
•
If the fabric includes LSAN zones:
-
The LSAN zone names must not end with “_ADn”.
-
The LSAN zone names must not be longer than 57 characters.
Chapter 24, “Using FC-FC Routing to Connect Fabrics,”
for information about the FC-FC
Routing Service and LSAN zones.
Admin Domain access levels
Admin Domains offer a hierarchy of administrative access. To manage Admin Domains, you must
be a physical fabric administrator. A physical fabric administrator is a user with admin permissions
and access to all Admin Domains (AD0 through AD255). Only a physical fabric administrator can
perform Admin Domain configuration and management.
Other administrative access is determined by your defined Role-Based Access Control (RBAC) role
and AD membership. Your role determines your access level and permission to perform an
operation. Your AD membership determines the fabric resources on which you can operate.