Understanding Admin Domain Restrictions; Using The Command Line Interface - Brocade Communications Systems Brocade 8/12c Command Reference Manual

Understanding Admin Domain restrictions

A subset of Fabric OS commands is subject to Admin Domain restrictions that may be in place. In
order to execute an AD-restricted command on a switch or device, the switch or device must be
part of a given Admin Domain, and the user must be logged in to that Admin Domain.
Six Admin Domain types are supported, as defined in
TABLE 4
AD Type
Allowed
PhysFabricOnly
Disallowed
PortMember
AD0Disallowed
AD0Only
Refer to
the commands included in this manual.

Using the command line interface

The Fabric OS command line interface (accessed via Telnet, SSH, or serial console) provides full
management capability on a Brocade switch. The Fabric OS CLI enables an administrator to
monitor and manage individual switches, ports, and entire fabrics from a standard workstation.
Selected commands must be issued from a secure Telnet or SSH session.
Access is controlled by a switch-level password for each access level. The commands available
through the CLI are based on the user's login role and the license keys used to unlock certain
features.
The Fabric OS CLI provides the following capabilities:
•
•
•
•
•
The documentation for each command includes a synopsis of its syntax, a description of command
use, and a set of examples. The same information can be accessed by issuing help command on a
Brocade switch or director. This command displays the help page for the specified command. For
example, to display the help page for ad, type:
Fabric OS Command Reference
53-1001764-01
AD types
Definition
Allowed to execute in all ADs.
Allowed to execute only in AD255 context (and the user should own
access to AD0-AD255 and have admin RBAC privilege).
Only allowed to execute in AD0 or AD255 context, not allowed in
AD1-AD254 context.
All control operations allowed only if the port or the local switch is part
of the current AD. View access allowed if the device attached to the
port is part of current AD.
Allowed to execute only in AD255 and AD0 (if no ADs are configured).
Allowed to execute only in AD0 when ADs are not configured.
Appendix A, "Command Availability"
Access to the full range of Fabric OS features, given the license keys installed.
Assistance with configuration, monitoring, dynamic provisioning, and daily management of
every aspect of storage area networks (SANs).
A deeper view of the tasks involved in managing a Brocade SAN.
Identification, isolation, and management of SAN events across every switch in the fabric.
Management of Brocade licenses.
switch:admin> help ad
Understanding Admin Domain restrictions
Table 4.
for a listing of Admin Domain restrictions that apply to
1
3