Fibre Channel (SAN)

Reply
Occasional Contributor
Posts: 8
Registered: ‎08-12-2008

Password Distribution Between SAN's and To Access Gateway?

Hello All,

I am curious if it is possible to distribute the account/password database and/or IPFilter Policies across redundant SAN's or, more importantly, to devices configured as access gateways.

I am looking into ways to get centralized user account management on my SAN and AD/LDAP is not an option due to many devices not supporting the version of FabricOS required to do this.

Beyond that, the vast majority of my SAN are blade chassis based devices configured as access gateways.

How are people running redundant (non-connected) SAN's, with many access gateway devices performing centralized policy distribution and account management?

Frequent Contributor
Posts: 80
Registered: ‎01-28-2010

Re: Password Distribution Between SAN's and To Access Gateway?

there´s the distribute command with that cmd it is possible to distribute the /user/pwd and other db from the local switch onto the other switches in the same fabric.

before you head out to use this command, verify first if the local db can be distributed or not, you can do that with the fddcfg --show command, every db should have the accept word next to it.


beware from which switch you start the distribute command ^^

and make sure no one is actually configuring something on the fabric, cause the distribute command causes all current useres logged in somewhere in the fabric, where you about to issue the command to be be logged off.

@havent tried the distribute the pwd/user db onto switches running the AG mode, but this is my next task

Frequent Contributor
Posts: 80
Registered: ‎01-28-2010

Re: Password Distribution Between SAN's and To Access Gateway?

one more possiblity is using ldap/AD and managing the users outside the fabric. that works for AG mode switches too

Occasional Contributor
Posts: 8
Registered: ‎08-12-2008

Re: Password Distribution Between SAN's and To Access Gateway?

I think you'll find that most of what you have suggested does not seem to work with devices in Access Gateway mode, which is a huge problem for me.

Frequent Contributor
Posts: 80
Registered: ‎01-28-2010

Re: Password Distribution Between SAN's and To Access Gateway?

http://www.brocade.com/downloads/documents/product_manuals/B_SAN/AccessGateway_AdminGd_v700.pdf

page 4

Lightweight Directory Access Protocol (LDAP) Yes

and it works, it is just a pain to set it up

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.