Fibre Channel (SAN)

Reply
New Contributor
Posts: 3
Registered: ‎11-29-2011

"factory" role

All- hello, discovering and working on a new companies fabrics.  Hoping to setup automated configupload for lack of backup process here.

I have noticed a user account on my switches labels "factory", with role definition of factory and description of "diagnostics".  Short of creating an operator account and setting this up across many switches or defining LDAP to simply grab my configs I wanted to use this already existent account if I can.  I have searched over the forums here as well as reading the FOS 6.4 admin guide.  I do not see any definition of the "factory" role, nor can I modify or see properties even as root because my permission is denied.

Is it advisable or ok to use this account for grabs? or can anyone speak to what comparable level of switch access this account has? (admin, operator, fabricAdmin etc).  If a separate account creation is advised what is the lowest role level which can still run and pull configupload without write ability?  Operator? User?

Thanks for the assistance.

N/A
Posts: 1
Registered: ‎03-30-2006

Re: "factory" role

Hi the factory role is above the root or admin role. it is used to set parameters or solve problems together with the labs because it is so mighty (although it is dangerous).

so just use an administrator role to config your switches.

greetz chris

Valued Contributor
Posts: 931
Registered: ‎12-30-2009

Re: "factory" role

I agree with christian_ham on not using the factory account the grab configs.

And i wouldn't use the admin account the grab configs only. It has to much privileges just to do grabs.

I suggest you create an user dedicated for grabbing configs.

Which role that user should have depends on the config you want to grab.

I know of an matrix with RBAC roles but unfortunatly am unable to locate ATM

Valued Contributor
Posts: 931
Registered: ‎12-30-2009

Re: "factory" role

Ok found an matrix in the FOS AG 6.3 >> link

Chapter  is what you need to read, unfortunatly there's no straight forward answer, but the doc can assist in getting exactly what you want.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.