Management Software

Reply
Highlighted
New Contributor
Posts: 3
Registered: ‎06-25-2013

Rights Management in BNA

Hi there,

 

Running HPE B-Series SAN Network Advosor 14.0.3 here. I'm having trouble understanding how the user management works.

 

BNA primarily verifies its accounts to 2 possible LDAP servers (Active Directory hosts). We have 2 sites with different people managing this site at the moment. On each site we've defined 2 AD-groups, a 'read-only' group and a 'operator/zoning' group

One of the sites is the main management site.

 

AD-groups:

  • Main-Management
  • Satelite1-ReadOnly
  • Satelite1-Management

Roles used:

  • ReadOnly: self-created, only read-only access define
  • Zoning Admin: default role
  • Operator: default role

 

What I would like to achieve:

  1. The main site should be able to manage ALL Fabrics.
    Achieved by giving correct roles (All default roles) and AOR's (All Fabrics) to Main-Management AD group
  2. Every satelite site should be able to manage there OWN Fabric
    Achieved by giving correct roles (Zoning Admin and Operator) and AOR's (Satelite1-Fabrics) to Satelite1-Management AD group
  3. Every satelite site should be able to VIEW (not manage) ALL Fabric
    Tried: Giving correct roles (ReadOnly) and AOR's (All Fabrics) to Satelite1-ReadOnly AD group.

In the user management I am able to get the first two options to work, but the third option does not seem to work. It picks up the rights/roles of option 2 !

 

Is my train of thoughts of setting this up wrong?

 

Regards,

Martien

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.