08-25-2010 05:30 AM
Hello all,
in our company we have SAN with several MDS 9509 and 9513 switches. We use a FMS 4.1 for management.
The cabling is done by a subcontractor. In future they should also do the port assignment. Enable/disable ports, change the port description.
Therfore i try to define some restricted users.
On device manager i have defined a role SAN-Port with the following rules:
This looks ok for me.
I want to have a similar restriction in the FM client. They should use it as an entry point for their work, as i do.
But i didn't see a possibility to do that.
I can define a role in FMS, but there i can only define the scope of SAN's. When a user with such a role opens the FM client, he cannot access a device manager via right click a switch. The device manager option isn't shown.
If i define a user with a predefined role in FMS, it seems the user can do nearly everything.
So is ther a way to restrict a user like in device manager? Or can we only use the device manager?
Kind regards,
Richard
AXA Tech Germany
08-26-2010 07:50 PM
if you only want them to change port vsan membership why would you need them to get into FM in the first place, that's what DM is for ?
08-27-2010 07:12 AM
Hello,
we have 2 SAN's with different userid's for each SAN. By using the FMS there is only one single entry point for both SAN's. And you have only one single logon. I prefer this way.
But it's not really a problem to use the device manager. So i think i will do it in this way.
Kind regards,
Richard
AXA Tech Germany
08-26-2010 08:11 PM
For what you listed out as the roles and responsibilities of your contractor are, they only need CLI access. SSH preferred or Telnet. You're looking at 5 or less commands they need to know to do their end of the job.
Just a thought on making your life easier.
Hope this helps.
Gary
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: