Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Restricted user in Fabric Manager?

Hello all,

in our company we have SAN with several MDS 9509 and 9513 switches. We use a FMS 4.1 for management.

The cabling is done by a subcontractor. In future they should also do the port assignment. Enable/disable ports, change the port description.

Therfore i try to define some restricted users.

On device manager i have defined a role SAN-Port with the following rules:

  1. permit     Show     * 
      1. permit     Config    interface
      2. permit     Exec     copy

      This looks ok for me.

      I want to have a similar restriction in the FM client. They should use it as an entry point for their work, as i do.

      But i didn't see a possibility to do that.

      I can define a role in FMS, but there i can only define the scope of SAN's. When a user with such a role opens the FM client, he cannot access a device manager via right click a switch. The device manager option isn't shown.

      If i define a user with a predefined role in FMS, it seems the user can do nearly everything.

      So is ther a way to restrict a user like in device manager? Or can we only use the device manager?

      Kind regards,

      Richard

      AXA Tech Germany

      Everyone's tags (5)
      3 REPLIES
      Silver

      Re: Restricted user in Fabric Manager?

      if you only want them to change port vsan membership why would you need them to get into FM in the first place, that's what DM is for ?

      @dynamoxxx
      New Member

      Re: Restricted user in Fabric Manager?

      Hello,

      we have 2 SAN's with different userid's for each SAN. By using the FMS there is only one single entry point for both SAN's. And you have only one single logon. I prefer this way.

      But it's not really a problem to use the device manager. So i think i will do it in this way.

      Kind regards,

      Richard

      AXA Tech Germany

      New Member

      Re: Restricted user in Fabric Manager?

      For what you listed out as the roles and responsibilities of your contractor are, they only need CLI access.  SSH preferred or Telnet.  You're looking at 5 or less commands they need to know to do their end of the job.

      Just a thought on making your life easier.

      Hope this helps.

      Gary

      408
      Views
      0
      Helpful
      3
      Replies
      CreatePlease to create content