Fabric OS Administrator's Guide v7.1.0
Page 9
...Default accounts 138 Local account passwords 139 Local user account database distribution 140 Distributing the local user database 140 Accepting distributed user databases on the local switch . . .140 Rejecting distributed user databases on the local switch . . . 141 Password policies 141 Password strength policy 141 Password history policy 142 Password... Layer protocol 182 Browser and Java support 182 SSL configuration overview 183 The browser 186 Root certificates for the Java plugin 187 Simple Network Management Protocol 188 SNMP and Virtual Fabrics 189 SNMP security levels 190...
...Default accounts 138 Local account passwords 139 Local user account database distribution 140 Distributing the local user database 140 Accepting distributed user databases on the local switch . . .140 Rejecting distributed user databases on the local switch . . . 141 Password policies 141 Password strength policy 141 Password history policy 142 Password... Layer protocol 182 Browser and Java support 182 SSL configuration overview 183 The browser 186 Root certificates for the Java plugin 187 Simple Network Management Protocol 188 SNMP and Virtual Fabrics 189 SNMP security levels 190...
Fabric OS Administrator's Guide v7.1.0
Page 61
... page 138. They are case-sensitive, and they are needed for development and manufacturing. The root and factory default accounts are not meant for general use, change your passwords now". For more information on default accounts, refer to "Default accounts" on the switch are not displayed when you after logging in to do not change...
... page 138. They are case-sensitive, and they are needed for development and manufacturing. The root and factory default accounts are not meant for general use, change your passwords now". For more information on default accounts, refer to "Default accounts" on the switch are not displayed when you after logging in to do not change...
Fabric OS Administrator's Guide v7.1.0
Page 62
To skip a single prompt, press Enter. for root Enter new password: Password changed. root Changing password for user - Password saved to stable storage successfully. (output truncated) The switch Ethernet ...Brocade Backbones On Brocade Backbones, you must set the Ethernet and chassis management IP interfaces. Configure the Ethernet interface IP address, subnet mask, and gateway addresses in using the default administrative account. 2. Saving password to the switch and log in one of changing passwords login: admin Password: Please change the default account passwords...
To skip a single prompt, press Enter. for root Enter new password: Password changed. root Changing password for user - Password saved to stable storage successfully. (output truncated) The switch Ethernet ...Brocade Backbones On Brocade Backbones, you must set the Ethernet and chassis management IP interfaces. Configure the Ethernet interface IP address, subnet mask, and gateway addresses in using the default administrative account. 2. Saving password to the switch and log in one of changing passwords login: admin Password: Please change the default account passwords...
Fabric OS Administrator's Guide v7.1.0
Page 133
...but applies to a different subset of the user's Virtual Fabrics. • Chassis role - The home Admin Domain must be a member of root, factory, admin, and user, Fabric OS supports up to 252 additional user accounts on the chassis. Managing User Accounts Chapter 5 In this ...;Local database user accounts 137 •Local user account database distribution 140 •Password policies 141 •The boot PROM password 145 •Remote authentication 149 User accounts overview In addition to the default permissions assigned to the roles of the user's Admin Domain list. • ...
...but applies to a different subset of the user's Virtual Fabrics. • Chassis role - The home Admin Domain must be a member of root, factory, admin, and user, Fabric OS supports up to 252 additional user accounts on the chassis. Managing User Accounts Chapter 5 In this ...;Local database user accounts 137 •Local user account database distribution 140 •Password policies 141 •The boot PROM password 145 •Remote authentication 149 User accounts overview In addition to the default permissions assigned to the roles of the user's Admin Domain list. • ...
Fabric OS Administrator's Guide v7.1.0
Page 138
... for a switch • userConfig --show username to show all default accounts should be changed during the initial installation and configuration of each LF in their LF permissions. Creating an account 1. The password for all accounts permitted to show account information for the specified account...of the administrator. Enter the userConfig --add command. TABLE 15 Default local user accounts Account name Role Admin Domain Logical Fabric Description admin factory root user Admin AD0-255 home: 0 Factory AD0-255 home: 0 Root AD0-255 home: 0 User AD0 home: 0 LF1-128 home...
... for a switch • userConfig --show username to show all default accounts should be changed during the initial installation and configuration of each LF in their LF permissions. Creating an account 1. The password for all accounts permitted to show account information for the specified account...of the administrator. Enter the userConfig --add command. TABLE 15 Default local user accounts Account name Role Admin Domain Logical Fabric Description admin factory root user Admin AD0-255 home: 0 Factory AD0-255 home: 0 Root AD0-255 home: 0 User AD0 home: 0 LF1-128 home...
Fabric OS Administrator's Guide v7.1.0
Page 159
... 1. Enter the login role (root, admin, switchAdmin, user, and so on) that uses the RADIUS server; NOTE If a user is configured prior to enabling reverse password encryption, then the user's password is the switch. Configuring a user IAS is not the default behavior; IAS uses the Windows ... Enter the IP address of a RADIUS server and proxy. b. To use RADIUS. If the password is a password used . Below is required, then Windows must be created for each group of Brocade login permissions (root, admin, factory, switchAdmin, and user) for all switches on configuring the server, refer to...
... 1. Enter the login role (root, admin, switchAdmin, user, and so on) that uses the RADIUS server; NOTE If a user is configured prior to enabling reverse password encryption, then the user's password is the switch. Configuring a user IAS is not the default behavior; IAS uses the Windows ... Enter the IP address of a RADIUS server and proxy. b. To use RADIUS. If the password is a password used . Below is required, then Windows must be created for each group of Brocade login permissions (root, admin, factory, switchAdmin, and user) for all switches on configuring the server, refer to...
Fabric OS Administrator's Guide v7.1.0
Page 188
...the SNMP agent and configuring SNMP traps. This is used to send information to keystore In the example, changeit is the default password and RootCert is a standard method for enhanced management security in the storage area network. You can specify no ]: yes ...company that complies with FibreAlliance specifications. Simple Network Management Protocol The Simple Network Management Protocol (SNMP) is an example root certificate name. Every Brocade switch carries an SNMP agent and management information base (MIB). The SNMP trap configuration specifies the MIB trap elements ...
...the SNMP agent and configuring SNMP traps. This is used to send information to keystore In the example, changeit is the default password and RootCert is a standard method for enhanced management security in the storage area network. You can specify no ]: yes ...company that complies with FibreAlliance specifications. Simple Network Management Protocol The Simple Network Management Protocol (SNMP) is an example root certificate name. Every Brocade switch carries an SNMP agent and management information base (MIB). The SNMP trap configuration specifies the MIB trap elements ...
Fabric OS Administrator's Guide v7.1.0
Page 446
Security Policy, Password or Account Attribute Change: adm1 will be ... 446 Fabric OS Administrator's Guide 53-1002745-02 Switch to the switch and log in the remaining list. By default, after the Admin Domain is automatically in using an account with admin permissions. 2. 17 Admin Domain management for physical...of removing Admin Domain green_ad2 from the user account adm1 switch:admin> userconfig --deletead adm1 -a "green_ad2" Broadcast message from root (pts/0) Wed Jan 27 20:57:14 2010... Enter the userConfig --deletead command: userconfig --deletead username [-h admindomain_ID]...
Security Policy, Password or Account Attribute Change: adm1 will be ... 446 Fabric OS Administrator's Guide 53-1002745-02 Switch to the switch and log in the remaining list. By default, after the Admin Domain is automatically in using an account with admin permissions. 2. 17 Admin Domain management for physical...of removing Admin Domain green_ad2 from the user account adm1 switch:admin> userconfig --deletead adm1 -a "green_ad2" Broadcast message from root (pts/0) Wed Jan 27 20:57:14 2010... Enter the userConfig --deletead command: userconfig --deletead username [-h admindomain_ID]...
Fabric OS Administrator's Guide v7.1.0
Page 616
... RNG seed key is zeroized and deleted from both the active and standby CPs and only the default accounts [root, factory, admin, and user] will have the generic default passwords set. • To maintain FIPS 140-2 compliance, passwords for RNG. Automatically zeroized on every random number generation. The secCertUtil delkey -all TLS session key No...
... RNG seed key is zeroized and deleted from both the active and standby CPs and only the default accounts [root, factory, admin, and user] will have the generic default passwords set. • To maintain FIPS 140-2 compliance, passwords for RNG. Automatically zeroized on every random number generation. The secCertUtil delkey -all TLS session key No...
Fabric OS Administrator's Guide v7.1.0
Page 657
... rstats listener application, 192 rule adding to an IP Filter policy, 223 configuring zones, 309 deleting from an IP Filter policy, 223 passwords, 139 rusers listener application, 192 S sa-proposal, 234 saved zone configuration, defined, 308 saving monitor configuration, 515 SCC creating policy,...-?? roleConfig command, 136 roles Admin Domain considerations, 135 assigning user-defined, 137 creating user-defined, 136 default, 134 managing user-defined, 136-137 role permissions, 135 root certificates in Firefox, 187 in Internet Explorer, 186 installing in FIPS mode, 617 RSA key pair generation,...
... rstats listener application, 192 rule adding to an IP Filter policy, 223 configuring zones, 309 deleting from an IP Filter policy, 223 passwords, 139 rusers listener application, 192 S sa-proposal, 234 saved zone configuration, defined, 308 saving monitor configuration, 515 SCC creating policy,...-?? roleConfig command, 136 roles Admin Domain considerations, 135 assigning user-defined, 137 creating user-defined, 136 default, 134 managing user-defined, 136-137 role permissions, 135 root certificates in Firefox, 187 in Internet Explorer, 186 installing in FIPS mode, 617 RSA key pair generation,...
Fabric OS Administrator's Guide v7.1.0
Page 658
...interactively, 71 settings, configuration, 241-253 shared ISL. See: SSL. See: certificates or root certificates. length, 213 setting, 214 viewing list of a universal temporary license, 480 shutdown ...SNMPv3, 178 SSHv2, 178 Secure Shell protocol. See: SSH. security AUTH policy, 207 Brocade MIB, 188 browser support, 182 certificates, 178 encryption and SSL, 182 FibreAlliance MIB, ...allowed, 136 setContext command, 121, 299 setting changing passwords, 62 chassis configurations, 93 chassis management IP interface, 65 date, 69 default zone mode, 443 fabric-wide consistency policy, 228 ...
...interactively, 71 settings, configuration, 241-253 shared ISL. See: SSL. See: certificates or root certificates. length, 213 setting, 214 viewing list of a universal temporary license, 480 shutdown ...SNMPv3, 178 SSHv2, 178 Secure Shell protocol. See: SSH. security AUTH policy, 207 Brocade MIB, 188 browser support, 182 certificates, 178 encryption and SSL, 182 FibreAlliance MIB, ...allowed, 136 setContext command, 121, 299 setting changing passwords, 62 chassis configurations, 93 chassis management IP interface, 65 date, 69 default zone mode, 443 fabric-wide consistency policy, 228 ...
Fabric OS Command Reference v7.1.0
Page 404
... FIPS configuration. Do want to remove secret key database? \ (yes, y, no, n): [no Operation cancelled. Root account is in read only mode. HTTP port number for the policy \ is enabled. ARE YOU SURE (yes,... switch. Authentication uses MD5 hash algorithm. Executing 'pkiremove': WARNING!!! Executing 'passwddefault': Password policies are not met: switch:admin> fipscfg --enable fips SelfTests mode is in ... enabled. 2 fipsCfg To attempt enabling FIPS when prerequisites are already set to default. Telnet port number for the policy \ is enabled. Do you want secure...
... FIPS configuration. Do want to remove secret key database? \ (yes, y, no, n): [no Operation cancelled. Root account is in read only mode. HTTP port number for the policy \ is enabled. ARE YOU SURE (yes,... switch. Authentication uses MD5 hash algorithm. Executing 'pkiremove': WARNING!!! Executing 'passwddefault': Password policies are not met: switch:admin> fipscfg --enable fips SelfTests mode is in ... enabled. 2 fipsCfg To attempt enabling FIPS when prerequisites are already set to default. Telnet port number for the policy \ is enabled. Do you want secure...
Fabric OS Command Reference v7.1.0
Page 604
..."root", "factory", "SecurityAdmin", or "admin" can execute this command is subject to Virtual Fabric or Admin Domain restrictions that may generate one or more diagnostic information. if omitted and only the old password is enabled. RADIUS enabled error Password change the password. Incorrect password...OPERANDS DIAGNOSTICS The execution of this operand and have permission to change the password for the new password. The following error messages. The user account must be an existing account, either default or user-created. if omitted, the command interactively prompts for more of...
..."root", "factory", "SecurityAdmin", or "admin" can execute this command is subject to Virtual Fabric or Admin Domain restrictions that may generate one or more diagnostic information. if omitted and only the old password is enabled. RADIUS enabled error Password change the password. Incorrect password...OPERANDS DIAGNOSTICS The execution of this operand and have permission to change the password for the new password. The following error messages. The user account must be an existing account, either default or user-created. if omitted, the command interactively prompts for more of...
Fabric OS Command Reference v7.1.0
Page 607
...minimum number of the account lockout policy to 24 can unlock a locked account at any time. The default value is 0. The default value is 1. The maximum value must occur in the password. A value of 1 to Admin role accounts. An administrator can be less than or equal to... Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for all user accounts except the root, factory, and SecurityAdmin role accounts. The default value is enforced ...
...minimum number of the account lockout policy to 24 can unlock a locked account at any time. The default value is 0. The default value is 1. The maximum value must occur in the password. A value of 1 to Admin role accounts. An administrator can be less than or equal to... Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for all user accounts except the root, factory, and SecurityAdmin role accounts. The default value is enforced ...
Fabric OS Command Reference v7.1.0
Page 1116
..., the CLI sessions associated with the --c option. --delete username Deletes the specified account from root Sat Apr 2 03:03:32 2005... 2 userConfig EXAMPLES -c [chassis_role] Specifies the account's access permissions regarding chassis-level commands. Security Policy, Password or Account Attribute \ Change: joe will be a subset of the Admin Domain or Logical ...create and manage user accounts in an Admin Domain-enabled environment. The following restrictions apply when you delete an account: • You cannot delete a default account. • You cannot delete your own account.
..., the CLI sessions associated with the --c option. --delete username Deletes the specified account from root Sat Apr 2 03:03:32 2005... 2 userConfig EXAMPLES -c [chassis_role] Specifies the account's access permissions regarding chassis-level commands. Security Policy, Password or Account Attribute \ Change: joe will be a subset of the Admin Domain or Logical ...create and manage user accounts in an Admin Domain-enabled environment. The following restrictions apply when you delete an account: • You cannot delete a default account. • You cannot delete your own account.
Fabric OS Message Reference v7.1.0
Page 46
... name or the chassis name of 2,147,483,647 (0x7ffffff). Event-specific information A text string explaining the error encountered and providing parameters supplied by the default switch instance. • CHASSIS - The following values: • FFDC - AUDIT, , [], , , ////, /, , The following : • 1 - Flags...Audit event message. 0 AUDIT, 2005/12/10-09:54:03, [SEC-1000], WARNING, SECURITY, JohnSmith/root/192.0.2.2/Telnet/CLI, Domain A/JohnsSwitch, , Incorrect password during login attempt. 24 Fabric OS Message Reference 53-1002749-01 The severity of the Audit event message. ...
... name or the chassis name of 2,147,483,647 (0x7ffffff). Event-specific information A text string explaining the error encountered and providing parameters supplied by the default switch instance. • CHASSIS - The following values: • FFDC - AUDIT, , [], , , ////, /, , The following : • 1 - Flags...Audit event message. 0 AUDIT, 2005/12/10-09:54:03, [SEC-1000], WARNING, SECURITY, JohnSmith/root/192.0.2.2/Telnet/CLI, Domain A/JohnsSwitch, , Incorrect password during login attempt. 24 Fabric OS Message Reference 53-1002749-01 The severity of the Audit event message. ...
Fabric OS MIB Reference v7.1.0
Page 31
...Brocade ...are listed in FOS user database will have physical AD and admin role as the default): User (rw): [snmpadmin1] Auth Protocol [MD5(1)/SHA(2)/noAuth(3)]: (1..3) [3] Priv Protocol.... SNMP CLI usage The examples for port statistics. Create the SNMPv3 user. switch:root> snmpconfig --set snmpv3 SNMP Informs Enabled (true, t, false, f): [false] ...admin> userconfig --add fa_adm -r fabricadmin -h0 -a 0-255 Setting initial password for sa_user Enter new password:******** Re-type new password:******** Account sa_user has been successfully added. Configuring SNMPv3 user/traps 1. switch...
...Brocade ...are listed in FOS user database will have physical AD and admin role as the default): User (rw): [snmpadmin1] Auth Protocol [MD5(1)/SHA(2)/noAuth(3)]: (1..3) [3] Priv Protocol.... SNMP CLI usage The examples for port statistics. Create the SNMPv3 user. switch:root> snmpconfig --set snmpv3 SNMP Informs Enabled (true, t, false, f): [false] ...admin> userconfig --add fa_adm -r fabricadmin -h0 -a 0-255 Setting initial password for sa_user Enter new password:******** Re-type new password:******** Account sa_user has been successfully added. Configuring SNMPv3 user/traps 1. switch...
Fabric OS Troubleshooting and Diagnostics Guide v7.1.0
Page 77
... the type of user, admin, and factory. Enter the command for the default accounts of password that was lost: passwd user passwd admin passwd factory 4. Enter the requested information at the prompts. If you do not know the root password, you must contact your switch service provider. Open a CLI connection (serial or Telnet) to...
... the type of user, admin, and factory. Enter the command for the default accounts of password that was lost: passwd user passwd admin passwd factory 4. Enter the requested information at the prompts. If you do not know the root password, you must contact your switch service provider. Open a CLI connection (serial or Telnet) to...
Fabric OS Troubleshooting and Diagnostics Guide v7.1.0
Page 78
.... Probable cause and recommended action When the device authentication policy is the password recovery mechanism? If this bit is the password recovery mechanism? Use passwdDefault command to set . Refer to default. Are these passwords. Probable cause and recommended action The most common error when managing user ...Contact your switch service provider. A non-disruptive procedure is not setting up the default Admin Domain and access control list or role-based access control (RBAC). If a user has only the root password, what is set to what is not set a recovery string to log into...
.... Probable cause and recommended action When the device authentication policy is the password recovery mechanism? If this bit is the password recovery mechanism? Use passwdDefault command to set . Refer to default. Are these passwords. Probable cause and recommended action The most common error when managing user ...Contact your switch service provider. A non-disruptive procedure is not setting up the default Admin Domain and access control list or role-based access control (RBAC). If a user has only the root password, what is set to what is not set a recovery string to log into...
Web Tools Administrator's Guide v7.1.0
Page 195
... ID if Virtual Fabrics are unavailable. Click Apply to apply your changes. All other buttons are enabled. NOTE You cannot modify the default root and factory accounts, even if you must delete the account and create a new account. User-defined accounts 15 Selecting All makes the... steps. 1. To change the user name of your own account. 6. Enter a new description. The default home logical fabric ID is 128. 12. Click Modify. You cannot change the password. Open the Switch Administration window as described in "Opening the Switch Administration window" on page 31. 2....
... ID if Virtual Fabrics are unavailable. Click Apply to apply your changes. All other buttons are enabled. NOTE You cannot modify the default root and factory accounts, even if you must delete the account and create a new account. User-defined accounts 15 Selecting All makes the... steps. 1. To change the user name of your own account. 6. Enter a new description. The default home logical fabric ID is 128. 12. Click Modify. You cannot change the password. Open the Switch Administration window as described in "Opening the Switch Administration window" on page 31. 2....