Fabric OS Administrator's Guide v7.1.0
Page 9
... local switch . . . 141 Password policies 141 Password strength policy 141 Password history policy 142 Password expiration policy 143 Account lockout policy 143 The boot PROM password 145 Setting the boot PROM password for a switch with a recovery string 145 Setting the boot PROM password for a Backbone with a recovery ... Secure Sockets Layer protocol 182 Browser and Java support 182 SSL configuration overview 183 The browser 186 Root certificates for the Java plugin 187 Simple Network Management Protocol 188 SNMP and Virtual Fabrics 189 SNMP security levels 190 SNMP configuration ...
... local switch . . . 141 Password policies 141 Password strength policy 141 Password history policy 142 Password expiration policy 143 Account lockout policy 143 The boot PROM password 145 Setting the boot PROM password for a switch with a recovery string 145 Setting the boot PROM password for a Backbone with a recovery ... Secure Sockets Layer protocol 182 Browser and Java support 182 SSL configuration overview 183 The browser 186 Root certificates for the Java plugin 187 Simple Network Management Protocol 188 SNMP and Virtual Fabrics 189 SNMP security levels 190 SNMP configuration ...
Fabric OS Administrator's Guide v7.1.0
Page 61
.... For more information on default accounts, refer to access scp://fvt:**********@10.70.4.109//dist/release.plist sw0:FID128:root> clihistory Date & Time Wed May 23 03:39:37 2012 Message root, console, firmwaredownload Password modification The switch automatically prompts you after logging in for system monitoring. They must begin with the message...
.... For more information on default accounts, refer to access scp://fvt:**********@10.70.4.109//dist/release.plist sw0:FID128:root> clihistory Date & Time Wed May 23 03:39:37 2012 Message root, console, firmwaredownload Password modification The switch automatically prompts you after logging in for system monitoring. They must begin with the message...
Fabric OS Administrator's Guide v7.1.0
Page 62
... CP1) • Chassis management IP Brocade switches On Brocade switches, you must set the Ethernet and chassis management IP interfaces. You can continue to use either enter a new password or skip the prompt. You can... use a static Ethernet addressing system or allow the DHCP client to automatically acquire Ethernet addresses. To skip a single prompt, press Enter. for root Enter new password: Password changed. Password...
... CP1) • Chassis management IP Brocade switches On Brocade switches, you must set the Ethernet and chassis management IP interfaces. You can continue to use either enter a new password or skip the prompt. You can... use a static Ethernet addressing system or allow the DHCP client to automatically acquire Ethernet addresses. To skip a single prompt, press Enter. for root Enter new password: Password changed. Password...
Fabric OS Administrator's Guide v7.1.0
Page 133
... overview 133 •Local database user accounts 137 •Local user account database distribution 140 •Password policies 141 •The boot PROM password 145 •Remote authentication 149 User accounts overview In addition to the default permissions assigned to the ...roles of the user's Virtual Fabric list. Specifies the Administrative Domains to which a user account is logged into , if available. The home Virtual Fabric must be a member of root...
... overview 133 •Local database user accounts 137 •Local user account database distribution 140 •Password policies 141 •The boot PROM password 145 •Remote authentication 149 User accounts overview In addition to the default permissions assigned to the ...roles of the user's Virtual Fabric list. Specifies the Administrative Domains to which a user account is logged into , if available. The home Virtual Fabric must be a member of root...
Fabric OS Administrator's Guide v7.1.0
Page 138
...default accounts should be changed during the initial installation and configuration of each LF in an LF_ID_list, displays a list of commands. 2. The password for all accounts permitted to select the specified adminDomain_ID • userConfig --showlf -l logicalFabric_ID for the specified account • userConfig --showad -a...the administrator. TABLE 15 Default local user accounts Account name Role Admin Domain Logical Fabric Description admin factory root user Admin AD0-255 home: 0 Factory AD0-255 home: 0 Root AD0-255 home: 0 User AD0 home: 0 LF1-128 home: 128 LF1-128 home: 128 ...
...default accounts should be changed during the initial installation and configuration of each LF in an LF_ID_list, displays a list of commands. 2. The password for all accounts permitted to select the specified adminDomain_ID • userConfig --showlf -l logicalFabric_ID for the specified account • userConfig --showad -a...the administrator. TABLE 15 Default local user accounts Account name Role Admin Domain Logical Fabric Description admin factory root user Admin AD0-255 home: 0 Factory AD0-255 home: 0 Root AD0-255 home: 0 User AD0 home: 0 LF1-128 home: 128 LF1-128 home: 128 ...
Fabric OS Administrator's Guide v7.1.0
Page 157
... include root, admin, switchAdmin, zoneAdmin, securityAdmin, basicSwitchAdmin, fabricAdmin, operator, and user. Example of adding a user name to the RADIUS authentication For example, to set up an account called JohnDoe with admin permissions with a password expiry date of May 28, 2008 and a warning period of 30 days: JohnDoe Auth-Type := Local User-Password == "johnPassword", Brocade...
... include root, admin, switchAdmin, zoneAdmin, securityAdmin, basicSwitchAdmin, fabricAdmin, operator, and user. Example of adding a user name to the RADIUS authentication For example, to set up an account called JohnDoe with admin permissions with a password expiry date of May 28, 2008 and a warning period of 30 days: JohnDoe Auth-Type := Local User-Password == "johnPassword", Brocade...
Fabric OS Administrator's Guide v7.1.0
Page 159
... authentication will not work and the user will need to configure the RADIUS server for a Brocade switch. Alternatives to verify user login credentials; Provide a password. Keep your shared secret password in to the switch. c. In the Vendor-Specific Attribute Information window, enter the vendor ...server For more information and instructions on which you already created. a. Client-Vendor - After clicking Finish, add a new client for root, admin, factory, switchAdmin, and user, and then add any users whose logins you will be created for which RADIUS authentication will...
... authentication will not work and the user will need to configure the RADIUS server for a Brocade switch. Alternatives to verify user login credentials; Provide a password. Keep your shared secret password in to the switch. c. In the Vendor-Specific Attribute Information window, enter the vendor ...server For more information and instructions on which you already created. a. Client-Vendor - After clicking Finish, add a new client for root, admin, factory, switchAdmin, and user, and then add any users whose logins you will be created for which RADIUS authentication will...
Fabric OS Administrator's Guide v7.1.0
Page 185
... issuing authority that begins with "BEGIN CERTIFICATE REQUEST" and ends with admin permissions. 4. Secure Sockets Layer protocol 6 Obtaining certificates Once you have a login name and password on the server. Follow the instructions to an FTP server. If the certificates arrive by e-mail, save them to request a certificate. If the CA provides...; Locate the area in Table 24. Copy and paste this procedure for each switch. Fabric OS Administrator's Guide 185 53-1002745-02 nameRoot.pem The root certificate.
... issuing authority that begins with "BEGIN CERTIFICATE REQUEST" and ends with admin permissions. 4. Secure Sockets Layer protocol 6 Obtaining certificates Once you have a login name and password on the server. Follow the instructions to an FTP server. If the certificates arrive by e-mail, save them to request a certificate. If the CA provides...; Locate the area in Table 24. Copy and paste this procedure for each switch. Fabric OS Administrator's Guide 185 53-1002745-02 nameRoot.pem The root certificate.
Fabric OS Administrator's Guide v7.1.0
Page 186
... which the switch certificate is saved, and enter your login name and password. Checking and installing root certificates on Internet Explorer Use the following are guides for installing root certificates to the switch and log in noninteractive mode switch:admin> seccertutil ... ".crt", ".cer", \ ".pem" or ".psk" suffix): 192.1.2.3.crt Enter Login Name: your_account Enter Password: ***** Success: imported certificate [192.1.2.3.crt]. The browser The root certificate may include the strings "x509" or "certificate") • For Certificate Authorities that came with admin permissions...
... which the switch certificate is saved, and enter your login name and password. Checking and installing root certificates on Internet Explorer Use the following are guides for installing root certificates to the switch and log in noninteractive mode switch:admin> seccertutil ... ".crt", ".cer", \ ".pem" or ".psk" suffix): 192.1.2.3.crt Enter Login Name: your_account Enter Password: ***** Success: imported certificate [192.1.2.3.crt]. The browser The root certificate may include the strings "x509" or "certificate") • For Certificate Authorities that came with admin permissions...
Fabric OS Administrator's Guide v7.1.0
Page 187
... the Java plugin Use the following procedure to install it . Example of installing a root certificate C:\Program Files\Java\j2re1.6.0\bin> keytool -import -alias RootCert -file RootCert.crt -keystore ..\lib\security\RootCerts Enter keystore password: changeit Owner: CN=Brocade, OU=Software, O=Brocade Communications, L=San Jose, ST=California, C=US Fabric OS Administrator's Guide 187 53-1002745...
... the Java plugin Use the following procedure to install it . Example of installing a root certificate C:\Program Files\Java\j2re1.6.0\bin> keytool -import -alias RootCert -file RootCert.crt -keystore ..\lib\security\RootCerts Enter keystore password: changeit Owner: CN=Brocade, OU=Software, O=Brocade Communications, L=San Jose, ST=California, C=US Fabric OS Administrator's Guide 187 53-1002745...
Fabric OS Administrator's Guide v7.1.0
Page 188
...the Fabric OS command line interface (CLI), Web Tools, or Brocade Network Advisor. The SNMP access control list (ACL) provides a way for SNMPv3 or SNMPv1 configurations, and the security level. This is an example root certificate name. You can specify no ]: yes Certificate was ... operations to a network management station. You can manipulate information of SNMP information to keystore In the example, changeit is the default password and RootCert is used to send information to the Fabric OS MIB Reference. Using SNMP components, you may receive duplicate information. The...
...the Fabric OS command line interface (CLI), Web Tools, or Brocade Network Advisor. The SNMP access control list (ACL) provides a way for SNMPv3 or SNMPv1 configurations, and the security level. This is an example root certificate name. You can specify no ]: yes Certificate was ... operations to a network management station. You can manipulate information of SNMP information to keystore In the example, changeit is the default password and RootCert is used to send information to the Fabric OS MIB Reference. Using SNMP components, you may receive duplicate information. The...
Fabric OS Administrator's Guide v7.1.0
Page 261
... version on connected switches. The .plist file contains specific firmware information and the names of packages of an interactive firmware download switch:root> firmwaredownload Server Name or IP Address: 10.31.2.25 User Name: releaseuser File Name: /home/SAN/fos/v7.1.0/v7.1.0 Network ...of the firmware to verify the firmware level of a server IP address is available.Please wait ... Password: Server IP: 10.31.2.25, Protocol IPv4 Checking system settings for Brocade fixed-port switches 1. Firmware download on switches 9 Upgrading firmware for firmwaredownload... The firmware is the same...
... version on connected switches. The .plist file contains specific firmware information and the names of packages of an interactive firmware download switch:root> firmwaredownload Server Name or IP Address: 10.31.2.25 User Name: releaseuser File Name: /home/SAN/fos/v7.1.0/v7.1.0 Network ...of the firmware to verify the firmware level of a server IP address is available.Please wait ... Password: Server IP: 10.31.2.25, Protocol IPv4 Checking system settings for Brocade fixed-port switches 1. Firmware download on switches 9 Upgrading firmware for firmwaredownload... The firmware is the same...
Fabric OS Administrator's Guide v7.1.0
Page 446
... Broadcast message from an account, all of the currently active sessions for that account are not already in the active state. 1. Security Policy, Password or Account Attribute Change: adm1 will be in either remains as it is activated, the devices specified under that context. 17 Admin Domain management for... physical fabric administrators Removing an Admin Domain from a user account When you remove an Admin Domain from root (pts/0) Wed Jan 27 20:57:14 2010... Connect to the fabric, enter ad --apply. Switch to the AD255 context, if you...
... Broadcast message from an account, all of the currently active sessions for that account are not already in the active state. 1. Security Policy, Password or Account Attribute Change: adm1 will be in either remains as it is activated, the devices specified under that context. 17 Admin Domain management for... physical fabric administrators Removing an Admin Domain from a user account When you remove an Admin Domain from root (pts/0) Wed Jan 27 20:57:14 2010... Connect to the fabric, enter ad --apply. Switch to the AD255 context, if you...
Fabric OS Administrator's Guide v7.1.0
Page 616
... is zeroized and deleted from both the active and standby CPs and only the default accounts [root, factory, admin, and user] will have the generic default passwords set. • To maintain FIPS 140-2 compliance, passwords for the root, admin, and user default accounts. B Zeroization functions TABLE 86 Keys Zeroization behavior (Continued) Zeroization CLI FCSP...
... is zeroized and deleted from both the active and standby CPs and only the default accounts [root, factory, admin, and user] will have the generic default passwords set. • To maintain FIPS 140-2 compliance, passwords for the root, admin, and user default accounts. B Zeroization functions TABLE 86 Keys Zeroization behavior (Continued) Zeroization CLI FCSP...
Fabric OS Administrator's Guide v7.1.0
Page 621
...206 Enter remote directory: /users/aUser/certs Enter Login Name: aUser Enter LDAP certificate name (must have ".pem" suffix): swLdapca.pem Password: Success: exported LDAP certificate Deleting an LDAP switch certificate This procedure deletes the LDAP CA certificate from and to be disabled. ATTENTION You... file_name command, where file_name is important to prepare a switch for the following restrictions that exist in FIPS mode: • The root account and all root-only functions are blocked, you cannot use them to enable FIPS mode. Once these ports are not available. • HTTP, Telnet...
...206 Enter remote directory: /users/aUser/certs Enter Login Name: aUser Enter LDAP certificate name (must have ".pem" suffix): swLdapca.pem Password: Success: exported LDAP certificate Deleting an LDAP switch certificate This procedure deletes the LDAP CA certificate from and to be disabled. ATTENTION You... file_name command, where file_name is important to prepare a switch for the following restrictions that exist in FIPS mode: • The root account and all root-only functions are blocked, you cannot use them to enable FIPS mode. Once these ports are not available. • HTTP, Telnet...
Fabric OS Administrator's Guide v7.1.0
Page 635
... on switch, 185 installing root certificate for , 545 Brocade configuration setup form, 253 Brocade DCX, 466, 491, 494 auto-leveling, 256 ICLs, 493 Brocade DCX 8510, 466, 491 auto-leveling, 256 ICLs, 492 Brocade DCX 8510-4, 466 Brocade DCX 8510-8, 466 Brocade DCX-4S, 494 Brocade FC16-48 port blade enabling... frames, 560 for F_Ports, 562 for full-size frames, 557 by switch model, 563 buffer-to base switch, 297 passwords, 61 CHAP, 616 alternatives, 159 password encryption requirement, 159 See also: DH-CHAP. See: CHAP. chargen listener application, 192 chassis management IP interface, setting,...
... on switch, 185 installing root certificate for , 545 Brocade configuration setup form, 253 Brocade DCX, 466, 491, 494 auto-leveling, 256 ICLs, 493 Brocade DCX 8510, 466, 491 auto-leveling, 256 ICLs, 492 Brocade DCX 8510-4, 466 Brocade DCX 8510-8, 466 Brocade DCX-4S, 494 Brocade FC16-48 port blade enabling... frames, 560 for F_Ports, 562 for full-size frames, 557 by switch model, 563 buffer-to base switch, 297 passwords, 61 CHAP, 616 alternatives, 159 password encryption requirement, 159 See also: DH-CHAP. See: CHAP. chargen listener application, 192 chassis management IP interface, setting,...
Fabric OS Administrator's Guide v7.1.0
Page 645
... 618 LDAP certificates, 620 restrictions, 617 fipsCfg command, 617, 623, 624, 625 Firefox root certificate installation and verification, 187 SSL support, 182 firmware, 255-273 Backbone, 262-265 Backbone...overview, 262 Backbone version testing, 270 downgrading, 257 download process, 255 downloading without a password, 257 FA-PWWN upgrade and downgrade considerations, 430 finding version, 259 for switches, 260... for FIPS, 268 signed, 267 switch version testing, 268 upgrading, 257 upgrading for Brocade fixed-port switches, 261 upgrading on Backbones, 263 upgrading on blades, 263 firmware download...
... 618 LDAP certificates, 620 restrictions, 617 fipsCfg command, 617, 623, 624, 625 Firefox root certificate installation and verification, 187 SSL support, 182 firmware, 255-273 Backbone, 262-265 Backbone...overview, 262 Backbone version testing, 270 downgrading, 257 download process, 255 downloading without a password, 257 FA-PWWN upgrade and downgrade considerations, 430 finding version, 259 for switches, 260... for FIPS, 268 signed, 267 switch version testing, 268 upgrading, 257 upgrading for Brocade fixed-port switches, 261 upgrading on Backbones, 263 upgrading on blades, 263 firmware download...
Fabric OS Administrator's Guide v7.1.0
Page 657
...policies, 120 AP route policies, 120 Backbone-to an IP Filter policy, 223 configuring zones, 309 deleting from an IP Filter policy, 223 passwords, 139 rusers listener application, 192 S sa-proposal, 234 saved zone configuration, defined, 308 saving monitor configuration, 515 SCC creating policy, 207... Domain considerations, 135 assigning user-defined, 137 creating user-defined, 136 default, 134 managing user-defined, 136-137 role permissions, 135 root certificates in Firefox, 187 in Internet Explorer, 186 installing in FIPS mode, 617 RSA key pair generation, 180 Fabric OS Administrator's Guide...
...policies, 120 AP route policies, 120 Backbone-to an IP Filter policy, 223 configuring zones, 309 deleting from an IP Filter policy, 223 passwords, 139 rusers listener application, 192 S sa-proposal, 234 saved zone configuration, defined, 308 saving monitor configuration, 515 SCC creating policy, 207... Domain considerations, 135 assigning user-defined, 137 creating user-defined, 136 default, 134 managing user-defined, 136-137 role permissions, 135 root certificates in Firefox, 187 in Internet Explorer, 186 installing in FIPS mode, 617 RSA key pair generation, 180 Fabric OS Administrator's Guide...
Fabric OS Troubleshooting and Diagnostics Guide v7.1.0
Page 77
... was lost: passwd user passwd admin passwd factory 4. Probable cause and recommended action To recover your root password, contact your service support provider to recover admin passwords. Fabric OS Troubleshooting and Diagnostics Guide 61 53-1002751-01 Open a CLI connection (serial or Telnet) to the switch. 2. Security Chapter 6 In this procedure to ...
... was lost: passwd user passwd admin passwd factory 4. Probable cause and recommended action To recover your root password, contact your service support provider to recover admin passwords. Fabric OS Troubleshooting and Diagnostics Guide 61 53-1002751-01 Open a CLI connection (serial or Telnet) to the switch. 2. Security Chapter 6 In this procedure to ...
Fabric OS Troubleshooting and Diagnostics Guide v7.1.0
Page 78
...port. Contact your switch service provider. Symptom User is the password recovery mechanism? Probable cause and recommended action To recover a lost boot PROM password, contact your switch service provider. If a user has only the root password, what is set to what role the user has been assigned.... Use passwdDefault command to set all the passwords are forgotten, what is unable to ON....
...port. Contact your switch service provider. Symptom User is the password recovery mechanism? Probable cause and recommended action To recover a lost boot PROM password, contact your switch service provider. If a user has only the root password, what is set to what role the user has been assigned.... Use passwdDefault command to set all the passwords are forgotten, what is unable to ON....