Mirrorview scripting

Question

hi, We need to set up account for MV sync, fracture, promote etc. for Unix hosts and i was wondering if there is a way the access can be restricted. I understand an account has to be created on the array with either global or local scope then a security file on the host(s). This restricts running naviseccli commands from the host on which the sec file is created but doesn't prevent the user on that box from running whatever array specific commands. How does one stop this, is there a way to restrict the access further down to lun level? Thanks, Vipul

Mabro1 · Answer

Hi vkinva,I have moved your post to the other EMC Software forum in order to ensure you get better visibility on it. I have no product expertise in this area about your question but a quick search yielded this white paper that might assist you. http://korea.emc.com/collateral/hardware/white-papers/h5588-emc-mirrorview-cluster-enabler-wp.pdfI hope this helps.Regards,Mark Browne EMC Support Forums Administrator

vkinva · Answer

hi Mark,The WP is about MV with cluster enabler, which isn't what i am looking for. Basically my question is, is there a way to give restricted access to specific luns to be sync'd, fractured etc. from the unix host without compromising security? I know Celerra 5.6 code has a replication role to allow certain users manage their system's respective luns, mirrors themselves but i don't think this is available with the cx3-80, running flare 3.26. I guess we'd just have to set up a user on the 2 arrays and set up security file on the 2 hosts in question. Root would be required to run these commands, but that still means system admins have full access to run any commands from the boxes.Thanks,Vk

Enterprise Support

Was this post helpful?