HP StorageWorks Secure Fabric OS 5.0.0 User Guide (AA-RW1UA-TE, May 2005)
63Secure Fabric OS 5.0.0 user guide
• Using the secPolicyAdd command to add members, as described in ”Adding a
member to an existing policy” on page 85
• Using the secPolicyRemove command to remove members, as described in ”Removing
a member from a policy” on page 86
NOTE: If the last FCS switch is removed from the fabric, secure mode remains enabled but
no primary FCS switch is available. To specify a new primary FCS switch, enter the
secModeEnable command again and specify the primary and backup FCS switches. This is
the only instance in which the secModeEnable command can be entered when secure mode
is already enabled.
The possible FCS policy states are shown in Table 2.
You might not want to put Fabric OS v2.6.x switches in the FCS policy if your primary FCS
switch is running Fabric OS v3.2.0 or v4.4.x and using Multiple User Accounts (MUA)
because Fabric OS v2.6.x does not support MUA. Refer to the HP StorageWorks
Fabric OS
4.x Fabric OS procedures user guide
for more information on MUA.
Changing the position of a switch within the FCS policy
The secPolicyFCSMove command can be used to change the order in which switches are
listed in the FCS policy. The list order determines which backup FCS switch becomes the
primary FCS switch if the current primary FCS switch fails.
To modify the order of FCS switches:
1. From a sectelnet or Secure Shell session, log in to the primary FCS switch as admin.
Table 2 FCS policy states
Policy state Characteristics
No policy, or policy with no
entries
Not possible if secure mode is enabled.
Policy with one entry A primary FCS switch is designated but there are no
backup FCS switches. If the primary FCS switch becomes
unavailable for any reason, the fabric is left without an FCS
switch.
Policy with multiple entries A primary FCS switch and one or more backup FCS
switches are designated. If the primary FCS switch becomes
unavailable, the next switch in the list becomes the primary
FCS switch.