No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


OceanStor BCManager 6.5.0 eReplication User Guide 02

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Introduction to the System Administrator

Introduction to the System Administrator

The system administrator can configure system security policies, implement rights- and domain-based management, restrict IP addresses that can access eReplication, implement real-time monitoring, and manage online administrators.

By default, eReplication provides six user levels, namely, admin, administrator, operator, auditor, NBIRole, and SyncAdmin. Table 3-1 describes permissions of each user level.
Table 3-1  Description of user permissions

User Role



Default administrator admin provided by the system. User admin has permissions for all operations and can manage all resources and users, and it cannot be deleted.


Admin Role users. Have permissions for all eReplication operations except for configuring the admin and Admin Role users.


Operator Role users. Such users have the following permissions:
  • View and refresh resources and all operation permissions of the sites
  • All operation permissions of the protected groups
  • All operation permissions of the recovery plan
  • All operation permissions of monitoring
  • View on-line administrators, view and configure the system performance, all operation permissions of data maintenance, view and export system operation logs, notify server all remote maintenance


Auditor Role users. Such users only have permissions to view operation logs dump, view and export system operation logs.


Users belonging to Third-Part System User Group. Such users only have permissions to view sites, protected group, view and execute recovery plan.


This role is used for the communication between two eReplication servers, and cannot be used by a third-party system or to log in to eReplication for system maintenance.

Rights- and domain-based management, IP address restriction, and accounts for the communication between the two eReplication servers are implemented based on the configuration of administrators and administrator groups.

  • An administrator group is a set of operation permissions. You can allocate an administrator to an administrator group to make the administrator to inherit the operation permissions of the group.
  • The system provides default administrator admin. admin has all operation permissions and can manage all resources. Note that admin cannot be modified. You can create an administrator and select an administrator group and resources for this administrator to implement the rights- and domain-based management of eReplication.
  • You can select the IP address segments that can access eReplication for an administrator to restrict IP addresses that access eReplication.

The system security policy contains the password policy, session timeout threshold, maximum number of user connections, and login policy. The detailed information is as follows:

  • The password policy defines the minimum length and complexity of the passwords of the system administrators.
  • The session timeout threshold refers to the period when it is exceeded the session between the system administrator and eReplication is interrupted. Any operations of the system administrator on the eReplication interface will make the timeout threshold counting start from 0 again.

    If the system administrator does not perform any operation within the timeout threshold after logging in to eReplication, the current session is interrupted. If the system administrator needs to perform operations on eReplication after the interruption, it needs to log in to eReplication again.

  • The maximum number of user connections limit the number of sessions of users that log in to eReplication concurrently. If the number of user sessions exceeds the upper limit, no more user can log in to eReplication. This policy applies to man-machine accounts only, and is invalid for machine-machine accounts of the NBIRole role.
  • The login policy defines the lock period after a specific number of consecutive incorrect passwords are entered when the system administrator attempts to log in to eReplication.
Updated: 2019-05-21

Document ID: EDOC1100075861

Views: 14515

Downloads: 70

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next