Parameters:
Name Type Description Mandatory Default
min_req Integer Minimum number
of required
security
administrators
recovery key
shares.
N2
users Object name User names of the
security
administrators.
Y N/A
This command specifies the security administrators receive the recovery keys (or,
more accurately, "shares" of the recovery key), and the minimum number of
recovery keys that need to be entered (using encrypt_recovery_key_enter)inorder
to unlock the encrypted keys.
Once this command is entered, all the specified security administrators are
expected to retrieve and verify their recovery keys, using
encrypt_recovery_key_get and encrypt_recovery_key_verify, respectively.
This command can only be run for a system that is not yet encrypted (that is,
when the encryption_state is DISABLED).
Note: The command will complete successfully even if the user that serves as an
input does not exist.
Example:
xcli -u secadmin1 -p password -m ${HOST} encrypt_recovery_key_generate
users=secadmin1,secadmin2,secadmin3,secadmin4 min_req=2
Output:
Command executed successfully.
Access Control:
User Category Permission
Storage administrator Disallowed
Storage integration administrator Disallowed
Application administrator Disallowed
Security administrator Allowed
Read-only users Disallowed
Technicians Disallowed
Completion Codes:
v UNSUPPORTED_HARDWARE
Cannot utilize encryption on unsupported hardware.
Troubleshooting: Contact support to verify the encryption status.
v NO_LIVE_KEYSERVER_GATEWAY_NODE
There is no live key server gateway node on the system.
498 IBM XIV Storage System User Manual
To Next Page
Loading...
Need help?
General
