EasyManua.ls Logo

Lenovo ThinkSystem DM3010H - Verify LSE Configuration

Lenovo ThinkSystem DM3010H
137 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
information.
d.
Go to advanced privilege mode and enter
y when prompted to continue: set -priv
advanced
e.
Enter the command to display the key management backup information:
security key-
manager onboard show-backup
f.
Copy the contents of the backup information to a separate file or your log file. You’ll need it
in disaster scenarios where you might need to manually recover OKM.
g.
Return to admin mode:
set -priv admin
h.
You can safely shut down the controller.
Verify LSE configuration
1.
Display the key IDs of the authentication keys that are stored on the key management servers:
security key-manager key query -key-type NSE-AK
After the ONTAP 9.6 release, you may have additional key manager types.
The types are KMIP, AKV, and GCP. The process for confirming these types is
the same as confirming external or onboard key manager types.
If the
Key Manager type displays external and the Restored column displays yes, it’s safe to
shut down the impaired controller.
If the
Key Manager type displays onboard and the Restored column displays yes, you need to
complete some additional steps.
If the
Key Manager type displays external and the Restored column displays anything other
than yes, you need to complete some additional steps.
If the
Key Manager type displays external and the Restored column displays anything other
than yes, you need to complete some additional steps.
2.
If the
Key Manager type displays onboard and the Restored column displays yes, manually back
up the OKM information:
a.
Go to advanced privilege mode and enter
y when prompted to continue: set -priv
advanced
b.
Enter the command to display the key management information:
security key-manager
onboard show-backup
c.
Copy the contents of the backup information to a separate file or your log file. You’ll need it
in disaster scenarios where you might need to manually recover OKM.
d.
Return to admin mode:
set -priv admin
e.
You can safely shut down the controller.
3.
If the
Key Manager type displays external and the Restored column displays anything other than
yes:
a.
Restore the external key management authentication keys to all nodes in the cluster:
security key-manager external restore
33

Table of Contents

Related product manuals