EasyManuals Logo

NetApp FAS User Manual

NetApp FAS
704 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #207 background imageLoading...
Page #207 background image
b.
Verify the
Restored column shows yes for all authentication keys: security key-manager
key-query
c.
Verify that the
Key Manager type shows onboard, and then manually back up the OKM
information.
d.
Go to advanced privilege mode and enter
y when prompted to continue: set -priv advanced
e.
Enter the command to display the key management backup information:
security key-
manager onboard show-backup
f. Copy the contents of the backup information to a separate file or your log file. You’ll need it in
disaster scenarios where you might need to manually recover OKM.
g.
Return to admin mode:
set -priv admin
h. You can safely shut down the controller.
Verify NSE configuration
1.
Display the key IDs of the authentication keys that are stored on the key management servers:
security
key-manager key-query -key-type NSE-AK
After the ONTAP 9.6 release, you may have additional key manager types. The types are KMIP,
AKV, and GCP. The process for confirming these types is the same as confirming external or
onboard key manager types.
•
If the
Key Manager type displays external and the Restored column displays yes, it’s safe to shut
down the impaired controller.
•
If the
Key Manager type displays onboard and the Restored column displays yes, you need to
complete some additional steps.
•
If the
Key Manager type displays external and the Restored column displays anything other than
yes, you need to complete some additional steps.
•
If the
Key Manager type displays external and the Restored column displays anything other than
yes, you need to complete some additional steps.
1.
If the
Key Manager type displays onboard and the Restored column displays yes, manually back
up the OKM information:
a.
Go to advanced privilege mode and enter
y when prompted to continue: set -priv advanced
b.
Enter the command to display the key management information:
security key-manager
onboard show-backup
c. Copy the contents of the backup information to a separate file or your log file. You’ll need it in
disaster scenarios where you might need to manually recover OKM.
d.
Return to admin mode:
set -priv admin
e. You can safely shut down the controller.
2.
If the
Key Manager type displays external and the Restored column displays anything other than
yes:
a.
Enter the onboard security key-manager sync command:
security key-manager external
sync
205

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the NetApp FAS and is the answer not in the manual?

NetApp FAS Specifications

General IconGeneral
BrandNetApp
ModelFAS
CategoryDisk array system
LanguageEnglish

Related product manuals