yes:
a. Restore the external key management authentication keys to all nodes in the cluster:
manager external restore
If the command fails, contact NetApp Support.
mysupport.netapp.com
b. Verify that the
Restored
key query
c. Shut down the impaired node.
4. If the
Key Manager
a. Enter the onboard security key-manager sync command:
Enter the customer's onboard key management passphrase at the prompt. If the
passphrase cannot be provided, contact NetApp Support.
b. Verify the
Restored
query
c. Verify that the
Key Manager
d. Go to advanced privilege mode and enter
e. Enter the command to display the key management backup information:
onboard show-backup
f. Copy the contents of the backup information to a separate file or your log file. You'll need it in disaster
scenarios where you might need to manually recover OKM.
g. Return to admin mode:
h. You can safely shutdown the node.
Verify NSE configuration
1. Display the key IDs of the authentication keys that are stored on the key management servers:
key-manager query
◦ If the
Key Manager
down the impaired node.
◦ If the
Key Manager
complete some additional steps.
◦ If the
Key Manager
yes, you need to complete some additional steps.
◦ If the
Key Manager
yes, you need to complete some additional steps.
2. If the
Key Manager
the OKM information:
a. Go to advanced privilege mode and enter
6
column equals
type displays
onboard
column shows
yes
type shows onboard, manually backup the OKM information.
set -priv admin
type displays
external
type displays
onboard
type displays
external
type displays
external
type displays
onboard
for all authentication keys:
yes
and the
column displays anything other than yes:
Restored
security key-manager onboard sync
for all authentication keys:
when prompted to continue:
y
and the
Restored
and the
Restored
and the
Restored
and the
Restored
and the
Restored
column displays yes, manually backup
when prompted to continue:
y
security key-
security key-manager
mysupport.netapp.com
security key-manager key
set -priv advanced
security key-manager
column displays yes, it's safe to shut
column displays yes, you need to
column displays anything other than
column displays anything other than
set -priv advanced
security
Need help?
Do you have a question about the FAS8200 and is the answer not in the manual?