Table of Contents
Advertisement
3. If you saw the message This command is not supported when onboard key management is enabled,
display the keys stored in the onboard key manager:
a. If the
Restored
▪ Go to advanced privilege mode and enter
▪ Enter the command to display the OKM backup information:
show
▪ Copy the contents of the backup information to a separate file or your log file. You'll need it in
disaster scenarios where you might need to manually recover OKM.
▪ Return to admin mode:
▪ Shut down the impaired node.
b. If the
Restored
▪ Run the key-manager setup wizard:
target/impaired node name
▪ Verify that the
manager key show -detail
▪ Go to advanced privilege mode and enter
▪ Enter the command to display the OKM backup
show
▪ Copy the contents of the backup information to a separate file or your log file. You'll need it in
disaster scenarios where you might need to manually recover OKM.
▪ Return to admin mode:
▪ You can safely shutdown the node.
Verifying NSE configuration
Steps
1. Display the key IDs of the authentication keys that are stored on the key management servers:
key-manager query
◦ If the
Restored
the impaired node.
◦ If the
Restored
unavailable, you need to complete some additional steps.
◦ If you see the message This command is not supported when onboard key management is enabled,
you need to complete some other additional steps
2. If the
column displayed anything other than yes, or if any key manager displayed
Restored
unavailable:
a. Retrieve and restore all authentication keys and associated key IDs:
restore -address *
column displays
manually backup the onboard key management information:
yes
set -priv admin
column displays anything other than yes:
Enter the customer's onboard key management passphrase at the prompt. If the
passphrase cannot be provided, contact
column displays
Restored
set -priv admin
column displays
and all key managers display available, it's safe to shut down
yes
column displays anything other than yes, or if any key manager displays
security key-manager key show -detail
when prompted to continue:
y
security key-manager setup -node
mysupport.netapp.com
for all authentication key:
yes
when prompted to continue:
y
information:security key-manager backup
set -priv advanced
security key-manager backup
security key-
set -priv advanced
security key-manager
security
5
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the AFF A200 and is the answer not in the manual?