Enter the customer’s onboard key management passphrase at the prompt. If the
passphrase cannot be provided, contact NetApp Support.
b. Verify the
Restored
column shows
yes
for all authentication keys:
security key-manager key
query
c. Verify that the
Key Manager
type shows
onboard
, manually backup the OKM information.
d. Go to advanced privilege mode and enter
y
when prompted to continue:
set -priv advanced
e. Enter the command to display the key management backup information:
security key-manager
onboard show-backup
f. Copy the contents of the backup information to a separate file or your log file. You’ll need it in disaster
scenarios where you might need to manually recover OKM.
g. Return to admin mode:
set -priv admin
h. You can safely shutdown the node.
Verify NSE configuration
1. Display the key IDs of the authentication keys that are stored on the key management servers:
security
key-manager query
◦
If the
Key Manager
type displays
external
and the
Restored
column displays
yes
, it’s safe to shut
down the impaired node.
◦
If the
Key Manager
type displays
onboard
and the
Restored
column displays
yes
, you need to
complete some additional steps.
◦
If the
Key Manager
type displays
external
and the
Restored
column displays anything other than
yes
, you need to complete some additional steps.
◦
If the
Key Manager
type displays
external
and the
Restored
column displays anything other than
yes
, you need to complete some additional steps.
2. If the
Key Manager
type displays
onboard
and the
Restored
column displays
yes
, manually backup
the OKM information:
a. Go to advanced privilege mode and enter
y
when prompted to continue:
set -priv advanced
b. Enter the command to display the key management information:
security key-manager onboard
show-backup
c. Copy the contents of the backup information to a separate file or your log file. You’ll need it in disaster
scenarios where you might need to manually recover OKM.
d. Return to admin mode:
set -priv admin
e. You can safely shutdown the node.
3. If the
Key Manager
type displays
external
and the
Restored
column displays anything other than
yes
:
a. Enter the onboard security key-manager sync command:
security key-manager external
sync
If the command fails, contact NetApp Support.
1019
Summary of Contents for AFF A700
Page 4: ...AFF and FAS System Documentation 1...
Page 208: ...3 Close the controller module cover and tighten the thumbscrew 205...
Page 248: ...2 Close the controller module cover and tighten the thumbscrew 245...
Page 308: ...Power supply Cam handle release latch Power and Fault LEDs Cam handle 305...
Page 381: ...Power supply Cam handle release latch Power and Fault LEDs Cam handle 378...
Page 437: ...1 Locate the DIMMs on your controller module 434...
Page 605: ...602...
Page 1117: ...3 Close the controller module cover and tighten the thumbscrew 1114...
Page 1157: ...2 Close the controller module cover and tighten the thumbscrew 1154...
Page 1228: ...Power supply Cam handle release latch Power and Fault LEDs Cam handle 1225...
Page 1300: ...Power supply Cam handle release latch Power and Fault LEDs Cam handle 1297...
Page 1462: ...Installing SuperRail to round hole four post rack 1459...
Page 1602: ...1599...
Page 1630: ...1627...
Page 1634: ...Orange ring on horizontal bracket Cable chain 1631...
Page 1645: ...Guide rail 1642...
Page 1669: ...Attention LED light on 1666...