Dell PowerVault TL4000 Dell PowerVault ML6000 Encryption Key Manager User's - Page 107

drive.acceptUnknownDrives, Required, Values, Default, maximum.threads = 200, Server.authMechanism

Get Dell PowerVault TL4000 PDF manuals and user guides View all Dell PowerVault TL4000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 107 highlights

drive.acceptUnknownDrives = value Automatically adds new drive contacting the Encryption Key Manager to drive table Required Yes. Values true | false Default false Security note - This setting in combination with a valid drive.default.alias1 setting allows tapedrives that connect to the Encryption Key Manager to be added and operational without a administrator validating that addition. See "Automatically update tape drive table" in Chapter 3 for more information. fips = value Federal Information Processing Standard. See "Federal Information Processing Standard 140-2 Considerations" in Chapter 2 for more information. Required Optional. Values on | off Default off maximum.threads = 200 Maximum number of threads the Encryption Key Manager can create. Required Optional. Server.authMechanism = value Specifies the authentication mechanism to be used with local/remote clients. When the value is set to EKM, the CLI client user must login to the server using usr/passwd as EKMAdmin/changeME. (This password can be changed with chgpasswd command.) When the value is specified as LocalOS, client authentication is done against the local operating system registry. (Be sure to shut the Encryption Key Manager server down before changing the KeyManagerConfig.properties file.) The CLI client user must login to the server with OS usr/passwd. For local OS-based authentication on Linux platforms, additional steps are required: 1. Download Dell Release R175158 (EKMServicesAndSamples) from http://support.dell.com and extract the files to a directory of your choice. 2. Extract the contents of EKMServiceAndSamples.jar (included on your Dell product media and available at http://support.dell.com) into a temporary directory 3. Copy the libjaasauth.so file from the LocalOS-setup appropriate to your platformto java_home/jre/bin. v On 32-bit Intel Linux environments, copy the LocalOS-setup/ linux_ia32/libjaasauth.so file to the java_home/jre/bin/ directory, where java_home is typically java_install_path/IBMJava2-i386-142 for a 32-bit Intel Linux kernel running the 1.4.2 JVM. v On 64-bit AMD64 Linux environments, copy the LocalOS-setup/linux-x86_64/libjaasauth.so file to the java_home/jre/bin/ directory, where java_home is typically java_install_path/IBMJava2-amd64-142 for a 64-bit AMD Linux kernel running the 1.4.2 JVM. For Windows platforms this file is not necessary. Appendix B. Encryption Key Manager Configuration Properties Files B-5

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
drive.acceptUnknownDrives =
value
Automatically adds new drive contacting the Encryption Key Manager to
drive table
Required
Yes.
Values
true | false
Default
false
Security note - This setting in combination with a valid drive.default.alias1
setting allows tapedrives that connect to the Encryption Key Manager to be
added and operational without a administrator validating that addition.
See “Automatically update tape drive table” in Chapter 3 for more
information.
fips =
value
Federal Information Processing Standard. See “Federal Information
Processing Standard 140-2 Considerations” in Chapter 2 for more
information.
Required
Optional.
Values
on | off
Default
off
maximum.threads = 200
Maximum number of threads the Encryption Key Manager can create.
Required
Optional.
Server.authMechanism =
value
Specifies the authentication mechanism to be used with local/remote
clients. When the value is set to
EKM
, the CLI client user must login to the
server using usr/passwd as EKMAdmin/changeME. (This password can
be changed with chgpasswd command.) When the value is specified as
LocalOS
, client authentication is done against the local operating system
registry. (Be sure to shut the Encryption Key Manager server down before
changing the KeyManagerConfig.properties file.) The CLI client user must
login to the server with OS usr/passwd. For local OS-based authentication
on Linux platforms, additional steps are required:
1.
Download Dell Release R175158 (EKMServicesAndSamples) from
and extract the files to a directory of your
choice.
2.
Extract the contents of EKMServiceAndSamples.jar (included on your
Dell product media and available at
) into a
temporary directory
3.
Copy the libjaasauth.so file from the LocalOS-setup appropriate to your
platformto
java_home
/jre/bin.
v
On 32-bit Intel Linux environments, copy the LocalOS-setup/
linux_ia32/libjaasauth.so file to the
java_home
/jre/bin/ directory,
where
java_home
is typically
java_install_path
/IBMJava2-i386-142 for a
32-bit Intel Linux kernel running the 1.4.2 JVM.
v
On 64-bit AMD64 Linux environments, copy the
LocalOS-setup/linux-x86_64/libjaasauth.so file to the
java_home
/jre/bin/ directory, where
java_home
is typically
java_install_path
/IBMJava2-amd64-142 for a 64-bit AMD Linux kernel
running the 1.4.2 JVM.
For Windows platforms this file is not necessary.
Appendix B. Encryption Key Manager Configuration Properties Files
B-5