Dell PowerVault TL4000 Dell PowerVault ML6000 Encryption Key Manager User's - Page 61
The Command Line Interface Client, Authenticating CLI Client Users - superuser password
View all Dell PowerVault TL4000 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 61 highlights
is uninstalled. When running this command, you may also see the following error message: Could not remove EKMServer. Error 0. However, the service may still be uninstalled. To install Encryption Key Manager as a Windows service, issue: LaunchEKMService.exe -i config file 7. Once the service is installed using the command above, EKMServer will appear in the service control panel and you can start and stop the Encryption Key Manager using the Service Control Panel. Note: You must start the Windows service manually the first time it is used by using the control panel. The Command Line Interface Client Once the Encryption Key Manager server is started, you can issue CLI commands through the client interface locally or remotely. To issue CLI commands you must first start the CLI client. Authenticating CLI Client Users The Server.authMechanism property in the configuration file specifies the authentication mechanism to be used with local/remote clients. When the value is set to EKM, the CLI client user must login to the server using user/password as EKMAdmin/changeME. (This password can be changed with chgpasswd command. See "chgpasswd" on page 5-9.) The default setting for the Server.authMechanism property is EKM. When the Server.authMechanism property value is specified as LocalOS in the KeyManagerConfig.properties file, client authentication is done against the local operating system registry. The CLI client user must login to the server with OS user/password. Note that only user/password allowed to login and submit commands to the server is the user ID under which the server is running and which also has superuser/root authority. Important: The Encryption Key Manager server must be off and the GUI must be closed when making these changes to the Encryption Key Manager configuration file For local OS-based authentication in Windows, set the Server.authMechanism=LocalOS in KeyManagerConfig.properties as follows: 1. Locate The KeyManagerConfig.properties file (c:\ekm\gui directory). 2. Open the file with the text editor of your choice (WordPad recommended). 3. Locate the Server.authMechanism string. If this string is not present, add it to the file in the in this exact format Server.authMechanism=LocalOS. 4. Save the file. Now your user ID and password for the Encryption Key Manager server match the OS user account. Note that only users allowed to login and submit commands to the server and have administrator privileges can manage the Encryption Key Manager server For local OS-based authentication on Linux platforms, additional steps are required: Chapter 5. Administering the Encryption Key Manager 5-5