Administrator Guide
Table Of Contents
- Dell EqualLogic Group Manager Administrator’s Guide PS Series Firmware Version 9.1 FS Series Firmware Version 4.0
- About This Manual
- About Group Manager
- Architecture Fundamentals
- Set Up the iSCSI SAN
- Post-Setup Tasks
- Data Security
- About Group-Level Security
- Enable or Disable GUI and CLI Access
- Switch Administration Authentication Type
- About Administration Accounts
- Types of Administration Accounts
- Differences Between Authentication Methods
- Administration Account Attributes
- About Security Access Protocols
- SSH Key Pair Authentication
- Minimum Requirements for Administrative Access
- Create a Local Administration Account
- Modify Local Administration Accounts
- Delete Local Administration Accounts
- About RADIUS Accounts
- About LDAP Authorization and Active Directory
- About Single Sign-On
- About SNMP Access to the Group
- About VDS and VSS Authentication
- About IPsec
- About Dedicated Management Networks
- About Volume-Level Security
- Connect Initiators to iSCSI Targets
- Access Control Methods
- About Access Policies
- Access Policies: Use Cases
- Create a New Access Policy
- Create a New Basic Access Point
- Modify or Delete a Basic Access Point
- Modify Access Policies and Basic Access Points by Volume
- Associate Access Control Policies with Volumes
- Create an Access Policy Group
- Associate an Access Policy Group to a Volume
- Manage Access Controls for VDS/VSS Access
- Authenticate Initiators with CHAP
- Display Local CHAP Accounts
- Create a Local CHAP Account
- Modify a Local CHAP Account
- Delete a Local CHAP Account
- Configure CHAP for Initiator Authentication on Existing Volumes
- Configure CHAP for Initiator Authentication on New Volumes
- Configure CHAP Accounts on a RADIUS Authentication Server
- Configure Target Authentication
- About iSNS Servers
- Prevent Discovery of Unauthorized Targets
- About Multihost Access to Targets
- About Snapshot Access Controls
- About NAS Container Security
- PS Series Group Operations
- About Group Network Configuration
- Modify the Group IP Address or Group Name
- Add a Member to an Existing Group
- Set the RAID Policy and Pool for a New Member
- Enable and Disable a Volume RAID Preference
- About Overriding Automatic Load Balancing
- Shut Down a Group
- Create an Empty Storage Pool
- Create a Storage Pool from an Existing Member
- Change a Storage Pool Name or Description
- Merge Storage Pools
- Delete a Storage Pool
- About Groupwide Volume Defaults
- About Space Borrowing
- About Compression of Snapshots and Replicas
- Compression Prerequisites
- About Rehydration
- About Compression Statistics
- Compression Statistics by Pool
- Compression Statistics by Member
- Compression Statistics by Volume
- Member Compression States
- Enable Compression
- Suspend Compression
- Resume Compression
- View Compression Statistics by Pool
- View Compression Statistics by Member
- View Compression Statistics by Volume
- Compression Commands in the CLI
- About Volumes
- Create a Volume
- Modify a Volume Name or Description
- Modify a Volume Permission
- Modify a Volume Alias
- Modify the Administrator for a Volume
- About Smart Tags
- Set a Volume Offline or Online
- Delete a Volume
- About Volume Collections
- About Volume Folders
- About Restoring Deleted Volumes
- About Changing the Reported Volume Size
- About Reclaiming Unallocated Space
- Set a Volume or Snapshot with Lost Blocks Online
- Volume and Snapshot Status
- Volume and Snapshot Requested Status
- About Managing Storage Capacity Utilization On Demand (Thin Provisioning)
- About Improving Pool Space Utilization (Template Volumes and Thin Clones)
- About Data Center Bridging
- VMware Group Access Panel
- NAS Operations
- NAS Cluster Operations
- NAS Cluster Configuration
- NAS Cluster Post-Setup Tasks
- Modify a NAS Cluster Name
- Modify NAS Clusterwide Default NAS Container Settings
- Select an NFS Protocol Version
- Modify the Size of the NAS Reserve
- Add a Local Group for a NAS Cluster
- Delete a Local Group from a NAS Cluster
- Add a Local User on a NAS Cluster
- Modify a Local User on a NAS Cluster
- Delete a Local User from a NAS Cluster
- Map Users for a NAS Cluster
- Set the User Mapping Policy for a NAS Cluster
- Delete a User Mapping for a NAS Cluster
- Configure an Active Directory for a NAS Cluster
- Configure Preferred Domain Controllers
- Leave Active Directory
- Configure or Modify NIS or LDAP for a NAS Cluster
- Delete NIS or LDAP Configuration for a NAS Cluster
- Modify the Client Network Configuration
- Configure DNS for a NAS Cluster
- About the Internal Network Required for NAS Configuration
- About NAS Cluster Maintenance Mode
- Shut Down and Restart a NAS Cluster Manually
- About Deleting a NAS Cluster
- NAS Controller Operations
- NAS Container Operations
- Create a NAS Container
- Modify NAS Clusterwide Default NAS Container Settings
- Modify NAS Clusterwide Default NAS Container Permissions
- Modify NAS Clusterwide Default NFS Export Settings
- Modify NAS Clusterwide Default SMB Share Settings
- Modify a NAS Container Name
- Modify the Size of a NAS Container
- Modify the Snapshot Reserve and Warning Limit for a NAS Container
- Modify the In-Use Space Warning Limit for a NAS Container
- Modify a NAS Container for Few Writers Workloads
- Delete a NAS Container
- NFS Netgroups
- Access NFS Exports
- Create an NFS Export
- Modify the Client Access Setting for an NFS Export
- Modify the Permission for an NFS Export
- Modify the Trusted Users for an NFS Export
- Modify NAS Clusterwide Default NFS Export Settings
- Modify an NFS Export Directory
- Modify an NFS Export
- About NFS Export Security Methods
- Delete an NFS Export
- About SMB Shares
- Access SMB Shares in Windows
- Mount a NAS SMB Share from UNIX
- Create an SMB Share
- Set the SMB Password
- Modify an SMB Share Directory
- Delete an SMB Share
- Rebalance SMB Client Connections Across NAS Controllers
- Enable or Disable SMB Message Signing
- Enable or Disable SMB Message Encryption
- Modify SMB Share NAS Antivirus Settings
- Access-Based Enumeration
- About SMB Home Shares
- Create a NAS Thin Clone
- Client Networks
- About NAS Antivirus Servers
- How NAS Antivirus Protects Data
- NAS Antivirus Server Specifications
- Add a NAS Antivirus Server
- Modify a NAS Antivirus Server
- Delete a NAS Antivirus Server
- About NAS Antivirus Clusterwide Defaults
- Enable the NAS Antivirus Service on an SMB Share
- Monitor the NAS Antivirus Service
- NAS Directory Paths and File Types Scan
- Antivirus Policy
- Access Infected Files
- Create a NAS Container Quota
- Modify a NAS Container Quota
- Delete a NAS Container Quota
- About Quota Directories
- Quotas and NAS Containers
- About NAS Thin Provisioning
- NAS Container Storage Space Terminology
- About NAS Containers
- About Data Rehydration
- NAS Container Data Reduction
- Enable Data Reduction
- Modify NAS Container Data Reduction Settings
- Modify NAS Cluster Default Data Reduction Settings
- Data Reduction Policy
- Create Default Data Reduction Properties
- About NAS Data Reduction Schedules
- FS Series VAAI Plugin
- Diagnose and Resolve NAS Cluster and PS Series Issues
- About Backing Up and Protecting Your Data
- About Volume Data Protection
- Protect NAS Container Data with NDMP
- About Snapshots
- How Snapshots Work
- About Snapshot Reserve
- Create a Snapshot
- Set a Snapshot Online or Offline
- Clone a Snapshot to Create a New Volume
- Modify a Snapshot Name or Description
- Delete Snapshots
- Restore a Volume from a Snapshot
- About Snapshots and NAS Container Data
- About Snapshot Collections
- About Snapshot Space Borrowing
- About Replication
- About Schedules
- About Data Recovery
- About Recovering Data from a Snapshot
- Failback to Primary Operation (Manual)
- Move a Failback Replica Set to a Different Pool
- Replicate to Partner Operation (Manual)
- Switch Partner Roles Permanently
- Make a Temporary Volume Available on the Secondary Group
- Replicate a Recovery Volume to the Primary Group
- Promote an Inbound Replica Set to a Recovery Volume
- How to Handle a Failed Operation
- Fail Back to the Primary Group
- Volume Failover and Failback
- Recover Data from a Replica
- About NAS Disaster Recovery
- About Cloning Volumes
- About Synchronous Replication
- How Synchronous Replication Works
- Compare SyncRep and Traditional Replication
- How Synchronous Replication Protects Volume Availability in Different Scenarios
- Requirements for Using Synchronous Replication
- Synchronous Replication States
- About System Snapshots and SyncRep
- About Synchronous Replication and Snapshots
- About Synchronous Replication Switches and Failovers
- About Synchronous Replication Volume Collections
- About Using Thin Clones and Templates with Synchronous Replication
- Configure Synchronous Replication (SyncRep) on a Volume
- Disable Synchronous Replication (SyncRep) for a Volume
- Monitor Synchronous Replication (SyncRep) Volumes
- Pause Synchronous Replication (SyncRep)
- Resume Synchronous Replication (SyncRep)
- Enable Synchronous Replication (SyncRep) for a Volume Collection
- Disable Synchronous Replication (SyncRep) for a Volume Collection
- Change the Pool Assignment of a Synchronous Replication (SyncRep) Volume
- View the Distribution of a Volume Across Pools
- About Switching and Failing Over SyncRep Pools
- Disconnect the SyncActive Volume
- About Self-Encrypting Drives (SEDs) and AutoSED
- Scenarios Covered by AutoSED
- Scenarios Not Covered by AutoSED
- About Self-Encrypting Drives (SED)
- How Self-Encryption Protects Data
- About SED Members in a Group
- Back Up a Self-Encrypting Drive (SED) Key
- Self-Encrypting Drives (SED) Frequently Asked Questions (FAQ)
- Why are my backups always different?
- Why is a secure-erase command not available?
- What is the difference between a locked drive and a securely erased drive?
- I accidentally reset an SED array. What can I do?
- What if the entire array is stolen?
- What if the grpadmin password is stolen?
- Is it safe to discard or return a locked SED?
- Can I add SEDs to a non-SED array, or vice versa?
- Does a SED system also use RAID?
- Does SED encrypt my volumes?
- If I create a new set of backup units, does the new set invalidate the previous set of backup units?
- Self-Encrypting Drives (SED) Examples
- Self-Encrypting Drives (SED) Advanced Encryption
- About Monitoring
- Tools That Monitor and Manage Storage Performance
- Monitor Group Members
- About Storage Performance
- Monitor Administrative Sessions
- Monitor Snapshot Schedules
- Monitor Volumes and Snapshots
- About Monitoring Replication
- About Monitoring Replication Operations
- Monitor Alarms and Operations
- About Diagnostics
- Troubleshooting Performance Issues
- Third-Party Copyrights
Modulus:
00:ef:67:f5:d5:06:06:38:33:54:41:44:7e:bc:6d:
70:35:ea:9a:10:7e:d4:f3:a2:c9:f5:3b:8c:35:19:
59:ba:77:09:01:b8:26:9e:e8:76:5e:54:06:82:5c:
f7:2c:a8:17:1a:16:bb:12:54:56:b5:3c:62:0b:58:
e8:4a:30:78:aa:3f:9f:9c:39:8a:3a:d2:9e:1d:3f:
dc:ea:4e:ff:e9:ae:a5:f0:c2:2c:ca:62:e2:56:00:
65:1b:96:0f:22:6a:c5:58:5c:00:d2:e3:b7:75:76:
02:1e:8e:47:59:07:8b:bc:4b:a5:b3:84:b0:ac:2e:
43:61:d2:29:a7:96:e2:60:21:5b:47:93:09:92:33:
7f:b9:94:78:6e:d3:cb:02:13:9d:18:53:62:f0:a2:
5a:27:c1:fd:31:8c:28:7a:48:8c:aa:5d:dc:6d:47:
dc:1b:90:60:f6:6d:67:6b:62:4a:05:23:9a:5b:72:
b0:fa:6d:d4:bd:40:0b:ab:6a:40:0e:85:c5:0d:90:
d4:a2:c0:9f:73:e8:13:a6:8b:9b:67:8f:15:5a:0c:
20:33:cc:90:7b:8a:7a:d9:af:18:03:c5:3e:bc:00:
a5:a4:71:ba:ab:d3:8d:85:17:44:e2:33:87:52:db:
b9:24:56:97:d6:62:40:13:82:a1:25:83:7c:1c:60:
52:93
Exponent: 65537 (0x10001)
Signature Algorithm: sha256WithRSAEncryption
b6:c7:df:70:af:e3:19:af:6f:21:96:52:47:7f:4c:c3:c7:92:
1e:bc:44:71:69:e7:7d:fc:17:27:91:6a:65:89:d0:09:13:6f:
92:66:1e:5c:6a:48:66:32:ba:73:75:63:06:ee:a8:e9:e6:a4:
f0:07:5e:84:1f:69:f1:cd:6f:4c:15:a4:9a:67:e0:85:94:41:
5f:7b:fd:d9:e1:d9:42:56:88:5a:e1:70:77:ef:25:4b:df:0d:
16:46:71:b9:62:2a:dc:47:a9:99:95:8a:31:c1:11:53:d4:7e:
e0:2f:94:4a:c3:f1:96:53:b7:8e:9c:42:ae:3d:e9:4e:ca:a9:
8a:10:48:5d:23:f2:92:0e:d2:c8:00:7c:5f:b0:ac:5f:54:76:
74:e5:25:2c:1d:e3:57:93:4b:c0:89:b7:37:33:f9:86:1e:46:
cf:6b:fc:b3:27:bd:66:6f:e9:52:6a:ac:c3:65:ba:25:a6:8d:
45:72:ae:96:17:1f:91:8a:5f:a4:d8:6e:f0:be:62:da:21:57:
05:d7:a0:41:3f:35:4b:75:7f:4a:3a:1c:21:80:b2:4d:db:19:
da:8e:99:02:86:cf:e9:b1:f2:d6:2b:66:ed:e1:71:8d:3c:64:
4e:b9:65:d5:72:49:2c:69:ce:1b:ed:30:54:88:2e:00:82:1d:
7e:77:11:76
8. Push the root certificate and the array's certificate and private key up to the array:
1.38 draoidoir:fwoods> ftp 10.124.65.39
Connected to 10.124.65.39.
220 10.124.65.39 FTP server (NetBSD-ftpd 20100320) ready.
Name (10.124.65.39:fwoods): root
331 Password required for root.
Password:
230 User root logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> prompt
Interactive mode off.
ftp> mput kirt5.crt root-ca.crt client.key
local: kirt5.crt remote: kirt5.crt
200 PORT command successful.
150 Opening BINARY mode data connection for 'kirt5.crt'.
226 Transfer complete.
1399 bytes sent in 0.00 secs (10045.7 kB/s)
local: root-ca.crt remote: root-ca.crt
200 PORT command successful.
150 Opening BINARY mode data connection for 'root-ca.crt'.
226 Transfer complete.
1497 bytes sent in 0.00 secs (10013.1 kB/s)
local: client.key remote: client.key
200 PORT command successful.
150 Opening BINARY mode data connection for 'client.key'.
226 Transfer complete.
1679 bytes sent in 0.00 secs (9759.8 kB/s)
ftp> bye
About Group-Level Security
87