Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerOpenManage Server Administrator Version 9.4
61626364656667686970
The controller does not have any foreign configuration. Select Click for Preview to view details of the foreign configuration. See
Foreign Configuration Operations.
The controller does not have any offline or missing virtual disks. If there are offline or missing virtual disks, ensure that you have a
backup of these virtual disks.
Cables to any virtual disk are not disconnected.
Encryption Key
The controller uses the encryption key to lock or unlock access to SED. You can create only one encryption key for each encryption-
capable controller.
If you are using LKM, you must create the encryption key by providing the Encryption Key Identifier and the Passphrase.
Encryption Key Identifier
An Encryption Key Identifier is a user-supplied text label for the Passphrase. The identifier helps you determine which Passphrase to
provide while authenticating import of foreign encrypted SED drives.
Passphrase
A Passphrase is a user supplied string that the controller uses to create the encryption key.
NOTE: For more information on Encryption Key and Passphrase guidelines, click the icon on the Manage Encryption
Key page.
Creating An Encryption Key And Enabling LKM
To create an encryption key on the selected controller:
1. Select the Enable Local Key Management (LKM) option.
2. Type Encryption Key Identifier.
An Encryption Key Identifier can contain numerals, alphabets both lower and upper case are allowed, non-alphanumeric characters,
or a combination of any of these.
NOTE: For the Encryption Key Identifier and Passphrase guidelines, click the icon on the page.
3. Type a Passphrase.
A Passphrase must contain at least one numeral, alphabets both lower and upper case are allowed, and one non-alphanumeric
character (except space).
NOTE: Server Administrator Storage Management provides a suggested passphrase below the Passphrase text box.
4. If you want to save the Encryption Key credentials in a file on the managed node, select the Escrow check box.
The file is saved in the location C:\Windows for Microsoft Windows operating system and /var/log for Linux and ESXi operating
system which contains a filename as dellemc_<ControllerModel>_<SASAddress>.xml. The saved file contains the information:
SAS address, Encryption Key Identifier, Passphrase, and modified date. You can use this file for future reference.
CAUTION:
It is important to understand that if you lose the Passphrase, you cannot recover it. If you move the
physical disks associated with the lost Passphrase to another controller or if the controller fails or is replaced, you
cannot access data from that disk.
NOTE: If Encryption Key Identifier or Passphrase contain special characters such as & , " , <, and >, in the file, they
are written as &amp; , &quot;, &lt; and &gt; respectively.
NOTE: If the system crashes while the file is created, the backup file is saved in the specified location.
5. Select the check-box indicating that you understand the implications of using a passphrase and click Apply Changes.
In the controller Information/Configuration page, the Encryption Key Present is set to Yes and the Encryption mode is set to
LKM.
Changing Or Deleting The Encryption Key
You can change an encryption key of a controller if the controller already has a configured encryption key. You can delete an encryption
key for encrypted controllers only if there are no encrypted virtual disks.
66
Controllers