Hitachi Command Suite

System Administrator Guide
Hitachi Virtual Storage Platform G200, G400, G600, G800

Hitachi Virtual Storage Platform F400, F600, F800
MK-94HM8016-05
June 2016
© 2014, 2016 Hitachi, Ltd. All rights reserved.
No part of this publication may be reproduced or transmitted in any form or by any means, electronic
or mechanical, including copying and recording, or stored in a database or retrieval system for
commercial purposes without the express written permission of Hitachi, Ltd., or Hitachi Data Systems
Corporation (collectively “Hitachi”). Licensee may make copies of the Materials provided that any such
copy is: (i) created as an essential step in utilization of the Software as licensed and is used in no
other manner; or (ii) used for archival purposes. Licensee may not make any other copies of the
Materials. “Materials” mean text, data, photographs, graphics, audio, video and documents.
Hitachi reserves the right to make changes to this Material at any time without notice and assumes
no responsibility for its use. The Materials contain the most current information available at the time
of publication.
Some of the features described in the Materials might not be currently available. Refer to the most
recent product announcement for information about feature and product availability, or contact
Hitachi Data Systems Corporation at https://support.hds.com/en_us/contact-us.html.
Notice: Hitachi products and services can be ordered only under the terms and conditions of the
applicable Hitachi agreements. The use of Hitachi products is governed by the terms of your
agreements with Hitachi Data Systems Corporation.
By using this software, you agree that you are responsible for:
1. Acquiring the relevant consents as may be required under local privacy laws or otherwise from
authorized employees and other individuals to access relevant data; and
2. Verifying that data continues to be held, retrieved, deleted, or otherwise processed in
accordance with relevant laws.
Notice on Export Controls. The technical data and technology inherent in this Document may be
subject to U.S. export control laws, including the U.S. Export Administration Act and its associated
regulations, and may be subject to export or import regulations in other countries. Reader agrees to
comply strictly with all such regulations and acknowledges that Reader has the responsibility to obtain
licenses to export, re-export, or import the Document and any Compliant Products.
Hitachi is a registered trademark of Hitachi, Ltd., in the United States and other countries.
AIX, AS/400e, DB2, Domino, DS6000, DS8000, Enterprise Storage Server, eServer, FICON,
FlashCopy, IBM, Lotus, MVS, OS/390, PowerPC, RS/6000, S/390, System z9, System z10, Tivoli,
z/OS, z9, z10, z13, z/VM, and z/VSE are registered trademarks or trademarks of International
Business Machines Corporation.
Active Directory, ActiveX, Bing, Excel, Hyper-V, Internet Explorer, the Internet Explorer logo,
Microsoft, the Microsoft Corporate Logo, MS-DOS, Outlook, PowerPoint, SharePoint, Silverlight,
SmartScreen, SQL Server, Visual Basic, Visual C++, Visual Studio, Windows, the Windows logo,
Windows Azure, Windows PowerShell, Windows Server, the Windows start button, and Windows Vista
are registered trademarks or trademarks of Microsoft Corporation. Microsoft product screen shots are
reprinted with permission from Microsoft Corporation.
All other trademarks, service marks, and company names in this document or website are properties
of their respective owners.
2
System Administrator Guide for Hitachi Virtual Storage Platform Gx00 and Fx00 Models
Contents
Preface................................................................................................. 9
Intended audience................................................................................................. 10
Product version...................................................................................................... 10
Release notes........................................................................................................ 10
Changes in this revision.......................................................................................... 10
Related documents.................................................................................................10
Document conventions........................................................................................... 11
Conventions for storage capacity values...................................................................12
Accessing product documentation........................................................................... 13
Getting help...........................................................................................................13
Comments............................................................................................................. 14
1 System administration overview....................................................... 15

System management architecture........................................................................... 16
Administration tasks and tools.................................................................................16
Maintenance utility................................................................................................. 18
Device Manager - Storage Navigator........................................................................19
NAS Manager.........................................................................................................20
Accessing a storage system without the management software................................. 21
2 System configuration.......................................................................23
Setting up a management client..............................................................................25
Requirements for management clients................................................................25
General requirements.................................................................................. 25
Requirements for Windows-based computers................................................ 25
Requirements for UNIX/Linux-based computers............................................. 26
Setting up TCP/IP for a firewall..........................................................................27
Configuring the web browser.............................................................................27
Configuring Internet Explorer for Device Manager - Storage Navigator............ 28
Configuring Firefox for Device Manager - Storage Navigator........................... 28
Installing Adobe Flash Player............................................................................. 29
Logging in to Device Manager - Storage Navigator....................................................30
3
Initial super-user login...................................................................................... 30
Normal login.....................................................................................................30
Changing your password................................................................................... 32
Adding your SVP to the trusted sites zone for Windows server............................. 32
Changing the date and time....................................................................................33
Changing the controller clock settings................................................................ 33
Changing the SVP clock settings........................................................................ 34
Changing the system date and time of the NAS modules..................................... 34
Changing network settings......................................................................................35
Setting up TCP/IP for a firewall..........................................................................36
Enabling IPv6 communication............................................................................ 36
Changing network communication settings....................................................36
Changing network permissions..................................................................... 36
Changing the administrator password...................................................................... 37
Creating a login message........................................................................................37
Setting up security................................................................................................. 38
Selecting a cipher suite..................................................................................... 38
Configuring SMU security - (Unified NAS module only).........................................39
Updating the certificate files.............................................................................. 40
Forcing the system lock to release...........................................................................42
Setting storage system information..........................................................................43
Registering the primary SVP host name................................................................... 43
Report configuration tool........................................................................................ 44
Prerequisites for the report configuration tool..................................................... 44
Installing the report configuration tool................................................................45
Using the report configuration tool.....................................................................45
Modifying SVP port numbers................................................................................... 45
Viewing the port number used in SVP.................................................................46
Effects of changing SVP port numbers................................................................47
Changing the SVP port number..........................................................................48
Initializing the SVP port number.........................................................................49
Reassigning an automatically assigned port number............................................ 50
Initializing and reassigning an automatically assigned port number ..................... 51
Changing the range of an automatically assigned port number.............................52
Initializing the range of an automatically assigned port number........................... 53
Managing SSL certificates....................................................................................... 53
Flow of SSL communication settings...................................................................53
Creating a keypair.............................................................................................54
Creating a private key..................................................................................54
Creating a public key................................................................................... 55
Obtaining a signed certificate............................................................................ 56
Obtaining a self-signed certificate ................................................................56
Obtaining a signed and trusted certificate..................................................... 56
Verifying and releasing an SSL certificate passphrase.......................................... 57
Converting SSL certificates to PKCS#12 format................................................... 58
Updating a signed certificate............................................................................. 58
Notes on updating a signed certificate for the service processor...........................59
Returning the certificate to default..................................................................... 59
Problems with website security certificates......................................................... 60
Managing HCS certificates.......................................................................................60
Registering HCS certificates............................................................................... 61
Deleting HCS certificates................................................................................... 61
4
Blocking HTTP communication to the SVP ............................................................... 62
Releasing HTTP communication blocking..................................................................62
Backing up HDvM - SN configuration files.................................................................63
Restoring HDvM - SN configuration files ..................................................................64
3 User Administration......................................................................... 67
User administration for maintenance utility...............................................................68
Required roles for operating Maintenance Utility..................................................68
Setting up user accounts................................................................................... 69
Disabling user accounts.....................................................................................71
Removing user accounts....................................................................................75
Backing up user accounts..................................................................................78
Restoring user account information.................................................................... 78
User administration for Device Manager - Storage Navigator..................................... 80
User administration overview.............................................................................80
Workflow for creating and managing user accounts.............................................80
Administrator tasks......................................................................................81
User tasks.................................................................................................. 81
Managing user accounts....................................................................................81
Creating user accounts................................................................................ 82
Character restrictions for user names and passwords..................................... 83
Changing user passwords............................................................................ 85
Changing user permissions.......................................................................... 86
Enabling or Disabling user accounts..............................................................87
Deleting user accounts................................................................................ 88
Releasing a user lockout.............................................................................. 88
Managing user groups.......................................................................................89
Roles..........................................................................................................89
Built-in groups, roles, and resource groups....................................................90
Verifying the roles available to a user group.................................................. 92
Checking if a role is available to a user group................................................ 92
Creating a new user group...........................................................................93
Changing a user group name....................................................................... 94
Changing user group permissions................................................................. 94
Changing assigned resource groups..............................................................95
Deleting a user group.................................................................................. 95
Using an authentication server and authorization server...................................... 96
Authentication server protocols.................................................................... 97
Authorization server requirements................................................................ 98
Connecting two authentication servers..........................................................98
Connecting authentication and authorization servers......................................99
Naming a user group in Device Manager - Storage Navigator......................... 99
Creating configuration files.............................................................................. 100
Creating an LDAP configuration file.............................................................100
Creating a RADIUS configuration file........................................................... 103
Creating a Kerberos configuration file..........................................................106
User Administration for NAS Manager.................................................................... 110
Administrator types and responsibilities............................................................ 110
Adding an SMU user (an administrator)............................................................ 111
Changing the password for a currently logged in user........................................114
Changing your own password.....................................................................115
5
Changing another user's password..............................................................116
Changing an SMU user profile.......................................................................... 118
SMU user authentication..................................................................................121
Active Directory user authentication............................................................122
Using Transport Layer Security (TLS) with Active Directory authentication..... 122
Configuring Active Directory servers............................................................123
Configuring Active Directory groups............................................................ 126
User authentication through RADIUS servers............................................... 130
Displaying list of RADIUS servers................................................................ 131
Adding a RADIUS server............................................................................ 132
Displaying details of RADIUS server............................................................ 134
4 Alert notifications.......................................................................... 137

Viewing alert notifications..................................................................................... 138
Configuring alert notifications................................................................................138
General settings..............................................................................................139
Email settings................................................................................................. 140
Syslog settings................................................................................................140
SNMP settings................................................................................................ 142
Sending test messages......................................................................................... 142
Sending a test email message..........................................................................143
Example of a test email message................................................................143
Sending a test Syslog message........................................................................ 143
Sending a test SNMP trap................................................................................ 144
Using the Windows event log................................................................................ 144
Monitoring failure information in the Windows event log.................................... 144
Viewing the Windows event log....................................................................... 145
Output example of the failure information.........................................................145
5 License keys................................................................................. 149

Overview............................................................................................................. 150
License key types................................................................................................. 150
Using the permanent key.................................................................................150
Using the term key..........................................................................................151
Using the temporary key................................................................................. 151
Using the emergency key................................................................................ 151
Cautions on license capacities in license-related windows........................................ 152
Managing licenses................................................................................................ 152
Installing block and file licenses using NAS Manager..........................................153
Adding a license key.................................................................................. 153
Installing block licenses using maintenance utility..............................................155
Enabling a license........................................................................................... 155
Disabling a license.......................................................................................... 155
Removing a software license............................................................................156
Removing a Data Retention Utility license......................................................... 156
Examples of license information....................................................................... 157
License key expiration...........................................................................................158
6
6 Configuring audit logs....................................................................159
Audit log settings................................................................................................. 160
Setting up a syslog server................................................................................160
Exporting an audit log..................................................................................... 161
Send test message to syslog server..................................................................162
7 Managing storage system reports................................................... 163

About storage system reports................................................................................164
Viewing a Device Manager - Storage Navigator report............................................. 164
Viewing a report in the Reports window............................................................165
Creating a configuration report........................................................................ 165
Deleting a configuration report.........................................................................165
Collecting dump files using the Dump tool .............................................................166
A Raidinf command reference (obtaining configuration reports and tier

relocation logs)............................................................................. 169
raidinf command list and command description.......................................................170
raidinf -login........................................................................................................ 171
raidinf add report................................................................................................. 172
raidinf delete report..............................................................................................173
raidinf download report.........................................................................................174
raidinf get reportinfo.............................................................................................175
raidinf add relocationlog........................................................................................176
raidinf download relocationlog...............................................................................177
raidinf delete relocationlog.................................................................................... 178
raidinf get relocationloginfo...................................................................................178
raidinf -logout...................................................................................................... 179
raidinf -h............................................................................................................. 180
B Storage configuration reports......................................................... 181

Reports in table view............................................................................................ 182
CHAP Users report.......................................................................................... 182
Disk Boards report.......................................................................................... 183
Host Groups / iSCSI Targets report...................................................................184
Hosts report................................................................................................... 185
Logical Devices report..................................................................................... 186
LUNs report....................................................................................................187
MP Units report...............................................................................................188
MP Unit Details report..................................................................................... 189
Parity Groups report........................................................................................190
Physical Devices report....................................................................................191
Ports report.................................................................................................... 193
Power Consumption report.............................................................................. 194
Spare Drives report......................................................................................... 196
SSD Endurance report..................................................................................... 197
Storage System Summary report......................................................................198
Reports in graphical view...................................................................................... 202
Cache Memories report................................................................................... 202
Channel Boards report.....................................................................................204
7
Physical View report........................................................................................208
CSV files.............................................................................................................. 216
AllConf.csv......................................................................................................216
CacheInfo.csv.................................................................................................216
ChapUserInfo.csv............................................................................................217
ChaStatus.csv.................................................................................................217
DeviceEquipInfo.csv........................................................................................ 218
DkaInfo.csv.................................................................................................... 218
DkaStatus.csv.................................................................................................219
DkcInfo.csv.................................................................................................... 219
DkuTempAveInfo.csv.......................................................................................220
DkuTempInfo.csv............................................................................................ 221
DkuTempMaxInfo.csv...................................................................................... 225
DkuTempMinInfo.csv.......................................................................................226
ELunInfo.csv...................................................................................................228
EnvMonInfo.csv.............................................................................................. 230
FcSpNameInfo.csv.......................................................................................... 231
FcSpPortInfo.csv............................................................................................. 231
HduInfo.csv....................................................................................................232
IscsiHostInfo.csv.............................................................................................232
IscsiPortInfo.csv............................................................................................. 233
IscsiTargetInfo.csv.......................................................................................... 234
JnlInfo.csv......................................................................................................235
LdevCapaInfo.csv............................................................................................235
LdevCountInfo.csv.......................................................................................... 236
LdevInfo.csv...................................................................................................236
LdevStatus.csv................................................................................................239
LPartition.csv..................................................................................................239
LunInfo.csv.................................................................................................... 240
LunPortInfo.csv...............................................................................................241
MicroVersion.csv............................................................................................. 242
MlcEnduranceInfo.csv......................................................................................243
ModePerLpr.csv...............................................................................................244
MpPathStatus.csv............................................................................................244
MpPcbStatus.csv.............................................................................................245
PcbRevInfo.csv............................................................................................... 245
PdevCapaInfo.csv........................................................................................... 246
PdevInfo.csv...................................................................................................246
PdevStatus.csv............................................................................................... 247
PECBInfo.csv.................................................................................................. 248
PkInfo.csv...................................................................................................... 248
PpInfo.csv...................................................................................................... 249
SMfundat.csv..................................................................................................250
SsdDriveInfo.csv............................................................................................. 250
SsidInfo.csv....................................................................................................251
SysoptInfo.csv................................................................................................ 251
WwnInfo.csv.................................................................................................. 252
Glossary............................................................................................ 255
Index................................................................................................ 275
8
Preface
This document provides information and instructions to help you use the
maintenance utility and some of the functions in Device Manager - Storage
Navigator as needed to perform system administration tasks and change
settings for Hitachi Virtual Storage Platform G200, G400, G600, G800 or
Hitachi Virtual Storage Platform F400, F600, F800 storage systems. It
explains the GUI features and provides basic navigation information.
Please read this document carefully to understand how to use the software
described in this manual, and keep a copy for reference.
□ Intended audience
□ Product version
□ Release notes
□ Changes in this revision
□ Related documents
□ Document conventions
□ Conventions for storage capacity values
□ Accessing product documentation
□ Getting help
□ Comments
Preface 9
Intended audience
This document is intended for system administrators, Hitachi Data Systems
representatives, and authorized service providers who are involved in
installing, configuring, and operating Hitachi Virtual Storage Platform G200,
G400, G600, G800 or Hitachi Virtual Storage Platform F400, F600, F800
storage systems.
Readers of this document should be familiar with the following:

• Data processing and RAID storage systems and their basic functions.
• Hitachi Virtual Storage Platform G200, G400, G600, G800 or Hitachi Virtual
Storage Platform F400, F600, F800 storage systems.
• The operating system and web browser software on the SVP hosting the
Device Manager - Storage Navigator software.
• The Windows 7 operating system and the management software on the
management server.
Product version
This document revision applies to:
• VSP Gx00 models and VSP Fx00 models: Firmware 83-03-2x or later
• SVOS 6.4.1 or later
Release notes
Read the release notes before installing and using this product. They may
contain requirements or restrictions that are not fully described in this
document or updates or corrections to this document. Release notes are
available on Hitachi Data Systems Support Connect: https://
support.hds.com/en_us/documents.html.
Changes in this revision

• Removed references to unsupported DBF2 drives.
• Updated available tasks in Administration tasks and tools table (see
Administration tasks and tools on page 16).
Related documents
The documents below are referenced in this document or contain more
information about the features described in this document.
• Product Overview for Hitachi Virtual Storage Platform Gx00 and Fx00
Models, MK-92HM8051
10 Preface
• Hitachi Command Suite User Guide, MK-90HC172
• Hitachi Command Suite Installation and Configuration Guide, MK-90HC173
• Hitachi Audit Log User Guide, MK-94HM8028
• Encryption License Key User Guide, MK-92RD8009
• Performance Guide for Hitachi Virtual Storage Platform Gx00 and Fx00
Models, MK-94HM8012
• Hitachi ShadowImage® User Guide, MK-94HM8021
• Hitachi SNMP Agent User Guide, MK-94HM8015
• Hitachi Device Manager - Storage Navigator Messages, MK-94HM8017
• Hitachi TrueCopy® User Guide, MK-94HM8019
• Hitachi Universal Replicator User Guide, MK-94HM8023
• Global-Active Device User Guide for Hitachi Virtual Storage Platform G
Series, MK-92RD8072
• Hitachi Virtual Storage Platform G200 Hardware Reference Guide,
MK-94HM8020
• Hitachi Virtual Storage Platform G400, G600 Hardware Reference Guide,
MK-94HM8022
• Hitachi Virtual Storage Platform G800 Hardware Reference Guide,
MK-94HM8026
• Hitachi Virtual Storage Platform F400, F600 Hardware Reference Guide,
MK-94HM8045
• Hitachi Virtual Storage Platform F800 Hardware Reference Guide,
MK-94HM8046
Document conventions
This document uses the following terminology conventions:
Convention Description
• Hitachi Virtual All of the following storage systems:

Storage Platform • Hitachi Virtual Storage Platform G200
Gx00 models • Hitachi Virtual Storage Platform G400
• VSP Gx00 • Hitachi Virtual Storage Platform G600
models • Hitachi Virtual Storage Platform G800
• Hitachi Virtual All of the following storage systems:

Storage Platform • Hitachi Virtual Storage Platform F400
Fx00 models • Hitachi Virtual Storage Platform F600
• VSP Fx00 • Hitachi Virtual Storage Platform F800
models
This document uses the following typographic conventions:
Bold • Indicates text in a window, including window titles, menus, menu options,
buttons, fields, and labels. Example:
Preface 11
Click OK.
• Indicates emphasized words in list items.
Italic • Indicates a document title or emphasized words in text.
• Indicates a variable, which is a placeholder for actual text provided by the
user or for output by the system. Example:
pairdisplay -g group
(For exceptions to this convention for variables, see the entry for angle
brackets.)
Monospace Indicates text that is displayed on screen or entered by the user. Example:
pairdisplay -g oradb
< > angle brackets Indicates variables in the following scenarios:

• Variables are not clearly separated from the surrounding text or from
other variables. Example:
Status-<report-name><file-version>.csv
• Variables in headings.
[ ] square brackets Indicates optional values. Example: [ a | b ] indicates that you can choose a,
b, or nothing.
{ } braces Indicates required or expected values. Example: { a | b } indicates that you
must choose either a or b.
| vertical bar Indicates that you have a choice between two or more options or arguments.
Examples:
[ a | b ] indicates that you can choose a, b, or nothing.
{ a | b } indicates that you must choose either a or b.
This document uses the following icons to draw attention to information:
Icon Label Description
Note Calls attention to important or additional information.
Tip Provides helpful information, guidelines, or suggestions for performing

tasks more effectively.
Caution Warns the user of adverse conditions and/or consequences (for

example, disruptive operations, data loss, or a system crash).
WARNING Warns the user of a hazardous situation which, if not avoided, could
result in death or serious injury.
Conventions for storage capacity values

Physical storage capacity values (for example, disk drive capacity) are
calculated based on the following values:
12 Preface
Physical capacity unit Value
1 kilobyte (KB) 1,000 (10 3) bytes

1 megabyte (MB) 1,000 KB or 1,0002 bytes
1 gigabyte (GB) 1,000 MB or 1,0003 bytes
1 terabyte (TB) 1,000 GB or 1,0004 bytes
1 petabyte (PB) 1,000 TB or 1,0005 bytes
1 exabyte (EB) 1,000 PB or 1,0006 bytes
Logical storage capacity values (for example, logical device capacity) are
calculated based on the following values:
Logical capacity unit Value
1 block 512 bytes

1 cylinder Mainframe: 870 KB
Open-systems:
• OPEN-V: 960 KB
• Others: 720 KB
1 KB 1,024 (210) bytes
1 MB 1,024 KB or 1,0242 bytes
1 GB 1,024 MB or 1,0243 bytes
1 TB 1,024 GB or 1,0244 bytes
1 PB 1,024 TB or 1,0245 bytes
1 EB 1,024 PB or 1,0246 bytes
Accessing product documentation

Product user documentation is available on Hitachi Data Systems Support
Connect: https://support.hds.com/en_us/documents.html. Check this site for
the most current documentation, including important updates that may have
been made after the release of the product.
Getting help
Hitachi Data Systems Support Connect is the destination for technical support
of products and solutions sold by Hitachi Data Systems. To contact technical
support, log on to Hitachi Data Systems Support Connect for contact
information: https://support.hds.com/en_us/contact-us.html.
Hitachi Data Systems Community is a global online community for HDS

customers, partners, independent software vendors, employees, and
prospects. It is the destination to get answers, discover insights, and make
Preface 13
connections. Join the conversation today! Go to community.hds.com,
register, and complete your profile.
Comments
Please send us your comments on this document to [email protected].
Include the document title and number, including the revision level (for
example, -07), and refer to specific sections and paragraphs whenever
possible. All comments become the property of Hitachi Data Systems
Corporation.
Thank you!
14 Preface
1
System administration overview
This chapter provides a high-level view of system administration tasks for the
Hitachi Virtual Storage Platform G200, G400, G600, G800 or Hitachi Virtual
Storage Platform F400, F600, F800 storage systems. It describes:
• Software architecture and access to system administration tools from
management software (Hitachi Storage Advisor and Hitachi Command
Suite).
• System administration tasks for the VSP Gx00 models and VSP Fx00
models storage systems, including some with NAS modules installed to
provide native file functionality (VSP G400, G600, G800).
□ System management architecture
□ Administration tasks and tools
□ Maintenance utility
□ Device Manager - Storage Navigator
□ NAS Manager
□ Accessing a storage system without the management software
System administration overview 15

System management architecture
The following illustration provides a high-level view of the storage system
management software architecture. It shows the access points that a system
administrator can use to configure and manage the system settings.
Related tasks
• Accessing a storage system without the management software on
page 21
Administration tasks and tools

The system administration tasks described in this guide are for the VSP
G200, G400, G600, G800 or VSP F400, F600, F800 storage systems, both
with or without NAS modules.
You can manage the system settings from the Administration menu in the
maintenance utility, which can be accessed from either Device Manager -
16 System administration overview

Storage Navigator or the management software. If you have NAS modules
installed in your storage system, use NAS Manager to configure common
configuration settings and then use the maintenance utility to confirm the
settings are synced to the block side.
For access information from the management software, see the

documentation for the management software you are using. To perform
administration tasks for file functionality, access NAS Manager. See the
following manuals for more information about NAS Manager and file
administration:
• Storage Subsystem Administration Guide

• Storage Systems User Administration Guide
• File Service Administration Guide
• Storage Systems Server and Cluster Administration Guide
• Storage System Access Guide
You can also perform some administration tasks using the command line. For
information, see Command Control Interface User and Reference Guide,
MK-90RD7010, Command Control Interface Command Reference,
MK-90RD7009, or the Command Line Reference that is accessible through the
Documentation page of NAS Manager.
The following table lists common system administration tasks and the tools
required to accomplish them.
Table 1
Storage systems without

Storage systems with NAS modules
Task NAS modules (block only
(block and file configurations)
configurations)
• Set IPv4 and IPv6 Device Manager - Storage IP addresses cannot be added, deleted,
network settings and set Navigator or modified in the NAS Manager. To
HTTP blocking change these addresses, use the
See Changing network maintenance utility.
settings on page 35.
• Set system clock (date Device Manager - Storage NAS Manager

and time) Navigator
See Changing the system date and time
See Changing the date of the NAS modules on page 34
and time on page 33
• Configure audit log Device Manager - Storage

settings Navigator
See Audit log settings on

page 160
• Configure alert Device Manager - Storage

notifications Navigator
See Alert notifications on

page 137
• Changing link See the Network Admin

aggregation Guide

Storage systems without
Storage systems with NAS modules
Task NAS modules (block only
(block and file configurations)
configurations)
• Change administrator Maintenance utility NAS Manager

password
See System configuration See Setting up security on page 38
• Edit the login message
on page 23
• Select the SSL cipher
suite
• Update certificate files
• Force the system lock to
release
• User administration - Device Manager - Storage NAS Manager

add, manage, and Navigator
See User Administration for NAS
delete storage system
See User administration Manager on page 110
users
for Device Manager -
• Manage user groups
Storage Navigator on
page 80
• Register the service Device Manager - Storage

processor host name. Navigator
• Change storage system
See Managing HCS
information
certificates on page 60
• Manage SSL certificates:
create keypairs, obtain,
update, and return
certificates, verify and
release passphrases
• Manage HCS certificates
• Manage HDvM - SN Device Manager - Storage

configuration files Navigator
• Manage authorization
See Backing up HDvM -
and authentication
SN configuration files on
servers
page 63
• Create LDAP, RADIUS,
and Kerberos
configuration files
• Installing licenses Maintenance utility NAS Manager

• Enabling and disabling
See License keys on See License keys on page 149.
licenses
page 149
• Removing licenses
Maintenance utility
The maintenance utility is a tool that you use to perform administration tasks
on VSP Gx00 models or VSP Fx00 models. You can access this tool from
either HDvM - SN, SMU , or the management software.
You can use the maintenance utility to configure settings such as licenses,
syslog, alerts, and network configuration. As shown in the following figure,
these settings are available from the Administration navigation tree.

The maintenance utility online help provides procedural information for
supported storage system administration tasks. Links to storage system
tasks, search functions, and a glossary are included.
Note: Self-service features that are used to install and remove hardware
components and to update the firmware are currently available for use only
by Hitachi Data Systems customer support personnel or by authorized service
providers.
Device Manager - Storage Navigator

Device Manager - Storage Navigator (HDvM - SN) is the element manager for
the block module for VSP Gx00 models or VSP Fx00 models. It is a factory-
installed application running on the SVP, which is directly connected to the
storage system.
You can access Device Manager - Storage Navigator from the management
software to perform additional system administration tasks on your storage
system besides those available in the maintenance utility. In addition, you
can easily access advanced storage configuration options while performing
management operations with the management software.

Device Manager - Storage Navigator allows you to set up and manage more
than one storage system. It enables system administrators to have
temporary access to the storage system when they cannot access the
management software due to server or network issues.
Device Manager - Storage Navigator online help provides procedural

information for setting up and managing the storage system. Links to the
major storage system tasks, search functions, and glossary are included.
NAS Manager
NAS Manager is the element manager for NAS modules. It is a factory-
installed application running on the NAS module.
You can access NAS Manager, the system management unit (SMU) web-
based graphical user interface (GUI) through your browser, at the following
URL https://<unified-management-IP-address>:20443. You can also access
NAS Manager through command line interface (CLI) for configuration and
management. For information, see the Command Line Reference that is
accessible through the Documentation page of NAS Manager or the NAS
Platform System Access Guide.

NAS Manager provides a browser-based interface for managing standalone or
clustered servers and their attached storage systems. This tool allows you to
perform most administrative tasks, from any client on the network using a
network browser.
Accessing a storage system without the management

software
You can use the administrator account created during the initial setup to
temporarily use Device Manager - Storage Navigator to access the storage
system. You can then perform critical storage management operations during
a planned maintenance activity or an unexpected downtime on the
management server.
Before you begin

• You must have an administrator login account with the Storage
Administrator (initial configuration) role. For information about creating
user accounts, see User administration for Device Manager - Storage
Navigator on page 80 in this manual, and the Hardware Reference Guide
for your system model.
• Adobe Flash Player must be configured on the client to use Device
Manager - Storage Navigator.
Note: To obtain the administrator login information, contact Hitachi Data

Systems customer support.
Procedure
1. Start a web browser.

2. Enter the following URL:
• For the VSP G200 storage system, enter:
https://IP-address-or-host-name-of-the-SVP/dev/storage/
8320004XXXXX/emergency.do (where the model number is '8320004'
and '4XXXXX' indicates the system serial number)
• For VSP G400, G600 and VSP F400, F600 storage systems, enter:
• For VSP G800 and VSP F800 storage systems, enter:
3. The following actions might be required to open the login dialog box,
depending on your environment:
• If a message indicates that the enhanced security configuration is
enabled on the computer, select In the future, do not show this
message and click OK.
• If the SVP is set to support SSL-encrypted communication and security
messages appear, make sure the certificate is correct and follow the
instructions in the dialog box.
• If a messages indicates that certain web sites are blocked, make sure
you have added the SVP to the trusted sites zone.
4. Enter a user ID and password for the account.
5. Click Log In.
6. If the Security Information dialog box appears, click Yes.
7. If an Adobe Flash Player local storage area pop-up dialog box appears,
click Allow to open the Device Manager - Storage Navigator main
window.
The cache function of Adobe Flash Player optimizes the process of Device
Manager - Storage Navigator. Denial of the request might reduce
processing speed.
Note: If the login process fails three times with the same user ID,
Device Manager - Storage Navigator will stop responding for one
minute. This is for security purposes and is not a system failure.
Wait, and then try again.
Related tasks
• System management architecture on page 16

2
System configuration
This section provides instructions to manage the system configuration.
□ Setting up a management client
□ Logging in to Device Manager - Storage Navigator
□ Changing the date and time
□ Changing network settings
□ Changing the administrator password
□ Creating a login message
□ Setting up security
□ Forcing the system lock to release
□ Setting storage system information
□ Registering the primary SVP host name
□ Report configuration tool
□ Modifying SVP port numbers
□ Managing SSL certificates
□ Managing HCS certificates
□ Blocking HTTP communication to the SVP
□ Releasing HTTP communication blocking
System configuration 23
□ Backing up HDvM - SN configuration files
□ Restoring HDvM - SN configuration files
24 System configuration
Setting up a management client
The Device Manager - Storage Navigator administrator is responsible for
setting up the web client on management clients. This includes the following:
• Ensuring that management clients can access and use Device Manager -
Storage Navigator.
• Configuring the server if you using a Windows server as a management
client.
Requirements for management clients

This topic explains the requirements for management clients on supported
versions of Windows and UNIX/Linux operating systems.
General requirements
• An SVP, required for system maintenance, must be installed on the storage
system. Device Manager - Storage Navigator connects to the SVP through
a TCP/IP network.
• Several storage systems can be managed by one management client.
Device Manager - Storage Navigator must be set up for each storage
system.
• A maximum of 32 Device Manager - Storage Navigator users can access
the same storage system concurrently.
Requirements for Windows-based computers
Note: The combinations of operating system, architecture, browser, Java

Runtime Environment, and Adobe Flash Player described below are fixed
requirements. Using other combinations or versions might produce
unpredictable results such as the inability to operate program windows.
Therefore, contact Hitachi Data Systems customer support to use other
combinations or versions.
Hardware requirements
Item Requirement
Processor (CPU) Pentium 4 640 3.2 GHz or better
(Recommended: Core2Duo E6540 2.33 GHz or better)

Memory (RAM) 2 GB or more
Recommended: 3 GB
Available storage space 500 MB or more
Monitor True Color 32-bit or better
Item Requirement
Resolution: 1280 x 1024 or better

Keyboard and mouse You cannot use the mouse wheel feature.
Ethernet LAN card for TCP/IP network 100BASE-TX
1000BASE-T
Software requirements
Java Runtime
Operating system1 Architecture Browser Adobe Flash Player2
Environment (JRE)
Windows 7 SP1 32 bit or 64 bit Internet Explorer 11.03 JRE 7.0 Update 67 14.0
Windows 8.1 32 bit or 64 bit Internet Explorer 11.03 JRE 7.0 Update 67 14.0
Google Chrome 48.0 or JRE 8.0 Update 71 20.0
later
Windows Server 64 bit Internet Explorer 11.03 JRE 7.0 Update 67 14.0
2008 R2 (SP1)
2012
2012 R2
Notes:
1. If the SVP supports Internet Protocol Version 6 (IPv6), you can specify IPv6 addresses.
2. Use Adobe Flash Player with the same architecture (32 bit or 64 bit) as the browser.
3. Only the latest version of Internet Explorer active on each OS is supported, according to Microsoft support
policy.
Note: To use Device Manager - Storage Navigator secondary windows, first

install Java Runtime Environment (JRE).
Requirements for UNIX/Linux-based computers
Note: The combinations of operating system, architecture, browser, Java

Runtime Environment, and Adobe Flash Player described below are fixed
requirements. Using other combinations or versions might produce
unpredictable results such as the inability to operate program windows.
Therefore, contact Hitachi Data Systems customer support to use other
combinations or versions.
Hardware requirements
Item Requirement
Processor (CPU) Pentium 4 640 3.2 GHz or better
(Recommended: Core2Duo E6540 2.33 GHz or better)
Item Requirement
Memory (RAM) 2 GB or more
Recommended: 3 GB
Available storage space 500 MB or more
Monitor Resolution: 1280 x 1024 or better
Keyboard and mouse You cannot use the mouse wheel feature.
Ethernet LAN card for TCP/IP network 100BASE-TX
1000BASE-T
Software requirements
Java Runtime
Operating system Architecture Browser1 Adobe Flash Player2
Environment (JRE)
Solaris 10 32 bit Firefox 3.6.28 3 JRE 6.0 Update 20 10.3

Firefox 31 JRE 7.0 Update 67 11.2
Red Hat Enterprise 64 bit Firefox 3.6.28 3 JRE 6.0 Update 20 10.3
Linux AS version 6.2
Firefox 35 JRE 7.0 Update 67 11.2
Notes:
1. IPv6 HTTPS connections from Firefox are not supported.
2. Use Adobe Flash Player with the same architecture (32 bit or 64 bit) as the browser.
3. Device Manager - Storage Navigator supports Firefox 3.6.28, but the maintenance utility does not.
Note: To use Device Manager - Storage Navigator secondary windows, first

install Java Runtime Environment (JRE).
Setting up TCP/IP for a firewall

To connect the management client and the SVP through a firewall, configure
the firewall so that the TCP/IP port for the protocol you use becomes
available.
When attaching Device Manager - Storage Navigator to multiple storage

systems, the installer must log in to the SVP of each storage system using
separate Device Manager - Storage Navigator sessions and separate web
browser instances.
For details about setting up the SVP, see the hardware installation and
reference guide for your storage system.
Configuring the web browser

To configure the client web browser, note the following:
• The browser must allow first-party, third-party, and session cookies.
• Pop-up blocker and plug-ins must be disabled.
Consult your browser's documentation for instructions.
Caution: Do not use a modem to connect to the internet because connection

speed is too slow.
Configuring Internet Explorer for Device Manager - Storage Navigator

You must set up Internet Explorer on the management client to access
Device Manager - Storage Navigator.
Before you begin

• The management client must be connected to the network via LAN.
• The version of Adobe Flash Player specified in the management client
requirements must be installed.
Procedure
1. From the Internet Explorer menu, click Tools > Internet Options.
2. Enable cookies.
a. On the Privacy tab, click Advanced.
b. In the Advanced Privacy Settings window, specify the following:
• Select Override automatic cookie handling.
• For First-party Cookies, select Accept.
• For Third-party Cookies, select Accept.
• Select Always allow session cookies.
c. Click OK to close the Advanced Privacy Settings window.
3. Allow pop-up windows.
For Internet Explorer 10:
a. On the Privacy tab, clear the check box for Turn on Pop-up
Blocker, and then click Close.
For other versions of Internet Explorer:
a. On the Privacy tab, click Pop-up Blocker Settings.
b. In Address of website to allow, enter the IP address or host name
of the SVP, click Add, and then click Close.
4. Click OK to close the Internet Options window.
5. If any third-party add-ons block pop-up windows, configure them to
allow pop-ups.
Configuring Firefox for Device Manager - Storage Navigator

You must set up Firefox on the management client to access Device Manager
- Storage Navigator.
Before you begin

• The management client must be connected to the network via LAN.
• The version of Adobe Flash Player specified in the management client
requirements must be installed.
Procedure
1. From the menu, click Tools > Options.

2. Enable cookies.
a. On the Privacy tab, select History > Firefox will > Use custom
settings for history.
b. Specify the following:
• Select Accept cookies from sites.
• For Accept third-party cookies, select From visited.
3. Allow pop-up windows.
a. On the Privacy tab, click Pop-ups > Exceptions.
b. Enter the IP address or host name of the SVP, and then click Allow.
c. If any third-party add-ons block pop-up windows, configure them to
allow pop-ups.
Installing Adobe Flash Player

Adobe Flash Player must be installed on the management client.
To install the latest Adobe Flash Player, download the installer from http://
get.adobe.com/flashplayer/.
To install earlier versions, search for "Archived Flash Player versions" on the
Adobe Systems Incorporated website.
Note:
• There are two versions of Windows Flash Player: ActiveX for Internet
Explorer and Plugin for other than Internet Explorer. Choose the Flash
Player installer that is appropriate for your browser.
• Adobe Flash Player might be installed with Internet Explorer. If so, you can
perform Windows Update to install the latest version.
• You can also download an earlier version from Microsoft Security Advisory
(2755801).
Procedure
1. Launch the web browser that you normally use and go to the Adobe
website http://www.adobe.com.
2. Scroll upward as needed to display the top of the Adobe web page.
3. In the Adobe search box in the upper right corner of the web page (not
the browser search box) enter archived Adobe Flash Player and click
Search.
4. In the search results, select Archived Adobe Flash Player versions.
The Archived Adobe Flash Player version web page on the Adobe website
opens.
5. Scroll down to the list of archived Adobe Flash Player versions, select the
archived version you want, download the installer, and then run it.
Logging in to Device Manager - Storage Navigator
There are two types of logins to Device Manager - Storage Navigator:
• One-time only initial login by the administrator or super-user who logs in
first to create other user accounts
• Normal login allows users to perform only tasks related to initial settings
such as account management or software application management. When
the initial settings are complete, use Hitachi Command Suite or Hitachi
Storage Advisor to configure the storage system.
Initial super-user login

This login procedure is for the super-user who logs into Device Manager -
Storage Navigator for the first time and sets up the user accounts. The
super-user has a built-in ID which includes all permissions, and a default
password.
Procedure
1. Call your local service representative to obtain the super-user ID and

default password.
2. In your web browser, specify the URL for your SVP:
https://IP-address-or-host-name-of-SVP/sanproject/
To change the port number of the protocol from the initial value (443),
specify the following URL:
https://IP-address-or-host-name-of-SVP:port-number-of-the-
protocol/
3. Log in with the superuser ID and password.
4. To prevent unauthorized use of the superuser account, change the
password immediately after you log in. Click Settings > User
Management > Change Password to change your password.
Normal login
Normal login allows you to perform only the following:
• User management
• License management
• Creating a login message
• Editing advanced system settings
When the initial settings are complete, use Hitachi Command Suite or Hitachi
Storage Advisor to configure the storage system.
Procedure
1. In your web browser, specify the following URL:

https://IP-address-or-host-name-of-SVP
If you changed the port number of the protocol HTTP from the initial
value (443), specify the following URL:
https://IP-address-or-host-name-of-SVP:port-number-of-the-
protocol-HTTPS/
If the loading window displays in Device Manager - Storage Navigator,

wait until the service status changes to Ready (Normal). At that time,
the login window displays automatically. The following is an example of
the loading window.
2. The following actions might be required to open the login dialog box,
depending on your environment:
• If a message indicates that the enhanced security configuration is
enabled on the management client, select In the future, do not
show this message and click OK.
• If the SVP is set to support SSL-encrypted communication and security
messages appear, make sure the certificate is correct and follow the
instructions in the dialog box.
• If a message indicates that certain web sites are blocked, follow
instructions in Adding your SVP to the trusted sites zone for Windows
server on page 32.
• If multiple storage systems are connected, a window which allows
selection of the storage system is displayed. Select the storage system
you want to connect.
3. When the Storage Device List window opens, select the storage system.
The Device Manager - Storage Navigator login window appears.
4. Type the user ID and password.
5. Click Login.
6. If the Security Information dialog box appears, click Yes.
7. If a local storage area pop-up dialog box of Adobe Flash Player Setting
appears, click Allow to open the Device Manager - Storage Navigator
main window. The cache function of Adobe Flash Player optimizes the
process of Device Manager - Storage Navigator. Denial of the request
might delay the processing speed of Device Manager - Storage
Navigator.
Note: If login fails three times with the same user ID, Device
Manager - Storage Navigator stops responding for one minute.
This is for security purposes and is not a system failure. Wait, then
try again. The roles and resource groups for each user are set up
ahead of time and will be available to you when you log in to
Device Manager - Storage Navigator. If the roles or resource
allocations for your username are changed after you log in, the
changes will not be effective until you log out and log back in
again. When you use a web browser for a long period of time,
memory is heavily used. We recommend closing or logging out of
Device Manager - Storage Navigator after you are finished using it.
Changing your password

After the administrator gives you a user ID and password, you should change
the password after you log in.
Procedure
1. Log in to Device Manager - Storage Navigator with the user ID and

password given to you by the administrator.
2. Click Settings > User Management > Change Password to change
your password.
Adding your SVP to the trusted sites zone for Windows server
If you are using Device Manager - Storage Navigator on a Windows Server
2003/2008, the following message may appear during login. If it does, you
must add the SVP to the trusted sites zone.
The message below may appear differently depending on the Windows

version you are using.
Procedure
1. Click Add in the message dialog box. The Trusted Sites dialog box
opens.
2. In Add this web site to the zone, enter the URL of the SVP that you
want to log in to. For example, if the host name is host01, the URL is
http://host01. If the IP address is 127.0.0.1, the URL is http://
127.0.0.1.
3. Click Add to add the URL of the SVP to the web sites list.
4. Click Close to close the dialog box.
Changing the date and time

To keep the date and time on the storage system controller, the SVP, and NAS
modules in sync, you must change the date and time settings on all. This
section includes procedures to change all settings.
Changing the controller clock settings

Complete the following steps to change the date and time on the storage
system controller.
Before you begin

• You must have the Storage Administrator (View & Modify) role to perform
this task.
Procedure
1. In the maintenance utility Administration tree, select Date & Time.

The current settings are displayed.
2. Click Set Up.
3. Change the settings as needed, and either click Apply to save them, or
click Cancel to close the window without saving the changes.
Changing the SVP clock settings

Complete the following steps to change the Windows 7 date and time on the
SVP.
Before you begin

• The management console is connected to the LAN 2 port on the SVP.
• The console has established a remote desktop connection with the SVP.
• The management utility window is displayed on the console.
On the management console that is connected to the SVP:
Procedure
1. On the Windows 7 desktop, click Start > Control Panel.

2. Click Clock, Language, and Region.
3. Click Date and Time.
4. Click Change date and time. The Date and Time Settings window
opens.
5. Set the date and time, then click OK to save the settings and close the
window.
Changing the system date and time of the NAS modules

Use the following instructions to change the system date and time.
When the system date and time are set by NAS Manager, they are also
reflected in the system date and time of the storage system.
Tip: See the Hitachi NAS Platform Server and Cluster Administration Guide
for more details about changing the system date and time of the NAS
modules.
Procedure
1. Log on to NAS Manager

2. Click Server Settings.
3. Click Date and Time in the Server Settings window.
4. In the Date and Time window, set date and time.
When using NTP server:
a. Select a time zone in Time Zone field.
b. Enter the IP address or the name of the NTP server in NTP Server
IP/Name field, and then click add.
When using the Active Directory server, enter the IP address or the
name of the NTP server.
When setting without using the NTP server:
a. Enter time in Time field.
b. Enter date in Date field.
5. Confirm the settings and click apply.
Tip: You are not required to enter Time and Date because the
settings are acquired from the NTP server.
6. Click OK.
The window changes to the Login window a few minutes later.
Changing network settings

This section explains how to change the IPv4 and IP6 settings on the SVP to
match the settings on the storage system, and how to change network
permissions.
Setting up TCP/IP for a firewall
To connect the management client and the SVP through a firewall, configure
the firewall so that the TCP/IP port for the protocol you use becomes
available.
When attaching Device Manager - Storage Navigator to multiple storage

systems, the installer must log in to the SVP of each storage system using
separate Device Manager - Storage Navigator sessions and separate web
browser instances.
For details about setting up the SVP, see the hardware installation and
reference guide for your storage system.
Enabling IPv6 communication

You should assign the SVP the same type of IP addresses (IPv4 or IPv6) that
are used on the storage system. You must also configure the client
computers with the same IP version that you assign to the SVP. In addition,
use the same communication options for both the management client and the
SVP.
If you use IPv6 to display the Device Manager - Storage Navigator main
window when both IPv4 and IPv6 are available, IPv6 addresses are displayed
in the Device Manager - Storage Navigator secondary window but IPv4
communication is actually used.
The following topics provide brief instructions on configuring IPv6

communication.
Changing network communication settings

This procedure explains how to configure a management client to use IPv6
for communication with an SVP.
Procedure
1. In the maintenance utility, click Administration to expand the

Administration navigation pane.
2. Click Network Settings.
The Network Settings window displays the current network settings
and permissions.
3. In the Network Settings window, click Set Up Network Settings.
The Network Settings dialog box displays the current settings for the
Mac address, IPv4 and IPv6 settings, and the network connection mode
for both controllers 1 and 2. It also displays the current settings for the
maintenance port and the storage system internal network.
4. Change the settings as needed and click Apply.
The dialog box closes and returns you to the Network Settings window.
Changing network permissions

This procedure explains how to block or allow HTTP blocking.
Procedure
1. In the maintenance utility, click Administration to expand the

Administration navigation pane.
2. Click Network Settings. The Network Settings window displays the
current network settings and permissions.
3. In the Network Settings window, click Set Up Network Permissions.
4. To enable HTTP blocking, click Enable. To disable HTTP blocking, click
Disable.
5. Click Apply. The dialog box closes and returns you to the Network
Settings window.
Changing the administrator password

Before you begin
• You must have the Storage Administrator (View & Modify) role to complete
this procedure.
Procedure
1. In the maintenance utility Menu navigation tree, click System

Management.
2. Click Change Password.

3. Enter your current password and a new password. Enter the password
again in the Re-enter Password field.
4. Click Finish.
Creating a login message

When users log in to the maintenance utility, they will see a login message.
You can use the login banner message to inform users of specific system
conditions, user requirements, or to provide other information that users may
need to manage the system.
Before you begin
You must have the Storage Administrator (View & Modify) role to complete
this procedure.
Procedure

Management.
2. Click Edit Login Message.

3. Enter a message to be displayed at the time of login. The message can
contain up to 2,048 characters. A line break is counted as one character.
4. Click Apply to save the message and close the dialog box.
Setting up security
This section discusses how to set up security on your storage system.
Selecting a cipher suite

Cipher suites are part of SSL Version 3 and OSI Transport Layer Security
Version 1 Cipher Specifications.
Before you begin
this procedure.
Procedure

Management.
2. Click Select Cipher Suite.
3. Select the type of communication to use between the SVP and the
storage system. The selections change the encryption level. Higher
encryption provides better security but the communication speed is
slower.
• TLS_RSA_WITH_AES_128_CBC_SHA (Prioritize Transmission Speed).
This selection provides higher communication speed and lower
security.
• TLS_RSA_WITH_AES_128_CBC_SHA256 (Prioritize Security). This
selection provides higher security and lower communication speed.
4. Click Apply to save the setting and close the dialog box.
Configuring SMU security - (Unified NAS module only)

This screen allows you to change web application security settings.
The SMU can be configured to control the hosts that can access the SMU and
auxiliary devices managed by the SMU.
Note: If you have a standby SMU, it may take up to 5 minutes after a

configuration change to be synchronized with the active SMU
Procedure
1. Navigate to Home > SMU Administration > Security Options.
Field/Item Description
Web Application This section allows you to change web application security settings.
Security Settings
Note: Making any change in this section results in the

application being restarted immediately.
Enable HTTPS By default, all HTTPS protocols are enabled, and the boxes next to the
Protocols protocols are checked. Uncheck the check box next to a protocol to
change its state to disabled. Leave at least one protocol enabled that
your browser supports.
Enabled Cipher By default, all cipher suites are enabled and are shown in the Enabled
Suites Cipher Suites list box.
Disabled Cipher To disable cipher suites, use the arrow to move selected cipher suites to
Suites the Disabled Cipher Suites list box. Leave at least one cipher suite
enabled that your browser supports.
apply Click apply to save your changes.
2. Optionally, to disable cipher suites, use the arrow to move enabled cipher
suites from the Enabled Cipher Suites list at the left to the Disabled
Cipher Suites list at the right. It is necessary to have at least one cipher
suite remain enabled.
Note: Take care before disabling cipher suites, because not all
cipher suites are supported by all browsers.
3. Optionally, to disable protocols, at Enable HTTPS Protocols, uncheck

the check box next to a protocol to change its state to disabled. It is
necessary to have at least one protocol remain enabled.
Note: Take care before disabling HTTPS protocols, because not all
HTTPS protocols are supported by all browsers.
4. Click apply to save the currently defined security options.
Updating the certificate files

The Update Certificate Files window is used to update the certificates that
are used for communication between the SVP and the storage system.
Before you begin

• You must have the Storage Administrator (View & Modify) role to complete
this procedure.
Procedure

Management.
2. Click Update Certificate Files.

3. Select a Web Server certificate file to update. Click the Web Server
checkbox, then click Browse.
4. Browse to the certificate file and click Open. The File Upload window
closes and returns you to the Update Certificate Files dialog box.
5. In the Web Server Password: field, enter the certificate password.
6. Enter the password again in the Web Server Re-enter Password: field.
7. Select a Connect to SVP certificate file to update. Click the Connect to
SVP checkbox, then click Browse.
8. Browse to the certificate file and click Open. The File Upload window
closes and returns you to the Update Certificate Files dialog box.
9. In the Connect to SVP Password: field, enter the certificate password.
10. Enter the password again in the Connect to SVP Re-enter Password:
field.
11. Click Apply to update the certificates.
Forcing the system lock to release

When a user locks the system, other users cannot log in or access the
system. This feature can be used to ensure that no changes to the system
can be made while maintenance or upgrade procedures are in process.
Caution: Before using this feature, ensure that releasing the system lock will
not cause system problems due to processes that are currently running.
Releasing the system lock can terminate a process before it completes and
possibly leave the system in an unknown state. Check with any users that are
logged on. Wait until their processes are complete before releasing the
system lock.
Before you begin
this procedure.
Procedure

Management.
2. Click Force Release System Lock.

3. A warning message is displayed. Verify that releasing the lock will not
cause data loss or other problems. To release the system lock, click OK.
Click Cancel to close the dialog box without releasing the system lock.
Setting storage system information
You can set the name, contact information, and location of the storage
system.
Caution: When changing a setting more than once, ensure that the current
setting is complete before changing it again. Otherwise, only the new change
will be applied, and the result might be different from what you expected.
Procedure
1. In the Device Manager - Storage Navigator Storage Systems tree,

select the storage system.
2. From Settings, click Environmental Settings > Edit Storage
System.
3. Enter the items that you want to set.
You can enter up to 180 alphanumeric characters (ASCII codes)
excluding several symbols (\ , / ; : * ? " < > | & % ^). Do not use a
space at the beginning or the end.
4. Click Finish.
5. In the Confirm window, check the settings and enter a task name in
Task Name.
6. Click Apply. The task is now registered. If the Go to tasks window for
status check box is checked, the Task window opens to show the status
of the task.
Registering the primary SVP host name

You must register the primary SVP host name before completing any of the
following tasks.
• Specify a host name instead of an IP address when accessing Device
• Obtain the public key certificate for SSL-encrypted communication from
the CA (Certificate Authority). You must register the server name as the
host name to the DNS server or the hosts file. The server name is entered
in the certificate as a common name.
Enter the SVP host name and IP address in the DNS server or the hosts
file of the management client. You can register any host name to the DNS
server or the hosts file, but there are restrictions on the letters you can
use for the host name.
• DNS setting: You must register the IP address and host name of the SVP
to the DNS server that manages the network to which the SVP is
connected.
• Hosts file setting: You must enter the IP address and host name of the
SVP to the hosts file of the management client. The general directory of
the hosts file is:
○ Windows 7: C:\Windows\System32\drivers\etc\hosts
○ UNIX: /etc/hosts
Report configuration tool

Complete the following instructions to install the report configuration tool.
Prerequisites for the report configuration tool

You need the following items to install the report configuration tool:
• A Windows computer running Windows Server 2003, Windows Server
2008, Red Hat Enterprise Linux AS 5.0, Red Hat Enterprise Linux AS 4.0 on
EM64T, or Red Hat Enterprise Linux AS 5.0 on EM64T
You can set both an IPv4 address and an IPv6 address for the computer on
which the report configuration tool is installed. You can also connect the
management client to the SVP over an IPv4 proxy server. When you use
the proxy server, specify a name and a port number of the proxy server as
the HTTP_PROXY environment variable on the computer. For example:
SET HTTP_PROXY=http://proxy.xx.co.jp:8080
• A user account for exclusive use of the report configuration tool
To use the report configuration tool, you must create a user account that is
used exclusively for raidinf commands. Assign the storage administrator
role (initial configuration) only to this user account.
For information on user accounts, see Creating user accounts on
page 82.
• The report configuration tool installation software
The report configuration tool is available on the software installation
media.
Installing the report configuration tool
Procedure
1. Insert the software installation media into a drive.

2. On the media, navigate to the /program/Config_Report_CLI/Win32
folder and double-click setup.exe for Windows. Follow the instructions
on the screen. If you are not using Windows, navigate to /program/
Config_Report_CLI/RIinstsh.
3. When prompted, enter the name of the directory in which to install the
report configuration tool. The installer continues until the tool is installed.
Note: The directory where the report configuration tool is installed

is not specified as an application path on Windows. When
necessary, specify the directory as the application path.
Using the report configuration tool

You can use the report configuration tool to create up to 20 configuration
reports and then view or download them.
The list of commands for creating reports is located in Raidinf command

reference (obtaining configuration reports and tier relocation logs) on
page 169. Creating a configuration report on page 165 describes how to
create a configuration report without using raidinf commands.
Modifying SVP port numbers

You can change SVP port numbers to any arbitrary number. This is optional.
You can also initialize the settings to the original status by initializing the port
number.
For SVP firmware 83-03-01-XX/00 or later, some ports are automatically

assigned unused port numbers.
You can change the automatically assigned port numbers:

• To check automatically assigned port numbers, see Viewing the port
number used in SVP on page 46.
• To change an automatically assigned port number, see Reassigning an
automatically assigned port number on page 50.
• To return a port to its automatically assigned port number, see Initializing
and reassigning an automatically assigned port number on page 51.
• To change the range of port numbers used for automatic assignment, see
Changing the range of an automatically assigned port number on
page 52.
• To return the range of port number for automatic assignment to its original
range, see Initializing the range of an automatically assigned port number
on page 53.
Note: Perform this task only if an SVP port number is used by another
application.
You need to verify the effects before you modify an SVP port number. See
Effects of changing SVP port numbers on page 47.
The following table describes the port number key names and the initial value
of the port number.
Port number key Corresponding SVP

Protocol Initial port number
name software version
MAPPWebServer HTTP 80 83-01-20-XX/00 or later
MAPPWebServerHttps HTTPS 443 83-01-20-XX/00 or later
RMIClassLoader RMI 51099 83-01-20-XX/00 or later
RMIClassLoaderHttps RMI (SSL) 5443 83-01-20-XX/00 or later
RMIIFRegist RMI 1099 83-01-20-XX/00 or later
PreRMIServer RMI 51100 83-01-20-XX/00 or later
Automatically 83-03-01-XX/00 or later

assigned
DKCManPrivate RMI 11099 83-01-24-XX/00 or later
SLP SLP 427 83-01-24-XX/00 or later
SMIS_CIMOM SMI-S 5989 83-01-20-XX/00 or later

assigned
CommonJettyStart HTTP 8080 83-01-24-XX/00 or later
CommonJettyStop HTTP 8210 83-01-24-XX/00 or later
RestAPIServerStop HTTP 9210 83-01-24-XX/00 or later
DeviceJettyStart HTTP 8081 83-01-24-XX/00 or later

assigned
DeviceJettyStop HTTP 8211 83-01-24-XX/00 or later

assigned
Viewing the port number used in SVP

You can view the port number used in SVP.
Procedure
1. Open the Windows command prompt as administrator on the SVP.

2. Move the current directory to the directory where the tool is located (for
example: C:\MAPP\wk\Supervisor). Execute the following command:
C:MAPP\wk\Supervisor\MappIniSet\MappPortRefer.bat serial-number
(optional)
Note: A space is required between MappPortRefer.bat and serial-

number.
If you omitted the serial number, information of every storage system

that is registered in the Storage Device List window is displayed.
For the port on which the port number information is not allocated, Not
Defined is displayed and a completion message displays.
3. Press any key to acknowledge the message and close the message box.
4. Close the Windows command prompt.
Effects of changing SVP port numbers

Set the firewall settings of the management client according to new SVP port
numbers.
The following table describes the effects for each port number.
User reference guide on

Port number key name Effects
changing the SVP port number
MAPPWebServer Changes the method to specify See Logging in to Device

URL for Device Manager - Manager - Storage Navigator on
MAPPWebServerHttps Storage Navigator login page 30.
In Hitachi Command Suite: Hitachi Command Suite
Installation and Configuration
You must change the HCS port
number to be the same number. Guide
RMIClassLoader None None
RMIClassLoaderHttps Report configuration tool See Raidinf command reference

(raidinf commands) (obtaining configuration reports
and tier relocation logs) on
When you login to Device page 169.
Manager - Storage Navigator by
using raidinf command, you
must specify the IP address and
new port number of the SVP.
RMIIFRegist When you execute the Export Performance Guide for Hitachi
Tool command, you must Virtual Storage Platform Gx00
specify the IP address and new and Fx00 Models (Performance
port number of the SVP for IP- Monitor, Server Priority
sub-command. Manager)
User reference guide on
Port number key name Effects
changing the SVP port number
In Hitachi Command Suite: Hitachi Command Suite

Installation and Configuration
You must change the HCS port
number to the same number. Guide
PreRMIServer None None
DKCManPrivate None None
SLP You must change the SMI-S Hardware Reference Guide for
port number to the same your storage system
number.
SMIS_CIMOM You must change the SMI-S Hardware Reference Guide for
port number to the same your storage system
number.
If the storage system is
83-03-01-XX/00 or later, check
the port number which is used
after registering the storage
system. For detail, see Viewing
the port number used in SVP on
page 46.
CommonJettyStart None None
CommonJettyStop None None
RestAPIServerStop None None
DeviceJettyStart None None
DeviceJettyStop None None
Changing the SVP port number

You can change the SVP port number to any arbitrary number. After changing
the port number, the SVP will be restarted.
Before you begin

• Remote desktop connection from the management client to SVP has been
performed.
• The range of the available port number is from 1 to 65535. Make sure the
new port number is not duplicated with the number used in another
application.
• You can enter multiple instances of port-number-key-name and port-
number. For example:
MappSetPortEdit.bat MAPPWebServer 81 MAPPWebServerHttps 444
• The management file of the SVP port number is stored in the following
location:
path-to-tool\mpprt\cnf\mappsetportset.properties
Note:
• Do not change the management file of the port number.
• Close the management file of the port number while executing the
command for changing or initializing.
• If the SVP software version of the registered storage system does not
support changing the port number, update the SVP software.
• Port numbers 1 to 1023 are reserved for other application programs, so do
not use these numbers. If you use these numbers and encounter a
problem, change the number to 1024 or higher.
• The following port numbers cannot be used for MAPPWebServer or
MAPPWebServerHttps:
2049, 4045, 6000
Procedure
1. Close all Device Manager - Storage Navigator sessions on the SVP.

example, C:\MAPP\wkSupervisor). Execute the following command:
C:MAPP\wk\Supervisor\MappIniSet\MappSetPortEdit.bat port-
number-key-name port-number
Note:
• A space is required between MappSetPortEdit.bat and port-
number-key-name.
• A space is required between port-number-key-name and port-
number.
4. A service restart message box displays, followed by a completion

message box. Press any key to acknowledge the message and close the
message box.
Initializing the SVP port number

You can initialize the SVP port settings and restore to the original status.
After initializing the port number, the SVP will be restarted.
To initialize the automatically assigned port number: See Initializing and

reassigning an automatically assigned port number on page 51
Before you begin
Remote desktop connection from the management client to SVP has been
performed.
Procedure

2. Open the Windows command prompt on the SVP.
example, C:\MAPP\wk\Supervisor\MappIniSet). Execute the following
command:
C:MAPP\wk\Supervisor\MappIniSet\MappSetPortInit.bat
4. An initialization confirmation message box displays.
If you want to continue, enter Y, and then press the Enter key. If you
want to cancel the task, enter N, and then press the Enter key.
5. A service restart message box displays, followed by a completion
message box. Press any key to acknowledge the message and close the
message box.
Reassigning an automatically assigned port number

You can reassign the port number that is automatically assigned to the
storage system.
If the port number assigned to the storage system is used in another

application, the port number is reassigned. Also, if you disabled the
automatic assign, this deletes the unnecessary port number that is already
assigned.
Caution:
• Stop the storage system service before reassigning. If you did not stop
before reassigning, stop the storage system service in Storage Device List
window, then start the service.
• The port for DeviceJettyStart and DeviceJettyStop that is assigned when
starting the storage system service cannot be reassigned.
• If you disable the function which is using the port, this deletes the port
number that is already assigned.
Procedure
1. Logout from Device Manager - Storage Navigator on the storage system

that you want to reassign.
2. Stop the service of the storage system that you want to reassign.
example, C:\MAPP\wk\Supervisor). Execute the following command:
C:MAPP\wk\Supervisor\MappIniSet\MappPortManageRenum.bat serial-
number (optional)
Note: A space is required between MappPortManageRenum.bat
and serial-number.
If you omitted the serial number, it is executed for the storage system of
83-03-01-XX/00 or later that is registered in the Storage Device List
window.
5. A confirmation message box displays.
If you want to continue, enter Y, and then press the Enter key. If you
want to cancel the task, enter N, and then press the Enter key.
8. Start the service of the storage system which is reassigned.
Initializing and reassigning an automatically assigned port number

You can initialize the port number that is automatically assigned to the
storage system.
Caution:
• Stop the service of the storage system which has the status Ready in the
Storage Device List window before initializing.
• If you did not stop before initializing, execute Reassigning an automatically
assigned port number on page 50.
Procedure
1. Logout from Device Manager - Storage Navigator.

2. Stop the service of all the storage systems which have the status Ready
in the Storage Device List window.
C:MAPP\wk\Supervisor\MappIniSet\MappPortManageInit.bat
• If you want to continue, enter Y, and then press the Enter key.
• If you want to cancel the task, enter N, and then press the Enter key.
7. Reassign the port number.
C:MAPP\wk\Supervisor\MappIniSet\MappPortManageRenum.bat serial-
number (optional)
Note: A space is required between MappPortManageRenum.bat

and serial-number.
If you omitted the serial number, the batch file is run for the storage
system of 83-03-01-XX/00 or later which is registered in Storage
Device List window.
10. Reassign the port number for all the registered storage systems by
executing Steps 7 through 9.
12. Start the service of the storage system.
Changing the range of an automatically assigned port number

You can change the range of the port number that is automatically assigned
to the storage system.
Procedure

C:MAPP\wk\Supervisor\MappIniSet\MappPortRangeSet.bat port-
number-key-name port-number-range
Note:
• A space is required between MappPortRangeSet.bat and port-
number-key-name.
• A space is required between port-number-key-name and port-
number-range.
The following table shows the port number key name and initial value of
the port number range which can be changed. Port 0 is not assigned.
Port number key name Initial value of port number Remark

range
PreRMIServer 51100 to 51355 None
SMIS_CIMOM 5989 to 6244 None
DeviceJettyStart 48081 to 48336 None
DeviceJettyStop 48411 to 48666 None
unavailable 1 to 1023 Port number that is not used
in automatic assign
• The valid range of the port number is between 1 and 65535. Use a
port number that is not used in another service.
• Port numbers between 1 and 1023 are reserved for the other
applications. If you exclude a number between 1 and 1023 from the
setting value of unavailable, the port numbers might not operate
normally.
• The following can be used for the port number range:
Numbers, space, symbols (, -) and rm
• You can specify multiple port-number-key-name and port-number-
range.
For example: MappPortRangeSet.bat PreRMIServer 51200-55000
SMIS_CIMOM 5989-6244,8000
Initializing the range of an automatically assigned port number

You can initialize the range of the port number that is automatically assigned
to the storage system.
Procedure

C:MAPP\wk\Supervisor\MappIniSet\MappPortRangeInit.bat
Managing SSL certificates

To improve the security of remote operations from a Device Manager -
Storage Navigator service processor to a storage system, you can set up
Secure Sockets Layer (SSL) encrypted communication. By setting SSL
encryption, the Device Manager - Storage Navigator User ID and Password
are encrypted.
Flow of SSL communication settings

The following illustration shows the procedure to set up SSL communication.
Unless otherwise noted, all steps are required. Note that creation of private
and public keys requires a dedicated program. Download one from the
OpenSSL website (http://www.openssl.org/).
Creating a keypair
To enable SSL, you must create a keypair consisting of a public and a private
key. The instructions use Windows 7 as an example.
Creating a private key

A private key is required to create an SSL keypair. The following procedure
for Windows 7 creates a private key file called server.key in the c:\key
folder.
Before you begin
Download openssl.exe from the OpenSSL website.
Procedure
1. If the read-only attribute is set, release it from the c:\openssl folder.

2. Open a command prompt with administrator permissions.
3. Move the current directory to the folder to which the key file is output
(such as c:\key), and execute the following command:
c:\key > c:\openssl\bin\openssl genrsa -out server.key 1024
Creating a public key
A public key has the file extension .csr. It is required to create an SSL
keypair. The following procedure is for the Windows 7 operating system.
Before you begin
Download openssl.exe from the OpenSSL website.
Procedure

2. Move the current directory to the folder to which the key file is output
(such as c:\key). Execute the following command:
c:\key > c:\openssl req -sha256 -new -key server.key -config
c:\openssl\bin\openssl.cfg -out server.csr
3. Enter the following information in the prompt:
• Country Name (two-letter code)
• State or Province Name
• Locality Name
• Organization Name
• Organization Unit Name
• Common Name
To create a self-signed certificate, enter the IP address of the web
server (SVP). The name you entered here is used as the server name
(host name). To obtain a signed and trusted certificate, ensure that
the server name is the same as the host name of the SVP.
• Email Address
• Challenge password (optional)
• Company name (optional)
Example
The following example shows the contents of a command window when you
create a public key.
......++++++
..++++++
is 65537 (0x10001)
C:\key>c:\openssl\bin\openssl req -sha256 -new -key server.key -
config c
You are about to be asked to enter information that will be
incorporated into your certificate request. What you are about
to enter is what is called a Distinguished Name or a DN.
\openssl\bin\openssl.cfg -out server.csr
For some fields there will be a default value.
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Kanagawa
Locality Name (eg, city) []:Odawara
Organization Name (eg, company) [Internet Widgits Pty
Ltd]:Hitachi
Organization Unit Name (eg, section) []:ITPD
Common Name (eg, YOUR name) []:192.168.0.1
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
Obtaining a signed certificate

After creating a private key and public key, obtain a signed public key
certificate file. You can use any of these methods to obtain a signed
certificate file.
• Create a certificate by self-signing. See Obtaining a self-signed certificate
on page 56.
• Obtain a certificate from the certificate authority that is used by your
company.
• Request an official certificate from an SSL certificate authority. See
Obtaining a signed and trusted certificate on page 56.
Note: When you send a request to a certificate authority, specify the SVP as
the host name.
Hitachi recommends that self-signed certificates be used only for testing

encrypted communication.
Obtaining a self-signed certificate

To obtain a self-signed certificate, open a command prompt and execute the
following command:
c:\key>c:\openssl\bin\openssl x509 -req -sha256 -days 10000 -in
server.csr -signkey server.key -out server.crt
Note: This command uses SHA-256 as a hash algorithm. MD5 or SHA-1 is

not recommended for a hash algorithm due to its low security level.
This command creates a server.crt file in the c:\key folder, which is valid
for 10,000 days. This is the signed private key, which is also referred to as a
self-signed certificate.
Obtaining a signed and trusted certificate

To obtain a signed and trusted certificate, you must obtain a certificate
signing request (CSR), send that file to a Certificate Authority (CA), and
request that the CA issue a signed and trusted certificate. Each certificate
authority has its own procedures and requirements. Use of this certificate
results in higher reliability in exchange for greater cost and requirements.
The signed and trusted certificate is the signed public key.
Verifying and releasing an SSL certificate passphrase

An SSL certificate cannot be applied for the SVP if the passphrase is set. If
the passphrase is set, release the passphrase for the SSL certificate before
applying the SSL certificate to the SVP. The following procedure explains how
to verify and release the passphrase settings.
Before you begin

• A private key (.key file) has been created.
• OpenSSL must be installed. In this procedure, it is installed in C:\openssl.
Procedure
1. Open a command prompt window with administrator permissions.

2. Move the current directory to the folder (for example, C:\key) where the
key file is stored, and run the following command:
Caution: Executing this command will overwrite the current key

file. To prevent loss of the key file, do one of the following:
• Back up the key file first.
• Use a different key file input destination and output destination.
C:\key>C:\openssl\bin\openssl rsa -in key-file-input-

destination -out key-file-output-destination
If Enter pass phrase for server.key: is displayed, the passphrase is

set. Enter the passphrase. The passphrase in the SSL private key will be
released, and the SSL certificate can be applied to the SVP.
Example (when passphrase is set)

C:\key>c:\openssl\bin\openssl rsa -in server.key -out server.key
Enter pass phrase for server.key: "Enter passphrase"
Writing RSA key
Example (when passphrase is not set)

C:\key>c:\openssl\bin\openssl rsa -in server.key –out server.key
Writing RSA key
Converting SSL certificates to PKCS#12 format
If you are uploading a created private key and the SSL certificate to GUM,
you need to convert it to PKCS#12 format. If you are not uploading SSL
certificate to GUM, conversion is not required.
Before you begin

• You must store a private key and SSL certificate in the same folder.
• In the following procedure:
○ The private key file name is “client.key”.
○ The SSL certificate file name is “client.crt”.
○ The SSL certificate in PKCS#12 format is output to c:\key.
Procedure

2. Enter the following command: C:key>c:\openssl\bin\openssl pkcs12
-export -in client.crt –inkey client.key -out client.p12
3. Enter a password, which is used when uploading the SSL certificate in
PKCS#12 format to GUM. You can use up to 128 alphanumeric characters
and the following symbols: ! # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ]
^_`{|}~
4. The client.p12 file is created in the C:\key folder. This client.p12 file
is the SSL certificate in PKCS#12 format.
5. Close the command prompt.
Updating a signed certificate

To use SSL-encrypted communication, you must update and upload the
private key and the signed server certificate (public key) to the SVP.
Before you begin

• You must have the Storage Administrator (Initial Configuration) role to
perform this task.
• You must be logged into the SVP.
• A private key (.key file) has been created. Make sure that the file name is
server.key.
• The passphrase for the private key (server.key file) is released.
• A signed public key certificate (.crt file) has been acquired. Make sure that
the file name is server.crt.
• The private key (.key file) must be in PEM format. You cannot use DER
format.
• The signed public key certificate (.crt file) must be in X509 PEM format.
You cannot use X509 DER format.
• The passphrase for the private key (server.key file) must be released.
Procedure

3. Enter the following command:
C:\MAPP\wk\Supervisor\MappIniSet\MappApacheCrtUpdate.bat
absolute-path-of-signed-public-key-certification-file
absolute-path-of-private-key-file
Note: A space is required between the signed public key

certification file path and the private key file path.
4. A completion message box displays. Press any key to acknowledge the

message and close the message box.
5. Close the command prompt window.
Notes on updating a signed certificate for the service processor

The following notes provide additional information about updating a signed
certificate.
• While the service processor certificate is being updated, tasks that are
being run or scheduled to run on Device Manager - Storage Navigator are
not executed.
• Certificates for RMI communication are updated asynchronously. The
process takes about two minutes.
• If the service processor certificate is updated while Hitachi Command Suite
is being set up, the setup operation will fail.
• Updating the SSL certificate might change the system drastically and may
lead to service processor failure. Therefore take sufficient care to consider
the content of the certificate and private key to be set.
• After the certificate update is complete, depending on the environment,
the service processor can take 30 to 60 minutes to restart.
Returning the certificate to default

You can return the certificate that was updated by the procedure in Updating
a signed certificate on page 58 back to default.
Before you begin

perform this task.
• A private key (.key file) has been created. Make sure that the file name is
server.key. See Creating a private key on page 54.
• The passphrase for the private key (server.key file) is released.
• A signed public key certificate (.crt file) has been acquired. Make sure that
the file name is server.crt. See Creating a public key on page 55.
• The private key (.key file) must be in PEM format. You cannot use DER
format.
• The signed public key certificate (.crt file) must be in X509 PEM format.
You cannot use X509 DER format. See Obtaining a self-signed certificate
on page 56.
• The passphrase for the private key (server.key file) must be released.
Procedure

C:\MAPP\wk\Supervisor\MappIniSet\MappApacheCrtInit.bat
Problems with website security certificates

When the message "There is a problem with this website's security
certificate." is displayed, click Continue to this website (not
recommended).
If the security certificate is not issued by a trusted certificate authority, the

browser displays a warning message when it connects to an SSL-enabled
Managing HCS certificates

This topic explains how to set or delete certificates for Hitachi Command
Suite (HCS) that are used to check the server's reliability when SSL
communication for HCS external authentication is performed.
Registering HCS certificates
To check the server reliability during SSL communication for HCS external
authentication, upload an HCS public key certificate to the web server to
register the certificate. Complete the steps in the following procedure to
upload and register a certificate using the certificate update tool.
Note: Ensure that you register or delete the correct certificate. Otherwise,
HCS external authentication will not return.
Before you begin

• The private key file on the HCS server must be current. Update it if
necessary.
• The certificate file must have a .crt extension. Rename the file if
necessary.
• The certificate must be in X509 PEM format or X509 DER format.
Procedure

C:\MAPP\wk\Supervisor\MappIniSet\MappHcsCrtEntry.bat
absolute-path-of-signed-public-key-certificate-file
Deleting HCS certificates

You can delete the certificates you registered in the procedure of the
"Registering certificates for HCS" section. After you delete a certificate,
server reliability for that certificate is not checked by SSL communication for
HCS external authentication.
Before you begin

• The private HCS server key must be updated.
• The certificate file must have a .crt extension. Rename the file if
necessary.
• The certificate must be in X509 PEM format or X509 DER format.
Procedure

C:\MAPP\wk\Supervisor\MappIniSet\MappHcsCrtDelete.bat
4. A completion message box opens. Press any key to acknowledge the
Blocking HTTP communication to the SVP

If the web server supports SSL (HTTPS), you can use the HTTP setting tool to
block or allow access to the HTTP communication port as needed.
Before you begin

perform this task.
Procedure

C:\MAPP\wk\Supervisor\MappIniSet\MappHttpBlock.bat
Releasing HTTP communication blocking

If the web server supports SSL (HTTPS), you can use the HTTP setting tool to
release a block to the HTTP communication port as needed.
Before you begin

perform this task.
Procedure

C:\MAPP\wk\Supervisor\MappIniSet\MappHttpRelease.bat
Backing up HDvM - SN configuration files

Before replacing an SVP, you must make a backup copy of the Device
Manager - Storage Navigator configuration files on the SVP. You can then use
the backup copy to restore the configuration file if it becomes necessary, or
to configure a replacement SVP if one fails.
To back up the Device Manager - Storage Navigator configuration files on the

SVP, download them to a folder that you specify.
The following configuration items can be backed up and restored. Before you
create the backup, ensure that the settings are correct.
• Device Manager - Storage Navigator environment parameters
• Authentication server connection settings
• Key management server connection settings
• Password policy when backing up the management client encryption key
• Display settings (table width) for each Device Manager - Storage Navigator
user
• Device Manager - Storage Navigator login warning messages
• Device Manager - Storage Navigator task information
• SMI-S application settings
• SSL certification for HTTPS/SMI-S/RMI
Before you begin

perform this task.
Procedure
1. Close all Device Manager - Storage Navigator sessions.

C:\MAPP\wk\Supervisor\MappIniSet\MappBackup.bat absolute-
path-of-backup-file
Note:
• The backup file must be in .tgz format.
• A space is required between MappBackup.bat and the path to
the backup file.
4. A completion message displays. Click any key to continue.

Tip:
• If you do not specify a folder in which to save the file, the
system automatically creates a default file in the following
location:
SVP-root\wk\Supervisor\MappIniset
\LogsyyyyMMddHHmmss.tgz
where yyyyMMddHHmmss is the year, month, date, and time
that the file was created.
• The backup file is compressed and uses the .tgz format. Use a
tool that supports tar and gzip to extract the data from the .tgz
file.
6. Save the backup file to another computer or external memory device

such as a USB flash memory or hard drive.
Related tasks
• Restoring HDvM - SN configuration files on page 64
Restoring HDvM - SN configuration files

You can use a saved copy of a configuration file to restore the active
configuration file if it becomes necessary, or to configure a replacement SVP
if one fails.
Before you begin

perform this task.
• The SVP is configured so that the service does not start automatically
when starting the system. See the Hardware Reference Guide for your
storage system model for information about the SVP configuration method.
Procedure
1. Close all Device Manager - Storage Navigator sessions.

C:\MAPP\wk\Supervisor\MappIniSet\MappRestore.bat absolute-
path-of-backup-file
Note:
• The backup file must be in .tgz format.
• A space is required between MappRestore.bat and the path to
the backup file.
4. A completion message displays. Click any key to continue.
6. Set the service to run automatically when starting the SVP. Then reboot
the SVP.
Related tasks
• Backing up HDvM - SN configuration files on page 63
3
User Administration
This chapter describes various user roles, permissions, and groups available
to manage your storage system.
□ User administration for maintenance utility
□ User administration for Device Manager - Storage Navigator
□ User Administration for NAS Manager
User Administration 67
User administration for maintenance utility
The maintenance utility allows you to set up and manage user accounts.
Required roles for operating Maintenance Utility

You can control the availability of using each operation window of
Maintenance Utility for a user by registering the user in the user group and
assigning them with the appropriate role.
The following table lists the required roles for using specific Maintenance
Utility operation windows.
Maintenance Utility operation window Required role name
Initial Setting Wizard Storage Administrator (Initial Configuration)
Set Up System Information Storage Administrator (Initial Configuration)
Firmware Support Personnel or User Maintenance*
User Administration Security Administrator (View & Modify)
Alert Notifications Storage Administrator (Initial Configuration)
Set Up Date & Time Storage Administrator (Initial Configuration)
Set Up Network Settings Storage Administrator (Initial Configuration)
Licenses Storage Administrator (Initial Configuration)
Audit Log Settings Audit Log Administrator (View & Modify)
Turn on/off Locate LEDs Support Personnel or User Maintenance*
Power on Storage System Support Personnel or User Maintenance*
Power off Storage System Support Personnel or User Maintenance*
Edit UPS Mode Support Personnel or User Maintenance*
Edit Login Message Storage Administrator (Initial Configuration)
Select Cipher Suite Security Administrator (View & Modify)
Update Certificate Files Security Administrator (View & Modify)
Force Release System Lock Storage Administrator (Initial Configuration)
Reboot GUM Support Personnel or User Maintenance
Change Password No role is required.
Boot System Safe Mode Support Personnel*
Alert Display Support Personnel or User Maintenance*
Alert Display Related to FRU Support Personnel or User Maintenance*
68 User Administration
Maintenance Utility operation window Required role name
Administration Menu N/A
Power Management N/A
System Management N/A
Resetting GUM N/A
*
• Support Personnel: Operations performed by the service personnel
• User Maintenance: Operations performed by the user
Setting up user accounts

This procedure describes how to create a user account and register the
account to a user group with appropriate roles. You can create up to 20
users, including the built-in user.
Procedure
1. In the Maintenance Utility window, click Administration > User

Administration.
2. In the User Groups tab, click Create User.
3. Create a new user account. Specify the User Name, Account Status,
Authentication and User Group. Click Finish.
Item Description
User Name
Account Status The following statuses are available:
Enable = user can use the account.
Disable = user cannot use the account or log

in to the storage management software.
Authentication The following methods are available:
Local = does not use authentication server.
Uses a dedicated password for storage
management software.
External = uses an authentication server.
4. Confirm the settings, and then click Apply.
5. When the completion message appears, click Close.
Disabling user accounts

The following procedure describes how to disable user accounts.
Observe the following guideline:

• Log into an account that is different from the user whose account that you
want to disable (you cannot disable the current login user account).
• To disable the user account specified by the registered storage system in
the Storage Device List window, click Stop Service for the registered
storage system. After disabling the user account, click Edit to enable the
user account.
Procedure

Administration.
2. In the User Groups tab, click the user group to which the user belongs.
3. Click the Users tab, and then select the user that you want to disable.
4. Click Edit.
5. For Account Status, click Disable, and then click Finish.
6. Confirm the settings, and then click Apply.
7. When a completion message appears, click Close.
Removing user accounts
Security administrators can remove a user account when the account is no
longer in use. Built-in user accounts cannot be deleted. If deleting the current
login user account, you can continue the storage management software
operation until you log out.
Note: To delete the user account specified by the registered storage system
in the Storage Device List window, click Stop Service of the registered
storage system. After deletion, click Edit to enable the user account.
Procedure

Administration.
2. In the User Groups tab, click the user group to which the user belongs.
3. Click the Users tab, and then select the user you want to remove.
4. Click Remove.
The Confirm window opens.
5. In the Confirm window, confirm the settings and specify the task name,
and then click Apply.
6. At the completion message, click Close.
Backing up user accounts
Procedure
1. Click User Account Information > Backup.

2. Specify a storage destination and a file name in the displayed window
and download a file.
3. When a message asks whether you want to remove the selected item,
click Close.
Restoring user account information
Procedure
1. Click User Account Information > Restore
The Restore User Account window opens.

2. Specify file names to be restored, and then click Apply.
3. When a completion message appears, click Close.
User administration for Device Manager - Storage Navigator
This section describes various user roles, permissions and groups available to
manage your storage system.
User administration overview

Read and understand the following information before managing users or
user groups.
• When a user is assigned to multiple user groups, the user has the
permissions of all the roles in each user group that are enabled on the
resource groups assigned to each user group.
• If a user has All Resource Groups Assigned set to Yes, the user can access
all the resources in the storage system. For example, if a user is a security
administrator and a storage administrator and has all resource groups
assigned, the user can edit the storage for all the resources.
If this is an issue, the recommended solution is to register two user
accounts in the storage system and use the two accounts for different
purposes.
○ A security administrator user account that has All Resource Groups
Assigned set to Yes.
○ A storage administrator user account that has only some of the resource
groups assigned.
• For user groups whose roles are other than Storage Administrator, All
Resource Groups Assigned is automatically set to Yes. If you delete all the
roles except Storage Administrator, reassign resource groups to the user
group because All Resource Groups Assigned is automatically set to No.
Related tasks
• Changing assigned resource groups on page 95
Workflow for creating and managing user accounts

Administrators use Device Manager - Storage Navigator to create accounts
for all users. The following steps show a basic workflow:
• If an authentication server is used, connect the management clients to it.
An authentication server allows users to log in to Device Manager -
Storage Navigator with the same password as the one used for other
applications in a system.
• If an authentication server is not used, use a password dedicated to
Device Manager - Storage Navigator to log in. Whether to use the
authentication server can be specified for each user.
• Review Using an authentication server and authorization server on
page 96 for information and instructions.
• Review Managing user groups on page 89 to understand the user groups
and roles you can assign new or existing users.
• Create user accounts and assign permissions. See Creating user accounts
on page 82.
• Change, disable, or delete user passwords and permissions. See Changing
user passwords on page 85.
Administrator tasks
To authenticate a user using an authentication server, specify settings for
connecting to the server.
Note: When an administrator changes a support person's user account, he or

she must notify the user. Otherwise, the user will not be able to log in.
Procedure
1. Log in to Device Manager - Storage Navigator as a built-in user.

Use maintenance as the user name, and raid-maintenance as the
password. The built-in user has all permissions.
the password of the built-in user account.
3. Create a user group. Some user groups, such as built-in groups, are
available by default.
4. Create a user.
5. If necessary, change the environment parameter.
6. Save the user account information and environment parameter file.
7. Notify the user of the new user name and the password.
User tasks
Procedure
1. Use the user name and password provided by the administrator to log in
to Device Manager - Storage Navigator.
the password to your own password.
Managing user accounts

This process describes how to create and manage local administrator
accounts in the storage system. You will need to use the local administrator
account created during the initial setup step, or create administrator accounts
using the procedures described in this chapter as needed to access the
storage system temporarily when the management software is not available.
It is prudent to create more than one user account in case the system
administrator is not available when the management software becomes
unavailable, or when someone else needs to access the system. This is also
helpful if multiple users need to access Device Manager - Storage Navigator
to use storage features that are not available in the management software.
Related tasks
• Creating user accounts on page 82
• Changing user passwords on page 85
• Changing user permissions on page 86
• Enabling or Disabling user accounts on page 87
• Deleting user accounts on page 88
Creating user accounts

This section explains how to create a user account and register the account
to a user group with appropriate permissions.
Before you begin

• You must have the Security Administrator (View & Modify) role to perform
this task.
• You or an authorized technical support representative can log in to Device
Manager - Storage Navigator and CCI with user accounts that are created
in Device Manager - Storage Navigator.
• Support representatives must have the Support Personnel (Vendor Only)
role to log in.
• The system can support a maximum of 20 user accounts, including the
built-in user accounts.
Table 2 User name and password for Device Manager - Storage Navigator
Length in
Item Characters that can be used
characters
User name 1-256 • Alphanumeric characters

• The following symbols:
#$%&'*+-./=?@^_`{|}~
Password 6-256 • Alphanumeric characters

• All symbols
Table 3 User name and password for logging in to CCI
Length in
characters
User name 1-63 • Alphanumeric characters

• The following symbols:1
-.@_
Password 6-63 • Alphanumeric characters

• The following symbols:1
,-.@_
Note:
Length in
characters
1. When you use a Windows computer, you can also specify a backslash (\). When you use a
UNIX computer, you can also specify a slash (/).
Procedure
1. In the Device Manager - Storage Navigator Administration tree, select

User Groups.
2. On the User Groups tab, select a user group to which to add a user.
This is dependent on which permissions you want to give to the user.
The user logging in to NAS Manager must belong to both the built-in
Administrator and Support Personnel groups.
3. On the Roles tab, confirm that the displayed permissions are appropriate
for the user.
4. On the Users tab, click Create User.
5. Enter a name.
6. Select Activate or Lock for the account. If you select Lock, the user of
this account is disabled and cannot log in to Device Manager - Storage
Navigator and NAS Manager.
7. To use an authentication server, select External. To authenticate users
with only Device Manager - Storage Navigator, or to log in to NAS
Manager, select Local.
8. If you select Local, enter the password for this user account in two
places.
For a password, all alphanumeric characters and symbols can be used.
The length must be between 6 and 256.
9. Click Finish.
10. In the Confirm window, check the settings.
status check box is checked, the Task window opens to display the
status of the task.
Character restrictions for user names and passwords

Note the following restrictions for user names and passwords.
A user account created by using Device Manager - Storage Navigator can be

used for Maintenance Utility, CCI, and NAS Manager. It can also be used by
maintenance personnel for logins (the Support Personnel role is required).
The number of characters and types of characters that can be used vary
between Device Manager - Storage Navigator, RAID Manager, and NAS
Manager. If a user uses all three programs, specify a user name and a
password that satisfy the following conditions.
Item Length in characters Characters that can be used
User name 1-20 • Alphanumeric (ASCII code)

characters
• The following symbols1, 3:
-._
Password 6-63 • Alphanumeric (ASCII code)
characters
• The following symbols1, 2:
-,.:@_
Note:
1. If the host on which CCI is installed is running on UNIX, a slash (/) can be specified.
2. If the host on which CCI is installed is running on Windows, a back slash (\) can be specified.
3. Do not specify a user name consisting of periods (.) (..) only, or specify a user name
beginning with a hyphen (-). If you specify such names, you cannot log in to NAS Manager.
Note: To use NAS Manager after installing NAS modules as a user created by
using DKCMAIN firmware 83-03-2X or earlier, change the password. If you do
not change the password, you cannot log in to NAS Manager. Also, if a user
name contains more than 20 characters, the user cannot log in to NAS
Manager.
User name and password for Device Manager - Storage Navigator
Length in
characters
User name 1-256 • Alphanumeric (ASCII code) characters

#$%&'*+-./=?@^_`{|}~
You cannot use the # symbol when you enter a user name in
a screen from the Tool Panel dialog box.
Password 6-256 • Alphanumeric (ASCII code) characters
• All symbols
You cannot use the quotation mark (") or backslash (\)

symbols when you enter a password in a screen from the
Tool Panel dialog box.
Note: If you cannot log in on a Tool Panel dialog box screen, check to see if
you have used a number sign (#) in the user name, or used a quotation
mark (") or a backslash (\) in the password.
User name and password for logging in to SVP
Length in
characters
Length in
characters

!#$%&'-.@^_`{}~
Password 6- 127 • Alphanumeric (ASCII code) characters
• All symbols
User name and password for logging in to CCI
Length in
characters

• The following symbols*:
-.@_
Password 6- 63 • Alphanumeric (ASCII code) characters
-,.@_
Note: *When you use a Windows computer for CCI, you can also specify a backslash (\).
When you use a UNIX computer for CCI, you can also specify a slash (/).
User name and password for logging in to NAS Manager
Item Length in Characters that can be used
User name 1-20 • Alphanumeric (ASCII code)

characters
-._
Password 6-256 • Alphanumeric (ASCII code)
characters
• All symbols:
-._
Note: * Do not specify a user name consisting of periods (.) (..) only, or specify a user name
beginning with a hyphen (-). If you specify such names, you cannot log in to NAS Manager.
Changing user passwords

This section explains how to change or re-issue passwords for other users on
Caution: Do not select any user account used to connect to a storage system
that is registered in the Storage Device List window. For details, see the
Hardware Reference Guide for your storage system.
Before you begin
• Security administrators with View & Modify roles can change user
passwords on Device Manager - Storage Navigator.
• If the target user has a local user account for Device Manager - Storage
Navigator, the security administrator can use Device Manager - Storage
Navigator to change the target user's password.
• If the target user has a local user account for the authentication server,
the security administrator can use the authentication server to change the
target user's password. After the password is changed, the target user can
use the new password on both the authentication server and Device
Procedure

User Groups.
2. On the User Groups tab, select the user group to which the user
belongs.
3. On the User tab, select the user whose password you want to change.
4. In the User tab, click Change Password.
5. In the Change Password dialog box, specify a new password for the
user in the two password fields.
6. Click Finish.
Task Name.
of the task.
Changing user permissions

User permissions are determined by the groups to which the user belongs.
You change these permissions by changing membership in the user group. A
user can belong to multiple user groups.
For example, if you want to change the role of the user who manages
security to the performance management role, add this user to the Storage
Administrator (Performance Management) role group and then remove the
user from the Security Administrator (View & Modify) role group.
Before you begin

this task.
• The user whose permissions you want to change must belong to at least
one user group.
• A user account can belong to up to 8 user groups.
• A user group can contain a maximum of 20 user accounts, including the
built-in user accounts.
Adding a user
Procedure

User Groups.
2. On the User Groups tab, select the user group that has the role you
want the user to have, and then add or remove users.
To add users to the selected groups:
a. Click Add Users.
b. In the Add Users window, select a user and click Add.
To remove users from the selected groups:
a. In the Remove Users window, select one or more users.
b. Click More Actions > Remove Users.
3. Click Finish.
4. In the Confirm window, check the settings. If the Task Name field is
empty, enter a task name.
5. Click Apply. The task is now registered. If you selected the Go to tasks
window for status check box, the Task window opens to show the
status of the task.
Enabling or Disabling user accounts

Security Administrators can disable a user account to prevent the user from
logging in to Device Manager - Storage Navigator and NAS Manager
temporarily. Security Administrators can also enable a user account to allow
the user to log in to Device Manager - Storage Navigator and NAS Manager.
To allow or prevent a user from logging in to Device Manager - Storage

Navigator and NAS Manager, follow the steps below.
Before you begin

• Log into an account that is different from the user whose account that you
want to enable or disable.
this task.
Procedure
1. In the Device Manager - Storage Navigator Administration tree, click

User Groups.
2. On the User Group tab, select the user group.
3. On the Users tab, select a user.
4. Click Edit User.
5. Click the Account Status check box.
• To allow the user to log in to Device Manager - Storage Navigator and
NAS Manager, click Enable.
• To prevent the user from logging in to Device Manager - Storage
Navigator and NAS Manager, click Disable.
6. Click Finish.
of the task.
Deleting user accounts

Security Administrators can delete a user account when the account is no
longer in use. Built-in user accounts cannot be deleted.
Before you begin
You must have the Security Administrator (View & Modify) role to perform
this task.
Procedure

User Groups.
2. On the User Groups tab, click a user group to which a user belongs.
3. On the Users tab, select the user whose account you want to delete.
4. Click More Actions > Delete Users.
5. In the Delete Users window, select the user to be deleted, then click
Finish.
of the task.
Releasing a user lockout

If a user attempting to log in to Device Manager - Storage Navigator or
Command Control Interface enters an incorrect username or password three
times, the system sets the login status to locked, preventing further login
attempts for 60 seconds. If necessary, you can release the locked status
before the lock times out.
Before you begin
You must have the Security Administrator (View & Modify) role to perform
this task.
Procedure
1. In the Administration tree, select User Groups.

2. On the User Groups tab, click a user group to which the locked-out user
belongs.
3. On the User tab, select the user you want to unlock.
4. On the User tab, click More Actions > Release Lockout.
The Release Lockout window opens.
5. Specify a task name, and then click Apply.
Managing user groups

You can use the Device Manager - Storage Navigator to view existing user
groups, and to create, modify, or delete them.
Roles
The following table shows all the roles that are available for use and the
permissions that each role provides to the users. You cannot create a custom
role.
Role Capabilities
Security Administrator • Viewing information about user accounts and encryption settings
(View Only) • Viewing information about the encryption key in the key SVP
Security Administrator • Configuring user accounts
(View & Modify) • Creating encryption keys and configuring encryption settings
• Viewing and switching where encryption keys are generated
• Backing up and restoring encryption keys
• Deleting encryption keys backed up in the key SVP
• Viewing and changing the password policy for backing up encryption keys on the
management client
• Connection to the external server
• Backing up and restoring connection configuration to the external server
• Configuring the certificate used for the SSL communication
• Configuring the fibre channel authentication (FC-SP)
• Configuring resource groups
• Editing virtual management settings
• Setting reserved attributes for global-active device
Audit Log Administrator • Viewing audit log information and downloading audit logs
(View Only)
Audit Log Administrator • Configuring audit log settings and downloading audit logs
(View & Modify)
Storage Administrator • Viewing storage system information
(View Only)
Storage Administrator • Configuring settings for storage systems
(Initial Configuration)
Role Capabilities
• Configuring settings for SNMP

• Configuring settings for e-mail notification
• Configuring settings for license keys
• Viewing, deleting, and downloading storage configuration reports
• Acquiring all the information about the storage system and updating Device
Manager - Storage Navigator window by clicking Refresh All
Storage Administrator • Configuring settings for CLPR
(System Resource • Configuring settings for MP unit
Management) • Deleting tasks and releasing exclusive locks of resources
• Configuring LUN security
• Configuring Server Priority Manager
• Configuring tiering policies
Storage Administrator • Configuring caches
(Provisioning) • Configuring volumes, pools, and virtual volumes
• Formatting and shredding volumes
• Configuring external volumes
• Configuring Dynamic Provisioning
• Configuring host groups, paths, and WWN
• Configuring Volume Migration except splitting Volume Migration pairs when using
CCI
• Configuring access attributes for volumes
• Configuring LUN security
• Creating and deleting quorum disk used with global-active device
• Creating and deleting global-active device pairs
Storage Administrator • Configuring monitoring
(Performance Management) • Starting and stopping monitoring
Storage Administrator • Performing pair operations for local copy
(Local Copy) • Configuring environmental settings for local copy
• Splitting Volume Migration pairs when using CCI
Storage Administrator • Remote copy operations in general
(Remote Copy) • Operating global-active device pairs (except for creation and deletion)
Support Personnel (Vendor Configuring the SVP
Only) • Normally, this role is for service representatives.
Support Personnel (User) • Viewing storage system status
• Installing OS security patches
• Updating operating systems
• Performing basic maintenance
Built-in groups, roles, and resource groups

You can assign users to one or more built-in user groups and custom user
groups. You cannot change roles or resource groups set to the built-in
groups, but you can create custom user groups according to the needs of
your storage environment.
For more information about resource groups, see the Provisioning Guide for
Hitachi Virtual Storage Platform Gx00 and Fx00 Models.
The following table shows all the built-in groups, and their built-in roles and
resource groups.
Resource
Built-in group Role
group
Administrator • Security Administrator (View & Modify) All Resource

• Audit Log Administrator (View & Modify) Groups
• Storage administrator (Initial Assigned
Configuration)
• Storage Administrator (System Resource
Management)
• Storage Administrator (Provisioning)
• Storage Administrator (Performance
Management)
• Storage Administrator (Local Copy)
• Storage Administrator (Remote Copy)
System • Security Administrator (View & Modify) All Resource
• Audit Log Administrator (View & Modify) Groups
• Storage Administrator (Initial Assigned
Configuration)
Management)
Management)
Security Administrator (View Only) • Security Administrator (View Only) All Resource
• Audit Log Administrator (View Only) Groups
• Storage Administrator (View Only) Assigned
Security Administrator (View & • Security Administrator (View & Modify) All Resource
Modify) • Audit Log Administrator (View & Modify) Groups
• Storage Administrator (View Only) Assigned
Audit Log Administrator (View • Audit Log Administrator (View Only) All Resource
Only) • Storage Administrator (View Only) Groups
Assigned
Audit Log Administrator (View & • Audit Log Administrator (View & Modify) All Resource
Modify) • Storage Administrator (View Only) Groups
Assigned
Storage Administrator (View Only) • Storage Administrator (View Only) meta_resource
Storage Administrator (View & • Storage Administrator (Initial meta_resource

Modify) Configuration)
Management)
Management)
Support Personnel • Storage Administrator (Initial All Resource
Configuration) Groups
• Storage Administrator (System Resource Assigned
Management)
Resource
Built-in group Role
group

Management)
• Support Personnel
Related tasks
• Checking if a role is available to a user group on page 92
Verifying the roles available to a user group

You can use Device Manager - Storage Navigator to verify the roles that are
available to use with any user group.
Before you begin
You must have the Security Administrator (View Only) role to perform this
task.
Procedure
1. In the Device Manager - Storage Navigator tree, click User

Administration.
2. On the User Groups tab, click the name (not the checkbox) of a user
group whose roles you want to check.
3. In the User Administration window, click the Roles tab.
The list of roles applied to the selected user group is displayed.
4. To return to the User Administration window, click User
Administration.
Checking if a role is available to a user group

You can use Device Manager - Storage Navigator to verify the roles that are
available to use with any user group.
You can assign users to one or more built-in user groups and custom user
groups. You cannot change roles or resource groups set to the built-in
groups, but you can create custom user groups according to the needs of
your storage environment.
Before you begin
You must have the Security Administrator (View Only) role to perform this
task.
Procedure
1. In the Device Manager - Storage Navigator Administration tree, click

User Administration.
2. On the User Groups tab, click the name (not the checkbox) of a user
group whose roles you want to check.
3. In the User Administration window, click the Roles tab. The list of
roles applied to the selected user group is displayed.
4. To return to the User Administration window, click User
Administration.
Related references
• Built-in groups, roles, and resource groups on page 90
Creating a new user group

This section explains how administrators can create a user group.
A user group name consists of 1 to 64 characters including alphanumeric

characters, spaces, and the following symbols:
!#$%&'()+-.=@[]^_`{}~
The system can support a maximum of 32 user groups, including the nine
built-in user groups.
Before you begin

this task.
Procedure

2. In the User Groups tab, click Create User Groups to open the Create
User Group window.
3. Enter a user group name.
4. If you use an authorization server, click Check and verify that the
entered user group name is registered in the authorization server.
5. Click Next to open the Assign Roles window.
6. Select the roles to assign to the user group, and click Add.
7. Click Next to open the Assign Resource Groups window.
8. Select the resource groups to assign to the user group, and click Add. If
you select a role other than the storage administrator in the Assign
Roles window, you do not need to select resource groups because all the
resource groups are assigned automatically.
9. Click Finish to finish and confirm settings.
Click Next to add another user.
10. Check the settings and enter a task name in Task Name.
of the task.
Changing a user group name
This section explains how to change the name of a user group.
Before you begin

this task.
• The names of built-in groups cannot be changed.
• A user group name consists of 1 to 64 characters including alphanumeric
characters (ASCII), spaces and the following symbols:
#$%&'()+-.=@[]^_`{}~
Procedure

2. In the User Groups tab, select the user group.
3. Click More Actions > Edit User Group.
4. In the Edit User Group window, enter a new user group name.
5. If you use an authorization server, click Check and verify that the
entered user group name is registered in the authorization server.
6. Click Finish.
Task Name.
status of the task.
Changing user group permissions

This section explains how to change the permissions that are assigned to
user groups.
Before you begin

this task.
• The permissions of a built-in group cannot be changed.
Procedure

User Groups.
2. In the User Groups tab, select the user group whose permission you
want to change.
3. Click the Roles tab.
4. Click Edit Role Assignment.
5. In the Edit Role Assignment window, change roles to be assigned to
the user group.
• Select roles to add, and then click Add.
• Select a role to remove, and then click Remove.
6. Click Finish.
Task Name.
status check box is checked, the Task window opens.
Changing assigned resource groups

This section explains how to change the resource groups that are assigned to
the user group.
Before you begin

this task.
• Create a resource group to be assigned to the user group in advance.
• You cannot change the resource groups of a user group that has All
Resource Groups Assigned set to Yes
• You cannot change resource groups of a built-in group.
Procedure

User Groups.
2. On the User Groups tab, select a user group to change the resource
group.
3. Select the Resource Groups tab.
4. Click Edit Resource Group Assignment to open the Edit Resource
Group Assignment window.
5. In the Edit Resource Group Assignment window, change resource
groups to be assigned to the user group.
• Select the resource group to add, and click Add.
• Select the resource group to remove, and click Remove.
6. Click Finish.
Task Name.
status of the task.
Deleting a user group

This section explains how to delete a user group when it is no longer needed.
Before you begin

this task.
• You cannot delete a built-in user group.
• You cannot delete a user group if the users in it belong to only the user
group to be deleted.
Procedure

User Groups.
2. In the User Groups tab, select the user-created user groups that you
want to delete.
3. Click More Actions > Delete User Groups.
4. Check the settings, then click Apply.
Using an authentication server and authorization server

An authentication server enables users to log in to Device Manager - Storage
Navigator with the same password as the password that they use for other
applications. The authentication server must be configured for each user.
The following figure shows the login workflow without an authentication

server:
The following figure shows the login workflow with an authentication server:
If an authorization server works together with an authentication server, the

user groups that are registered in the authorization server can be assigned to
a user for Device Manager - Storage Navigator.
The following figure shows the login workflow when an authentication server
and an authorization server are used in combination:
You can use the authentication server without knowing the host names and
port numbers, if you register the information of the authentication server as
an SRV record in the DNS server. If you register multiple numbers of
authentication servers to the SRV record, you can determine the
authentication server to be used, based on the priority that has been set in
advance.
Authentication server protocols

Authentication servers support the following protocols:
• LDAPv3 simple bind authentication
• RFC 2865-compliant RADIUS with PAP and CHAP authentication
• Kerberos v5
The following certificate file formats are available for LDAP server settings:
• X509 DER format
• X509 PEM format
One of the following encryption types must be used for the Kerberos server:
Windows
• AES128-CTS-HMAC-SHA1-96
• RC4-HMAC
• DES3-CBC-SHA1
• DES-CBC-CRC
• DES-CBC-MD5
Solaris or Linux
• DES-CBC-MD5
Authorization server requirements
The authorization server must satisfy the following requirements if it works
together with the authentication server:
Prerequisite OS
• Windows Server 2003
• Windows Server 2003 R2
• Windows Server 2008
• Windows Server 2008 R2
Prerequisite software
• Active Directory
Authentication protocol for user for searching

• LDAP v3 simple bind
Connecting two authentication servers

Two authentication servers can be connected. When the servers are
connected, the server configurations must be the same, except for the IP
address and the port.
If you search for a server using information registered in the SRV records in
the DNS server, confirm that the following conditions are satisfied:
LDAP server conditions:

• The environmental setting for the DNS server is completed at the
LDAP server.
• The host name, the port number, and the domain name of the LDAP
server are registered in the DNS server.
Kerberos server conditions:

• The host name, the port number, and the domain name of the
Kerberos server are registered in the DNS server.
• You cannot use the SRV records on a RADIUS server.
Because UDP/IP is used to access the RADIUS server, no encrypted

communications are available, such as negotiations between processes. To
access the RADIUS server in a secure environment, encryption in the packet
level is required, such as IPsec.
Connecting authentication and authorization servers
To use an authentication server and an authorization server, you must create
configuration files and configure your network. Detailed setting information is
required for the authentication server and the authorization server, especially
for creating a configuration file.
Before you begin

• Contact your server administrator for information about the values to be
written in the LDAP, RADIUS, or Kerberos configuration file. If you use
LDAP servers, obtain certification for the LDAP server files.
• Contact your network administrator for information about the network
settings.
Procedure
1. Create a configuration file. The items to specify depend on the protocol

you use.
2. Log in to the SVP and store the following files in an easily accessible
location.
• Certificate (for secure communication)
• Configuration file
3. Open the Windows command prompt on the SVP.
4. Move the current directory to the directory where
MappSetExAuthConf.bat is located (for example, C:\MAPP\wk
\Supervisor\MappIniSet).
Run the following command specifying the configuration file path (for
example, C:\aut\auth.properties) and the certificate file path (for
example, C:\auth\auth.cer):
C:\MAPP\wk\Supervisor\MappIniSet\MappSetExAuthConf"C:\auth
\auth.properties" "C:\auth\auth.cer"
5. After you complete the settings and verify that you can use the
authentication and authorization servers, back up the connection settings
for the authentication server.
If the authentication server and the authorization server are unusable
even after you make the settings, the network or the configuration file
settings might have a problem. Contact the server administrator or the
network administrator.
Naming a user group in Device Manager - Storage Navigator

When you create a user group in Device Manager - Storage Navigator, you
name the group with the user's memberOf attribute value which is found in
the Active Directory. Device Manager - Storage Navigator supports Active
Directory nested groups.
After entering the user group name, verify that the user group name that you
entered is registered in the authorization server.
Note: The domain name (DN) of the user group to be set to Active Directory
must be between 1 and 250 characters. The number of user groups that can
be registered at one time is 20 at maximum.
Caution: If a user needs to use different user groups for different purposes,
create local user accounts on Device Manager - Storage Navigator. Do not
use the authorization server.
Creating configuration files

This section includes the procedures to create LDAP, RADIUS, and Kerberos
configurations files.
Creating an LDAP configuration file

To use an LDAP server for authentication, create a configuration file in UTF-8
encoding. Include information about the authentication server as shown in
the following example. Any file name and extension is allowed.
Caution: If you save the configuration file when using the Windows standard
Notepad application, specify ANSI for the letter code. If you use an editor
other than the memo pad and have the YTF-8 BOM setting, specify No BOM
then save.
auth.server.type=ldap
auth.server.name=<server_name>
auth.group.mapping=<value>
auth.ldap.<server_name>.<attribute>=<value>
A full example is shown here:

auth.server.type=ldap
auth.server.name=PrimaryServer
auth.group.mapping=true
auth.ldap.PrimaryServer.protocol=ldaps
auth.ldap.PrimaryServer.host=ldaphost.domain.local
auth.ldap.PrimaryServer.port=636
auth.ldap.PrimaryServer.timeout=3
auth.ldap.PrimaryServer.attr=sAMAccountName
auth.ldap.PrimaryServer.searchdn=CN=sample1,CN=Users,DC=domain,DC
=local
auth.ldap.PrimaryServer.searchpw=passwordauth.ldap.PrimaryServer.
basedn=CN=Users,DC=domain,DC=local
auth.ldap.PrimaryServer.retry.interval=1
auth.ldap.PrimaryServer.retry.times=3
auth.ldap.PrimaryServer.domain.name=EXAMPLE.COM
The LDAP attributes are defined in the following table.
Required /
Attribute Description Default value
Optional
auth.server.type Type of an authentication server. Required None

Specify ldap.

Required /
Optional
auth.server.name The name of an authentication Required None

server.
When registering a primary and a

secondary server, use a comma to
separate the names. The name of
the server, including the primary
name, secondary name, and the
comma (1 byte) must be 64 bytes
or less.
The names can use all ASCII code

characters except for the following:
\/:,;*?"<>|$%&'˜
In this manual, the value specified

here is called <server_ name>
hereafter.
auth.group.mapping Information about whether to work Optional False

together with an authorization
server:
• true: Works together
• false: Does not work together
auth.ldap.<server_na LDAP protocol to use. Rquired None

me>.protocol • ldaps: Uses LDAP over SSL/TLS.
• starttls: Uses StartTLS.
When you specify "true" to

auth.ldap.<server_name>.dns_look
up, specify ldaps.
auth.ldap.<server_na A host name, an IPv4 address or an Optional1 None

me>.host IPv6 address of the LDAP server. An
IPv6 address must be enclosed in
square brackets. To use StartTLS as
a protocol, specify a host name.
If this value is specified,

auth.ldap.<server_name>.dns_look
up will be ignored
auth.ldap.<server_na A port number of the LDAP server. Optional 389
me>.port
Must be between 1 and 65,535.2
auth.ldap.<server_na The number of seconds before the Required 10
me>.timeout connection to the LDAP server
times out. It must be between 1
and 30.2
auth.ldap.<server_na Attribute name to identify a user Required None

me>.attr (such as a user ID).
• Hierarchical model: An attribute
name where the value that can
identify a user is stored

Required /
Optional
• Flat model: An attribute name

for a user entry's RDN
sAMAccountName is used for Active

Directory.
auth.ldap.<server_na DN of the user for searching. If Otional None
me>.searchdn omitted,
[value_of_attr]=[Login_ID],[value_
of _basedn] is used for bind
authentication.3
auth.ldap.<server_na User password that is used for Required None
me>.searchpw searching. Specify the same
password that is registered in the
LDAP server.
auth.ldap.<server_na BaseDN for searching for users to Required None
me>.basedn authenticate.3
• Hierarchical model: DN of
hierarchy that includes all the
targeted users for searching
• Flat model: DN of hierarchy that
is one level up from the
targeted user for searching
auth.ldap.<server_na Retry interval in seconds when the Optional 1
me>.retry.interval connection to the LDAP server fails.
Must be between 1 and 5.2
auth.ldap.<server_na Retry times when the connection to Optional 3

me>.retry.times the LDAP server fails.
Must be between 0 and 3. Zero

means no retry.2
auth.ldap.<server_na A domain name that the LDAP Required None
me>.domain.name server manages.
auth.ldap.<server_na Information about whether to Optional False
me>.dns_lookup search the LDAP server with the
information registered in the SRV
records in the DNS server.
• true: Searches with the
information registered in the
SRV records in the DNS server
• false: Searches with the host
name and port number
When "host" and "port" are

specified, the LDAP server is not
searched with the information
registered in the SRV records by
specifying "true".
Notes:
1. The item can be omitted if true is specified for "auth.ldap.<server_name>.dns_lookup".
2. If the specified value is not valid, the default value will be used.

Required /
Optional
3. To use symbols such as + ; , < = and >, enter a backslash (\) before each symbol. When
using multiple symbols, each symbol must have a backslash before it. For example, to enter
abc++ in the searchdn field, use \+ instead of + as shown here: abc\+\+
To enter \ , /, or ", enter a backslash and then enter the ASCII code in hex for the following
symbols:
• Enter \5c for \
• Enter \2f for /
• Enter \22 for "
For example, to enter abc\ in the searchdn field, enter abc\5c.
Creating a RADIUS configuration file

To use a RADIUS server for authentication, create a configuration file in
UTF-8 encoding. Include information about the authentication server as
shown in the following example. Any file name and extension is allowed. If an
authorization server is not used, you do not need to define the items for it.
then save.
auth.server.type=radius
auth.server.name=server-name
auth.group.mapping=value
auth.radius.server-name.attribute=value
auth.group.domain-name.attribute=value
A full example is shown below:

auth.server.type=radius
auth.server.name=PrimaryServer
auth.radius.PrimaryServer.protocol=pap
auth.radius.PrimaryServer.host=xxx.xxx.xxx.xxx
auth.radius.PrimaryServer.port=1812
auth.radius.PrimaryServer.timeout=3
auth.radius.PrimaryServer.secret=secretword
auth.radius.PrimaryServer.retry.times=3
auth.radius.PrimaryServer.attr.NAS-Identifier=xxxxxxxx
auth.group.auth.radius.PrimaryServer.domain.name=radius.example.c
om
auth.group.auth.radius.PrimaryServer.domain.name.protocol=ldap
auth.group.auth.radius.PrimaryServer.domain.name.host=xxx.xxx.xxx
.xxx
auth.group.auth.radius.PrimaryServer.domain.name.port=386
auth.group.auth.radius.PrimaryServer.domain.name.searchdn=CN=samp
le1,CN=Users,DC=domain,DC=local
auth.group.auth.radius.PrimaryServer.domain.name.searchpw=passwor
d
auth.ldap.PrimaryServer.basedn=CN=Users,DC=domain,DC=local
The attributes are defined in the following tables.

Table 4 RADIUS definition (for authentication server)
Required / Default
Attribute Description
Optional value
auth.server.type Type of an authentication server. Specify Required None

radius.
auth.server.name The name of an authentication server. Required None

When registering a primary and
secondary server, use a comma to
separate the names. The name of the
server, including the primary name,
secondary name, and the comma (1
byte) must be 64 bytes or less.
The names can use all ASCII code

characters except for the following:
\/:,;*?"<>|$%&'˜
In this manual, the value specified here is

called server-name hereafter.
auth.group.mapping Information about whether to work Optional False

together with an authorization server
auth.radius.server- RADIUS protocol to use. Required None

name.protocol • PAP: Password authentication protocol
that transmits plaintext user ID and
password
• CHAP: Challenge-handshake
authentication protocol that transmits
encrypted password
auth.radius.server- A host name, an IPv4 address or an IPv6 Required None

name.host address of the RADIUS server. An IPv6
address must be enclosed in square
brackets.
auth.radius.server- A port number of the RADIUS server. Optional 1,812

name.port Must be between 1 and 65,535.1
auth.radius.server- The number of seconds before the Optional 10

name.timeout connection to the RADIUS server times
out.
auth.radius.server- RADIUS secret key used for PAP or CHAP Required None
name.secret authentication
auth.radius.server- Retry times when the connection to the Optional 3

name.retry.times RADIUS server fails.
Must be between 0 and 3. 0 means no

retry.1
auth.radius.server- Identifier for the RADIUS server to find Optional2 None

name.attr.NASIdentifier SVP. Specify this value if the attr.NAS-

Required / Default
Optional value
Identifier attribute is used in your

RADIUS environment. ASCII codes up to
253 bytes long are accepted.
auth.radius.server- IPv4 address of the SVP. Specify the Optional2 None

name.attr.NAS-IPv4- value of the NAS-IP-Address attribute.
Address This value is transmitted to the RADIUS
server when the authentication is
requested.
auth.radius.server- IPv6 address of the SVP. Specify the Optional2 None

name.attr.NAS-IPv6- value of the NAS-IPv6-Address attribute.
Address This value is transmitted to the RADIUS
server when the authentication is
requested.
Notes:
1. If the specified value is not applicable, the default value will be used.
2. Set either NAS-Identifier, NAS-IP-Address, or NAS-IPv6-Address.
Table 5 RADIUS definition (for authorization server)
Required / Default
Optional value
auth.radius.server- A domain name that the LDAP server Required None

name.domain.name manages. In this manual, the value
specified here is called domain-name
hereafter.
auth.radius.server- Information about whether to search the Optional false

name.dns_lookup LDAP server with the information
registered in the SRV records in the DNS
server.
• true: Searches with the information
registered in the SRV records in the
DNS server
• false: Searches with the host name
and port number.
When "host" and "port" are specified, the

LDAP server is not searched with the
information registered in the SRV records
by specifying "true".
auth.radius.domain- LDAP protocol to use. Required None

name.protocol • ldaps: Uses LDAP over SSL/TLS.
• starttls: Uses StartTLS.
When you choose ldap, specify "true" to

"auth.radius.domain-name.dns_lookup"
auth.radius.domain- A host name, an IPv4 address or an IPv6 Optional1 None

name.host address of the LDAP server. An IPv6

Required / Default
Optional value
address must be enclosed in square

brackets ([ ]).
auth.radius.domain- A port number of the LDAP server. Optional 389

name.port
auth.radius.domain- DN of the user for searching. Required None
name.searchdn
auth.radius.domain- User password for searching. Specify the Required None

name.searchpw same password that is registered in the
LDAP server.
auth.radius.domain- Base DN for searching for users to Optional abbr

name.basedn authenticate. Specify DN of the hierarchy,
including all the users for searching
because the targeted users for searching
are in lower hierarchy than the specified
DN.3
auth.radius.domain- The number of seconds before the Optional 10

name.timeout connection to the LDAP server times out.
Must be between 1 and 302.
auth.radius.domain- Retry interval in seconds when the Optional 1

name.retry.interval connection to the LDAP server fails. Must
be between 1 and 5.2
auth.radius.domain- Retry times when the connection to the Optional 3

name.retry.times LDAP server fails. Must be between 0 and
3. 0 means no retry.2
Notes:
1. The item can be omitted if true is specified for "auth.ldap.server-name.dns_lookup".
To enter \ , /, or ", enter a backslash and then the ASCII code in hex for these symbols.
• Enter \5c for \.
• Enter \2f for /.
• Enter \22 for "
Creating a Kerberos configuration file

To use an Kerberos server for authentication, create a configuration file in
UTF-8 encoding. Include information about the authentication server as
shown in the following example. Any file name and extension are allowed. If
an authorization server is not used, you do not need to define the items for
it.

then save.
auth.server.type=kerberos
auth.group.mapping=<value>
auth.kerberos.<attribute>=<value>
auth.group.<realm name>.<attribute>=<value>
A full example is shown below:

auth.server.type=kerberos
auth.kerberos.default_realm=example.com
auth.kerberos.dns_lookup_kdc=true
auth.kerberos.clockshow=300
auth.kerberos.timeout=10
auth.group.example.com.searchdn=CN=sample1,CN=Users,DC=domain,DC=
localauth.group.example.com.searchpw=passwordauth.ldap.PrimarySer
ver.basedn=CN=Users,DC=domain,DC=local
The Kerberos attributes are defined in the following table.
Table 6 Kerberos definition (for authentication server)
Required /
Optional
auth.server.type Type of an authentication server. Required None

Specify kerberos.
auth.group.mapping Information about whether to work Optional false

together with an authorization
server
auth.kerberos.default_ Default realm name Required None

realm
auth.kerberos.dns_loo This is a switch that determines Optional false

kup.kdc which information registered in the
SRV records in the DNS server to
use when searching the Kerberos
server.
• true: Searches with the
information registered in the SRV
records in the DNS server
• false: Searches with the host
name and port number
When "realm name" and "<value

specified to the realm name>.kdc"
are specified, the Kerberos server is
not searched with the information
registered in the SRV records by
specifying "true".

Required /
Optional
auth.kerberos.clockske The acceptable range of the Optional 300

w difference in time between the SVP
and the Kerberos server where the
SVP is operating.
Must be between 0 and 300
seconds.1
auth.kerberos.timeout The number of seconds before the Optonal 10

connection to the RADIUS server
times out. Must be between 1 and
30. When 0 is specified, the
connection does not time out until a
communication error occurs.1
auth.kerberos.realm_n Realm identifier name Optional2 None

ame Any name to distinguish the
information of Kerberos server in
each realm. Duplicate names cannot
be used. If you register multiple
names, use a comma to separate
the names. The value specified here
is called <realm_name> hereafter.
auth.kerberos.<realm The realm name set to the Kerberos Optional2 None

_name>.realm server.
auth.kerberos.<realm_ The host name, the IPv4 address, Optional2 None

name>.kdc and the port number of the Kerberos
server. Specify these in the format
of "<Host name or IP
address>[:Port number]".
Notes:
1. The item can be omitted if true is specified for "auth.ldap.<server_name>.dns_lookup".
• Enter \5c for \.
• Enter \2f for /.
• Enter \22 for ".
Table 7 Kerberos definition (for authorization server)
Attribute Description Required / Optional Default value
auth.group.<realm_na LDAP protocol to use. Required None

me>.protocol • ldaps: Uses LDAP
over SSL/TLS.
• starttls: Uses
StartTLS.

auth.group.<realm_na A port number of the Optoinal 389

me>.port LDAP server.
Must be between 1 and
65535. 1
auth.group.<realm_na DN of the user for Required None

me>.searchdn searching.2
auth.group.<realm_na Password of the user Required None

me>.searchpw for searching. Specify
the same password
that is registered in the
LDAP server.
auth.group.<realm_na BaseDN when the Optional abbr

me>.basedn search for users
begins. When
searching, specify the
hierarchy DN, including
all the users, because
the targeted user for
the search is in a lower
hierarchy than the
specified DN.2
auth.group.<realm_na Number of seconds Optional 10

me>.timeout before the connection
to the LDAP server
times out. Must be
between 1 and 30
seconds. When 0 is
specified, the
connection does not
time out until a
communication error
occurs.1
auth.group.<realm_na Retry interval in Optional 1

me>.retry.interval seconds when the
connection to the LDAP
server fails. Must be
between 1 and 5.1
auth.group.<realm_na Retry times when the Optional 3

me>.retry.times connection to the LDAP
server fails. Must be
between 0 and 3. 0
means no retry.1
Notes:

• Enter \5c for \

• Enter \2f for /
• Enter \22 for "
Related concepts
• Using an authentication server and authorization server on page 96
Related tasks
• Connecting authentication and authorization servers on page 99
User Administration for NAS Manager

This section describes various user roles, permissions and groups available to
manage your storage system. You use NAS Manager to create and manage
SMU user accounts on your storage system.
Administrator types and responsibilities

This section describes the types of NAS storage system administrators and
defines their expected roles in managing the system and the associated
storage subsystems.
• Global Administrators can manage everything in the system: file
systems, file services, or file system related features and functions,
storage devices and their components. Also, the Global Administrator
creates and manages SMU user profiles (Server Administrators, Storage
Administrators, Server+Storage Administrators, and other Global
Administrators). Global Administrators also control what servers and
storage devices each administrator can access.
• Storage Administrators manage storage devices, as specified in the
administrator profile created by the Global Administrator.
Storage Administrators can manage only storage devices and their
components (racks, physical disks, SDs, and storage pools). Storage
Administrators cannot manage file systems, file services, or file system
related features and functions, and they cannot manage users.
• Server Administrators manage servers and clusters, as specified in the
administrator profile created by the Global Administrator. Server
Administrators cannot manage storage devices.
Server Administrators can manage file systems and file services such as
CIFS Shares, NFS Exports, and they can manage file system related
features and functions such as snapshots, quotas, and migration policies
and schedules.

• Server+Storage Administrators manage servers, clusters, and storage
devices, as specified in the administrator profile created by the Global
Administrator.
Server+Storage administrators can manage everything Server
Administrators and Storage Administrators can manage: file systems, file
services, or file system related features and functions, and they can also
manage storage devices and their components.
All administrators can connect to the NAS storage system through NAS
Manager, the browser-based management utility provided by the system
management unit (SMU). Additionally, Global Administrators can connect to
the SMU command line interface (CLI).
Note: Server Administrators, Storage Administrators, and Server+Storage

Administrators will not be able to access all of the NAS Manager pages that a
Global Administrator can access.
Adding an SMU user (an administrator)

To add an SMU user (a NAS storage system administrator):
Procedure
1. Navigate to Home > SMU Administration > SMU Users > SMU Users
to display the SMU Users page.
2. Click add to display the Add SMU User page:
Name The name of the new user account. This name will be requested when
logging in to the SMU. The rules for user names are:
• For Global administrators only, if the user will access the SMU
through the CLI, the user name:

○ Must start with a letter or an underscore, and may consist of

alphanumeric characters and the underscore (_) and the hyphen
(-).
○ Cannot match certain special purpose names: root, manager,
postgres, nobody, or nfsnobody.
○ Cannot match certain special purpose user ID numbers: for
example, those with uid less than 502.
• For all types of administrators, if the user will access the SMU only
through NAS Manager, the user name may consist of alphanumeric
characters and/or the underscore (_), the hyphen (-), the equal sign
(=), parentheses "(" or ")", brackets ( [ or ] ), the pound sign (#)
and the exclamation point (!).
• Supervisor is a reserved system user name. It is not available as a
new user name.
Note: If you are using RADIUS realms, and the global

administrator will access the SMU using both NAS Manager and
the CLI, use the underscore (_) to combine the user name and
the realm: for example, johnsmith_realm2. If the global
administrator will access the SMU using only NAS Manager, you
can use the at sign (@) to combine the user name and the
realm: for example, johnsmith@realm3.
User Type The user type. User types are either local or RADIUS.
• Local users are those whose passwords are locally defined and
authenticated in the SMU.
• RADIUS users are those whose passwords are defined and
authenticated in an external RADIUS servers. The RADIUS
administrator must add a user name and password to all RADIUS
servers.
Password Enter the password that will be used when this user account logs in. The
password cannot exceed 256 characters.
This field only applies when the User Type is selected to Local. It does
not apply when the RADIUS User Type is selected.
Confirm Password Confirm the password entered in the previous field by entering it in
again. Only applies when the Local User type is selected.
User Level Specify the level for the new administrator that you are creating. You
can select any one of the following:
• Global Administrators can manage everything in the system: file
systems, file services, or file system related features and functions,
storage devices and their components. Also, the Global Administrator
creates and manages SMU user profiles (Server Administrators,
Storage Administrators, Server+Storage Administrators, and other
Global Administrators). Global Administrators also control what
servers and storage devices each administrator can access.
• Storage Administrators manage storage devices, as specified in
the administrator profile created by the Global Administrator.
Storage Administrators can manage only storage devices and their
components (racks, physical disks, SDs, and storage pools). Storage
Administrators cannot manage file systems, file services, or file
system related features and functions, and they cannot manage
users.

• Server Administrators manage servers and clusters, as specified in

the administrator profile created by the Global Administrator. Server
Administrators cannot manage storage devices.
Server Administrators can manage file systems and file services such
as CIFS Shares, NFS Exports, and they can manage file system
related features and functions such as snapshots, quotas, and
migration policies and schedules.
• Server+Storage Administrators manage servers, clusters, and
storage devices, as specified in the administrator profile created by
the Global Administrator.
Administrators and Storage Administrators can manage: file systems,
file services, or file system related features and functions, and they
can also manage storage devices and their components.
Note: Server Administrators, Storage Administrators, and

Server+Storage Administrators will not be able to access all of
the NAS Manager pages that a Global Administrator can access.
SMU CLI Access If the administrator is allowed to log in and access the SMU CLI of an
(for Global external SMU, select the SMU CLI Access check box.
Administrators
only)
Available HNAS For Server administrators, Storage administrators, and Server+Storage

Servers administrators, lists the servers managed by the SMU to which the
administrator has not yet been given management privileges. Not
available for Global administrators, because Global administrators are
allowed to manage all storage and all servers.
Selected HNAS For Server administrators, lists the servers that the administrator can
Servers manage. Note that a Server administrator cannot manage the storage
attached to these servers. Not available for Global administrators,
because Global administrators are allowed to manage all storage and all
servers.
For Storage administrators, lists servers that have attached storage that
the administrator can manage. Note that a Storage administrator cannot
manage these servers, only the storage attached to these servers.
For Server+Storage administrators, lists servers that the administrator

can manage. The Server+Storage administrator can also manage the
storage attached to these servers.
OK When the profile is complete and correct, click OK to save and enable
the user profile, and then return to the SMU Users page.
cancel Closes the page without saving the profile, and returns to the SMU
Users page.
3. Enter the user name for the new administrator in the Name field.
4. Specify if the administrator login is authenticated locally (by the SMU) or
by a RADIUS server by selecting the appropriate User Type.

Note: If you are authenticating this user through a RADIUS server,
the Password and Confirm Password fields will not be available,
and you should skip the next two steps, but you must enter the
user passwords into the RADIUS server using the tools available
for that server.
5. If the User Type is local, enter the password for the new administrator
in the Password field.
6. If the User Type is local, confirm the password for the new
administrator in the Confirm Password field.
7. Specify the initial login password for the user by filling in the Password
and the Confirm Password fields.
8. Specify the user level for the new administrator that you are creating.
You can select one of the following:
• Global Administrator
• Storage Administrator
• Server Administrator
• Server+Storage
9. For Global Administrators only, if the administrator is allowed to log in
and access the SMU command line interface (CLI) of an external SMU, fill
the SMU CLI Access check box.
10. Using the Available Servers and the Selected Servers lists, specify
the servers the administrator can access or the servers with the storage
the administrator can manage.
• To grant management privileges for a server or the storage attached
to a server, move the server from the Available Servers list to the
Selected Servers list.
• To revoke management privileges for a server or the storage attached
to a server, move the server from the Selected Servers list to the
Available Servers list.
• To move the server between the Available Servers and the Selected
Servers lists, select the server, and use the arrow buttons between
the lists.
11. Review the profile, and verify that it is correct.
• If the profile is correct, click OK to save and enable the user profile,
and then return to return to the SMU Users page.
• To return to the SMU Users page without saving the profile, click
back.
Changing the password for a currently logged in user
Note: If the user is authenticated through a RADIUS server, you cannot

change their password using NAS Manager or the SMU CLI, you must change
it using the tools/utilities for the RADIUS server.

Any logged in user can change their own password. A global administrator
can also change the password of any user, whether the user is currently
logged in or not.
Changing your own password
Note: If your log in is authenticated through a RADIUS server, you cannot

change their password using NAS Manager, you must change it using the
tools/utilities for the RADIUS server.
Procedure
1. Navigate to Home > SMU Administration > Current User Password

to display the Current User Password page.
The following table describes the fields on this page:
User Name Displays your user login name (cannot be changed).
Current Password Displays a series of dots representing the currently specified password
(the actual password cannot be displayed).
New Password The new password. The password cannot exceed 256 characters.
Confirm New The new password again. Must be exactly the same as what you
Password entered in the New Password field.
apply Saves the new password.
2. Enter your current password in the Current Password field.

If you have forgotten you password, contact a global administrator and
ask them to give you a new password. (Passwords are stored in an
encrypted form, and are not retrievable or visible by anyone. If a user
forgets their password, they must be given a new password, which they
can then change.)
3. Enter your new password in the New Password field.

4. Enter the new password again in the Confirm New Password field.
5. When finished, click apply to save the new password.
Changing another user's password
Procedure
1. Navigate to Home > SMU Administration > SMU Users to display the
SMU Users page.
2. Click details to display the SMU User Details page.
Item/Field Description
Name Administrator’s user name. Cannot be changed.
User Type Describes if the user is authenticated by the SMU itself (local
users), or if the user is authenticated by a RADIUS server.
Password and Confirm For users authenticated by the SMU only (local users). These
Password fields do not apply for users authenticated by a RADIUS server.
The password for the user. Characters are hidden, and the exact
same password must be entered in both fields. The password
cannot exceed 256 characters.
User Level Displays the user level or type of administrative role.

• Global Administrators can manage everything in the
system: file systems, file services, or file system related
features and functions, storage devices and their components.
Also, the Global Administrator creates and manages SMU user
profiles (Server Administrators, Storage Administrators,
Server+Storage Administrators, and other Global
Administrators). Global Administrators also control what
• Storage Administrators manage storage devices, as
specified in the administrator profile created by the Global
Administrator.

Storage Administrators can manage only storage devices and

their components (racks, physical disks, SDs, and storage
pools). Storage Administrators cannot manage file systems,
file services, or file system related features and functions, and
they cannot manage users.
• Server Administrators manage servers and clusters, as
Administrator. Server Administrators cannot manage storage
devices.
Server Administrators can manage file systems and file
services such as CIFS Shares, NFS Exports, and they can
manage file system related features and functions such as
snapshots, quotas, and migration policies and schedules.
• Server+Storage Administrators manage servers, clusters,
and storage devices, as specified in the administrator profile
created by the Global Administrator.
Administrators and Storage Administrators can manage: file
systems, file services, or file system related features and
functions, and they can also manage storage devices and their
components.
• If the User Type is Local, you can modify the password.

• If the User Type is RADIUS, you cannot modify the password,
because the password is managed on RADIUS servers.
• If the User Level is Global, you can select or clear the Allow
CLI Access check box.
• If the User Level is server, storage, or server+storage, you can
add or remove servers from the user's scope of management.
Global users implicitly have access to manage all servers and

storage. Non-global users cannot be given CLI access.
You cannot change the User Type or User Level of a user. If such a
change is needed, delete the old user and create a new user.
SMU CLI Access For global administrators only, when the check box is selected,
the administrator can access the SMU using the CLI as well as
NAS Manager.
Available HNAS Servers Not available for global administrators, because global
administrators are allowed to manage all storage and all servers.
For server administrators, storage administrators, and server
+storage administrators, lists the HNAS servers managed by the
SMU to which the administrator has not yet been give
management privileges.
The "All Servers" entry is used to allow privileges to all servers

managed by the SMU.
Selected HNAS Servers Not available for global administrators, because global
For server administrators, lists the HNAS servers that the
administrator can manage. Note that a Server administrator
cannot manage the storage attached to these servers.
For storage administrators, lists HNAS servers that have attached

storage that the administrator can manage. Note that a storage

administrator cannot manage these servers, only the storage

attached to these servers.
For server+storage administrators, lists HNAS servers that the

administrator can manage. The server+storage administrator can
also manage the storage attached to these servers.
OK Saves the currently defined user profile and returns to the SMU
Users page.
Cancel Returns to the SMU Users page without saving the profile.
3. Enter the new password in the Password field.

4. Enter the new password again in the Confirm Password field.
5. When finished, click OK to save the new password.
Changing an SMU user profile
Procedure
1. Navigate to Home > SMU Administration > SMU Users to open the
SMU Users page.
2. Click details to display the SMU User Details page for the user whose
profile you want to modify.

Name Administrator’s user name. Cannot be changed.
User Type Describes if the user is authenticated by the SMU itself (local
users), or if the user is authenticated by a RADIUS server.
Password and Confirm For users authenticated by the SMU only (local users). These
Password fields do not apply for users authenticated by a RADIUS server.
The password for the user. Characters are hidden, and the exact
same password must be entered in both fields. The password
cannot exceed 256 characters.
User Level Displays the user level or type of administrative role.

• Global Administrators can manage everything in the
system: file systems, file services, or file system related
features and functions, storage devices and their components.
Also, the Global Administrator creates and manages SMU user
profiles (Server Administrators, Storage Administrators,
Server+Storage Administrators, and other Global
Administrators). Global Administrators also control what
• Storage Administrators manage storage devices, as
Administrator.
Storage Administrators can manage only storage devices and
their components (racks, physical disks, SDs, and storage
pools). Storage Administrators cannot manage file systems,
file services, or file system related features and functions, and
they cannot manage users.
• Server Administrators manage servers and clusters, as
Administrator. Server Administrators cannot manage storage
devices.
Server Administrators can manage file systems and file
services such as CIFS Shares, NFS Exports, and they can
manage file system related features and functions such as
snapshots, quotas, and migration policies and schedules.

• Server+Storage Administrators manage servers, clusters,

and storage devices, as specified in the administrator profile
created by the Global Administrator.
Administrators and Storage Administrators can manage: file
systems, file services, or file system related features and
functions, and they can also manage storage devices and their
components.
• If the User Type is Local, you can modify the password.

• If the User Type is RADIUS, you cannot modify the password,
because the password is managed on RADIUS servers.
• If the User Level is Global, you can select or clear the Allow
CLI Access check box.
• If the User Level is server, storage, or server+storage, you can
add or remove servers from the user's scope of management.
Global users implicitly have access to manage all servers and

storage. Non-global users cannot be given CLI access.
You cannot change the User Type or User Level of a user. If such a
change is needed, delete the old user and create a new user.
SMU CLI Access For global administrators only, when the check box is selected,
the administrator can access the SMU using the CLI as well as
NAS Manager.
Available HNAS Servers Not available for global administrators, because global
For server administrators, storage administrators, and server
+storage administrators, lists the HNAS servers managed by the
SMU to which the administrator has not yet been give
management privileges.
The "All Servers" entry is used to allow privileges to all servers

managed by the SMU.
Selected HNAS Servers Not available for global administrators, because global
For server administrators, lists the HNAS servers that the
administrator can manage. Note that a Server administrator
cannot manage the storage attached to these servers.
For storage administrators, lists HNAS servers that have attached

storage that the administrator can manage. Note that a storage
administrator cannot manage these servers, only the storage
attached to these servers.
For server+storage administrators, lists HNAS servers that the

administrator can manage. The server+storage administrator can
also manage the storage attached to these servers.
OK Saves the currently defined user profile and returns to the SMU
Users page.
Cancel Returns to the SMU Users page without saving the profile.
3. Edit the SMU user password.

Note: For users authenticated by the SMU only (local users), not
available for users authenticated by a RADIUS server.
To edit the user’s password, type the new password in the Password
and Confirm Password fields.
4. For global administrators only, allow or disallow SMU CLI access.
When the check box is selected, the administrator can access the SMU by
using the CLI as well as NAS Manager.
5. Specify server and/or storage management rights.
• To grant management privileges for a server or the storage attached
to a server, move the server from the Available Servers list to the
Selected Servers list.
• To revoke management privileges for a server or the storage attached
to a server, move the server from the Selected Servers list to the
Available Servers list.
• To move the server between the Available Servers and the Selected
Servers lists, select the server, and use the arrow buttons between
the lists.
6. Click OK to save the profile and return to the SMU Users page.
SMU user authentication

When an SMU user administrator attempts to log in, the user ID/password
combination is sent to the SMU for authentication. For the SMU,
authentication means testing the user ID and password pair, to see if the
supplied password matches the stored password for the supplied user ID.
Depending on the SMU configuration and the supplied user ID, the SMU may
authenticate the user itself (locally), it may authenticate the user through a
RADIUS server, or it may authenticate the user through Active Directory.
After authorization, the SMU allows the user to perform actions allowed by
the user's profile.
Active Directory users are assigned full access rights to the SMU functionality.
For local and RADIUS users the user profile details are specified when the
user account is created.
The user profile:

• Indicates if the user is to be authenticated locally,or through a RADIUS
server.
• Specifies the user's access (privilege) level, meaning it specifies if the user
is a:
○ Global administrator.
○ Storage administrator.
○ Server administrator.
○ Server+Storage administrator.
• Specifies the servers the user is allowed to access.

• Specifies if the user has CLI access (for RADIUS and Local Users).
Active Directory user authentication

Active Directory is an LDAP-compliant hierarchical database of objects. It is
very popular in enterprise environments and is becoming a de facto standard
for user authentication.
Once Active Directory connection settings and groups have been configured
for the SMU, it will allow logins from enabled users who supply their Active
Directory name and password. This is typically the same name and password
that the user would use to log into Windows and other enterprise
applications. Unlike SMU local and RADIUS user names, Active Directory user
names are case-insensitive. Active Directory passwords are case-sensitive
and cannot be changed from the SMU; they are maintained in the Active
Directory server.
There are a number of benefits for SMU users. The administrator does not
need to maintain a separate set of user details, because the SMU can just
make use of the Active Directory enterprise user database. Users can login
using their usual name and password instead of having to remember a
separate set of credentials for the SMU. And instead of configuring access for
individual users, the SMU administrator just has to specify the Active
Directory groups whose members have login rights.
It is possible to assign more restrictive user levels and managed severs to

Active Directory users according to their group membership. So it will be
possible to define a group of users who only have server level access for
example, or access to a restricted set of managed HNAS servers.
Although the SMU supports RADIUS and Active Directory for external
authentication, they are mutually exclusive; it will not be possible to have
them both configured for external authentication at the same time.
When a login attempt is made, the SMU first tries to authenticate the
credentials as a local user. If that fails, and Active Directory is configured,
they are authenticated as an Active Directory user.
Active Directory authentication requests are sent to servers in the configured

sequential order. If a successful connection cannot be made to the first
server, it attempts to contact the second server and so on. When a
connection is made and an authentication response received (either positive
or negative) it is treated as definitive. It does not then contact further
servers because all servers are assumed to have identical content.
Using Transport Layer Security (TLS) with Active Directory authentication

TLS is a cryptographic protocol which provides security between applications
over a network.

For Active Directory authentication, the SMU supports up to TLS 1.2. It
negotiates with the domain controller to use the highest version of TLS which
is common to both.
The SMU requires domain controllers to respond on port 389. It is not

possible to configure the SMU to use any other port.
Configuring Active Directory servers

Global Administrators can provide information to configure, modify, and list
Active Directory servers for authentication on the Active Directory Servers
page.
Before you begin
In order to enable Active Directory use, the SMU administrator needs to know
the following information:
• The domain in which the Active Directory users and groups that will access
the SMU are located.
• The LDAP distinguished name and password of an Active Directory user
that has read access to users and groups on the Active Directory servers.
This is referred to as the Search User. The user can search for users or
groups under the supplied base distinguished name.
• The addresses of one or more Active Directory servers that maintain the
users and groups for the domain. The content of all configured servers
must be identical. If DNS servers have been configured for the SMU, then
the SMU should be able to automatically discover these server addresses
via the find servers button on the setup page. SRV records must be setup
in order for find servers to find the Active Directory servers.
• The Active Directory group or groups whose members are to be given the
right to log into the SMU.
• If RADIUS was previously in use and it is to be replaced by Active
Directory, then the RADIUS configuration must first be removed before
Active Directory can be configured. This is done from the Home>SMU
Administrator>RADIUS Servers page by clicking the remove all
settings button. No RADIUS user will be able to log into the SMU after
this is done.
Procedure
1. Navigate to Home > SMU Administrator to display the Active

Directory Servers page.
2. Enter the Base Distinguished Name.
This name must be entered in LDAP distinguished name (DN) format
which consists of a sequence of "attribute=value" pairs separated by
comma or semi-colon. The Base Distinguished Name should contain the
domain component (dc) attributes for the organization's domain. So for
the domain example.com it would be "dc=example, dc=com". The name
may also contain organization unit (ou) attributes.

Connection settings
Base Distinguished Name The LDAP root location for users and groups. The name is
recommended to contain just the domain components.
Search User Credentials
Distinguished Name The LDAP distinguished name for a user that has search
capabilities.
Password The password for the search user.
Servers
IP Address or DNS Name The address of one or more Active Directory servers for the
domain. Each server should hold identical content. The
maximum number of servers is 20.
find servers Queries DNS to show the list of available Active Directory
servers for the domain.
Add Add an Active Directory server after you have entered its
fully qualified domain name or IP address.
Move Up If there is more than one server, use these buttons to

prioritize the list.
Move Down
Remove Remove a server from the list.

apply Submit the page and save the connection settings and server
list to the SMU database.
Groups
Groups with access to the Shows groups with access to the SMU. Active Directory users
SMU who belong to these groups can access the SMU.
Modify groups Click to go to the Active Directory Groups page, where you
can add groups.
Actions
remove all settings Removes all Active Directory server settings, including server
list, connection settings, search user credentials and groups.
After this action, Active Directory users can no longer log into
the SMU.
3. Enter the Distinguished Name.

This is the Distinguished Name of the Search User, an existing user that
has permission to access Active Directory. An Search User DN would
typically contain common name (cn) and possibly organization unit (ou)
attributes as well as the domain components. The domain components
should match those used in the Base Distinguished Name. An example
Search User DN is "cn= ldapguest, cn=users, dc=example, dc=com".
4. Enter the Password of the Search User (an existing user that may
access the directory).
5. There are two ways to add Active Directory servers.
• Enter the fully qualified domain name or IP address of the server, and
click Add.
• Click find servers.The list of discovered servers is displayed.
Note: The DNS server or servers must be configured for the

SMU (under Name Services) for find servers to work.
○ Select one or more servers and click add to add them to the list. No
more than 20 Active Directory servers can be configured at a time.
○ When you are finished, click close to return to the Active
Directory Servers window.

6. If there is more than one server, the list can be prioritized using Move
Up or Move Down .
7. Click Apply to submit this page and save the connection settings and
server list to the SMU database.
The SMU will perform a connection test to check that it can access the
configured servers with the supplied details and display a warning if the
SMU cannot, giving the user the opportunity to modify the settings or to
save them as they are.
Any information, warnings and errors related to Active Directory

configuration or authentication are logged to /var/opt/smu/log/mgr/
mgr.log and /var/opt/smu/log/mgr/security.log
Configuring Active Directory groups

In order to allow Active Directory users to log into the SMU, it is necessary to
configure one or more groups. Once a group has been added and saved, all
users who are members of that group will be able to log into the SMU using
their Active Directory name and password. Active Directory users belonging
to the subgroups of the configured group will also have SMU access.
Before you begin
Note that the administrator is only able to configure groups after Active
Directory servers have been added on the Active Directory Servers page.
Procedure
1. Navigate to the Home > SMU Administrator > Active Directory

Groups to display the Active Directory Groups page.
This page shows all Active Directory groups that have been added. Note
that Active Directory groups can be associated with a group access level.
For example, it is possible to define a group of users who only have
server level of access. Any groups that were added in a previous version
of the SMU that has been upgraded will be displayed in this list with a
User Level of Global Administrator.
If an Active Directory user is member of more than one configured

groups in the SMU, then their access level will be derived by combining

the access level for all configured Active Directory groups. For example,
if a user is a member of one group defined with storage level, but is also
a member of a group with server level, then that user will have server
+storage access to the SMU.
Group Name Group name is the user-friendly name of an Active Directory

group existing on the Active Directory server.
The full distinguished name for a group can be viewed by

hovering the mouse over the group name. The sort order of the
table can be changed by clicking over a column heading.
Group Access Level Shows the group access level. This defines the access level given
to Active Directory users who are members of the group when
they log onto the SMU. On an external or virtual SMU, if the
Group Access Level is Global, then group members are given
SMU CLI access. SMU CLI access is not available on an
embedded SMU or a Unified NAS Module SMU.
details Click the details button in the right-hand column to view details
of the associated group.
Check All Checks all boxes under Group Name.
Clear All Clears all checked boxes under Group Name.
add Click to add a group. Takes you to the Add Active Directory
Group page.
delete Existing groups can be deleted by checking the box in left-hand
column and clicking the delete button. The user is asked for
confirmation before deleting. If all groups are being deleted, the
user is warned that no Active Directory users will be
authenticated.
Active Directory Servers Takes you to the Active Directory Servers page.
2. Click add and use the Add Active Directory Group page to add
groups.

Base Distinguished Name The LDAP root location for users and groups. The name is
Group Distinguished Name The LDAP root location for users and groups. The name is
recommended to contain just the domain components. Groups
can be added manually by entering their distinguished name and
then pressing the OK button. A maximum of 100 groups can be
added. Alternatively, groups can be added by using the find
group button.
find group Queries the Active Directory to show the list of available groups.
The list can be filtered by entering a partial group name. A
maximum of 1000 group names is displayed.
User Level for Group The user levels that can be assigned to group members are the
Members same as those that can be assigned to local or RADIUS users
and have the same meanings. The default is Global, but the
level can be modified by selecting one of the other radio buttons.
OK Click to save the group details. The SMU checks that the group
exists in Active Directory. If the group does not exist (or if the
SMU failed to access any AD server) the user is asked for
confirmation that they still wish to save it. After saving the
group, the updated group list page is displayed.
cancel Cancels input.
3. There are two ways to add groups:

• Enter the full Distinguished Name for the group (for example
"CN=Mygroup, CN=users, DC=example, DC=com") and click the add
button.
• Click the find group button.
○ Groups that exist under this Base DN are displayed in a dialog
window. The list can be filtered by entering a partial group name. A
maximum of 1000 group names is displayed. Select a group from
the list. Only one group can be added at a time.
○ Click add to add the group's distinguished name to this page.
○ Click close to return to the Active Directory Groups page without
selecting a group from the list.

4. Select a User Level to be assigned to members of the group.
CLI access is given to members of all groups defined with the Global
level.
Active directory users are given the same access level to all managed
HNAS servers.
5. Click OK to save the group.
The SMU will perform a test to check the group exists in Active Directory
and displays warning if it is not, giving the user the opportunity to
modify the group.
Any information, warnings and errors related to Active Directory

configuration or authentication are logged to /var/opt/smu/log/mgr/
mgr.log and /var/opt/smu/log/mgr/security.log
On returning to Active Directory Groups page, the current list of

configured groups is displayed.
6. Click the details button in the right-hand column to view details of a

previously defined group.
When displaying the group details, the SMU checks that the group exists
in Active Directory and displays a warning if it does not exist or if it could
not access an Active Directory server. The user level cannot be modified
once the group has been added. In order to modify the user level, the
group would have to be deleted, then added again. Click the cancel
button to return to the Active Directory Groups page.
Group Name Name of group that details are provided for.

Group Distinguished Name The LDAP root location for users and groups. The name is
User Level for Group The user levels that can be assigned to group members are the
Members same as those that can be assigned to local or RADIUS users
and have the same meanings. The default is Global , but the
level can be modified by selecting one of the other radio buttons.
OK No details can be modified for a group, so the OK button is
disabled.
cancel Returns to the Active Directory Groups page.
User authentication through RADIUS servers

Remote Authentication Dial In User Service (RADIUS) is a networking
protocol that provides centralized authentication, authorization, and
accounting management for computers to connect and use a network service.
RADIUS is a client/server protocol that runs in the application layer, using

UDP as transport. The SMU acts as a RADIUS client component that
communicates with the RADIUS server to validate logins. The RADIUS server
is usually a background process running on a Unix or Microsoft Windows
server.
RADIUS serves three functions:

• Authenticates users or devices before granting them access to a network.
• Authorizes those users or devices for certain network services.
• Accounts for usage of those services.
The RADIUS server compatibility is as follows:

• For IPv4 only, works with FreeRADIUS 2.1 or Windows 2003 Internet
Authentication Service (IAS).
• For IPv6, requires FreeRADIUS 2.2 or Windows 2008 Network Policy
Server (NPS).
Configuring user authentication through a RADIUS server requires the

following:
• The RADIUS server must be set up and operational.
• The SMU must be able to communicate with the RADIUS server using the
network.
• You must know the RADIUS server's:
○ IP address or DNS name.
○ Authentication port.
○ Shared secret for the SMU.
You can specify and prioritize multiple RADIUS servers for authentication.
Note: The SMU contacts RADIUS servers in order of priority; the SMU will
always try to contact higher priority servers before lower priority servers, and
you cannot map SMU users to authenticate through a specific RADIUS server.

If you specify an incorrect secret or there are network problems that prevent
the SMU from communicating with the highest priority RADIUS server, the
SMU will try to contact the secondary RADIUS server, then the third RADIUS
server, then the next server, until the SMU has tried to contact all the RADIUS
servers in the list.
Displaying list of RADIUS servers
Procedure
Navigate to Home > SMU Administration > RADIUS Servers.
RADIUS server IP Specifies the RADIUS server IP address or DNS name.

address/DNS name To connect with the RADIUS server, you must enter either an IP
address or a DNS name. An IP address is preferred, both because
it eliminates the dependency on the network DNS severs, and to
improve login performance.
Port The port number on which each server listens.
Note: The default RADIUS server authentication port is

1812, but you should check with the RADIUS server
administrator to make sure that 1812 is the correct port.
Protocol The RADIUS server protocol. PAP is the default.
Timeout Specifies the timeout count. The default is 3 seconds. The timeout
is the number of seconds the SMU waits before retrying (retying is
re-transmitting the authentication request to the same RADIUS
server). If the timeout is reached and there is no response from
the first RADIUS server in the list, the SMU attempts another retry.
Retry Count Specifies the retry count. The default is 3. When the retry limit is
reached, the SMU sends the request to the next RADIUS server in
the list. When the retry limit for the second server is reached, the

SMU attempts to reach the next server in the list, until there are no
more servers to try. If the timeout is reached, and there are no
more servers to try, the user cannot be authenticated, and the
login fails.
details Displays the RADIUS Server Details page in which you can view
the details of the selected RADIUS server.
Check All Selects all of the RADIUS servers in the server list.
Clear All Unselects any selected RADIUS servers in the server list.
Increase Priority and Click Increase Priority to increase the server priority. Click
Decrease Priority Decrease Priority to decrease the server priority.
The SMU contacts RADIUS servers in order of priority; the SMU will
always try to contact higher priority servers before lower priority
servers, and you cannot map SMU users to authenticate through a
specific RADIUS server. If you specify an incorrect secret or there
are network problems that prevent the SMU from communicating
with the highest priority RADIUS server, the SMU will try to contact
the secondary RADIUS server, then the third RADIUS server, then
the next server, until the SMU has tried to contact all the RADIUS
servers in the list.
remove Removes the selected RADIUS server.
add Opens the Add Server RADIUS page where the properties of the
new server account are defined.
remove all settings Removes all RADIUS Servers settings.
SMU Users Opens the SMU Users page where you can view and add new SMU
users.
Adding a RADIUS server
Procedure
1. Navigate to Home > SMU Administration > RADIUS Servers to

display the RADIUS Servers page.
2. Click add to display the Add RADIUS Server page.

RADIUS server IP To connect with the RADIUS server, specify an IPv4 or IPv6 address,
address or DNS name or a host name (host name is not recommended). An IP address is
preferred, both because it eliminates the dependency on the network
DNS sever(s), and to improve login performance.
The SMU Network Configuration page (navigate to Home > SMU
Administration > SMU Network Configuration) shows the active
IP addresses. It is recommended that IPv4 on eth0 and the current
IPv6 addresses be added to the "allowed client" list on each RADIUS
server. For more information on setting up the SMU Network
Configuration for IPv6, see the Network Administration Guide.
Shared Secret Specify the shared secret.

Some RADIUS Servers limit the length of the shared secret and
require that it be comprised only of characters that can be typed on a
keyboard which uses only 94 out of 256 possible ASCII characters.
If the shared secret must be a sequence of keyboard characters,

choose shared secrets that are at least 22 characters long and
consisting of a random sequence of upper and lower case letters,
numbers, and punctuation.
• To ensure a random shared secret, use a computer program to
generate a random sequence at least 22 characters long. Windows
2008 Server allows you to generate a shared secret when adding
the RADIUS client.
• The SMU will support a shared secret from 1 up to 128 characters.
• Use a different shared secret for each RADIUS server-RADIUS
client pair.
Port Specify the RADIUS server authentication port. The default RADIUS
server authentication port is 1812, but you should check with the
RADIUS server administrator to make sure that 1812 is the correct
port.
Protocol The protocol for the RADIUS server.
Timeout Specify the timeout, which is the number of seconds the SMU waits
before retrying (retying is re-transmitting the authentication request

to the same RADIUS server). If the timeout is reached and there is no

response from the first RADIUS server in the list, the SMU attempts
another retry.
Retry Count Specify the retry count. When the retry limit is reached, the SMU
sends the request to the next RADIUS server in the list. When the
retry limit for the second server is reached, the SMU attempts to
reach the next server in the list, until there are no more servers to
try. If there are no more servers to try, the user cannot be
authenticated, and the login fails.
OK When you are done making changes, click OK to test connectivity and
save the configuration for this RADIUS server and return to the
RADIUS Servers page.
cancel Exits without saving the configuration.
Displaying details of RADIUS server
Procedure
1. Navigate to Home > SMU Administration > RADIUS Server to

display the RADIUS Server page.
2. Select a RADIUS server, and click details to display the RADIUS Server
Details page.
RADIUS server IP address The RADIUS server IP address or DNS name.

or DNS name
Shared Secret The shared secret, displayed with asterisks.
Port The RADIUS server authentication port.
Protocol Protocol associated with the RADIUS server.

Timeout The number of seconds the SMU waits before retrying (retrying
is re-transmitting the authentication request to the same
RADIUS server). If the timeout is reached and there is no
response from the first RADIUS server in the list, the SMU
attempts another retry.
Retry Count When the retry limit is reached, the SMU sends the request to
the next RADIUS server in the list. When the retry limit for the
second server is reached, the SMU attempts to reach the next
server in the list, until there are no more servers to try. If the
timeout is reached, and there are no more servers to try, the
user cannot be authenticated, and the login fails.
Check connectivity Click to check the connectivity status of the RADIUS server.
OK Saves configuration changes, and closes the page.
cancel Closes the page without saving configuration changes.

4
Alert notifications
This section provides requirements and procedures to view and manage
system event and alert notifications.
□ Viewing alert notifications
□ Configuring alert notifications
□ Sending test messages
□ Using the Windows event log
Alert notifications 137

Viewing alert notifications
You can view alert email messages, alert Syslog messages, and alert SNMP
trap messages in the Device Manager - Storage Navigator Alerts tab and the
Alert Detail window.
Before you begin
You must have the Storage Administrator (View Only) or Storage

Administrator (Initial Configuration) role to perform this task.
• Email: Check your email to view alerts sent by email. Alerts that are
reported through email are the same as the SIM information that is
displayed in the Alert window or reported through an SNMP trap.
• Syslog: Check the messages on the Syslog server to view alert information
sent there.
• SNMP traps: To view SNMP trap information, use the SNMP Manager in
Device Manager - Storage Navigator. See the Hitachi SNMP Agent User
Guide for information about using SNMP traps.
Configuring alert notifications

Procedure
1. In the maintenance utility, click the SNMP tab to display it.

2. In SNMP Agent, click Enable to use the agent or Disable not to use it.
3. Select the Email tab. The Email window displays the current settings for
the Mail Server, SMTP Authentication, an Email Address.
4. To send a test email message, click Send Test Email. A completion
notice displays.
5. Click OK to acknowledge the notice and close the message.
6. Click the Syslog tab. The Syslog window displays the current settings
for the Primary Server, IP address, and port number, and for the
secondary server IP address and port number.
7. To send a test message to the Syslog server, click Send Test message
to the Syslog Server. A completion notice displays.
9. Click the SNMP tab. The SNMP window displays the current settings for
the Storage System Name, Contact, Location, SNMP Trap and SNMP
Manager.
10. To send a test SNMP trap, click Send Test SNMP Trap. A completion
notice displays.
138 Alert notifications

General settings
Procedure
1. In the maintenance utility Administration pane, select Alert

Notifications.
2. In the Alert Notifications window, click Set Up. The Set Up Alert
Notifications window displays the Email tab by default.
3. Select the type of report to send.

• Host Report: Sends alerts only to the hosts for which a SIM report
setting is made.
• All: Sends alerts to all hosts.
The alert notification destination is common to Syslog, SNMP, and email.

Email settings
Procedure
1. To send email notices, click Enable, next to Email Notice. Click Disable
to not send email notices.
2. Click Add to add an email address to the list of registered addresses.
3. Enter the email address and then use the pull-down menu to select the
type of address: To, Cc, or Bcc.
4. Click OK to save the email address and close the dialog box.
5. Enter an email address in Email Address (From).
6. Enter an email address in Email Address (Reply To:).
7. In Mail Server Settings, select the mail server type: Identifier, IPv4,
or IPv6.
8. To use SMTP authentication, click Enable.
9. In Account, enter an SMTP account name.
10. In Password, enter the SMTP account password.
11. Click Apply to save the changes and close the Set Up Alert
Notifications window.
Syslog settings
Procedure
1. Click the Syslog tab.

2. Select the type of transfer protocol to use.
3. In Primary Server:
a. Click Enable to use the server or Disable not to use it.
b. Select the type of IP address to use for the server: IPv4 or IPv6.
c. In Client Certificate File Name, click Browse to select a client
certificate file.
4. In Secondary Server:
a. Click Enable to use the server or Disable not to use it.
b. Select the type of IP address to use for the server: IPv4 or IPv6.
c. In Client Certificate File Name, click Browse to select a client
certificate file.
5. In Location Identification Name, enter a name to use to identify the
server.
6. To set up an automatic attempt to reconnect to the server in case of
communication failure, in Retry, click Enable. Click Disable to not use
this feature.
7. If you enabled retry, in Retry Interval, enter the number of seconds
that the system will wait between retry attempts.

SNMP settings
Procedure
1. Click the SNMP tab.

2. In SNMP Agent, click Enable to use the agent or Disable not to use it.
3. In Trap Destination, click the type of address to send the SNMP trap
information: Community or Public.
4. Click Add to add an SNMP trap address.
5. In Community, create a new community name or select an existing one.

6. In Send Trap to, enter a new IP address or select an existing one.
7. Click OK to save the information and close the dialog box.
Sending test messages

The lower section of the Alert Notifications window contains three tabs:
Email, Syslog, and SNMP. Select the desired tab to send a test message of
the type specified in the tab name.

Sending a test email message
Procedure
1. Click the Email tab.

The Email tab displays the current settings for the mail server, SMTP
authentications, and email addresses.
2. Click Send Test Email.
A completion notice displays.
Example of a test email message

Subject: VSP Gx00 Report
DATE : 24/10/2014
TIME : 10:09:30
Machine : Hitachi Virtual Storage Platform Gx00 (Serial# 64019)
RefCode : 7fffff
Detail: This is Test Report.
The field definitions in the test email message are listed in the following
table.
Item Description
Subject Email title (name of the storage system) + (report)
DATE Date when a system failure occurred.
TIME Time when a system failure occurred.
Machine Name and serial number of the storage system.
RefCode Reference code. The same code as the one reported by SNMP traps.
Detail Failure details. The same information as the one reported by SNMP traps.
See the Hitachi SNMP Agent User Guide for reference codes and failure
details.
Sending a test Syslog message
Procedure
1. Click the Syslog tab.

The Syslog tab displays the current settings for the primary and
secondary servers.
2. Click Send Test message to the Syslog Server.

Sending a test SNMP trap
Procedure
1. Click the SNMP tab.

The SNMP tab displays the current settings for the storage system
name, contact, location, SNMP trap, and SNMP manager.
2. Click Send Test SNMP Trap.
Using the Windows event log

Some failure information is output to the Windows event log.
Monitoring failure information in the Windows event log

You can manage the Windows error information by outputting failure
information to the event log.
Before you begin

• The storage system status in the storage device list must be READY.
Procedure
1. Open a Windows command prompt with administrator permissions in

SVP.
2. Execute the following command to move the current directory:
cd /d C:\Mapp\wk\model-identification-number\DKC200\mp\pc
• The default installation directory is C:\Mapp:<installation-directory-of-

SVP>
Note:
• If you specified another directory, replace C:\Mapp: with the
specified installation directory.
• Without moving the current directory, failure information is
not output to the Windows event log if you execute the batch
file in step 3.
• model-identification-number: Use the format 83<model-

name><serial-number>, where <model-name> is one of the
following:
VSP G200: 2000
VSP G400 or VSP F400, VSP G600 or VSP F600: 4000
VSP G800 or VSP F800: 6000

For example, for a VSP G600 that has the serial number 400102, the
value is 834000400102.
3. Execute the following batch file:

eventlog.bat action monitoring-period
• action: Specify one of the following:

0: Stop outputting failure information
1: Start outputting failure information
when this parameter is omitted, 0 is set.
• monitoring-period: If you specified 1 for action, specify the monitoring

period, from 5 to 720 minutes.
• A space is required between eventlog.bat and action.

• A space is required between action and monitoring-period.
• The command prompt is displayed if the command finishes without
any errors.
4. Close the command prompt.
Viewing the Windows event log

You can view the Windows event log which is output to the SVP.
Procedure
1. From the Windows start menu, click Control Panel > System and
Security > Administrative Tools > Event Viewer.
2. Click Windows Logs > Application in the left pane.
Output example of the failure information

The following is an example of the storage system failure information.

# Item Description
1 Overview of the Displays the overview of the event information

event info
2 Detail of the Displays the selected information

event info Date: Date of the event occurrence
Time: Time of the event occurrence
Machine: Model name and serial number of the

storage system
Refcode: Reference code*
Detail: Detailed failure information*
ActionCode: Includes action code, expected

failure parts, and location. A maximum of 8
failure information can be shown.
3 Log name Displays the log type

This is always displayed as "Application"
4 Source Displays the name of the application which

issued the event

# Item Description
This is always displayed as "Hitachi Storage

Navigator Alert Module"
5 Event ID Displays the event ID

This is always displayed as "10"
6 Level Displays the event alert level

• Error: Acute or Serious
• Warning: Moderate
• Information: Service
7 User This is always displayed as "N/A"
8 OpCode This is always displayed as blank
9 Logged Displays the date and time when the event log
was registered
10 Task category This is always displayed as "None"
11 Keywords This is always displayed as "Classic"
12 Computer Displays the computer name on which the

event occurred
*For reference code, failure details, and alert level, see the SNMP failure trap reference code
section in the Hitachi SNMP Agent User Guide.

5
License keys
This storage system includes base and optional software features for Hitachi
Virtual Storage Platform G200, G400, G600, G800 or Hitachi Virtual Storage
Platform F400, F600, F800 storage systems that must be enabled by
installing license keys. This section describes the types of available licenses,
license capacity calculation, and instructions for installing, enabling,
disabling, and uninstalling license keys.
□ Overview
□ License key types
□ Cautions on license capacities in license-related windows
□ Managing licenses
□ License key expiration
License keys 149

Overview
When you install a license key, it is automatically enabled and the timer on
the license starts at that time. To preserve time on a term key license, you
can disable it without uninstalling it. When you need the software, enable the
license again.
If you do not install the software before you install the license key software,
the software will install correctly but will be disabled. To enable a license key,
install the prerequisite software, and then enable the key.
License key types

To use software, you must install the license key provided when you purchase
that software.
You can use software with licensed capacity for a term key by installing a
term key and overwriting a permanent key as long as the term key is valid. If
the term key expires when the system is being used, and the capacity
needed for the operation is insufficient, operations that you can perform are
limited. In this case, a SIM that indicates the term key expiration (reference
code 7ff7xx) is output on the Alerts tab in the Storage Systems window.
The following table describes the four types of license keys.
Estimating
Effective
Type Description licensed
term1
capacity
Permanent For purchase No limit Required

Term For purchase 365 days Required
Temporary For trial use before purchase (try and buy) 120 days Not required
Emergency For emergency use 30 days Not required
Notes:
1. When you log in to Device Manager - Storage Navigator, a warning message appears if 45
days or less remain before the expiration.
Using the permanent key

You can purchase the permanent key to use a software application
indefinitely. You must estimate a licensed capacity required for using the
software application and purchase a license key for the amount of the
required capacity.
• If insufficient license capacity is installed, Not Enough License displays in
the status field of the License Keys window, and the software application
is not enabled.
• If the capacity of the usable volume exceeds the licensed capacity while
the storage system is running (for example, when an LDEV is additionally
150 License keys

installed), Grace Period displays in the status field of the License Keys
window. You can continue to perform the same operations, but the
deficient amount of license capacity must be purchased within 30 days.
Using the term key

You can purchase the term key to use the software application for a specific
number of days. You must estimate a licensed capacity required for using the
software application and purchase a license key for the amount of the
required capacity.
• If insufficient license capacity is installed, Not Enough License or Grace
Period displays in the status field of the License Keys window.
• You can enable or disable the term key for each software application.
Unlike the temporary key and the emergency key, the number of days the
term key is enabled is counted as the number of effective days of the term
key rather than the number of elapsed days from the installation date.
• The number of effective days is decremented by one day when the date
changes.
For example, if the term key is set to be enabled for 150 days during
installation and the term key is disabled for 100 days and a total of 250
days have elapsed since the installation, the number of remaining effective
days of the term key is 215 days. This is determined by subtracting 150
days from 365 days. By disabling the term key on the days when the
software application is not used, you can prevent the unnecessary
shortening of the period in which the term key can be used.
• If the term key is expired, Not Installed displays in the status field of the
License Keys window, and the software application is disabled.
Using the temporary key

You can use the temporary key for trial purposes. The effective term is 120
days from the time of installation of the temporary key. The effective term is
not increased even if the temporary key is reinstalled during the effective
term.
If you uninstall the temporary key, even though the effective term remains,
Temporary is displayed in the status field, Not Installed is displayed in the
Key Type field, and the remaining days of the effective term are displayed in
the Term (Days) field of the License Keys window.
If the temporary key expires, you cannot reinstall the temporary key for 180
days. Expired displays in the status field of the License Keys window, and
the software application is disabled.
Using the emergency key

You can use the emergency key if the license key cannot be purchased, or if
an emergency occurs, such as a system failure or a communication error.
License keys 151

You can also use the emergency key if the configuration of the software
application that is installed by the temporary key remains in the changed
status and cannot be restored to the original status. For example, if you do
not plan to purchase the software application after using the temporary key
for trial purposes, you can restore the changed configuration to the original
status by temporarily enabling the software application with the emergency
key.
Caution:
• If an emergency key is installed for a software application for which a
permanent or term key is installed, the effective term of the license key is
30 days. However, because the emergency key can be reinstalled during
the effective term, the effective term can be restored to 30 days.
• In other scenarios, the emergency key can be installed only once.
Cautions on license capacities in license-related windows

License capacities are displayed not only in license-related windows but also
in the Pools window and the Replication window.
When you install or overwrite a temporary key or an emergency key for an

installed software application, the license capacity before the overwrite
installation is displayed as Permitted (TB) in license-related windows.
However, Unlimited (license capacity for the temporary key or emergency
key) is displayed as Licensed Capacity in the Pools window and the
Replication window.
For example: You install a term key that has a license capacity of 5 TB for
Compatible FlashCopy®, and when the term expires, you use an emergency
key. In license-related windows, 5 TB is displayed in the Permitted (TB) field.
However, in the Licensed Capacity field in a Replication window, Unlimited
(capacity of the emergency key) is displayed.
Managing licenses
Use the Licenses window in the maintenance utility to install and uninstall
block license keys.
152 License keys

Use NAS Manager to install and enable both block and file license keys on
VSP Gx00 models with NAS modules. Using NAS Manager, you can install
both block and file licenses but only remove file licenses. To remove block
licenses, you must use the maintenance utility.
Related tasks
• Enabling a license on page 155
• Disabling a license on page 155
• Removing a software license on page 156
Related references
• Examples of license information on page 157
Installing block and file licenses using NAS Manager

Use NAS Manager to install and enable both block and file license keys on
VSP Gx00 models with NAS modules. Using NAS Manager, you can install
both block and file licenses but only remove file licenses. To remove block
licenses, you must use the maintenance utility.
Adding a license key

Adding a license key can enable services or increase the capabilities of your
system. To add a license key:
Procedure
1. Navigate to Home > Server Settings > License Keys.
License keys 153

2. Click add.
Add a File License Key
File License Key Enables the user to manually enter the license key.
Import File License Keys From a File
File License Key Enables the user to import a license key from a file.
File Name
Import Block License Keys From a File (Unified NAS module only)
Block License Enables the user to import a software application license key from a file.
Key File Name
cancel Closes the page without saving configuration changes.
Note: After adding a license key, if a reboot is required in order to

start a service/protocol or enable a feature, you are instructed to
reboot or restart the system.
For a file license, you can either enter the key manually or import it from
a file. For a block license, you can only import the key from a file:
• To enter the key manually, type it in the field, then click add.
• To import the key, click Choose File / Browse, navigate to the file,
select the key file, then click Import.
After all the keys have been entered or imported, they will be displayed
on the License Keys page. Follow the instructions to reboot the system
(if necessary).
154 License keys

Installing block licenses using maintenance utility
Before you begin

You must have the Storage Administrator (Initial Configuration) role to
perform this task.
Procedure
1. In the maintenance utility Administration tree, select Licenses.

2. Select whether to enter a key code or specify a license key file.
• Key Code: Enter a key code to install the software. In Key Code,
enter the license key code for the software.
• File: Specify a license key file to install the software. Click Browse
and specify the license key file. You can use a file name of up to 200
alphanumeric characters excluding these symbols: (“ \ : ; , * ? < >
| / ). Include the .plk file extension.
3. Click Apply.
Enabling a license
You can enable a license that is in disabled status.
Before you begin

perform this task.
Procedure
1. From the Maintenance Utility menu, click License Keys to open the
License Keys window.
2. Select the license to enable. You can select from one to all of the licenses
listed in the window at the same time.
3. Click Enable to display the License Keys window.
4. Check the settings and click Apply.
Disabling a license
You can disable a license that is in enabled status.
Before you begin

perform this task.
Procedure
1. From the Maintenance Utility menu, click License Keys to open the
License Keys window.
License keys 155

2. Select the license to disable. You can select from one to all of the
licenses listed in window the at the same time.
3. Click Disable to display the License Keys window.
4. Click Finish.
Removing a software license

You can remove a software license that is in disabled status.
Before you begin

perform this task.
Procedure
1. In the maintenance utility Administration tree, click License Keys.

2. In the License Keys window, select the license to uninstall. You can
select from one to all of the licenses listed in the window at the same
time.
3. In the License Keys window, click Uninstall Licenses.
On rare occasions, a software option that is listed as Not Installed but
still has available licensed capacity (shown as XX TB) might remain in the
list. In this case, select that option and uninstall the software.
Note: To reinstall a license key after uninstalling it, contact Hitachi

Data Systems customer support to reissue the license key file.
Related tasks
• Removing a Data Retention Utility license on page 156
Removing a Data Retention Utility license
Caution: When you remove a Data Retention Utility license, an error might
occur, even if the Permitted Volumes column of the License Keys window
indicates that the licensed capacity is 0 TB.
Procedure
1. Click Actions > Other Function > Data Retention to open the Data
Retention window.
2. In the Data Retention window, find logical volumes that are unusable
as S-VOLs.
3. Change the settings so that the logical volumes are usable as S-VOLs.
4. Uninstall the Data Retention Utility.
156 License keys

Examples of license information
The following table provides examples of license information displayed in the
License Keys table of the maintenance utility.
License key status

Status Key type Licensed capacity Term (Days)
(example)
Not installed Not installed blank Blank Blank

Installed with the Installed permanent Permitted -
permanent key
Installed with the term key Installed term Permitted Number of
and set to Enabled remaining days
before expiration
Installed with the term key Installed (Disabled) term Permitted -
and set to Disabled
Installed with the Installed temporary - Number of
temporary key. remaining days
before expiration
Installed with the Installed emergency - Number of
emergency key. remaining days
before expiration
A temporary key was Expired temporary - Number of
installed, but has expired. remaining days
before expiration
A term key or an Not installed blank Blank Blank
emergency key was
installed, but has expired.
Installed with the Not Enough License permanent or term Permitted and Used -
permanent key or the term
key, but the licensed
capacity was insufficient.
Installed with the Grace Period permanent or term Permitted and Used Number of
permanent or term key, remaining days
and then LDEVs are added, before expiration
but the license capacity
was insufficient.
Installed with the Installed temporary Permitted and Used Number of
temporary key, and then remaining days
reinstalled with the before expiration
permanent key, but the
license capacity was
insufficient.
Installed with the Installed emergency Permitted and Used Number of
permanent or term key, remaining days
then reinstalled with the before expiration
emergency key.
License keys 157

License key expiration
If the license key for software-A expires, the license key for software-B is
also disabled if software-B requires an enabled software-A. In this scenario,
Installed (Disabled) is shown for software-B in the Status column of the
License Keys table. After that, when you re-enable software-A, software-B
is also re-enabled. If the Status column for software-B continues to display
Installed (Disabled), go to the License Keys table and manually change the
status of software-B back to Installed.
After your license key expires, no new configuration settings can be made,
and no monitoring functions can be used with Performance Monitor.
Configuration settings made before the expiration of the license key remain
in effect. You can cancel configuration changes for some software.
158 License keys

6
Configuring audit logs
This section shows the procedures to change the audit log settings in the
maintenance utility.
□ Audit log settings
Configuring audit logs 159

Audit log settings
This section shows the procedures to configure the audit log settings.
The Audit Log Settings window shows the current audit log settings. Select
one of more of the three tabs to change the settings.
Related tasks
• Setting up a syslog server on page 160
• Exporting an audit log on page 161
• Sending a test Syslog message on page 143
Setting up a syslog server
Before you begin
You must have the Audit Log Administrator (View & Modify) role to perform
this task.
Procedure
1. In the maintenance utility Administration tree, select Audit Log

Settings.
2. Click Set Up Syslog Server.
3. Select the desired Transfer Protocol.
4. Enable or disable the Primary Server.
5. Enable or disable the Secondary Server.
6. Enable or disable the Output Detailed Information.
7. Click Apply to save the settings or Cancel to close the window without
saving the settings.
160 Configuring audit logs

Exporting an audit log
Use the following procedure to send a display an audit log file on the screen
or to save it to a file on the SVP or your laptop.
Before you begin
You must have the Audit Log Administrator (View Only) role to perform this
task.
Procedure
1. In the maintenance utility Administration tree, select Audit Log

Settings.
2. Click Export Audit Log.
3. To open the file without saving, click Open with and then use the pull-
down menu to select the software application to use to open the file.
4. Click OK. The auditlog.txt file is displayed.
5. To save the file, click Save File.
6. To use one of the two settings in steps 3 through 5 when you export an
another auditlog.txt file, click Do this automatically for files like this
from now on.
7. Click OK.
8. Browse to the directory where you want to save the file. Use the default
file name auditlog.txt or change the file name as desired.
Click Save. The file is saved and the dialog box closes.
9. Browse to the directory where you want the file. Use the default file
name auditlog.txt or change the file name as desired.
Configuring audit logs 161

10. Click Save. The file auditlog.txt file is saved.
Send test message to syslog server

Use the following procedure to send a test audit log message to the syslog
server.
Before you begin
You must have the Audit Log Administrator (View Only) role to perform this
task.
Procedure
1. In the maintenance usage Administration tree, select Audit Log

Settings.
2. Click Send Test Message to Syslog Server. The following message
box opens:
3. Click OK to close the message box. Check the syslog server messages
and verify that the test message was received and is on the server.
162 Configuring audit logs

7
Managing storage system reports
This section describes the procedures to create storage configuration reports
and view them. It includes examples of the three types of reports.
□ About storage system reports
□ Viewing a Device Manager - Storage Navigator report
□ Collecting dump files using the Dump tool
Managing storage system reports 163

About storage system reports
Device Manager - Storage Navigator can generate a standard set of reports
that provide views of various aspects of the storage system. In addition to
these views, you can generate custom reports for specific areas of the
system. These include a summary of the system data and configuration,
ports, channel adapters, and disk adapters. You can save reports in CSV files
or HTML files. Tables in the HTML version of the configuration reports are
sortable.
Before making changes to a storage system, create reports of your storage

system’s physical configurations and logical settings. Make a similar report
after the changes, and then compare the reports to verify that new settings
were made as intended.
Viewing a Device Manager - Storage Navigator report

Before you begin
• Adobe Flash Player must be installed.
• Users can view the reports that they created.
• Users that have the Storage Administrator (Initial Configuration) role can
view all reports.
• The window to specify the saving folder location may not be displayed
when downloading the report in Google Chrome. In this case, follow
Chrome Menu > Settings > Show advanced settings and uncheck the
Protect you and your device from dangerous sites checkbox under Privacy.
Procedure
1. Expand the Storage Systems tree, and then click Reports.

2. Specify the report to download.
3. Click Download Reports.
4. Specify a folder in which to save a .tgz file.
5. Extract the downloaded .tgz file.
6. Display the report.
For HTML reports:
Open the file extracted-folder\html\index.html.
For CSV reports:
Open a CSV file in the folder extracted-folder\csv.
164 Managing storage system reports

Viewing a report in the Reports window
You can view only HTML format reports in the Reports window. You can view
CSV format reports in the previous procedure.
Procedure

2. Click the name of the report to display.
The report is displayed in the Reports window.
3. In the Reports window, click the name of the report in the list at the
left, and then view the report at the right.
Creating a configuration report

You can create up to 20 configuration reports for each storage system. If you
already created 20 reports, delete unnecessary reports first, and then create
a new report.
Before you begin
You must have Storage View permission to perform this task.
Procedure
1. Open the Create Configuration Report window.

In Hitachi Command Suite:
a. On the Resources tab, expand the Storage Systems tree.
b. Right-click the local storage system, and then click Reports > Create
Configuration Report.
In Device Manager - Storage Navigator:

• From General Tasks, click Create Configuration Report.
2. Specify a task name and click Apply. This task name is used as the
report name in the Reports window. This process takes approximately
10 minutes to complete.
3. Click Refresh to update the Reports window. The created report
appears in the list.
Deleting a configuration report

You can delete a report when you no longer need it, or to make room in the
Reports window when the number of reports is near the limit.
Before you begin
Users that create the report or users with the Storage Administrator (Initial
Configuration) role can delete a configuration report.

Procedure

2. Select the report to delete.
3. Click Delete Reports.
4. Click Apply.
Collecting dump files using the Dump tool

Use the Dump tool to download dump files onto a Device Manager - Storage
Navigator computer. The downloaded dump files can be used to:
• Troubleshoot the system. Use the Dump tool to download dump files from
the SVP and give it to the HDS support personnel.
• Check system configuration. First, click File > Refresh All to update the
configuration information, and then use the Dump tool to download the
dump files.
There are two types of dump files:

• Normal Dump includes all information about the SVP and the minimum
information about the storage system. Select this when you have a less
serious problem such as incorrect display.
• Detail Dump includes all information about the SVP and the storage
system. Select this when Device Manager - Storage Navigator has a
serious problem (for example, Device Manager - Storage Navigator does
not start) or when you need to determine if the storage system has a
problem.
Before you begin

• Device Manager - Storage Navigator must be running.
• The configuration information must be refreshed by selecting File >
Refresh All in Device Manager - Storage Navigator.
• All other users (including the SVP user) must stop using the Dump tool.
• Stop all maintenance operations.
• Dump tools from other storage systems must not be used during the
process.
Note: If the error is in regards to Device Manager - Storage Navigator

starting up, collect information about the SVP using the Dump tool, without
Device Manager - Storage Navigator running.
Procedure

2. Open a Windows command prompt with administrator permissions.

3. Move the current directory to the folder where the tool is available. (For
example: <SVP-root-directory>\DKC200\mp\pc).
4. Specify the output destination of the dump file and execute
Dump_Detail.bat or Dump_Normal.bat.
For example, if you are storing the result of Dump_Detail.bat to C:

\Result_832000400001, enter the following:
C:\MAPP\wk\832000400001\DKC200\mp\pc>Dump_Detail.bat C:
\Result_832000400001
Note:
• A space is required between Dump_Detail.bat and C:\Result.
• The dump file name is hdcp.tgz. To manage dump files by
storage systems, we recommend adding a serial number to the
output folder name. For example, if the serial number is
832000400001, the folder name should be C:
\Result_832000400001.
• When the tool is being executed, is displayed in the command
prompt. When the execution is completed, is displayed.
"Executing..."
"zSv_AutoDump.exe is completed."

hdcp.tgz: This is the dump file. Give this file to the maintenance
personnel. If you save too many dump files in the SVP storage, space
might not be available. Therefore, move the dump file outside of SVP
storage.
zSv_AutoDump.log: This is the log file of the dump tool. If the dump file
is not output, give this log file to the maintenance personnel. If the dump
file is output, delete the log file.

A
Raidinf command reference (obtaining
configuration reports and tier relocation
logs)
This section describes the raidinf commands, symbols, and reports used in
□ raidinf command list and command description
□ raidinf -login
□ raidinf add report
□ raidinf delete report
□ raidinf download report
□ raidinf get reportinfo
□ raidinf add relocationlog
□ raidinf download relocationlog
□ raidinf delete relocationlog
□ raidinf get relocationloginfo
□ raidinf -logout
□ raidinf -h
Raidinf command reference (obtaining configuration reports and tier relocation logs) 169
raidinf command list and command description
The following table lists the raidinf commands and symbols.
Table 8 raidinf command list
Command Description
raidinf -login Log in to Device Manager - Storage Navigator.

raidinf add report Creates a report.
raidinf delete report Deletes a report.
raidinf download report Downloads a report.
raidinf get reportinfo Displays a list of reports.
raidinf add relocationlog Generates a tier relocation log file.
raidinf download relocationlog Downloads a tier relocation log file.
raidinf delete relocationlog Deletes a tier relocation log file.
raidinf get relocationloginfo Lists a tier relocation log file.
raidinf -logout Logs out of Device Manager - Storage Navigator.
raidinf -h Displays the raidinf command syntax.
Table 9 Conventions of the command format
Symbol Description
<> The item enclosed in this symbol is variable.

| Symbol is placed between multiple items to indicate "or".
Vertical bar For example:
-A | -B
Specifies -A or -B.
[] The enclosed item can be omitted. If some items are delimited
by the vertical bar, specify one item or omit all items.
Square brackets
For example:
[ -A ]
Specifies nothing or specifies -A.
[ -a | -b ]
Specifies nothing or specifies -a or -b.

{} The meaning differs, depending on the enclosed item.
• If items in curly brackets are delimited by vertical bars, one
Curly brackets of the items must be specified.
For example:
{-A | -B |-C }
Specifies -A, -B, or -C.
170 Raidinf command reference (obtaining configuration reports and tier relocation logs)
Symbol Description
• If curly brackets enclose items enclosed by square brackets,

at least one of the items must be specified.
For example:
{[ -A ][ -B ][ -C ]}
Specifies one or more items from -A, -B, or -C.
raidinf -login
Syntax
raidinf -login <user_name> <password> -servername {<hostname> |
<ipaddress>} [-port <port>] [-serial <serial>]
Options and parameters
Option Description
-login [<user_name> Executes a user authentication for Device Manager - Storage

<password>] Navigator. Specifies a user name and a password.
The user is logged out automatically three minutes (180 seconds)

after the last command is entered.
-servername {<hostname> | Specifies the host name or IP address of the SVP.
<ipaddress>}
[-port <port>] If you have changed the TCP port number for raidinf, specify the
new TCP port number. If omitted, TCP port number will perform by
specifying the initial value (5443). For operations after login (such
as report creation), the port number used for login will be used.
Therefore, specifying the port number will not be necessary for the
operations after login.
[-serial <serial>] If two or more DKCs are managed by the SVP, this is specified to
identify the system to execute the raidinf command. You cannot
omit this option if two or more DKCs are managed by the SVP.
In operations after the log in, such as report creation, use the
serial number specified when logging in. You do not need to specify
the serial number after the log in.
Examples
This example authenticates user01 using the password xxxxxx:
# raidinf -login user01 xxxxxx -servername svp.xxx.co.jp
This example authenticates user01 using the password xxxxxx with TCP port
number 6443:
# raidinf -login user01 xxxxxx -servername svp.xxx.co.jp -port
6443
This example authenticates user01 using the password xxxxxx with TCP port
number 6443 and serial number 430123:
# raidinf -login user01 xxxxxx -servername svp.xxx.co.jp -port
6443 -serial 430123
raidinf add report

The raidinf add report command creates a report.
If other users have created 20 reports, the logged in user cannot create a
report and will receive an error.
Syntax
raidinf add report -servername {<hostname> | <ipaddress>} [-
report <report_name>]
Option Description

<ipaddress>}
[-report <report_name>] Specifies a report name, up to 32 characters. All characters

exceeding 32 are ignored.
If the report name is omitted, the default report name YYMMDD-

CreateConfigurationReport is specified.
A hyphen cannot be specified at the beginning of the report name.
Examples
The following example creates a report with the default report name:
# raidinf add report -servername 10.213.74.121
ReportName UserName CreateTime

101009-CreateConfigurationReport user01 2010/10/09-12:43:10
The following example creates a report named 101009-

CreateConfigurationReport:
# raidinf add report -servername 10.213.74.121 -report 101009-
CreateConfigurationReport
ReportName UserName CreateTime

The following items are output:

• ReportName
The report name is displayed (up to 32 characters).
• UserName
The user name is displayed (up to 16 characters). If the user name
exceeds 16 characters, an ellipsis (...) is displayed.
• CreateTime
The time of creating a report is displayed (up to 19 characters).
raidinf delete report

The raidinf delete report command deletes a report.
If multiple reports of the same name exist, the command deletes the oldest
report. If the specified report does not exist, the command does nothing, and
terminates normally.
Reports created using Device Manager - Storage Navigator can also be

deleted.
Syntax
raidinf delete report -servername {<hostname> | <ipaddress>}
{-report<report_name> | -report_id
<report_id>} [-fill]
Option Description
-servername {<hostname> | Specifies the host name or the IP address of the SVP.
<ipaddress>}
{-report <report_name> | Specifies either -report or -report_id.

-report_id <report_id>} • -report specifies a report name, up to 32 characters. All
characters exceeding 32 are ignored.
• -report_id specifies a report ID in the report list. Because
each report has a unique ID, you can identify a specific report,
even if the report list contains multiple reports with the same
name.
[-fill] Deletes a report only if there are already 20 reports in the queue.
If there are fewer than 20 reports, the specified report is not
deleted.
Examples
The following example deletes the report named 101009-
# raidinf delete report -servername 10.213.74.121 -report 101009-
101009-CreateConfigurationReport is deleted from the SVP.
raidinf download report
The raidinf download report command downloads a report.
Reports created by Device Manager - Storage Navigator can also be

downloaded. The report in process of creation cannot be downloaded.
The name of the downloaded file is Report_report name.tgz. The files are
overwritten if reports of the same name has already existed.
Example: the name of the downloaded file when the report name is 110309-
Report_110309-CreateConfigurationReport.tgz
Syntax
raidinf download report -servername {<hostname> | <ipaddress>}
{-report <report_name> | -report_id <report_id>}
-targetfolder <folder>
Option Description
-servername {<hostname> | Specifies the host name or the IP address of the Web server (SVP).
<ipaddress>}
{-report <report_name> | Specifies either -report or -report_id.

-report_id <report_id>} • -report specifies a report name, up to 32 characters. All
If the special name LatestReport is specified as a report
name, the most recently created report is downloaded.
To download another report that has the same name as
LatestReport, specify the report ID for this report in -
report_id. If multiple reports have the same name, the most
recent report is replaced when a new report is downloaded.
• -report_id specifies a report ID in the report list. Because

each report has a unique ID, you can identify a specific report,
even if the report list contains multiple reports with the same
name.
-targetfolder <folder> Specifies a folder name to which a report is downloaded. The folder
whose name you specify must already exist, and you must have
write permissions to the folder.
Examples
The following example shows how to download the most recent report:
# raidinf download report -servername 10.213.74.121
-report LatestReport -targetfolder C:\tmp
Report_101009-CreateConfigurationReport.tgz is downloaded to C:\tmp.
The following example shows how to download the report named 101009-
# raidinf download report -servername 10.213.74.121
-report 101009-CreateConfigurationReport -targetfolder C:\tmp
Report_101009-CreateConfigurationReport.tgz is downloaded to C:\tmp.
raidinf get reportinfo

The raidinf get reportinfo command displays a list of reports.
Reports created using Device Manager - Storage Navigator are also

displayed. A report currently being created cannot be downloaded.
Syntax
raidinf get reportinfo -servername {<hostname> | <ipaddress>}
Option Description
-servername {<hostname> | Specifies the host name or IP address of the web server.
<ipaddress>}
Examples
The following example displays a list of reports:
# raidinf get reportinfo -servername 10.213.74.121
ReportName UserName CreateTime ReportID

33S3
33J3
2344
101006-CreateConfigurationReport configuration...
2010/10/06-15:30:42 4n1j

• ReportName
The report name is displayed. It can contain up to 32 characters.
• UserName
A user name is displayed. It can contain up to 16 characters. If the user
name exceeds 16 characters, an ellipsis (...) is displayed.
• CreateTime
The time of creating the report is displayed. It can contain up to 19
characters.
• ReportID
The report ID is displayed.
raidinf add relocationlog

The raidinf add relocationlog command is used to generate a tier
relocation log.
If another user has already generated a tier relocation log, an error occurs if
a tier relocation login user tries to obtain tier relocation logs. When this
happens, you must delete the existing tier relocation logs.
Syntax
raidinf add relocationlog -servername {<hostname> | <ipaddress>}
-logname <logname>>
Option Description

<ipaddress>}
[-logname <logname>>] Specifies the tier relocation log name, up to 32 characters. All
If the tier relocation log is omitted, the default name

YYMMDDXXXXXX-RelocationLog is specified.
A hyphen cannot be specified at the beginning of the tier relocation

log name.
Examples
The following example generates a tier relocation log with the default log
name:
# raidinf add relocationlog -servername 10.213.74.121
RelocationLogName CreateTime
160201-400001-RelocationLog 2016/02/01-12:43:10
The following example generates a tier relocation log named

160201-400001-RelocationLog:
# raidinf add relocationlog -servername 10.213.74.121 -report
160201-400001-RelocationLog
160201-400001-RelocationLog 2016/02/01-12:43:10

• RelocationLogName
The tier relocation log name is displayed.
• CreateTime
The time when the log was generated is displayed.
raidinf download relocationlog
The raidinf download relocationlog command is used to download a tier
relocation log.
A tier relocation log which is being generated cannot be downloaded. The

name of the downloaded file is tier_relocation_log_name.tgz. The log is
overwritten with the same name if the name already exists.
Example: If the name of the tier log relocation log is 160201-400001-

RelocationLog, the downloaded file name will be as follows:
Log_160201-400001-RelocationLog.tgz
Syntax
raidinf download relocationlog -servername {<hostname> |
<ipaddress>}
-logname <logname>> -targetfolder <folder>
Option Description

<ipaddress>}
If the tier relocation log is omitted, the default name

YYMMDDXXXXXX-RelocationLog is specified.
If you specify LatestLog as the tier relocation log name, the log
with the most recent date is downloaded.
-targetfolder <folder> Specifies a folder name to which a tier relocation log is
downloaded. The folder whose name you specify must already
exist, and you must have write permissions to the folder.
Examples
The example below shows how to download the log with the most recent
date. In the following example, Log_160201-400001-RelocationLog.tgz is
downloaded to C:\tmp:
# raidinf download relocationlog -servername 10.213.74.121 –
logname LatestLog -targetfolder C:\tmp
The example below shows how to download the tier relocation log by
specifying the tier relocation log name, 160201-400001-RelocationLog. In
the following example, Log_160201-400001-RelocationLog is downloaded to
C:\tmp:
# raidinf download relocationlog -servername 10.213.74.121 -
report
160201-400001-RelocationLog -targetfolder C:\tmp
raidinf delete relocationlog

The raidinf delete relocationlog command is used to delete a tier
relocation log.
Syntax
raidinf delete relocationlog -servername {<hostname> |
<ipaddress>}
-logname <logname>>
Option Description

<ipaddress>}
If you specify LatestLog as the tier relocation log name, the log
with the most recent date is deleted.
Examples
The following example deletes the tier relocation log with the most recent
date:
# raidinf delete relocationlog -servername 10.213.74.121 –
logname LatestLog
The example below shows how to delete the tier relocation log by specifying
the tier relocation log name, 160201-400001-RelocationLog. In the
following example, 160201-400001-RelocationLog is deleted in the SVP:
# raidinf delete relocationlog -servername 10.213.74.121 –report
raidinf get relocationloginfo

The raidinf get relocationloginfo command is used to list tier relocation
logs. The tier relocation logs which are being generated are not listed.
Syntax
raidinf delete relocationlog -servername {<hostname> |
<ipaddress>}
Option Description

<ipaddress>}
Examples
The example below shows how to generate a tier relocation log by specifying
the tier relocation log name, 160201-400001-RelocationLog.
# raidinf add relocationlog -servername 10.213.74.121 -report
160201-400001-RelocationLog 2016/02/01-12:43:10

• RelocationLogName
The tier relocation log name is displayed.
• CreateTime
The time when the log was generated is displayed.
The example below shows the script for checking if the tier relocation log was
created by using the raidinf get relocationloginfo command. In this
example, if the creation of the tier relocation log was completed successfully,
the tier relocation log is downloaded.
REM
REM Create Completed Relocation Log
Script(CreateCompletedRelocationLog.bat)
REM
SET SERVER= <hostname-or-IP-address-of-SVP>
SET LOG_NAME=DailyRelocationLog
raidinf get relocationloginfo -servername %SERVER% | find
"%LOG_NAME%"
>NUL
if not ERRORLEVEL 1 raidinf download relocationlog -servername
%SERVER% -targetfolder C:\tmp -logname "%LOG_NAME%"
raidinf -logout
The raidinf -logout command is used for logging out from Device Manager
- Storage Navigator.
Syntax
raidinf -logout -servername {<hostname> | <ipaddress>}
Option Description
-logout Log out from Device Manager - Storage Navigator.
-servername {<hostname> | Specifies the host name or the IP address of the SVP.
<ipaddress>}
Example
# raidinf -logout -servername mapp.xxx.co.jp
raidinf -h
The raidinf -h command is used to display the syntax..
Syntax
raidinf -h
Option Description
-h Displays the raidinf help.
B
Storage configuration reports
This section describes the configuration reports you can generate in Device
Manager - Storage Navigator. They are grouped in this appendix according to
the way they display: in tables, graphs, or CSV files.
To create, download, and delete reports, see Viewing a Device Manager -

Storage Navigator report on page 164.
□ Reports in table view
□ Reports in graphical view
□ CSV files
Storage configuration reports 181

Reports in table view
Some Device Manager - Storage Navigator reports appear in table format.
The following figure provides examples of reports in table format. The
icons are displayed before the names of the reports in table view. If the icons
are not displayed correctly, update the window.
• To sort data in table reports, click any column header.

• While a table is reading a large amount of data, the table columns cannot
be manipulated, sorted, or resized. However, you can view previously
displayed items, select rows, and scroll.
CHAP Users report

The following illustration shows an example of a CHAP Users report. The table
following the illustration describes the items in the report.
182 Storage configuration reports

Item Description
Port Location Name of the port
User Name Name of the CHAP user for authentication
iSCSI Target Alias Alias of the iSCSI target
iSCSI Target Name Name of the iSCSI target
Disk Boards report

The following illustration shows an example of a Disk Boards report. The
table following the illustration describes the items in the report.
Item Description
DKB Location of the disk board.

• "External" is displayed when the storage system has an external storage system.
• "External (FICON DM)" is displayed when the storage system has volumes for
FICON DM.
Number of PGs The number of the parity groups that the disk board controls.
• If "DKB" is "External", this item indicates the number of parity groups mapped to
external volumes.
• If "DKB" is "External (FICON DM)", this item indicates the number of parity groups
mapped to volumes for FICON DM.
Number of LDEVs (Total) The number of the logical volumes belonging to the parity groups that the disk board
controls.

Item Description
Number of LDEVs The number of the logical volumes that are inaccessible from the host and belong to
(Unallocated) the parity groups controlled by the disk board.
Total LDEV Capacity (MB) Total capacity of the logical volumes belonging to the parity groups that the disk board
controls.
Unallocated LDEV Capacity Total capacity of the logical volumes that are inaccessible from the host and belong to
(MB) the parity groups controlled by the disk board.
Host Groups / iSCSI Targets report

The following illustration shows an example of a Host Groups / iSCSI Targets
report. The table following the illustration describes the items in the report.
Item Description
Type Type of the host group
Host Group Name / iSCSI Name of the host group / alias of the iSCSI target
Target Alias
Host Group ID / iSCSI Target Number of the host group / ID of the iSCSI target
ID
Resource Group Name Resource Group Name where the host group belongs
Resource Group ID Resource Group ID where the host group belongs
Number of LUNs The number of LU paths defined to the host group
Number of LDEVs The number of logical volumes that are accessible from the hosts in the host group
Number of PGs The number of parity groups with logical volumes that are accessible from the hosts in
the host group
Number of DKBs The number of disk boards controlling the parity groups where the logical volumes
that are accessible from the hosts in the host group belong

Item Description
Total LDEV Capacity (MB) Total capacity of the logical volumes accessible from the hosts in the host group. This
is the total capacity of LDEVs referred to in "Number of LDEVs".
Port Security Security of the port
Authentication : Method iSCSI target method authentication settings

• CHAP
• None
• Comply with Host Setting
Authentication : Mutual Enable or disable the iSCSI target mutual CHAP

CHAP • Enabled
• Disabled
Authentication : User Name Authenticated iSCSI target user name
Authentication : Number of The number of authenticated users registered in the iSCSI target
Users
Host Mode Host mode of the host group
Host Mode Option Host mode option of the host group. Host mode options are separated by semicolons
(;) when more than one option is specified.
Number of Hosts The number of the hosts in the host group.
Hosts report
The following illustration shows an example of a hosts report. The table
following the illustration describes the items in the report. When a host is
registered to more than one port, more than one record shows information
about the same host.
Item Description
Type Port type
Port Internal WWN Port WWN
Port Security Port security setting

Item Description
Host Group Name / iSCSI Name of the host group / alias of the iSCSI target
Target Alias
Host Mode Option Host group host mode option. When more than one host mode option is specified,
they are separated by semicolons (;)
Host Name Name of the host that can access the LU path through the port
HBA WWN / iSCSI Name Host WWN / host iSCSI name. The name is in 16-digit hex format.
Logical Devices report

The following illustration shows an example of a logical volumes report. The
Item Description
LDEV ID The logical volume number

LDEV Name The logical volume name
Capacity (MB) Capacity of the logical volume
Emulation Type Emulation type of the logical volume
Resource Group Name Resource group name where LDEV belongs
Resource Group ID Resource group ID where LDEV belongs
PG The parity group number.
• If the number starts with "E" (for example, E1-1), the parity group contains
external volumes.
• If the number starts with "M" (for example, M1-1), the parity group contains
FICON DM volumes.
A hyphen displays for Dynamic Provisioning or Thin Image V-VOLs.
RAID Level RAID level of the parity group where the logical volume belongs1
Drive Type/RPM Drive type and round-per-minute (RPM) of the drive of the parity group where the
logical volume belongs.

Item Description
A hyphen (-) is displayed as RPM when the drive is SSD.1

Drive Type-Code Type code of the drive of the parity group where the logical volume belongs1
Drive Capacity Capacity of the drive of the parity group where the logical volume belongs.1
PG Members List of the drive locations of the parity group where the logical volume belongs1
Allocated Information about whether the host can access the logical volume.
For mainframe volumes and multi-platform volumes, "Y" is displayed unless the
volumes are in the reserved status.
SSID SSID of the logical volume
CVS Information about whether the logical volume is a customized volume
OCS Oracle checksum
Attribute The attribute of the logical volume
Provisioning Type Provisioning type of the logical volume
Pool Name • For V-VOLs of Dynamic Provisioning, the name of the pool related to the logical
volume is displayed1
• If the logical volume attribute is Pool, the name of the pool where the logical
volume belongs is displayed
• When neither of the above are displayed, the pool name is blank
Pool ID The ID of the pool indicated by "Pool Name" A hyphen (-) displays for volumes other
than pool-VOLs or V-VOLs
Current MPU The number of the MP unit that currently controls the logical volume
Setting MPU The number of the MP unit that you specified to control the logical volume
Command Device: Security Indicates whether Security is specified as the attribute for the command device. A
hyphen (-) displays when "Attribute" is not "CMDDEV".
Command Device: Indicates whether User Authentication is specified as the attribute for the command
device. A hyphen (-) displays when "Attribute" is not "CMDDEV".
User Authentication
Command Device: Indicates whether Device Group Definition is specified as the attribute for the
command device. A hyphen (-) displays when "Attribute" is not "CMDDEV".
Device Group Definition
Encryption Indicates whether the parity group to which the LDEV belongs is encrypted.
• For internal volumes: Enabled (encrypted) or Disabled (not encrypted)
• For external volumes: blank
Notes:
1. A hyphen (-) displays if the LDEV is an external volume.
LUNs report
The following illustration shows an example of an LU path definitions report.
A record is created for each LU path. The table following the illustration
describes the items in the report.

Item Description

HBA WWN / iSCSI Name Port WWN or name of the iSCSI (16 digits in hexadecimal)
Port Security Name of the type of security of the port
Host Group Name / iSCSI Name of the host group or alias of the iSCSI target
Target Alias
Host Mode Option Host mode option of the host group. Host mode options are separated by semicolons
(;) when more than one option is specified.
LUN Logical unit number
LDEV ID Logical volume number
Emulation Type Emulation type of the logical volume
Capacity (MB) Capacity of the logical volume
MP Units report
The following illustration shows an example of an MP units report. The table

Item Description
MP Unit ID MP unit ID
Auto Assignment Auto assignment attribute for the MP unit
Number of Resources (LDEV) Number of LDEVs that the MP unit controls
Number of Resources Number of journals that the MP unit controls
(Journal)
Number of Resources Number of external volumes that the MP unit controls (includes volumes for FICON
(External Volume) DM)
Number of Resources (Total) The total number of resources that the MP unit controls. It is the total of Number of
Resources (LDEV), Number of Resources (Journal), and Number of Resources
(External Volume).
MP Unit Details report

The following illustration shows an example of an MP unit details report. The

Item Description
MP Unit ID MP unit ID
Auto Assignment Auto assignment attribute for the MP unit
Resource ID ID of this resource that the MP unit controls
Resource Name The name of the resource that the MP unit controls. If "Type" is LDEV, the LDEV name
that is set is displayed. A hyphen (-) displays for journal volumes or external volumes.
Type The type of the resource that the MP unit controls
Parity Groups report

The following illustration shows an example of a parity groups report. The
Item Description
PG Parity group number

external volumes (Hitachi Universal Volume Manager User Guide).
• If the number starts with "M" (for example, M1-1), the parity group contains
volumes for FICON DM.
DKB Name of the disk board that controls the parity group1
RAID Level RAID level of the parity group1
Resource Group Name Name of the resource group in which the parity group belongs
Resource Group ID ID for the resource group in which the parity group belongs
Emulation Type Emulation type of the parity group
Number of LDEVs (Total) The number of the logical volumes in the parity group
Number of LDEVs The number of the logical volumes in the parity group that the host cannot access
(Unallocated)
Total LDEV Capacity (MB) Capacity of the logical volumes in the parity group
Unallocated LDEV Capacity Capacity of the logical volumes in the parity group that the host cannot access
(MB)

Item Description
Drive Type-Code The type code of the drive in the parity group.
• The type code of the first drive in the parity group.
• If the parity group contains external volumes, the drive type code displays the
vendor, the model, and the serial number of the storage system.
• Separated by semicolons (;) if multiple drive types are set.
Drive Type/RPM Drive type and revolutions-per-minute (RPM) of the drive in the parity group1
A hyphen (-) is displayed instead of the RPM when the drive is an SSD.
Drive Capacity Capacity of the drive in the parity group1
RAID Concatenation #0 The number indicating a parity group #0 connected to this parity group1,2
RAID Concatenation #1 The number indicating a parity group #1 connected to this parity group1,2
RAID Concatenation #2 The number indicating a parity group #1,2 connected to this parity group1,2
Encryption Indicates whether the parity group is encrypted.
• For external volumes: A hyphen (-) is displayed
Accelerated Compression Accelerated compression of the parity group
• If accelerated compression is supported, Enabled or Disabled is displayed.
• If accelerated compression is not supported, a hyphen (-) is displayed.
Notes:
1. A hyphen is displayed if the parity group contains external volumes.
2. A hyphen is displayed if the parity group is not connected with another parity group or if the parity group
contains external volumes including volumes for FICON DM.
Physical Devices report

The following illustration shows an example of part of a Physical Devices
report. The actual report includes more columns of information. A record is
created for each physical device. The table following the illustration describes
the items in the report.

Item Description
Location Name of physical devices
CR# C# and R# to define physical devices

Output as "XX/YY"
PG Parity group of physical devices
Emulation Type Parity group of physical devices
Drive type Drive type of physical devices

• SAS
• SSD
RPM Revolutions-per-minute (RPM) in the parity group

• 8000
• 15000
A hyphen (-) is displayed instead of the RPM when the drive type is an SSD.
Drive Type-Code Type code of the drive in the parity group.

Output example: SLR5B- M200SS;SFB5A-M200SS; (if multiple drive types are set)
Drive Size Drive size (inches)

• 2.5
• 3.5
Drive Capacity Physical drive capacity (GB or TB)
Drive Version Firmware version of the drive
DKB1 Name of the DKB1 which controls the physical devices
DKB2 Name of the DKB2 which controls the physical devices
Serial Number# Serial product number of the physical devices

• yy: year (last 2 digits)
• mm: month (2 digits)
• xxxxxxxx: product number of the physical devices
RAID Level RAID level of the physical devices

• RAID1(2D+2D)
• RAID5(7D+1P)
• RAID6(6D+2P)
• RAID6(14D+2P)
RAID Concatenation#0 Number indicating a parity group #0 connected to this parity group
Output example: 2-1, 3-1, 4-1
Resource Group Name Name of resource group to which the parity group of physical devices belong
Resource Group ID ID (0 to 1023 binary)
Encryption Enable or disable status of the parity group to which the physical devices belong
• Enabled: Encryption is enabled.
• Disabled: Encryption is disabled.

Ports report
The following illustration shows an example of part of a ports report. The
actual report includes several more columns of information. The table
Item Description
CHB Name of the channel board
Type Package type of the channel board
Port Location Name of the port on the channel board
Port Attribute Attribute of the port
TCP Port Number Port number to use for a socket (decimal)
Internal WWN / Internal WWN / iSCSI name of the port

iSCSI Name
Fabric One of the Fibre topology settings indicating the setting status of the Fabric switch
Connection Type One of the Fibre topology settings

• Point to Point
• FC-AL
IPv4 : IP Address IPv4 address of the port
Output example: 192.168.0.100
IPv4 : Subnet Mask IPv4 subnet mask of the port
IPv4 : Default Gateway IPv4 default gateway of the port
IPv6 : Mode IPv6 settings of the port

• Enabled
• Disabled
IPv6 : Link Local Address IPv6 link local address of the port (16-digit hexadecimal)
IPv6 : Global Address IPv6 global address of the port.
Output example: xxx:xxx:xxx:xxx:xxx:xxx:xxx:xxx

Item Description
IPv6 : Assigned Default Assigned IPv6 default gateway

Gateway
Selective ACK Selective ACK mode

• Enabled
• Disabled
Ethernet MTU Size (Byte) MTU settings (binary)

• 1,500
Keep Alive Timer iSCSI keep alive timer (0 to 64,800) (sec)
VLAN : Tagging Mode Tagging mode of VLAN

• Enabled
• Disabled
VLAN : ID Number of VLAN set to the port (1 to 4,094)
CHAP User Name User name for the CHAP authentication
iSNS Server : Mode iSNS mode settings

• ON
• OFF
iSNS Server : IP Address IP address of the iSNS server (30 to 65,535)
iSNS Server : TCP Port Number of the TCP port used in iSNS (binary)
Number
Address (Loop ID) Fibre port address and Loop ID of the port
Port Security Security of the port

• Enabled
• Disabled
Speed Data transfer speed of the port
Resource Group Name Name of the resource group to which the port belongs
Resource Group ID ID for the resource group to which the port belongs (0 to 1023)
Number of Hosts The number of the hosts registered to the port
Number of LUNs The number of the LU paths defined to the port
Number of LDEVs The number of the logical volumes that can be accessed through the port
Number of PGs The number of the parity groups having the logical volumes that can be accessed
through the port
Number of DKBs The number of the disk boards controlling the parity group that contains the logical
volumes that can be accessed through the port
Power Consumption report

The following illustration shows an example of a power consumption report. A
record is created every two hours for each power consumption and
temperature monitoring data. The table following the illustration describes
the items in the report.

No records are created during a system power failure or if the breakers are
turned off. If the system is in maintenance mode or the SVP is rebooted, up
to two hours of records could be lost.
If a failure occurs in the storage system, the correct information might not be
output.
Item Description
Date and Time Date and time when power consumption and
temperature were recorded for the two-hour
period
Power Consumption Average (W) Average of the power consumption
Power Consumption Maximum (W) Maximum of the power consumption
Power Consumption Minimum (W) Minimum of the power consumption
TEMP:DKC0-Cluster1 Average (degrees C) Average temperature of DKC0:CL1
TEMP:DKC0-Cluster1 Maximum (degrees C) Maximum temperature of DKC0:CL1
TEMP:DKC0-Cluster1 Minimum (degrees C) Minimum temperature of DKC0:CL1
TEMP:DKC0-Cluster2 Average (degrees C) Average temperature of DKC0:CL2
TEMP:DKC0-Cluster2 Maximum (degrees C) Maximum temperature of DKC0:CL2
TEMP:DKC0-Cluster2 Minimum (degrees C) Minimum temperature of DKC0:CL2
Table 10 Power Consumption report for DB00

Item Description
Date and Time Date and time when temperature was recorded
TEMP:DB00-DBPS00-1 Average (Temperature in Average temperature, maximum temperature,
degrees C) and minimum temperature of the DB for the
two-hour period. Outputs in the following
TEMP:DB00-DBPS00-1 Maximum (Temperature format:
in degrees C),

TEMP:DB00-DBPS00-1 Minimum (Temperature TEMP:DB XX -DBPS XX -CL Average, Maximum,
in degrees C), or Minimum (Temperature in degrees Celsius)
• XX: DB number
TEMP:DB00-DBPS00-2 Average (Temperature in
degrees C), 00 to 07 (VSP G200)
TEMP:DB00-DBPS00-2 Maximum (Temperature 00 to 22 (VSP F400, F600 with DBF)

in degrees C),
00 to 23 (VSP G400, G600, VSP F400, F600 with
TEMP:DB00-DBPS00-2 Minimum (Temperature DBF)
in degrees C)
00 to 46 (VSP F800 with DBF)
00 to 47 (VSP G800 or VSP F800 with DBF)

• CL: Cluster number (1 or 2)
Spare Drives report

The following illustration shows an example of a spare drives report. The
Item Description
Drive Capacity Capacity of the spare drive

Drive Type-Code Type code of the spare drive
Location Location of the spare drive

SSD Endurance report
The following illustration shows an example of an SSD endurance report. The
Item Description
Drive Type-Code Type code of the SSD

Drive Capacity Capacity of the SSD
Location Location of the SSD
Used Endurance Indicator Used endurance of the SSD
(%)

Storage System Summary report
The following illustration shows an example of part of a Storage System
Summary report. The actual report includes several more rows of
information. The table following the illustration describes the items in the
report.
Figure 1 Storage System Summary report (VSP G200)

Figure 3 Storage System Summary report (VSP G400, VSP G600)

Figure 4 Storage System Summary report (VSP G400, VSP G600)

Item Description
Storage System Type Type of the storage system

Serial Number Serial number of the storage system
IP Address IP address of the SVP
Microcode Versions Version of the following programs.
• Main
• DKB
• ROM BOOT
• RAM BOOT
• Expander
• Config
• CFM
• HDD
• Printout Tool
• CHB (iSCSI)
• CHB (FC16G)
• GUM
• Unified Hypervisor
• NASFWINST
• NASFW
Number of CUs The number of control units in the storage system
Shared Memory Size (GB) Capacity of shared memory
Includes the cache management information (directory)

Cache Size (GB) Capacity of the cache
Number of DKBs The number of disk boards on the module
System Options List of the system options specified for the storage system

Item Description
Drive Capacity (TB) Total capacity of drives in the storage system except for external volumes
Spare Drive Capacity (TB) Total capacity of the spare drives in the storage system
Free Drive Capacity (GB) Total capacity of the free drives in the storage system
Volume Capacity (GB) 1 List of the capacity of the open volumes
Number of LDEVs1 List of the numbers of the volumes in the following status.
• Allocated
• Unallocated
• Reserved
• V-VOL
Notes:
1. 1. You cannot sort the list.
Reports in graphical view

The reports described in this topic display as graphics. icons are displayed
before the names of reports in graphical view. If the icons or graphics are not
displayed properly, update the window.
Cache Memories report

This report shows cache memory data, including shared memory, main
board, and DIMM capacity. The total cache memory is displayed for each
module.
Figure 7 Cache Memories report (VSP G200)

Figure 8 Cache Memories report (VSP G400, G600, VSP F400, F600)

Figure 9 Cache Memories report (VSP G800, VSP F800)
Total capacity of the cache memory and shared memory is displayed
separately for each module.
Channel Boards report

This report shows the channel boards and the ports and types of channel
boards for each channel board. The keys show which channel boards are
installed (green keys) and which channel boards are not installed (gray
keys).
If a PCIe channel board installed in the DKC is connected to a channel board

box, the status of the channel board box is displayed.
If a NAS module is mounted on a channel board, the status of the module is

displayed.

Figure 10 Channel Boards (VSP G200)
Figure 11 Channel Boards report (VSP G400, G600, VSP F400, F600)

Figure 12 Channel Boards Report (when a NAS module is mounted)
Figure 13 Channel Boards report (VSP G800, VSP F800)

Figure 14 Channel Boards report (when a channel board box is
connected)
Figure 15 Channel Boards report (when a NAS module is mounted)

Physical View report
This report shows disk controller chassis and drive boxes, and includes
channel boards, disk boards, data drives, spare drives, and free drives.
It also shows the storage system type, serial number, and software version.
You can check the legend for disk units, such as SAS, SSD, Spare, Free, or
Not Installed.
If a PCIe channel board installed in the DKC is connected to a channel board

box, the status of the channel board box is displayed.

Figure 16 Physical View report (VSP G200)

Figure 17 Physical View report (VSP G400, G600)

Figure 18 Physical View report (when a NAS module is mounted)

Figure 19 VSP F400, F600 with DBF

Figure 20 Physical View report (VSP G800)

Figure 21 Physical View report (when a channel board box is connected)

Figure 22 Physical View report (when a NAS module is mounted)

Figure 23 VSP F800 with DBF
CSV files
This topic describes reports that are saved in CSV format.
AllConf.csv
This is the concatenated file of all the csv files.
CacheInfo.csv
This CSV file contains information about the cache memory on the controller
board. A record is created for each cache memory.
Table 11 CacheInfo.csv file (Title: <<Cache>>)
Item Content
Location Name of the cache controller board on which the memory is installed
CMG#0 Size (GB) Cache memory capacity in the controller board per CMG (16/32/64/128/ blank). The
number of CMG differs by model and the displayed items are different.
CMG#1 Size (GB) • VSP G200: Only CMG#0 Size displays
• VSP G400, G600, G800 or VSP F400, F600, F800: CMG#0 Size and CMG#1 Size
display
Depending on the installed number of the cache memory (DIMM), one of the CMG
capacities might be blank for VSP G400, G600, G800 or VSP F400, F600, F800.
Cache Size (GB) Total cache memory capacity on the controller board (0 to 256)

Item Content
SM Size (MB) The capacity that cannot be used as data cache memory in the total cache memory
capacity inside of the controller board.
The capacity per cluster is displayed.
Includes the shared memory capacity, cache directory capacity, and the fixed capacity.
Fixed capacity is the cache memory capacity that is used for controlling the storage
system with the controller board.
• VSP G200: (0 to 18944)

• VSP G400, G600 or VSP F400, F600: (0 to 37888)
• VSP G800 or VSP F800: (0 to 47744)
CFM#0 Type Type of CFM in the cluster (BM 10/BM 20/BM 30/blank). The number of CFM differs by
model and the number of the displayed items are different.
CFM#1 Type • VSP G200: CFM#0 type only
• VSP G400, G600, G800 or VSP F400, F600, F800: CFM #0 Type or CFM#1 Type
Depending on the installed CFM number, one of the CFM types might be displayed as
blank.
Information about the NAS module is not displayed in this CSV file.
Unified Hypervisor Cache The cache memory capacity (blank/16/32/64) (Unit: GB) assigned for Unified
Size (GB) Hypervisor usage within the total cache memory capacity in controller board.
• Blank if Unified Mode of DkcInfo.csv is Off.
This item is not displayed for VSP G200.
ChapUserInfo.csv
This CSV file contains information about the iSCSI CHAP authenticated user
registered to the port in the channel board. A record is created for each
target related to the CHAP authenticated user. Information about the NAS
module is not displayed in this CSV file.
Table 12 ChapUserInfo.csv file Title: <<CHAP User Information>>)
Item Content
Port Port name

User Name Name of the CHAP authenticated user1
iSCSI Target ID2 The iSCSI number of the target (00 to fe, hexadecimal)
Notes:
1. If the character string contains a comma, the comma is converted to a tab.
2. For the target information, see the record information with the same iSCSI target ID in IscsiTargetInfo.csv.
ChaStatus.csv
This CSV file contains information about the status of each channel board
(CHB). A record is created for each CHB.

Table 13 ChaStatus.csv file (Title: <<CHB Status>>)
Item Content
CHB Location CHB name (CHB-1A/1B/1C/1D or CHB-2A/2B/2C/2D if Package Type is NAS module)
PCB Status Status of this CHB1 (Blank if CHB location is CHB-1A/1B/1C/1D or CHB-2A/2B/2C/2D
in NAS module)
Port#00, #01, …, #03 Status of ports on this CHB(Blank if CHB location is CHB-1A/1B/1C/1D or
CHB-2A/2B/2C/2D in NAS module)
Notes:
1. 1 Normal, 0: Abnormal
DeviceEquipInfo.csv
This CSV file contains information about equipment and devices that are part
of the storage system, including power supplies and batteries for DKC, DB,
and CHBB. A record is created for each device.
Table 14 DeviceEquipInfo.csv file (Title: <<Device Equipment

Information>>)
Item Content
Device Location Device location name. For example:

• For DKCPS: DKCPS-00
• For DKUPS: DKUPS000-1
• For Battery: BATTERY-1BA
• For SVP: SVP-BASIC
Equip Status Equipment status of the device:
• Equipped
• Not Equipped
Status Status of the device:
• Normal
• Abnormal
• Blank if "Equip Status" is Not Equipped
DkaInfo.csv
This CSV file contains information about disk boards (DKBs). A record is
created for each DKB.
Table 15 DkaInfo.csv file (Title: <<DKB Information>>)
Item Content
DKB Location DKB name

Package Type DKB type
Output example:
• Unecryption DKB (2Port)
• Encryption EDKB (2Port)

DkaStatus.csv
This CSV file contains information about the status of disk boards (DKBs). A
record is created for each DKB.
Table 16 DkaStatus.csv file (Title: <<DKB Status>>)
Item Content
DKB Location DKB name

PCB Status Status of this DKB1
BECON#00 Status of BECON1
BEPORT#0000 to #0001 Status of BEPORT on this DKB1
Items are output in the format BEPORT#XXYY, where:

• XX: BE controller number (2-digit hexadecimal)
• YY: BE port number (2-digit hexadecimal)
Notes:
1. 1: Normal, 0: Abnormal
DkcInfo.csv
This CSV file contains information about the DKC. A record is created for each
module.
When Module #1 is not installed, the record for Module #1 is not created.
Table 17 DkcInfo.csv file (Title: <<DKC Information>>)
Item Content
Storage System Type Storage system type.
Output example:
• G2001
• VSP G400, G600 and VSP F400, F6002
• VSP G800 and VSP F8003
Serial Number # Serial product number (decimal, from 400001 to 499999)
IP Address IP address
Output example: xxx.xxx.xxx.xxx (decimal, 0 to 255)

Subnet Mask Subnet mask
Output example: xxx.xxx.xxx.xxx (decimal, 0 to 255)

Number of CUs Number of CUs (decimal, 0 to 64)
Number of DKBs Number of DKBs (decimal, 0 to 8)
Zero (0) is sometimes displayed if an HDD is not installed.

Configuration Type Configuration type
Output example: PCM

Model Storage system model: S, M, or H

Item Content
Unified Mode Unified Mode of the storage system.

• On: Operating with Unified Mode
• Off: Not operating with Unified Mode
This item is not displayed for VSP G200.

Notes:
• To determine if the model type is VSP G200, see PpInfo.csv on page 249.
○ VSP G200: Install is Enabled for Model upgrade license
• To determine whether the model type is VSP G400, VSP F400, VSP G600, or VSP F600, see PpInfo.csv on
page 249.
○ VSP G400: Install is Disabled for both Model upgrade license and All Flash Array
○ VSP F400: Install is Disabled for Model upgrade license and Install is Enabled for All Flash Array
○ VSP G600: Install is Enabled for Model upgrade license and Install is Disabled for All Flash Array
○ VSP F600: Install is Enabled for both Model upgrade license and All Flash Array
• To determine whether the model type is VSP G800 or VSP F800, see PpInfo.csv on page 249.
○ VSP G800: Install is Disabled for All Flash Array
○ VSP F800: Install is Enabled for All Flash Array
DkuTempAveInfo.csv
This CSV file contains information about DB temperature for every two hours.
A record is DB temperature information obtained from the environment
monitor. A record output to the first line shows the latest temperature
information. Because DB temperature information is measured by DBPS,
items are displayed in this unit*.
DkuTempAveInfo.csv shows the average temperature as DB temperature

data. The total number of items depends on the model (VSP G200: 17, VSP
G400/VSP F600/VSP G600/VSP F600: 49, VSP G800/VSP F800: 97).
The DB temperature data displayed in DkuTempAveInfo.csv (average

temperature only), DkuTempMaxInfo.csv (maximum temperature only), and
DkuTempMinInfo.csv (minimum temperature only) is the same value as the
DB temperature data for DkuTempInfo.csv.
If the system is in maintenance mode or the SVP is rebooted, the data that is
output every two hours might not contain data for the period. If a failure
occurs in the storage system, the correct information might not be output.
The table below shows VSP Gx00 models and VSP Fx00 models with DBF.
Table 18 DkuTempAveInfo.csv file (Title: <<DB temperature average

Information>>)
Item Description
Date Year, month, and date when temperature data

was acquired in the format:
YYYY/MM/DD hh:mm:ss

Item Description
DB00 DBPS001 Average temperature (°C) for the two-hour

period of DB00 DBPS001
Temperature average
Temperature average
For VSP G200, item shows up to DB07 DBPS072.
For VSP G400/VSP G600, item shows up to

DB23 DBPS232.
Note: An item name is displayed as DBxx DBPSxxy. The names are listed in
ascending order of the DB number. See DkuTempInfo.csv on page 221 for
locations and values for DBxx and DBPSxxy.
The following table lists VSP Fx00 models with DBF.
Item Description

YYYY/MM/DD hh:mm:ss
DB00&01 DBPS001 Average temperature (°C) for the two-hour
period of DB00&01 DBPS001
Temperature average
Temperature average
For VSP F400, F600, item shows up to DB22&23
DBPS232.
Note: An item name is displayed as DBxx&xx+1 DBPSxxy or DBxx&xx+1

DBPSxx+1y. The names are listed in ascending order of the DB number. See
DkuTempInfo.csv on page 221 for locations and values of DBxx&xx+1
DBPSxxy or DBPSxx+1y.
Note that DBPS temperature information in the DBPSxx+1y format is not

output.
DkuTempInfo.csv
DkuTempInfo.csv shows the average temperature, maximum temperature,

and minimum temperature as DB temperature data. The total number of
items depends on the model (VSP G200: 49, VSP G400, VSP F600, VSP
G600, VSP F600: 145, VSP G800, VSP F800: 289).

Table 19 DkuTempInfo.csv file (Title: <<DB temperature Information>>)
Item Description

YYYY/MM/DD hh:mm:ss
Temperature average
DB00 DBPS001 Maximum temperature (°C) for the two-hour
Temperature maximum value
DB00 DBPS001 Minimum temperature (°C) for the two-hour
Temperature minimum value
Temperature average
For VSP G400, VSP G600, item shows up to

DB23 DBPS232.

DB23 DBPS232.

DB23 DBPS232.
*Note: An item name is displayed as DBxx DBPSxxy. The names are listed in
ascending order of the DB number.
The following tables list DBxx and DBPSxxy: xx values, where xx is a value
from 00 to 07 (VSP G200), 00 to 23 (VSP G400, G600), or 00 to 47 (VSP
G800).

DB # 0 1 2 3 4 5
xx 00 01 02 03 04 04
DBxx DB00 DB01 DB02 DB03 DB04 DB05
DBxxy DBPS00y DBPS01y DBPS02y DBPS03y DBPS04y DBPS05y
DB # 42 43 44 45 46 47
xx 42 43 44 45 46 47
DBxx DB42 DB43 DB44 DB45 DB46 DB47
DBxxy DBPS42y DBPS43y DBPS44y DBPS45y DBPS46y DBPS47y
The following table lists the DBPSxxy: y values (where DB# is 0 and xx is 00)
DB# 0
y 1 2
DBPSxxy: y DBPS001 DBPS002
Item Description

YYYY/MM/DD hh:mm:ss
Temperature average
DB00&01 DBPS001 Maximum temperature (°C) for the two-hour
DB00&01 DBPS001 Minimum temperature (°C) for the two-hour
Temperature average
Temperature average

Item Description

Temperature average
: :
Temperature average
DBPS232.
DBPS232.
DBPS232.
*Note: An item name is displayed as DBxx&xx+1 DBPSxxy or DBxx&xx+1

DBPSxx+1y. The names are listed in ascending order of the DB number.
The following tables list DBxx&yy: xx values, where xx is a value from 00 to

22 (VSP F400, F600), 00 to 46 (VSP F800), and yy values, where yy is a
value of (<xx value> +1).
DB # 0 1 2 3 4 5
xx 00 00 02 02 04 04
DBxx&xx+1 DB00&01 DB00&01 DB02&03 DB02&03 DB04&05 DB04&05
DBPSxxy DBPS00z - DBPS02z - DBPS04z -
DBPSxx+1y - DBPS01z - DBPS03z - DBPS05z
DB # 42 43 44 45 46 47
xx 42 43 43 44 46 46

DB # 42 43 44 45 46 47
DBxx&xx+1 DB42&43 DB42&43 DB44&45 DB44&45 DB46&47 DB46&47
DBPSxxy DBPS42z - DBPS44z - DBPS46z -
DBPSxx+1y - DBPS43z - DBPS45z - DBPS47z
The following table lists DBPSxxy or DBPSxx+1y:y values, where DB# is 0 or

1.
DB # 0 1
z 1 2 1 2
DBPSxxy DBPS001 DBPS002 - -
DBPSxx+1y - - DBPS011 DBPS012

output.
DkuTempMaxInfo.csv
DkuTempMaxInfo.csv shows the maximum temperature as DB temperature


Table 20 DkuTempMaxInfo.csv file (Title: <<DB temperature maximum

value Information>>)
Item Description


Item Description
YYYY/MM/DD hh:mm:ss
For VSP G400/VSP G600, item shows up to

DB23 DBPS232.
Note: An item name is displayed as DBxx DBPSxxy. The names are listed in
ascending order of the DB number. See DkuTempInfo.csv on page 221 for
locations and values for DBxx and DBPSxxy.
Table 21 DkuTempMaxInfo.csv file (Title: <<DB temperature maximum

Item Description

YYYY/MM/DD hh:mm:ss
: :
DBPS232.

DkuTempInfo.csv on page 221 for locations and values for DBxx&xx
+1,DBPSxxy, and DBPSxx+1y.

output.
DkuTempMinInfo.csv

DkuTempMinInfo.csv shows the average temperature as DB temperature

Table 22 DkuTempMinInfo.csv file (Title: <<DB temperature minimum

Item Description

YYYY/MM/DD hh:mm:ss
For VSP G400/VSP F600/VSP G600/VSP F600,

item shows up to DB23 DBPS232.
Item Description

YYYY/MM/DD hh:mm:ss
: :
DBPS232.


DkuTempInfo.csv on page 221 for locations and values for DBxx&xx+1,
DBPSxxy, and DBPSxx+1y.

output.
ELunInfo.csv
This CSV file contains information about external volumes. Information about
one external volume is output to multiple records according to the number of
prioritized paths between the local and the external storage systems.
For details of external volumes, see Hitachi Universal Volume Manager User
Guide. Information about the NAS module is not displayed in this CSV file.
Table 23 ELunInfo.csv file (Title: <<External LUN Information>>)
Item Content
VDEV# Virtual device number to which the external volume is mapped

Characteristic1 Identification number of the external volume1
Characteristic2 Extended information for identifying the external volume
Device Product name reported to the host by the external volume1
Capacity(blocks) Capacity of the external volume (in blocks)
Cache Mode Indicates whether the write data from the host to the external storage system is
reflected synchronously or asynchronously
• Enabled: Asynchronously
• Disabled: Synchronously
ECC Group Number of parity group to which the external volume is mapped.
If the number starts with "E" (for example, E1-1), the parity group contains external
volumes.
Range of values: E1-1 to E16384-4096

Current MPU Number and name of a current MP unit controlling the parity group to which the
external volume is mapped
• MPU-10
• MPU-11
• MPU-20
• MPU-21
Setting MPU Number and name of an MP unit configured to control the external volume indicated
by ECC Group
• MPU-10
• MPU-11
• MPU-20
• MPU-21
Vendor Vendor name of the external storage system
Product Name Product name of the external storage system
Serial Number# Serial product number of the external storage system
Path Mode Mode which indicates how the paths between local and external storage systems
operate
• Multi

Item Content
• Single
• ALUA
Port Name of a local port from which the external path is connected to the external storage
system
WWN Port identifier number of the external storage system
Blank if "Package Type" is iSCSI

LUN LU number set for the external volume.
Priority Priority of the paths between the storage systems to be used for connection with the
external volume.
"1" indicates the path of the highest priority.

Status Status of the path between storage systems.
• Normal
• Blocked
IO TOV I/O timeout value for the external volume
Range of values: 5 to 240

QDepth The number of Read/Write commands that can be issued to the external volume at a
time

Resource Group ID (ECC Resource group ID for the parity group that is mapping external volumes (in decimal
Group) format)

Resource Group Name (ECC Resource group name of the parity group that is mapping external volumes
Group)
Load Balance Mode I/O load balance distribution logic specified for external volume
• Normal Round-robin
• Extended Round-robin
• Disabled
A hyphen is displayed if Single is specified in Path Mode

Path Mode on Profile Path mode on profile information of the external storage system:
• Multi
• Single
ALUA Settable Indicates whether ALUA mode can be set as path mode on the external storage
system
• Yes: ALUA mode can be set
• No: ALUA mode cannot be set
ALUA Permitted Indicates whether ALUA is used as path mode on the local storage system:
• Enabled: ALUA mode is used
• Disabled: ALUA mode is not used
Target Port Asymmetric Status of the port on the external storage system when the path mode is ALUA:
Access State • Active/Optimized
• Active/Non-Optimized
Package Type Type of CHB to which a port of the local storage system connecting to the external
storage system belongs
• Fibre: 8FC4 (CHB), 16FC2 (CHB)
• iSCSI: 10iSCSI2o (CHB), 10iSCSI2c (CHB)

Item Content
IP Address IP address for an iSCSI target of an external storage system

• IPv6:
XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX (hexadecimal)
• IPv4:
XXX.XXX.XXX.XXX (decimal)
• Blank if "Package Type" is iSCSI.
TCP Port Number TCP port number (1 through 65535) for the iSCSI target of an external storage
system
Blank if "Package Type" is Fibre.

iSCSI Target Name iSCSI target name of an external storage system
Blank if "Package Type" is Fibre.

Notes:
EnvMonInfo.csv
This CSV file contains information about the power and temperature of the
storage system. Power and temperature measurements from the
environment monitor are recorded every two hours.
No records are created during a system power failure or if the breakers are
turned off. If the system is in maintenance mode or the SVP is rebooted, up
to two hours of records could be lost.
If a failure occurs in the storage system, the correct information might not be
output.
Table 24 EnvMonInfo.csv file (Title: <<Electric power and temperature

Information>>)
Item Description
Date Year, month, and date when record data was acquired for the two-hour period in the
format:
YYYY/MM/DD HH:MM:SS
Electric power average Average value of electric power (W)
Electric power maximum Maximum value of electric power (W)
value
Electric power minimum Minimum value of electric power (W)
value
In the following cases, a lower value might be temporarily displayed:
• When the storage system is starting up
• Right after replacing storage system parts
• During or after microcode update
DKC0 CL1 Temperature DKC0: Average temperature of CL1 (°C)
average

Item Description
DKC0 CL1 Temperature DKC0: Maximum temperature of CL1 (°C)

maximum value
DKC0 CL1 Temperature DKC0: Minimum temperature of CL1 (°C)

minimum value
DKC0 CL2 Temperature DKC0: Average temperature of CL2 (°C)
average
DKC0 CL2 Temperature DKC0: Maximum temperature of CL2 (°C)
maximum value
DKC0 CL2 Temperature DKC0: Minimum temperature of CL2 (°C)
minimum value
FcSpNameInfo.csv
This CSV file contains information about Fibre Channel Security Protocols
(FCSPs). A record is created for each initiator (host).
For details of port setting, see the Provisioning Guide for Hitachi Virtual
Storage Platform Gx00 and Fx00 Models. Information about the NAS module
is not displayed in this CSV file.
Table 25 FcSpNameInfo.csv file (Title: <<FC-SP Name Information>>)
Item Content
Port Port name

Host Group Host group name
Target Username WWN information about the storage system required for authentication (16-digit
hexadecimal number)
Authentication of Group Information about whether to perform authentication or not
• Enabled
• Disabled
Initiator Username WWN information about the host required for authentication (16-digit hexadecimal
number)
Protocol Protocol used for authentication ("CHAP" or blank)
FcSpPortInfo.csv
This CSV file contains information about ports related to Fibre Channel
Security Protocols (FCSPs). A record is created for each port.
For details of port setting, see the Provisioning Guide for Hitachi Virtual
Storage Platform Gx00 and Fx00 Models. Information about the NAS module
is not displayed in this CSV file.

Table 26 FcSpPortInfo.csv file (Title: <<FC-SP Port Information>>)
Item Content
Port Port name

Time out(Sec) Time interval (in seconds) before retrying authentication in case of failure in
authentication
Refusal Intvl.(Min) Time interval (in minutes) before starting next authentication in case of failure in
authentication for the number of times displayed by "Refusal Freq(Counts)"
Refusal Freq.(Counts) Number of times of authentication allowable for connection to a port
Switch Port Username WWN information about the Fabric switch required for authentication (16-digit
hexadecimal number)
Mode Mode of authentication between ports and FC switches
• Bidirectional
• Unidirectional
Authentication of Fabric Information about whether to perform authentication of the FC switch identified by
Switch "Switch Port Username"
• Enabled
• Disabled
HduInfo.csv
This CSV file contains information about hard drive boxes (DB). A record is
created for each drive box.
Table 27 DBInfo.csv file (Title: <<DB Information>>)
Item Description
DB Location DB location name

DB Status Information about whether this DB is installed
• Installed
• Not installed
Slot Size Slot size (inches)
• 2.5
• 3.5
• Blank for DBF (FMC and FMD).
DB Type DB type
• DBS (DB for 2.5-inch drives)
• DBL (DB for 3.5-inch drives)
• DB60 (dense drive box for 3.5-inch drives)
• DBF (DB for FMC and FMD, 2PORT)
• DBF (DB for FMC and FMD, 4PORT)
IscsiHostInfo.csv
This CSV file contains information about iSCSI Initiator (Host) set to the
channel board port. A record is created for each iSCSI Host (Initiator) target.

Table 28 IscsiHostInfo.csv file (Title: <<iSCSI Host Information>>)
Item Content
Port Port name

iSCSI Name iSCSI host name
Host Name Nickname for iSCSI host name
iSCSI Target ID1 iSCSI target number (hexadecimal format, 00 to fe)
Notes:
1. For the target information, see the record information with the same iSCSI target ID in IscsiTargetInfo.csv.
IscsiPortInfo.csv
This CSV file contains information about iSCSI information set to the channel
board port. A record is created for each iSCSI host (initiator) target.
Table 29 IscsiPortInfo.csv file (Title: <<iSCSI Port Information>>)
Item Content
Port Port name

IPv4 | IP Address IPv4 address
Output example: xxx.xxx.xxx.xxx (decimal)

IPv4 | Subnet Mask IPv4 subnet mask (decimal)

IPv4 | Default Gateway Port IPv4 default gateway

IPv6 | Mode Port IPv6 settings
• Enabled
• Disabled
IPv6 | Link Local Address Port IPv6 link local address
• Output example: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (hexadecimal)
• Output example: Auto
Auto is displayed if the link local address is automatically set. Blank if "IPv6 | Mode" is
Disabled.
IPv6 | Global Address IPv6 global address of the port
• Output example: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (hexadecimal)
• Output example: Auto
Auto is displayed if the global address is automatically set. Blank if "IPv6 | Mode" is
Disabled.
IPv6 | Assigned Default Port IPv6 assigned default gateway
Gateway • Output example: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (hexadecimal)
Blank if "IPv6 | Mode" is Disabled.

Channel Speed Data transfer speed of the port (10Gbps)
Security Switch Port security switch settings

Item Content
• On
• Off
TCP Port Number The number of the port for using socket (1 to 65535)
Ethernet MTU Size (Byte) | MTU settings
MTU • 1500
• 4500
• 9000
Keep Alive Timer (sec.) Keep alive timer value of iSCSI (30 to 64800) (sec)
Selective ACK Selective ACK mode
• Enabled
• Disabled
Delayed ACK Delayed ACK mode
• Enabled
• Disabled
Maximum Window Size (KB) Window scale option settings
• 64KB
• 128KB
• 256KB
• 512KB
• 1024KB
iSNS Server | Mode iSNS mode settings
• On
• Off
iSNS Server | IP Address IP address of the iSNS server
• IPv4: xxx.xxx.xxx.xxx (decimal)
• IPv6: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (hexadecimal)
• Blank if "iSNS Server | Mode" is Off.
iSNS Server | TCP Port Port number of TCP used for iSNS (1 to 65535).
Number
Blank if "iSNS Server | Mode" is Off.
VLAN | Tagging Mode VLAN tagging mode set to the port
• On
• Off
VLAN | ID VLAN number set to the port (1 to 4094)
Blank if "VLAN | Tagging Mode" is set to Off.

Resource Group ID (Port) Resource group ID of the port (0 to 1023 in decimal)
Resource Group Name(Port) Resource group name of the port
iSCSI Name iSCSI name of the port
CHAP User Name Authenticated user name of the port
IscsiTargetInfo.csv
This CSV file contains information about iSCSI target information set to the
channel board port. A record is created for each iSCSI target. Information
about the NAS module is not displayed in this CSV file.

Table 30 IscsiTargetInfo.csv file (Title: <<iSCSI Target Information>>)
Item Content
Port Port name

iSCSI Target Alias iSCSI target alias
iSCSI Target ID Number of the iSCSI target (00 to fe, hexadecimal)
Host Mode Host mode set to the iSCSI target (hexadecimal)
Host Mode Option Host mode option set to the iSCSI target (0 to 127, decimal)
Separated with a semicolon (;) if multiple host mode options are set.
Security Switch Security switch status set to the iSCSI target port
• On
• Off
Authentication | Method Authentication method settings of the iSCSI target
• CHAP
• None
• Comply with Host Setting
Authentication | Mutual Mutual CHAP authentication function settings of the iSCSI target
CHAP • Enabled
• Disabled
Authentication | User Name User name set when iSCSI target was authenticated
Resource Group ID (iSCSI Resource group ID of the iSCSI target (0 to 1023)
Target)
Resource Group Name (iSCSI Resource group name of the iSCSI target
Target)
JnlInfo.csv
This CSV file contains information about journals. A record is created for each
journal.
Table 31 JnlInfo.cvs file (Title: <<JNL Information>>)
Item Content
JNL# Journal number (in hexadecimal)

Current MPU Number and name of MP unit currently controlling the journal
(MPU-10, MPU-11, MPU-20, MPU-21)

Setting MPU Number and name of MP unit configured to control the journal
(MPU-10, MPU-11, MPU-20, MPU-21)
LdevCapaInfo.csv
This CSV file contains information about LDEV capacities. A record is created
for each of the classifications shown in "Volume Kind".

Table 32 LdevCapaInfo.csv file (Title: <<LDEV Capacity Information>>)
Item Content
Volume Kind The following classifications are output:

• Internal OPEN Volumes
• External OPEN Volumes
• Total OPEN Volumes
Allocated LDEV Capacity Allocated LDEV capacity
(GB)
Unallocated LDEV Capacity Unallocated LDEV capacity
(GB)
Reserved Capacity (GB) Reserved LDEV capacity
Total Volume Capacity (GB) Total capacity of "Allocated LDEV Capacity", "Unallocated LDEV Capacity" and
"Reserved Capacity"
Free Space (GB) Free Space
Total Capacity (GB) Total Capacity
The sum of "Total Volume Capacity" and "Free Space"
LdevCountInfo.csv
This CSV file contains information about the number of logical devices
(LDEVs). A record is created for each of the classifications shown in "Volume
Kind".
Table 33 LdevCountInfo.csv file (Title: <<LDEV Count Information>>)
Item Content
Volume Kind The following classifications are output:

• Internal Volumes
• External Volumes
• Total Volumes
Allocated OPEN LDEVs The number of allocated open-system volumes (LDEVs).
Unallocated OPEN LDEVs The number of unallocated open-system volumes (LDEVs).
Reserved OPEN LDEVs The number of reserved open-system volumes (LDEVs).
V-VOL The number of virtual volumes.
Output only when "Volume Kind" is Total Volumes.

Total(All LDEVs) Total number of LDEVs.
ECC Groups Total number of parity groups.
LdevInfo.csv
This CSV file contains information about logical devices (LDEVs). A record is
created for each LDEV.
For details of LDEVs, see the Provisioning Guide for Hitachi Virtual Storage
Platform Gx00 and Fx00 Models.

Table 34 Ldevinfo.csv file (Title: <<LDEV Status>>)
Item Content
ECC Group Number of parity group where the LDEV belongs.
Output example: X-Y (decimals)

external volumes.
• If "LDEV Type" is Dynamic Provisioning or Thin Image, a hyphen is output.
LDEV# LDEV number
(00:00:00 to 00:3f:ff)
LDEV Name LDEV name1
LDEV Emulation LDEV emulation type
LDEV Type LDEV type:
• Basic
• Dynamic Provisioning
• External
• Thin Image
• ALU
LDEV Attribute LDEV Attribute:
• CMDDEV (Command device)
• CMDDEV1 (Remote command device)
• Journal (Journal volume)
• Pool (Pool volume)
• Quorum disk (used with global-active device)
• ALU
• SLU
• Regular (Others)
Volume Size(Cyl) LDEV capacity (in cylinders)
Volume Size(MB) LDEV capacity (in MB)
Volume Size(Blocks) LDEV capacity (in blocks)
CVS Information about whether the LDEV is a custom-sized volume:
• On: Custom-sized volume
• Off: Others
Pool ID Pool number. This is blank except for the following cases:
• If "LDEV Type" is Dynamic Provisioning
• If LDEV Attribute is Pool
RAID Concatenation#0 Number of parity group to be concatenated to parity group (#0) identified by ECC
Group. Blank if the parity group is not concatenated to another parity group.
ORACLE CHECK SUM Information about whether this LDEV is an Oracle check sum target.
• On
• Off
Current MPU Number of the MP unit currently controlling the LDEV.
(MPU-10, MPU-11, MPU-20, MPU-21)

Item Content
Setting MPU Number of the MP unit configured to control LDEV.
(MPU-10, MPU-11, MPU-20, MPU-21)

Allocated Information about whether this LDEV is allocated to a host.
• "Y" is output for volumes accessible to the host.
Pool Name The pool's name1
• If the provisioning type is Dynamic Provisioning, the name of the pool related to
the logical volume is displayed.
• If the attribute is Pool, the name of the pool where the logical volume belongs is
displayed.
• When neither of the above are displayed, the pool name is blank.
CmdDevSecurity Indicates whether Security is specified as the attribute for the command device.
• Enabled: Command device security setting is set.
• Disabled: Command device security setting is not set.
• Blank: "LDEV Attribute" is not CMDDEV.
CmdDevUserAuth Indicates whether User Authentication is specified as the attribute for the command
device.
• Enabled: User authentication setting is set.
• Disabled: User authentication setting is not set.
CmdDevDevGrpDef Indicates whether Device Group Definition is specified as the attribute for the
command device.
• Enabled: Device group definition setting is set.
• Disabled: Device group definition setting is not set.
Resource Group ID (LDEV) LDEV resource group ID (number in the decimal format)
Resource Group Name LDEV resource group name (0 to 1,023, decimal)
(LDEV)
Encryption Indicates whether the parity group identified by ECC Group is encrypted.
• For external volumes: blank
T10 PI Indicates the T10 PI attribute set for the LDEV.
• Enabled
• Disabled
• Blank if "LDEV Emulation" is not OPEN-V.
ALUA Mode Indicates whether the ALUA mode is enabled.
• Enabled: ALUA mode is enabled.
• Disabled: ALUA mode is disabled.
Accelerated Compression Indicates whether accelerated compression is enabled.
For internal volumes:

• Enabled: accelerated compression is enabled.
• Disabled: accelerated compression is disabled.
If the parity group with LDEV does not support accelerated compression, a blank
space is displayed. Also, for external volumes, a blank is displayed.
Notes:

LdevStatus.csv
This CSV file contains information about the status of logical devices (LDEVs).
A record is created for each LDEV.
Table 35 LdevStatus.csv file (Title: <<LDEV Status>>)
Item Content
VDEV# Virtual device number in which the LDEV is defined

VDEV Status VDEV status of "VDEV#"
• 1: Normal
• 0: Abnormal
HDEV# LDEV number
HDEV Status LDEV status
• 1: Normal
• 0: Abnormal
LDEV Emulation LDEV emulation type
ECC Group Number of the parity group where the LDEV belongs.
external volumes.
• If the type of the LDEV is a Dynamic Provisioning or Thin Image virtual volume, a
hyphen is output.
Refer to "LdevInfo.csv" for information about the LDEV type.
LPartition.csv
This CSV file contains information about the cache logical partitioning
function. A record is created for each cache partition for a managed resource.
For details of the cache logical partitioning function, see the Performance
Guide for Hitachi Virtual Storage Platform Gx00 and Fx00 Models.
Table 36 LPartition.csv file (Title: <<Logical Partitioning>>)
Item Content
CLPR# CLPR ID (in decimal)

CLPR Name CLPR name
Cache Size(MB) Cache size allocated to this CLPR (in MB)
ECC Group Number of parity group allocated to this CLPR.
external volumes.
• If the type of the LDEV is a Dynamic Provisioning or Thin Image virtual volume, a
hyphen is output.
Refer to "LdevInfo.csv" for information about the LDEV type.
LDEV#(V-VOL) LDEV number allocated to this CLPR.
• VSP G200: (00:00:00 to 00:07:ff)
• VSP G400, G600 or VSP F400, F600: (00:00:00 to 00:0f:ff)
• VSP G800 or VSP F800: (00:00:00 to 00:3f:ff)

Item Content
The type of this LDEV is Dynamic Provisioning, Thin Image, or ALU.
LunInfo.csv
This CSV file contains information about LU path definitions. A record is
created for each host group. For more information about LU path definitions,
see the Provisioning Guide for Hitachi Virtual Storage Platform Gx00 and
Fx00 Models.
Table 37 LunInfo.csv file (Title: <<LUN Information>>)
Item Description
Port Port name

If "Package Type" is iSCSI, the iSCSI target alias is output.

Host Mode Host mode specified for this host group (hexadecimal)
Host Mode Option Host mode option set for this host group (0 to 127, hexadecimal)
If more than one option is specified, the options are separated by semicolons (;).
LUN# LUN number for this LU path definition (hexadecimal)
LDEV# LDEV number for this LU path definition
Command Device Information about whether the LDEV is a command device:
• On: Command Device
• On*: Remote Command Device
• Off: Others
Command Security Information about whether the command device is secured:
• On
• Off
CVS Information about whether the LDEV is a custom-sized volume:
• On: Customized volume
• Off: Other volumes
CHB Location Name of the CHB on which this port is installed
CHB-1A/1B/1C/1D or CHB-2A/2B/2C/2D if Package Type is NAS module.

Package Type CHB type for CHB Location:
• Fibre:
○ 8FC4 (CHB)
○ 16FC2 (CHB)
• iSCSI:
○ 10iSCSI2o (CHB)
○ 10iSCSI2c (CHB)
• NAS module:
○ NAS module (CHB)
Resource Group ID (Host Resource group ID of a host group (0 to 1,023, decimal)

Group)
Resource Group Name (Host Resource group name of a host group
Group)

Item Description
T10 PI Mode Indicates whether the T10 PI mode can be applied to the port for which the LU path is
defined.
• Enabled
• Disabled
• Blank if "Package Type" is not 16FC2 (CHB)
T10 PI Information about the T10 PI attribute which is set for the LDEV number of the LU
path definition.
• Enabled
• Disabled
• Blank if LDEV# is blank
Asymmetric Access State Asymmetric access status (output only for an open system CHA that is Fibre or FCoE)
Indicates the asymmetric access status:
• Active/Optimized: Prioritized
• Active/Non-Optimized: Lower priority
Blank if "Package Type" is iSCSI
LunPortInfo.csv
This CSV file contains information about LU path definition. A record is
created for each port.
For details of LU path definition, see the Provisioning Guide for Hitachi Virtual
Storage Platform Gx00 and Fx00 Models.
Table 38 LunPortInfo.csv file (Title: <<LUN Port Information>>)
Item Content
Port Port name.

Security Switch The setting status of the security switch:
• On
• Off
• Blank if "Package Type" is NAS module
Port Address Port address (2-digit hexadecimal number)
Blank if "Package Type" is iSCSI or NAS module

Loop ID Port address (0 - 125, decimal)

Fabric One of the Fibre topology settings indicating the setting status of the Fabric switch:
• On
• Off
• Blank if "Package Type" is iSCSI or NAS module
Connection One of the Fibre topology settings:
• Point to Point
• FC-AL
• Blank if "Package Type" is iSCSI or NAS module
Channel Speed Channel Speed of this port
• 1 Gbps
• 2Gbps

Item Content
• 4Gbps
• 8Gbps
• 10Gbps
• 16Gbps
• Auto
• Blank if "Package Type" is NAS module
WWN WWN of this port (hexadecimal number)

CHB Location CHB on which the port is installed. CHB-1A/1B/1C/1D or CHB-2A/2B/2C/2D if
"Package Type" is NAS module.
Package Type CHB type for CHB Location
• Fibre:
○ 8FC4 (CHB)
○ 16FC2 (CHB)
• iSCSI:
○ 10iSCSI2o (CHB)
○ 10iSCSI2c (CHB)
• NAS module:
○ NAS Module (CHB)
T10 PI Mode Indicates whether the T10 PI mode can be applied to the port.
• Enabled
• Disabled
MicroVersion.csv
This CSV file contains information about software versions.
Table 39 MicroVersion.csv file (Title: <<Software Version>>)
Item Content
DKCMAIN The version of the firmware for the RAID storage system (10 digits)
ROM BOOT ROM BOOT firmware version (6 digits)
RAM BOOT RAM BOOT firmware version (6 digits)
Config Config version (8 digits)
HDD HDD firmware version (4 digits)
HDD version in the format "(HDD-device-type - code):(version)".
If an HDD drive is not installed, only a colon is displayed.

Expander Expander firmware version (6 digits)
CFM CFM firmware version (8 digits)
DKB DKB firmware version (6 digits)
Printout Tool Printout tool version (xx-yy-zz-mm/aa)
CHB (FC16G) 16G FC protocol chip firmware version (8 digits)
CHB (iSCSI) CHB(iSCSI) protocol chip firmware version (8 digits)

Item Content
GUM GUM firmware version (8 digits)
Unified Hypervisor Unified Hypervisor version (8 digits)

• The version is displayed in each CL1, CL2.
• This item is not displayed in VSP G200.
NASFWINST NASFWINST version (9 digits)
NASFW NASFW version (9 digits)
MlcEnduranceInfo.csv
This CSV file contains information about endurance information of MLC. A
record is created for each MLC endurance information.
If you change the SVP time 1 month or more, the history acquisition months
will not be in order.
Table 40 MlcEnduranceInfo.csv file (Title: <<MLC Endurance

Information>>)
Item Content
ECC Group Number of parity group of which this MLC (including FMD and FMC) is a component
• If it is a spare drive, Spare Drive is displayed.
• If it is a free drive, Free Drive is displayed.
CR# C# and R# (2-digit hexadecimal numbers), which identify the PDEV
Output in the format of "XX/YY"
XX: C#
YY: R#
Device Type-Code Drive type code of this drive
Output example: SLR5A-M800SS

Used Endurance Indicator Current SSD life (0 to 100)
(%)
History1 (date) Date on which SSD life was acquired (1 month ago)
Output example: yyyy/mm/dd

History1 (%) SSD life (0 to 100)(1 month ago)
History2 (date) Date on which SSD life was acquired (2 months ago)
Output example: yyyy/mm/dd

History2 (%) SSD life (0 to 100) (2 months ago)
History3 (%) ... History 119 SSD life (0 to 100) (3 months ago ...119 months ago)
(%)
History120 (date) Date on which SSD life was acquired (120 months ago)

Item Content
History120 (%) SSD life (0 to 100) (120 months ago)
ModePerLpr.csv
This CSV file contains information about system option modes. A record is
created for each system option mode.
Table 41 ModePerLpr.csv file (Title: <<System Option Mode Per LPR>>)
Item Content
System Option Mode# System option mode # (0 to 2047, decimal number)

LPR#0, LPR#1, …, LPR#31 System option mode for LPR#0 to LPR#31
• If the system option mode is on:
On
• If the system option mode is not on:
Blank
MpPathStatus.csv
This CSV file contains information about the status of logical paths. A record
is created for each MP blade or LR.
Table 42 MpPathStatus.csv file (Title: <<MP Path Status>>)
Item Content
MPU#/CTL# MP unit number or CTL number (2-digit hexadecimal number)

• For MP unit number
MPU#00 to MPU#03
The MPU#01 or MPU#03 line is blank if Unified Mode of DkcInfo.csv is On.
• For CTL number
CTL#00 to CTL#01
CMG#00-00 to 01 Path status1 for the MP unit number with the cache module
CMG#01-00 to 01 (CMG#XX-YY) XX: I path, YY: CMG#
For VSP G200, CMG#00-00 to 01 only

MPU#00-00 to 03 Path status1 and the MP unit for the MP unit number
MPU#01-00 to 03 (MPU#XX-YY) XX: I path, YY: MPU#
The display in MPU#00-01, MPU#00-03, MPU#01-01, or MPU#01-03 is blank if Unified

Mode of DkcInfo.csv is On.
For VSP G200, MPU#00-00 to 03 only

CMG#00-00 to 01 Path status1 with the cache module for the CTL number
CMG#01-00 to 01 (CMG#XX-YY) XX: I path, YY: CMG#
For VSP G200, CMG#00-00 to 01 only

MPU#00-00 to 03 Path status1 with the MP unit number for the CTL number

Item Content
MPU#01-00 to 03 (MPU#XX-YY) XX: I path, YY: MPU#
For VSP G200, MPU#00-00 to 03 only
The display in MPU#00-01, MPU#00-03, MPU#01-01, or MPU#01-03 is blank if Unified

Mode of DkcInfo.csv is On.
Note:
1. 1=Normal, 0=Abnormal
MpPcbStatus.csv
This CSV file contains information about the status of MP Unit. A record is
created for each MP unit.
Table 43 MpPcbStatus.csv file (Title: <<MP PCB Status>>)
Item Content
MPU ID MP unit ID (MPU-10, MPU-11, MPU-20, MPU-21)
MPU-10 and MPU-20 are displayed if Unified Mode of DkcInfo.csv is On.

Auto Assignment Information about whether this MP unit is set to be automatically assigned to each
resource.
• Enabled: Set to be automatically assigned
• Disabled: Not set to be automatically assigned
PCB Status MP unit status1
MP#00, #01,..., #07 MP status1
The number of output items differs for each model, because the number of installed
MPs is different.
• VSP G200: MP#00,01
• VSP G400, G600 or VSP F400, F600: MP#00, 01,…, 03
• VSP G800 or VSP F800: MP#00, 01,…, 07
Note:
PcbRevInfo.csv
This CSV file contains information about revisions of packages such as
channel boards (CHBs) and others. A record is created for each package.
Table 44 PcbRevInfo.csv file (Title: <<PCB Revision Information>>)
Item Content
Cluster# Cluster number

• 1
• 2
Location Name of the part
FRU number Product name of the package or some other name

Item Content
PK Revision Revision of the package
Factory Factory manufacturing the package

Number Serial number of the package
MAC Address MAC address of the package
PdevCapaInfo.csv
This CSV file contains information about physical device (PDEV) capacities. A
record is created for each of the classifications shown in "PDEV Kind".
Table 45 PdevCapaInfo.csv file (Title: <<PDEV Capacity Information>>)
Item Content
PDEV Kind The following four classifications are output:

• OPEN System (TB)
• Total Capacity (TB)
• Number of PDEVs
SAS Drive SAS drive capacity (TB)
Spare Drive Spare drive capacity (TB)
SSD Drive SSD capacity (TB)
Free Drive Free drive capacity (TB)
PdevInfo.csv
This CSV file contains information about physical devices (PDEVs). A record is
created for each PDEV.
Table 46 PdevInfo.csv file (Title: <<PDEV>>)
Item Content
ECC Group Number of parity group of which this PDEV is a component.

• Spare Drive: For spare drives
• Free Drive: For free drives
Emulation Type Emulation type for the parity group indicated by "ECC Group"
• Blank: "ECC Group" is Spare Drive.
• Free Drive: "ECC Group" is Free Drive.
Output in the format XX/YY, where:

• XX: C#
• YY: R#
PDEV Location PDEV location name
Device Type Drive type
• SAS
• SSD

Item Content
RPM Revolutions per minute
Blank displays as RPM when the drive is SSD.

Device Type-Code Device type code of this drive
Output example: DKR5D-J600SS

Device Size Drive size (inches)
• 2.5
• 3.5
• Blank for DBF (FMC or FMD)
Device Capacity Drive capacity (GB or TB)
Drive Version Drive firmware version (4-digit hexadecimal number)
DKB1 Name of the DKB1 controlling the PDEV
DKB2 Name of the DKB2 controlling the PDEV
Serial Number # Serial number of this drive (yymm xxxxxx), where:
• yy Year (last 2 digits)
• mm Month (2 digits)
• xxxxxx: Serial number of this drive
RAID Level RAID level of the parity group indicated by "ECC Group"
Blank if the "ECC Group" is Spare Drive or Free Drive

RAID Concatenation #0 Number of parity group to be concatenated to parity group (#0) identified by "ECC
Group"1
Group"1
Group"1
Resource Group ID (ECC Resource group ID of parity group (0 to 1023, decimal number)
Group)
Resource Group Name (ECC Resource group name of parity group
Group)
Encryption Encryption status of the parity group to which the PDEV belongs
• Enabled: Encryption enabled
• Disabled: Encryption disabled
Accelerated Compression Accelerated compression setting.
• Enabled: accelerated compression is enabled.
• Disabled: accelerated compression is disabled.
If the parity group with PDEV does not support accelerated compression, or if the ECC
Group is Spare Drive, a blank space is displayed.
Notes:
1. Blank if the parity group is not concatenated to another parity group or is Spare Drive.
PdevStatus.csv
This CSV file contains information about the status of physical devices
(PDEVs). A record is created for each PDEV.

Table 47 PdevStatus.csv file (Title: <<PDEV Status>>)
Item Content

• XX: C#
• YY: R#
Pdev Status PDEV status1
Port0 Status Status of Port 0 on this PDEV1
Port1 Status Status of Port 1 on this PDEV1
Pdev Location Location name of this PDEV
Notes:
PECBInfo.csv
This CSV file contains information about the PECB (PCIe channel board) and
connecting destination for VSP G800 or VSP F800.
For all other VSP Gx00 models or VSP Fx00 models, hyphens are displayed
for all contents.
Table 48 PECBInfo.csv file (Title: <<PECB Information>>)
Item Content
Location PECB location name
Status Whether the PECB is installed

• Installed
• Not Installed
Type Destination module type of the PECB

• CHBB
Expansion mode Expansion mode set in the destination module of the PECB
• 1:2
PkInfo.csv
This CSV file contains information about channel boards (CHBs). A record is
created for each CHB.
Table 49 PkInfo.csv file (Title: <<PK>>)
Item Content
CHB Location CHB name
CHB-1A/1B/1C/1D or CHB-2A/2B/2C/2D if "Package Type" is NAS module.

Port# Number of the port installed on the CHB (2-digit hexadecimal number)

Item Content
Port Name of port installed on the CHB
Package Type CHB type indicated on the CHB Location

• NAS module: NAS module (CHB)
SFP Kind SFP (Small Form factor Pluggable) Kind
• Short Wave
• Long Wave
• Blank if "Package Type" is 10iSCSI2c (CHB) or NAS module (CHB).
SFP Status SFP Status:
• Normal
• Failed
• Not Fix
• Blank if "Package Type" is 10iSCSI2c (CHB) or NAS module (CHB).
Fabric One of the Fibre topology settings indicating the setting status of the Fabric switch:
• On
• Off
• Blank if "Package Type" is iSCSI or NAS module.
Connection One of the Fibre topology settings
• Point to Point
• FC-AL
• Blank if "Package Type" is iSCSI or NAS module.
Port Address Port address (00 to ff, 2-digit hexadecimal number)
Blank if "Package Type" is iSCSI or NAS module.

Resource Group ID (Port) Resource group ID of port (0 to 1023, decimal number)
Resource Group Name (Port) Resource group name of the port.
Port Internal WWN Port WWN
Blank if "Package Type" is iSCSI or NAS module.

• Enabled
• Disabled
PpInfo.csv
This CSV file contains information about the software. A record is created for
each software product.
For details about the license key, see License keys on page 149.
Table 50 PpInfo.csv file (Title: <<PP Information>>)
Item Content
Program Product Name Software name.

Install Information about whether the installed license key is enabled or not
• Enabled: Installed and the software can be used

Item Content
• Disabled: Installed but the software cannot be used

Key Type Installed license key type
• Permanent
• Temporary
• Emergency
• Term
If no license key is installed, "Not Installed" is output.

Permitted Volumes(TB) Permitted volume capacity for this software (in TB)
If no upper limit value is set for the capacity, "Unlimited" is output.

Expiration Date Expiration date of the software.
The format is mm/dd/yyyy (Month/Day/Year).

Status License key status of the software
• Installed
• Not Enough License
• Grace Period
• Expired
• Not Installed
• Installed (Disabled)
SMfundat.csv
This CSV file contains information about SM functions. A record is created for
each of the classifications shown in "SM Install Function".
Table 51 SMfundat.csv file (Title: <<SM Install function>>)
Item Content
SM Install function The following classifications are output for VSP G200:
1. Base
2. Extension 1
3. Extension 2
The following classifications are output for VSP G400, G600, G800 or VSP F400, F600,
F800:
1. Base
2. Extension1
3. Extension2
4. Extension3
5. Extension4
Availability Information about whether the function of "SM Install function" is enabled
• Enabled
• Disabled
SsdDriveInfo.csv
This CSV file contains information about SSDs. A record is created for each
SSD.

Table 52 SsdDriveInfo.csv file (Title: <<SSD Drive Status>>)
Item Content
ECC Group Number of the parity group of which this SSD is a component.
• Spare Drive: The SSD is a spare drive.
• Free Drive: The SSD is a free drive.

• XX: C#
• YY: R#
PDEV Location Drive type code of the PDEV location name for this drive
Device Type-Code Drive type code
Output example: SLR5A-M800SS

Device Capacity Drive capacity in GB or TB
SSD Device Type SSD drive type
• MLC
• FMC
• FMD
Used Endurance Indicator SSD life (0 to 100)
(%)
Used Endurance Indicator SSD life threshold (0 to 100)
Threshold (%)
Used Endurance Indicator Warning SIM threshold (0 to 100)
Warning SIM (%)
FMD Battery Life Indicator Threshold of battery life warning SIM (0 to 100)
Warning SIM (%)
Blank if SSD is other than FMD
FMD Battery Life Indicator Used battery life (0 to 100)
(%)
Blank if SSD is other than FMD
SsidInfo.csv
This CSV file contains information about SSIDs. A record is created for each
SSID.
Table 53 SsidInfo.csv file (Title: <<Subsystem ID >>)
Item Content
DEV# Start First LDEV number for the SSID

DEV# End Last LDEV number for the SSID
SSID Subsystem ID (hexadecimal)
SysoptInfo.csv
This CSV file contains information about system options.

Table 54 Sysoptinfo.csv file (Title: <<System Option Information>>)
Item Content
Spare Disk Recover Speed of copying data to the spare drive.

• Interleave mode
• Full Speed mode
Dynamic Sparing Information about whether to perform automatic copy to a spare drive if the
occurrences of drive failures exceed the threshold.
• On
• Off
Correction Copy Information about whether to perform correction copy to a spare drive if a drive is
blocked.
• On
• Off
Disk Copy pace Speed of copying the spare drive in the Interleave mode.
• Faster
• Medium
• Slower
System Option On System options that are set to ON.
Output example: modeXXXX (0 to 2047, decimal number)

Link Failure Threshold Threshold to notify the link failure (0 to 255, decimal)
WwnInfo.csv
This CSV file contains information about hosts. A record is created for each
host.
For details about the host setting, see the Provisioning Guide for Hitachi
Virtual Storage Platform Gx00 and Fx00 Models.
Table 55 WwnInfo.csv file (Title: <<World Wide Name Information>>)
Item Content
Port Port name.

iSCSI target alias is output if the "Package Type" is iSCSI.

Host Mode Host mode that is set for the host group (0 to 127, hexadecimal)
Host Mode Option Host mode option that is set for the host group (decimal)
Multiple options are separated by semicolons (;)

WWN World Wide Name of the host bus adapter registered to the host group (hexadecimal
number)
Blank if the "Package Type" is iSCSI or NAS module.

Nickname Nickname of the host
Blank if the "Package Type" is iSCSI or NAS module.

Host Group# Host group number (00 to ff, hexadecimal)

Item Content
iSCSI target ID will be output if the "Package Type" is iSCSI.

CHB Location Name of port installed on the CHB
CHB-1A/1B/1C/1D or CHB-2A/2B/2C/2D if "Package Type" is NAS module.

Package Type CHB type indicated on the CHB Location
• NAS module: NAS module (CHB)
• Enabled
• Disabled

Glossary
#
2DC
two-data-center. Refers to the local and remote sites, or data centers, in
which TrueCopy (TC) and Universal Replicator (UR) combine to form a
remote replication configuration.
In a 2DC configuration, data is copied from a TC primary volume at the

local site to the UR master journal volume at an intermediate site, then
replicated to the UR secondary volume at the remote site. Since this
configuration side-steps the TC secondary volume at the intermediate
site, the intermediate site is not considered a data center.
3DC
three-data-center. Refers to the local, intermediate, and remote sites, or
data centers, in which TrueCopy and Universal Replicator combine to form
a remote replication configuration.
In a 3DC configuration, data is copied from a local site to an intermediate

site and then to a remote site (3DC cascade configuration), or from a
local site to two separate remote sites (3DC multi-target configuration).
A
array
See disk array
audit log
Files that store a history of the operations performed from Device
Manager - Storage Navigator and the commands that the storage system
received from hosts, and data encryption operations.
Glossary 255
B
back-end director (BED)
The hardware component that controls the transfer of data between the
drives and cache. A BED feature consists of a pair of boards. A BED is also
referred to as a disk board (DKB).
BED
See back-end director.
bind mode
In bind mode the Cache Residency Manager extents are used to hold read
and write data for specific extent(s) on volume(s). Data written to the
Cache Residency Manager bind area is not destaged to the drives. For
bind mode, all targeted read and write data is transferred at host data
transfer speed.
blade
A computer module, generally a single circuit board, used mostly in
servers.
C
cache logical partition (CLPR)
Consists of virtual cache memory that is set up to be allocated to different
hosts in contention for cache memory.
capacity
The amount of data storage space available on a physical storage device,
usually measured in bytes (MB, GB, TB, and so on).
CCI
Command Control Interface
CHAP
challenge handshake authentication protocol
CLPR
See cache logical partition (CLPR).
256 Glossary
cluster
Multiple-storage servers working together to respond to multiple read and
write requests.
command device
A dedicated logical volume used only by Command Control Interface and
Business Continuity Manager to interface with the storage system. Can be
shared by several hosts.
controller
The component in a storage system that manages all storage functions. It
is analogous to a computer and contains a processors, I/O devices, RAM,
power supplies, cooling fans, and other sub-components as needed to
support the operation of the storage system.
copy pair
A pair of volumes in which one volume contains original data and the
other volume contains the copy of the original. Copy operations can be
synchronous or asynchronous, and the volumes of the copy pair can be
located in the same storage system (local copy) or in different storage
systems (remote copy).
A copy pair can also be called a volume pair, or just pair. A pair created by
Compatible FlashCopy® is called a relationship.
copy-on-write (COW)
Point-in-time snapshot copy of any data volume within a storage system.
Copy-on-write snapshots only store changed data blocks, therefore the
amount of storage capacity required for each copy is substantially smaller
than the source volume.
COW
See copy-on-write (COW).
COW Snapshot
Hitachi Copy-on-Write Snapshot
custom volume (CV)

A custom-size volume whose size is defined by the user using Virtual LVI/
Virtual LUN.
Glossary 257
CV
See custom volume.
CVS
custom volume size
CXFS
clustered version of XFS file system
D
data drive
A physical data storage device that can be either a hard disk drive (HDD)
or a flash drive (also called a solid-state device).
DBV
Hitachi Database Validator
DC
data center
delta resync
A disaster recovery solution in which TrueCopy and Universal Replicator
systems are configured to provide a quick recovery using only differential
data stored at an intermediate site.
device
A physical or logical unit with a specific function.
device emulation
Indicates the type of logical volume. Mainframe device emulation types
provide logical volumes of fixed size, called logical volume images (LVIs),
which contain EBCDIC data in CKD format. Typical mainframe device
emulation types include 3390-9 and 3390-M. Open-systems device
emulation types provide logical volumes of variable size, called logical
units (LUs), that contain ASCII data in FBA format. The typical open-
systems device emulation type is OPEN-V.
disaster recovery
A set of procedures to recover critical application data and processing
after a disaster or other failure.
258 Glossary
disk array
Disk array, or just array, is a complete storage system, including the
control and logic devices, storage devices (HDD, SSD), connecting cables,
and racks
disk controller (DKC)

The hardware component that manages front-end and back-end storage
operations. The term DKC can refer to the entire storage system or to the
controller components.
DKC
See disk controller (DKC).
DKCMAIN
disk controller main. Refers to the software for the storage system.
DKU
disk unit. Refers to the cabinet (floor model) or rack-mounted hardware
component that contains data drives and no controller components.
dump
A collection of data that is saved to a file when an error or crash occurs.
The data is used by support personnel to determine the cause of the error
or crash.
Dump tool
Downloads Device Manager - Storage Navigator configuration information
onto recording media for backup and troubleshooting purposes.
E
emulation
The operation of a storage system to emulate the characteristics of a
different storage system. For device emulation, the mainframe host
recognizes the logical devices on the storage system as 3390-x devices.
For controller emulation, the mainframe host recognizes the control units
(CUs) on the storage system as 2105 or 2107 controllers.
The storage system operates the same as the storage system being
emulated.
emulation group
A set of device emulation types that can be intermixed within a RAID
group and treated as a group.
Glossary 259
external application
A software module that is used by a storage system but runs on a
separate platform.
external volume
A logical volume whose data resides on drives that are physically located
outside the Hitachi storage system.
F
FC
Fibre Channel; FlashCopy
FC-AL
fibre-channel arbitrated loop
FCP
fibre-channel protocol
FCSP
fibre-channel security protocol
FICON
Fibre Connectivity
flash drive
A data drive that uses a solid-state memory device instead of a rotating
hard disk.
flash module
A high speed data storage device that includes a custom flash controller
and several flash memory sub-modules on a single PCB.
FMD
See flash module
H
HBA
host bus adapter
260 Glossary
HDD
hard disk drive
HDT
Hitachi Dynamic Tiering
HDU
hard disk unit
head LDEV
See top LDEV.
host group
A group of hosts of the same operating system platform.
host mode
Operational modes that provide enhanced compatibility with supported
host platforms. Used with fibre-channel ports on RAID storage systems.
host mode option

Additional options for fibre-channel ports on RAID storage systems.
Provide enhanced functionality for host software and middleware.
HP XP7 CVAE
HP XP7 Command View Advanced Edition - a set of software applications
included in the system firmware. Via the GUI, they are used to configure,
control, and monitor the storage system.
I
in-system replication
The original data volume and its copy are located in the same storage
system. ShadowImage in-system replication provides duplication of
logical volumes; Thin Image in-system replication provides "snapshots" of
logical volumes that are stored and managed as virtual volumes (V-
VOLs).
See also remote replication.
initiator
An attribute of the port that is connected to the port with RCU target
attribute.
Glossary 261
internal volume
A logical volume whose data resides on drives that are physically located
within the storage system. See also external volume.
J
JNL
journal
journal volume
A volume that records and stores a log of all events that take place in
another volume. In the event of a system crash, the journal volume logs
are used to restore lost data and maintain data integrity.
In Universal Replicator, differential data is held in journal volumes on until

it is copied to the S-VOL.
JRE
Java Runtime Environment
K
key management server
A server that manages encryption keys. Encryption keys can be backed
up to, and restored from, a key management server that complies with
the Key Management Interoperability Protocol (KMIP).
keypair
Two mathematically-related cryptographic keys: a private key and its
associated public key.
L
LBA
logical block address
LCP
local control port; link control processor
LD
local directory; logical device
262 Glossary
LDAP
lightweight directory access protocol
LDEV
logical device
LDKC
See logical disk controller (LDKC).
LDM
Logical Disk Manager
license key
A specific set of characters that unlocks an application and allows it to be
used.
local control port (LCP)

A serial-channel (ESCON) port configured to receive I/Os from a host or
remote I/Os from a TrueCopy main control unit (MCU).
local copy
See in-system replication.
local storage system

A storage system connected to the management client.
logical device (LDEV)

An individual logical data volume (on multiple drives in a RAID
configuration) in the storage system. An LDEV may or may not contain
any data and may or may not be defined to any hosts. Each LDEV has a
unique identifier or "address" within the storage system composed of the
logical disk controller (LDKC) number, control unit (CU) number, and LDEV
number. The LDEV IDs within a storage system do not change.An LDEV
formatted for use by mainframe hosts is called a logical volume image
(LVI). An LDEV formatted for use by open-system hosts is called a logical
unit (LU).
logical disk controller (LDKC)

A group of 255 control unit (CU) images in the RAID storage system that
is controlled by a virtual (logical) storage system within the single
Glossary 263
physical storage system. For example, the Hitachi Universal Storage
Platform V storage system supports two LDKCs, LDKC 00 and LDKC 01.
logical partition (LPAR)

A subset of a system's hardware resources that is virtualized as a
separate system. For a storage system, logical partitioning can be applied
to cache memory and/or storage capacity.
logical unit (LU)

A logical volume that is configured for use by open-systems hosts (for
example, OPEN-V).
logical unit (LU) path

The path between an open-systems host and a logical unit.
logical volume (LV)

See volume.
logical volume image (LVI)

A logical volume that is configured for use by mainframe hosts (for
example, 3390-9).
LU
See logical unit (LU).
LUN
See logical unit number
LUN volume
A custom-size volume whose size is defined by the user using Virtual LUN.
Also called a custom volume (CV).
LV
logical volume
LVI
See logical volume image.
264 Glossary
M
MF, M/F
mainframe
modify mode
The mode of operation of Device Manager - Storage Navigator that allows
changes to the storage system configuration. See also view mode.
O
OPEN-V
A logical unit (LU) of user-defined size that is formatted for use by open-
systems hosts.
OPEN-x
A logical unit (LU) of fixed size (for example, OPEN-3 or OPEN-9) that is
used primarily for sharing data between mainframe and open-systems
hosts using Hitachi Cross-OS File Exchange.
P
P-VOL
This term is used only in the earlier version of the Device Manager -
Storage Navigator GUI (still in use) for the primary volume. See primary
volume.
pair
Two logical volumes in a replication relationship in which one volume
contains original data to be copied and the other volume contains the
copy of the original data. The copy operations can be synchronous or
asynchronous, and the pair volumes can be located in the same storage
system (in-system replication) or in different storage systems (remote
replication).
parity group
See RAID group.
PAV
Hitachi Compatible PAV
Glossary 265
PCB
printed circuit board
PDEV
physical device
PG
parity group. See RAID group.
physical device
See device.
pool
A set of volumes that are reserved for storing pool volumes (pool-VOL),
and used by Thin Image, Dynamic Provisioning, Dynamic Tiering, or
active flash data.
pool volume (pool-VOL)

A logical volume that is reserved for storing snapshot data for Thin Image
operations or write data for Dynamic Provisioning, Dynamic Tiering, or
active flash.
port attribute
Indicates the type of fibre-channel port: target, RCU target, or initiator.
primary volume (P-VOL)

The volume in a copy pair that contains the original data to be replicated.
The data on the P-VOL is duplicated synchronously or asynchronously on
the secondary volume (S-VOL).
The following Hitachi products use the term P-VOL: Thin Image, Copy-on-
Write Snapshot, ShadowImage, TrueCopy, Universal Replicator, Universal
Replicator for Mainframe, and High Availability Manager.
See also secondary volume.
prio
priority mode. Used in Cache Residency Manager.
266 Glossary
Q
quick format
The quick format feature in Virtual LVI/Virtual LUN in which the formatting
of the internal volumes is done in the background. This allows system
configuration (such as defining a path or creating a TrueCopy pair) before
the formatting is completed. To execute quick formatting, the volumes
must be in blocked status.
quick restore
A reverse resynchronization in which no data is actually copied: the
primary and secondary volumes are swapped.
R
RAID
redundant array of inexpensive disks
RAID group
A set of RAID disks that have the same capacity and are treated as one
group for data storage and recovery. A RAID group contains both user
data and parity information. This allows user data to be accessed in the
event that one or more of the drives within the RAID group are not
available. The RAID level of a RAID group determines the number of data
drives and parity drives and how the data is "striped" across the drives.
For RAID1, user data is duplicated within the RAID group, so there is no
parity data for RAID1 RAID groups.
A RAID group can also be called an array group or a parity group.
RAID level
The type of RAID implementation. RAID levels include RAID0, RAID1,
RAID2, RAID3, RAID4, RAID5 and RAID6.
RCU
See remote control unit.
RCU target port

A fibre-channel port that is configured to receive remote I/Os from an
initiator port on another storage system.
Glossary 267
remote control unit (RCU)
A storage system at a secondary or remote site that is configured to
receive remote I/Os from one or more storage systems at the primary or
main site.
remote copy
See remote replication.
resync
resynchronize.
RMI
Remote Method Invocation
S
S-VOL
See secondary volume or source volume. When used for "secondary
volume", "S-VOL" is only seen in the earlier version of the Device
Manager - Storage Navigator GUI (still in use).
SAS
serial-attached SCSI
secondary volume (S-VOL)

The volume in a copy pair that is the copy of the original data on the
primary volume (P-VOL). The following Hitachi products use the term
"secondary volume": Thin Image, Copy-on-Write Snapshot,
ShadowImage, TrueCopy, Universal Replicator, Universal Replicator for
Mainframe, and High Availability Manager.
See also primary volume.
service information message (SIM)

Messages generated by a RAID storage system when it detects an error or
service requirement. SIMs are reported to hosts and displayed on Device
service processor
The computer in a Hitachi Virtual Storage Platform G1000 storage system
that hosts the Device Manager - Storage Navigator software and is used
to configure and maintain the storage system.
268 Glossary
severity level
Applies to service information messages (SIMs) and Device Manager -
Storage Navigator error codes.
SFP
small form-factor pluggable
shared memory
Memory that exists logically in the cache. It stores common information
about the storage system and the cache management information
(directory). The storage system uses this information to control exclusions
and differential table information. Shared memory is managed in two
segments and is used when copy pairs are created.
In the event of a power failure, the shared memory is kept alive by the
cache memory batteries while the data is copied to the cache flash
memory (SSDs).
shredding
See volume shredding.
SIM
See service information message.
size
Generally refers to the storage capacity of a memory module or cache.
Not usually used for storage of data on disk or flash drives.
SM
shared memory
SMTP
simple mail transfer protocol
snapshot
A point-in-time virtual copy of a Hitachi Thin Image primary volume (P-
VOL). The snapshot is maintained when the P-VOL is updated by storing
pre-updated data (snapshot data) in a data pool.
SNMP
See Simple Network Management Protocol.
Glossary 269
SOM
See system option mode.
source volume (S-VOL)

Used only in the earlier version of the Device Manager - Storage
Navigator GUI (still in use). This is the volume in a mainframe copy pair
containing the original data that is duplicated on the target volume (T-
VOL). The following Hitachi products use the term source volume:
ShadowImage for Mainframe, Dataset Replication, and Compatible
FlashCopy®.
In the current version of the GUI, "target volume" and "T-VOL" are
replaced with "primary volume".
See also source volume.
space
Generally refers to the data storage capacity of a disk drive or flash drive.
SRM
Storage Replication Manager
SSD
solid-state drive. Also called flash drive.
SSID
See storage subsystem identifier.
SSL
secure socket layer
storage cluster
See cluster.
storage tiers
See tiered storage.
SVP
See service processor.
SVS
Storage Virtualization System
270 Glossary
SW, sw
short wavelength, software
syslog
The file on the SVP that includes both syslog and audit log information,
such as the date and time.
system disk
The volume from which an open-systems host boots.
system option mode (SOM)

Additional operational parameters for the RAID storage systems that
enable the storage system to be tailored to unique customer operating
requirements. SOMs are set on the service processor.
T
T-VOL
See target volume.
target
An attribute of the port that is connected to the host.
target port
A fibre-channel port that is configured to receive and process host I/Os.
target volume (T-VOL)

The volume in a mainframe copy pair that is the copy of the original data
on the source volume (S-VOL). The term is used only in the earlier
version of the Device Manager - Storage Navigator GUI (still in use), for
the following Hitachi products: ShadowImage for Mainframe, Dataset
Replication, and Compatible FlashCopy® V2.
See also source volume.
TC
Hitachi TrueCopy
TI
See Thin Image.
Glossary 271
tiered storage
A layered structure of performance levels, or tiers, that matches data
access requirements with the appropriate performance tiers. The tiers
are:
Tier 1: Static content. Tier 1 is fully supported computing expected to be

production quality.
Tier 2: Application logic. Tier 2 platforms are not supported by the

security officer and release engineering teams. Tier 2 systems are
targeted for Tier 1 support, but are still under development.
Tier 3: Database. Tier 3 platforms are architectures for which hardware is

not or will not be available or that are considered legacy systems unlikely
to see broad future use.
Tier 4 systems are not supported.
total capacity
The aggregate amount of storage space in a data storage system.
TPF
Transaction Processing Facility
V
V-VOL
virtual volume
VDEV
See virtual device.
view mode
The mode of operation of Device Manager - Storage Navigator that allows
viewing only of the storage system configuration. The two Device
Manager - Storage Navigator modes are view mode and modify mode.
virtual device (VDEV)

A group of logical devices (LDEVs) in a RAID group. A VDEV typically
consists of some fixed volumes (FVs) and some free space. The number
of fixed volumes is determined by the RAID level and device emulation
type.
272 Glossary
virtual volume (V-VOL)
A logical volume in a storage system. A V-VOL has no physical storage
space.
Thin Image uses V-VOLs as secondary volumes of copy pairs.
In Dynamic Provisioning, Dynamic Tiering, and active flash, V-VOLs are

called DP-VOLs.
VLUN
Hitachi Virtual LUN
VM
volume migration; volume manager
volume (VOL or vol)

A logical device (LDEV), or a set of concatenated LDEVs in the case of
LUSE, that has been defined to one or more hosts as a single data storage
unit. An open-systems volume is called a logical unit (LU), and a
mainframe volume is called a logical volume image (LVI).
volume shredding
Deleting the user data on a volume by overwriting all data in the volume
with dummy data.
Glossary 273
274 Glossary
Index
A certificates
accessing a storage system obtaining 56
without the management software 21 certificates, obtaining 56
account changing 34, 43
release lock 88 changing a user’s password 85
Active Directory authentication 122 Changing assigned resource groups 95
adding changing permissions 86
RADIUS servers 132 changing the date and time 33
adding SVP to trusted zone 32 controller settings 33
administration SVP clock 34
tasks 16 Channel Boards report 204
tools 16 cipher suite 38
administrator password 37 client computer
Adobe Flash 29 UNIX requirements 26
Alert notifications 137–139 Windows requirements 25
configuring 138 Configuration files
email 140 creating 100
SNMP 142 configuring Active Directory groups 126
Syslog 140 configuring active directory servers 123
audit log creating
exporting 161 user accounts 82
Audit logs Creating a keypair 54
settings 160 creating a report 45, 165
authentication server 96 creating a user account 93
Authentication server CSV files 216
protocols 97
authentication servers 99
Authentication servers 98 D
authorization server 96 Data Retention Utility license
authorization servers 99 removal 156
Authorization servers date 34
requirements 98 deleting a report 165
deleting a user account 88
Device Manager - Storage Navigator 19
B Device Manager- Storage Navigator
backing up user accounts 78 client setup for 25
built-in groups 90 disabling a user account 87
built-in user 30 disabling user accounts 71
displaying
RADIUS servers 134
displaying RADIUS servers 131
C DKU 220, 226
Cache Memories report 202 Dump files
certificate files 40 collecting 166
Index 275
F LUNs report 187
Firefox
configuring 28
firewall setup 27, 36 M
force release system lock 42 maintenance utility 18
management client
setup 25
G management software architecture 16
general 139 modules 34
MP Unit Details report 189
MP Units report 188
H
HCS certificates 60
deleting 61 N
registering 61 NAS 34
HduInfo.csv 232 NAS Manager 20
HDvM - SN configuration files network communication settings 36
restoring 64 Network permissions 36
HDvM SN configuration files Network settings 35
backing up 63
Hosts report 185
HTTP communication to SVP 62 P
blocking 62 Parity Groups report 190, 197
password
allowable characters and symbols 82
I changing a user’s 85
Internet Explorer passwords
configuring 28 changing 114
IPv6, configuring communications 36 permissions, changing 86
Physical Devices report 191
Physical View report 208
PKCS#12 format 58
K Ports report 193
Kerberos configuration file 106 Power Consumption report 194
primary SVP 43
L
LDAP configuration file 100 R
license capacities RADIUS configuration file 103
unlicensed software 152 RADIUS server
license keys adding 132
expiration 158 RADIUS server, accessing 98
overview 150 RADIUS servers
permanent 150 displaying 131, 134
term 151 raidinf add relocationlog 176
types 150 raidinf add report 172
viewing information 157 raidinf delete relocationlog 178
License keys 149 raidinf delete report 173, 174, 179, 180
disabling 155 raidinf download relocationlog 177
emergency 151 raidinf get relocationloginfo 178
enabling 155 raidinf get reportinfo 175
installing 155 releasing 62
managing 152, 153 removing user accounts 75
removing a software license 156 Report Configuration Tool Command Reference
temporary 151 169
logging in 30 Report Viewer window 165
Logical Devices report 186 reports
login message 37 Cache Memories 202
276 Index
Channel Boards 204 Storage System Summary report 198
CHAP Users 182 SVP
Disk Boards 183 host name 43
downloading 164 SVP, adding to trusted sites 32
Host Groups 184 Syslog server
Hosts 185 send test message 162
iSCSI Targets 184 setup 160
Logical Devices 186 system 34
LUNs 187 System administration overview 15
MP Unit Details 189 system architecture 16
MP Units 188 System configuration 23
Parity Groups 190, 197 system lock 42
Physical Devices 191
Physical View 208
Ports 193
T
power consumption 194
Test messages 142
Spare Drives 196
email 143
Storage System Summary 198
SNMP 144
table view 182
Syslog 143
requirements
There is a problem with this website's security
management clients 25
certificate 60
resetting passwords 114
time 34
resource groups 90
Resource groups
changing 95
restoring user account information 78 U
roles 68, 90 UNIX
Roles 89 requirements 26
user accounts
creating 82, 93
deleting 88
S
disabling 87
Security certificates 60
managing 81
self-signed certificate 56
user administration 68, 80
Servers
overview 80
connecting authentication and authorization
user groups
servers 99
deleting 95
setting up management client 25
managing 89
setting up user accounts 69
names 94
signed certificates 56
roles 89, 90, 92
updating 58
User groups
Signed certificates 56
permissions 94
notes 59
returning to default 59
signed private key 56
signed public key 56 V
Spare Drives report 196 viewing a report 164
SsdDriveInfo.csv 251
SSdDriveInfo.csv 250
SSL certificate passphrase 57 W
SSL certificates 53
web browser
converting 58
configuring Firefox 28
SSL communication settings 53
configuring Internet Explorer 28
SSL-encrypted communications
Web browser
creating a private keypair 54
configuring 27
creating a public key 55
Windows requirements 25
Storage Navigator
creating a user account 93
storage system information 43
Storage system reports 164
Index 277
278 Index
Hitachi Data Systems
Corporate Headquarters
2845 Lafayette Street
Santa Clara, California 95050-2639
U.S.A.
www.hds.com
Regional Contact Information
Americas
+1 408 970 1000
[email protected]
Europe, Middle East, and Africa

+44 (0) 1753 618000
[email protected]
Asia Pacific
+852 3189 7900
[email protected]
MK-94HM8016-05
June 2016

Hitachi Command Suite

Uploaded by

Document Informationclick to expand document informationHCS installation

Document Informationclick to expand document information

Copyright:

Available Formats

Hitachi Command Suite

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Hitachi Command Suite

Uploaded by

Copyright:

Available Formats

System Administrator Guide

Hitachi Virtual Storage Platform G200, G400, G600, G800

1 System administration overview....................................................... 15

4 Alert notifications.......................................................................... 137

5 License keys................................................................................. 149

7 Managing storage system reports................................................... 163

A Raidinf command reference (obtaining configuration reports and tier

B Storage configuration reports......................................................... 181

□ Changes in this revision

□ Conventions for storage capacity values

□ Accessing product documentation

Readers of this document should be familiar with the following:

Changes in this revision

• Hitachi Virtual All of the following storage systems:

• Hitachi Virtual All of the following storage systems:

This document uses the following typographic conventions:

< > angle brackets Indicates variables in the following scenarios:

[ a | b ] indicates that you can choose a, b, or nothing.

{ a | b } indicates that you must choose either a or b.

This document uses the following icons to draw attention to information:

Icon Label Description

Note Calls attention to important or additional information.

Tip Provides helpful information, guidelines, or suggestions for performing

Caution Warns the user of adverse conditions and/or consequences (for

Conventions for storage capacity values

1 kilobyte (KB) 1,000 (10 3) bytes

Logical capacity unit Value

1 block 512 bytes

Accessing product documentation

Hitachi Data Systems Community is a global online community for HDS

□ System management architecture

□ Administration tasks and tools

□ Device Manager - Storage Navigator

□ Accessing a storage system without the management software

System administration overview 15

Administration tasks and tools

16 System administration overview

For access information from the management software, see the

• Storage Subsystem Administration Guide

Storage systems without

• Set system clock (date Device Manager - Storage NAS Manager

• Configure audit log Device Manager - Storage

See Audit log settings on

• Configure alert Device Manager - Storage

See Alert notifications on

• Changing link See the Network Admin

System administration overview 17

• Change administrator Maintenance utility NAS Manager

• User administration - Device Manager - Storage NAS Manager

• Register the service Device Manager - Storage

• Manage HDvM - SN Device Manager - Storage

• Installing licenses Maintenance utility NAS Manager

18 System administration overview

Device Manager - Storage Navigator

System administration overview 19

Device Manager - Storage Navigator online help provides procedural

20 System administration overview

Accessing a storage system without the management