manuals.plus
Hitachi
Hitachi Virtual Storage Platform 5000 Series System Administrator Guide
System Administrator Guide for Hitachi models including: Hitachi, Virtual Storage Platform, VSP 5000 Series, SVOS RF 9.8.6, System Administrator Guide, Hitachi Device Manager, Storage Navigator, HDvM - SN, storage system, user accounts, permissions, GUI, configuration, security, licenses, troubleshooting
System Guide for VSP 5000 Series This document provides information and instructions to help you set up Hitachi Device Manager - Storage Navigator for your storage system and manage user accounts and permissions. It explains the GUI features and provides basic navigation information. Hitachi Vantara LLC
SVOS RF v9 8 6 System Admin Guide for VSP 5000 MK-98RD9009-14 ; size=6564440 Hitachi Virtual Storage Platform 5000 Series
SVOS RF 9.8.6
System Administrator Guide
This document provides information and instructions to help you set up Hitachi Device Manager - Storage Navigator for your storage system and manage user accounts and permissions. It explains the GUI features and provides basic navigation information.
MK-98RD9009-14 April 2023
�© 2019, 2023 Hitachi, Ltd. All rights reserved.
No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including copying and recording, or stored in a database or retrieval system for commercial purposes without the express written permission of Hitachi, Ltd., or Hitachi Vantara LLC (collectively "Hitachi"). Licensee may make copies of the Materials provided that any such copy is: (i) created as an essential step in utilization of the Software as licensed and is used in no other manner; or (ii) used for archival purposes. Licensee may not make any other copies of the Materials. "Materials" mean text, data, photographs, graphics, audio, video and documents.
Hitachi reserves the right to make changes to this Material at any time without notice and assumes no responsibility for its use. The Materials contain the most current information available at the time of publication.
Some of the features described in the Materials might not be currently available. Refer to the most recent product announcement for information about feature and product availability, or contact Hitachi Vantara LLC at https://support.hitachivantara.com/en_us/contact-us.html.
Notice: Hitachi products and services can be ordered only under the terms and conditions of the applicable Hitachi agreements. The use of Hitachi products is governed by the terms of your agreements with Hitachi Vantara LLC.
By using this software, you agree that you are responsible for:
1. Acquiring the relevant consents as may be required under local privacy laws or otherwise from authorized employees and other individuals; and
2. Verifying that your data continues to be held, retrieved, deleted, or otherwise processed in accordance with relevant laws.
Notice on Export Controls. The technical data and technology inherent in this Document may be subject to U.S. export control laws, including the U.S. Export Administration Act and its associated regulations, and may be subject to export or import regulations in other countries. Reader agrees to comply strictly with all such regulations and acknowledges that Reader has the responsibility to obtain licenses to export, re-export, or import the Document and any Compliant Products.
Hitachi and Lumada are trademarks or registered trademarks of Hitachi, Ltd., in the United States and other countries.
AIX, AS/400e, DB2, Domino, DS6000, DS8000, Enterprise Storage Server, eServer, FICON, FlashCopy, GDPS, HyperSwap, IBM, Lotus, MVS, OS/ 390, PowerHA, PowerPC, RS/6000, S/390, System z9, System z10, Tivoli, z/OS, z9, z10, z13, z14, z15, z16, z/VM, and z/VSE are registered trademarks or trademarks of International Business Machines Corporation.
Active Directory, ActiveX, Bing, Excel, Hyper-V, Internet Explorer, the Internet Explorer logo, Microsoft, Microsoft Edge, the Microsoft corporate logo, the Microsoft Edge logo, MS-DOS, Outlook, PowerPoint, SharePoint, Silverlight, SmartScreen, SQL Server, Visual Basic, Visual C++, Visual Studio, Windows, the Windows logo, Windows Azure, Windows PowerShell, Windows Server, the Windows start button, and Windows Vista are registered trademarks or trademarks of Microsoft Corporation. Microsoft product screen shots are reprinted with permission from Microsoft Corporation.
All other trademarks, service marks, and company names in this document or website are properties of their respective owners.
Copyright and license information for third-party and open source software used in Hitachi Vantara products can be found in the product documentation, at https://www.hitachivantara.com/en-us/company/legal.html or https://knowledge.hitachivantara.com/Documents/ Open_Source_Software.
System Administrator Guide for VSP 5000 Series
2
�Contents
Preface....................................................................................................15
Intended audience............................................................................................. 15 Product version..................................................................................................15 Release notes....................................................................................................15 Changes in this revision.....................................................................................16 Document conventions...................................................................................... 16 Conventions for storage capacity values........................................................... 17 Accessing product documentation.....................................................................18 Getting help........................................................................................................18 Comments..........................................................................................................19
Chapter 1: Initial setup of the management client...................................20
Workflow for setting up the management client................................................. 20 Requirements for management clients.............................................................. 20
General requirements...................................................................................21 Requirements for Windows-based management clients.............................. 21 Requirements for UNIX/Linux-based management clients.......................... 23 Configuring the network settings on the management client............................. 24 Setting up TCP/IP for a firewall.................................................................... 25 Setting up IPv4/IPv6 communications..........................................................26
Configuring IPv6 communication in Windows 7...................................... 26 Configuring IPv6 communication in Solaris 10....................................... 27 Registering the SVP host name................................................................... 27 Adding your SVP to the trusted sites zone for Windows Server computers.....................................................................................................28 Configuring the web browser on the management client...................................29 Enabling JavaScript for Windows................................................................. 29 Installing Storage Device Launcher on the management client.........................30 Configuring the management client for the HDvM - SN secondary window...... 32 Installing and configuring JRE......................................................................34 Using Web Console Launcher to enable the secondary window (Java 11 or later)......................................................................................................... 34 Verifying the SVP server certificate.........................................................35 Registering a certificate on the HDvM - SN management client (Windows)............................................................................................... 37
Contents
System Administrator Guide for VSP 5000 Series
3
�Viewing a certificate on the HDvM - SN management client (Windows)............................................................................................... 37 Deleting a certificate on the HDvM - SN management client (Windows)............................................................................................... 38 Setting server verification on the HDvM - SN management client (Windows)............................................................................................... 39 Viewing whether server verification is enabled on the HDvM - SN management client (Windows)................................................................39 Viewing the Help on the HDvM - SN management client (Windows)......39 Registering a certificate on the HDvM - SN management client (UNIX)..................................................................................................... 40 Viewing a certificate on the HDvM - SN management client (UNIX).......40 Deleting a certificate on the HDvM - SN management client (UNIX)...... 41 Setting server verification on the HDvM - SN management client (UNIX)..................................................................................................... 42 Viewing whether server verification is enabled on the HDvM - SN management client (UNIX)......................................................................42 Viewing the Help on the HDvM - SN management client (UNIX)............43 Device Manager - Storage Navigator restrictions.............................................. 43 General restrictions...................................................................................... 44 Web browser restrictions while using Device Manager - Storage Navigator...................................................................................................... 44 Unsupported actions in Windows version of HDvM - SN............................. 45 Unsupported actions in UNIX version of HDvM - SN................................... 45 Applying changes made in Device Manager - Storage Navigator................ 46 Updating data after a Volume Migration or Quick Restore operation........... 46 Updating data after operations performed with another application.............46 Capacities displayed on the Device Manager - Storage Navigator screen.. 46 Caution on LUN ID notation......................................................................... 47 Caution on SVP web server restart.............................................................. 47
Chapter 2: Using the Device Manager - Storage Navigator GUI............ 49
Logging in to HDvM - SN in a browser.............................................................. 49 Initial superuser login....................................................................................49 Logging in to as a user................................................................................. 51
Logging in to HDvM - SN by using AIR..............................................................51 Changing your password using HDvM - SN...................................................... 54 Disabling use of Flash Player with HDvM - SN..................................................54 Navigating the Device Manager - Storage Navigator user interface..................55
Menu bar...................................................................................................... 56 Using the Device Manager - Storage Navigator main window..................... 57
Main window controls..............................................................................58 Main window and Modify mode...............................................................60
Contents
System Administrator Guide for VSP 5000 Series
4
�Balloon dialog box........................................................................................ 61 Updating your user view...............................................................................61 Reverting to the default view........................................................................ 61 Download/Upload window for HDvM - SN with AIR..................................... 62 Enabling the HDvM - SN secondary window..................................................... 63 Using Device Manager - Storage Navigator secondary windows...................... 64 Secondary window menus and buttons........................................................64 HDvM - SN secondary windows and Modify mode...................................... 66 Resetting the secondary window..................................................................67 Cautions when using secondary windows....................................................67
Java updates...........................................................................................67 Troubleshooting secondary windows........................................................... 68
HDvM - SN secondary window blocked.................................................. 81 Saving Java log and trace files............................................................... 82 Creating a login message.................................................................................. 82
Chapter 3: Configuring the storage system............................................ 84
Setting storage system information................................................................... 84 Setting up security............................................................................................. 84
Managing authentication and authorization servers.....................................85 External authentication requirements using authentication server......... 86 External authorization requirements using authorization server............. 90 Connecting authentication and authorization servers............................. 93
Setting up SSL encryption using Device Manager - Storage Navigator ...... 94 SSL terminology......................................................................................98 Setting up SSL communications............................................................. 98 Notes on updating the signed certificate to the SVP...............................99 Creating a keypair.................................................................................100 Converting the SSL certificates to PKCS#12 format.............................102 Obtaining a signed certificate................................................................103 Releasing an SSL certificate passphrase............................................. 105 Uploading a signed certificate...............................................................106 Returning the certificate to default........................................................ 109 Blocking HTTP communication to the storage system..........................110 Releasing HTTP communication blocking.............................................111 Configuring the ECC curve order.......................................................... 111 Actions to take when a security warning is displayed........................... 113 Setting SSL/TLS communications using the Tool Panel....................... 115
Configuring certificates for HCS................................................................. 118 Registering certificates for HCS............................................................ 118 Notes on registering certificates for HCS.............................................. 120 Deleting certificates for HCS................................................................. 120
Contents
System Administrator Guide for VSP 5000 Series
5
�Reporting failure information about storage systems...................................... 121 Requirements of the Syslog protocol (TLS1.2/RFC5424).......................... 121 Obtaining a client certificate for the Syslog protocol.................................. 125 Editing Syslog settings............................................................................... 125 Editing alert notification email settings....................................................... 127
Changing advanced system settings............................................................... 128 Updating Storage Device Launcher on the management client...................... 131 Updating Captive Bundle Application on the SVP........................................... 132 Backing up and restoring HDvM - SN configuration files................................. 133
Backing up HDvM - SN configuration files................................................. 136 Restoring HDvM - SN configuration files.................................................... 137 Using the SMI-S function with a Device Manager - Storage Navigator user account............................................................................................................ 137 Using the SMI-S function............................................................................137 Uploading a signed certificate to the SMI-S provider................................. 138 Returning an SMI-S provider certificate to default......................................141 Uploading an SMI-S provider configuration file.......................................... 141 Returning an SMI-S provider configuration file to default........................... 142 Sending SMI-S artificial indication..............................................................143 Setting up WSUS function .........................................................................144
Chapter 4: User administration using Device Manager - Storage Navigator...............................................................................................146
User administration overview...........................................................................146 Manage roles and permissions........................................................................146
Roles and user groups............................................................................... 147 Resource groups and user groups............................................................. 147 User group registration example................................................................ 148 Precautions when working with user groups.............................................. 149 Naming a user group in Device Manager - Storage Navigator...................149 Roles and permissions............................................................................... 149 Built-in user groups.....................................................................................152 Verifying the roles available to a user group.............................................. 154 Verifying the roles available to a user group.............................................. 155 Creating a new user group......................................................................... 155 Changing a user group name.....................................................................156 Changing user group permissions..............................................................157 Changing assigned resource groups..........................................................157 Deleting a user group................................................................................. 158 User accounts..................................................................................................158 Creating user accounts.............................................................................. 159 Character restrictions for user names and passwords............................... 160
Contents
System Administrator Guide for VSP 5000 Series
6
�Changing user passwords using HDvM - SN............................................. 161 Changing your own user password.......................................................162
Changing user permissions........................................................................163 Enabling and disabling user accounts........................................................164 Unlocking a user account........................................................................... 164 Deleting user accounts...............................................................................164 Managing resource groups.............................................................................. 165 About resource groups .............................................................................. 165 Resource access requirements for Device Manager - Storage Navigator operations...................................................................................................166
Access requirements for Compatible FlashCopy®................................ 166 Access requirements for Compatible PAV............................................ 167 Access requirements for Data Retention Utility.................................... 167 Access requirements for Dynamic Provisioning and Dynamic Tiering..167 Access requirements for Encryption License Key ................................168 Access requirements for FICON® CHB ports........................................168 Access requirements for global-active device.......................................168 Access requirements for LUN Manager................................................ 169 Access requirements for Performance Monitor.....................................173 Access requirements for ShadowImage............................................... 173 Access requirements for ShadowImage for Mainframe ....................... 173 Access requirements for Server Priority Manager................................ 174 Access requirements for Thin Image.................................................... 174 Access requirements for TrueCopyTrueCopy for Mainframe................175 Access requirements for Universal ReplicatorUniversal Replicator for Mainframe............................................................................................. 176 Access requirements for Universal Volume Manager........................... 178 Access requirements for Virtual LUNVirtual LVI....................................180 Access requirements for Virtual Partition Manager...............................181 Access requirements for Volume Retention Manager...........................181 Access requirements for Volume Shredder.......................................... 181 Examples....................................................................................................182 Resource groups sharing a port............................................................182 Resource groups not sharing ports.......................................................183 Resource group assignments.....................................................................184 Resource group rules, restrictions, and guidelines.................................... 185 Creating resource groups...........................................................................185 Adding resources to a resource group....................................................... 186 Deleting resource groups........................................................................... 187
Chapter 5: Managing license keys........................................................188
License keys overview.....................................................................................188
Contents
System Administrator Guide for VSP 5000 Series
7
�License key types and prerequisite software...................................................188 Using the permanent key........................................................................... 190 Using the term key......................................................................................190 Using the temporary key.............................................................................191 Using the emergency key...........................................................................191
Estimating licensed capacity............................................................................191 Software and licensed capacity..................................................................191 Calculating licensed capacity for a normal volume.................................... 197 Calculating licensed capacity for an external volume.................................198 Calculating pool capacity............................................................................198 Accelerated compression-enabled parity group capacity........................... 198
Installing and uninstalling software.................................................................. 198 Installing license keys using Device Manager - Storage Navigator............198 When the status is Installed (Disabled)...................................................... 199 Enabling a license...................................................................................... 199 Disabling a license......................................................................................200 Removing a software application............................................................... 200 Updating license status.............................................................................. 201 Examples of license information.................................................................201 Cautions on license capacities in license-related windows........................ 202 Cautions on licenses.................................................................................. 203 Resolving errors when removing Data Retention Utility............................. 203
License key expiration..................................................................................... 203
Chapter 6: Viewing and managing the storage system.........................204
Viewing storage system information................................................................ 204 Viewing basic information...........................................................................204 Viewing specific information....................................................................... 205 Viewing other system information...............................................................205 Viewing port conditions...............................................................................206 Status icons for certain resources.............................................................. 206
Managing tasks................................................................................................207 Managing your tasks.................................................................................. 208 Referencing the detailed task status.......................................................... 208 Stalled tasks............................................................................................... 211 Setting the status refresh interval of the Tasks window.............................. 211
Chapter 7: Using reports to view storage system information.............. 212
Creating configuration reports......................................................................... 212 Downloading and viewing the HDvM - SN configuration reports..................... 213 Viewing configuration reports in the Reports window...................................... 214 Deleting configuration reports..........................................................................215
Contents
System Administrator Guide for VSP 5000 Series
8
�Examples of Device Manager - Storage Navigator storage configuration reports..............................................................................................................215
Report examples: table view...................................................................... 215 CHAP Users report............................................................................... 216 Disk Boards report................................................................................ 216 Host Groups / iSCSI Targets report.......................................................217 Hosts report...........................................................................................219 Logical Devices report...........................................................................220 LUNs report...........................................................................................222 MP Unit report.......................................................................................223 MP unit details report............................................................................ 224 Parity Groups report..............................................................................225 Physical Devices report.........................................................................226 Ports report........................................................................................... 228 Power Consumption report................................................................... 231 Spare Drives report...............................................................................234 SSD Endurance report..........................................................................235 Storage System Summary report..........................................................236
Report examples: graphical view............................................................... 239 Cache Memories report.........................................................................239 Channel Boards report..........................................................................240 Physical View report..............................................................................240
Report examples: CSV files........................................................................241 AllConf.csv............................................................................................ 242 CacheInfo.csv....................................................................................... 242 ChapUserInfo.csv..................................................................................242 ChaStatus.csv....................................................................................... 243 CTLInfo.csv........................................................................................... 243 DeviceEquipInfo.csv..............................................................................243 DkaInfo.csv........................................................................................... 244 DkaStatus.csv....................................................................................... 244 DkcInfo.csv............................................................................................245 DkuTempInfo.csv...................................................................................246 DkuTempAveInfo.csv............................................................................ 248 DkuTempMaxInfo.csv............................................................................249 DkuTempMinInfo.csv.............................................................................250 ELunInfo.csv......................................................................................... 252 EnvMonInfo.csv.....................................................................................254 HSNBXTempInfo.csv.............................................................................255 HduInfo.csv........................................................................................... 256 IscsiHostInfo.csv................................................................................... 258 IscsiPortInfo.csv.................................................................................... 258
Contents
System Administrator Guide for VSP 5000 Series
9
�IscsiTargetInfo.csv.................................................................................261 JnlInfo.csv............................................................................................. 262 LdevCapaInfo.csv................................................................................. 262 LdevCountInfo.csv................................................................................ 263 LdevInfo.csv.......................................................................................... 264 LdevStatus.csv......................................................................................267 LogPathStatus.csv................................................................................ 268 LPartition.csv.........................................................................................269 LunInfo.csv............................................................................................269 LunPortInfo.csv..................................................................................... 271 MfDMInfo.csv........................................................................................ 272 MfPortInfo.csv....................................................................................... 273 MicroVersion.csv................................................................................... 273 MlcEnduranceInfo.csv...........................................................................274 ModePerLpr.csv.................................................................................... 275 MpPathStatus.csv................................................................................. 275 MpPcbStatus.csv.................................................................................. 277 PcbRevInfo.csv..................................................................................... 277 PdevCapaInfo.csv................................................................................. 278 PdevInfo.csv..........................................................................................278 PdevStatus.csv..................................................................................... 280 PhyPathStatus.csv................................................................................ 280 PkInfo.csv..............................................................................................281 PpInfo.csv............................................................................................. 284 SMfundat.csv........................................................................................ 285 SsdDriveInfo.csv................................................................................... 285 SsidInfo.csv...........................................................................................286 SysoptInfo.csv.......................................................................................286 WwnInfo.csv..........................................................................................287
Chapter 8: Troubleshooting...................................................................289
General troubleshooting.................................................................................. 289 Service information messages.........................................................................289
Monitoring SIM alerts in Device Manager - Storage Navigator.................. 290 Login errors......................................................................................................291 No-response errors..........................................................................................293 Incorrect display errors.................................................................................... 298 UNIX operation errors......................................................................................301 HDvM - SN secondary window blocked...........................................................302 Storage Device Launcher errors......................................................................303 Other errors......................................................................................................303 Forcibly fail over the SVP.................................................................................309
Contents
System Administrator Guide for VSP 5000 Series
10
�Firefox web browser problems on UNIX.......................................................... 311 Troubleshooting the SMI-S function.................................................................311 Downloading dump files using the Dump tool..................................................313 Saving Java log and trace files........................................................................ 314
Appendix A: System option modes (SOMs)..........................................316
System option modes for VSP 5000 series..................................................... 316
Appendix B: Device Manager - Storage Navigator user management GUI reference........................................................................................402
User Groups window........................................................................................402 Selected User Group Window......................................................................... 403 Create User Group wizard............................................................................... 408
Create User Group window........................................................................ 408 Create User Group confirmation window................................................... 409 Create User wizard.......................................................................................... 411 Create User window................................................................................... 411 Create User confirmation window...............................................................413 Change Password Wizard............................................................................... 414 Change Password window......................................................................... 414 Change Password confirmation window.................................................... 415 Edit User wizard...............................................................................................415 Edit User window........................................................................................415 Edit User confirmation window................................................................... 417 Add User wizard...............................................................................................418 Add Users window......................................................................................418 Add Users confirmation window................................................................. 420 Remove Users window.................................................................................... 421 Delete Users window....................................................................................... 423 Release Lockout window ................................................................................ 424 Edit User Group wizard....................................................................................424 Edit User Group window.............................................................................424 Edit User Group confirmation window........................................................ 426 Delete User Groups window............................................................................ 427 Edit Resource Group Assignment wizard........................................................ 427 Edit Resource Group Assignment window................................................. 427 Edit Resource Group Assignment confirmation window............................ 432 Edit Role Assignment wizard........................................................................... 434 Edit Role Assignment window.................................................................... 434 Edit Role Assignment confirmation window............................................... 437 Setup Server wizard.........................................................................................438 Select Authentication Server window......................................................... 438
Contents
System Administrator Guide for VSP 5000 Series
11
�Select Authentication Server confirmation window.................................... 439 LDAP Properties window................................................................................. 439 RADIUS Properties window.............................................................................441 Kerberos Properties window............................................................................444 Setup Server for LDAP.................................................................................... 447
LDAP Setup Server window....................................................................... 447 LDAP Setup Server confirmation window.................................................. 452 Setup Server for RADIUS................................................................................ 454 RADIUS Set Up Server window................................................................. 454 RADIUS Set Up Server confirmation window.............................................460 Setup Server for Kerberos............................................................................... 463 Kerberos Set Up Server window................................................................ 463 Kerberos Set Up Server confirmation window............................................468
Appendix C: Device Manager - Storage Navigator licenses GUI reference............................................................................................... 471
License Keys window...................................................................................... 471 Install Licenses wizard.....................................................................................474
Install Licenses window..............................................................................474 Install Licenses confirmation window......................................................... 477 Enable Licenses window................................................................................. 478 Disable Licenses window.................................................................................480 Remove Licenses window............................................................................... 482 Update License Status window........................................................................484
Appendix D: Configuring storage systems GUI reference.................... 487
Login Message window................................................................................... 487 Edit Storage System wizard.............................................................................488
Edit Storage System window......................................................................488 Edit Storage System confirmation window................................................. 489 Edit Alert Settings wizard.................................................................................489 Edit Alert Settings window..........................................................................490 Add Sending Trap Setting window (SNMP v1 or v2c)................................ 500 Add Sending Trap Setting window (SNMP v3)...........................................501 Change Sending Trap Setting window (SNMP v1 or v2c)..........................503 Change Sending Trap Setting window (SNMP v3).....................................505 Add Request Authentication Setting window (SNMP v1 or v2c)................ 507 Add Request Authentication Setting window (SNMP v3)........................... 508 Change Request Authentication Setting window (SNMP v1 or v2c).......... 510 Change Request Authentication Setting window (SNMP v3)..................... 512 Add Address window..................................................................................514 Change Settings window............................................................................515
Contents
System Administrator Guide for VSP 5000 Series
12
�Edit Alert Settings confirmation window..................................................... 517 Column Settings window................................................................................. 521 Edit Advanced System Settings wizard........................................................... 522
Edit Advanced System Settings window.................................................... 523 Edit Advanced System Settings confirmation window................................528
Appendix E: Device Manager - Storage Navigator system GUI reference............................................................................................... 530
Storage Systems window.................................................................................530 Port Condition window..................................................................................... 537 Tasks window...................................................................................................539 Task Properties window................................................................................... 541 Suspend Tasks window................................................................................... 542 Resume Tasks window.................................................................................... 543 Delete Tasks window....................................................................................... 544 Disable Auto Delete window............................................................................ 544 Enable Auto Delete window.............................................................................545 Edit Information Display Settings window........................................................ 546 Reports window............................................................................................... 548 Create Configuration Report window...............................................................548 Delete Reports window....................................................................................549
Appendix F: Tool Panel GUI Reference................................................ 558
Tool Panel........................................................................................................ 558 Control Panel................................................................................................... 560
Download File tab of the Control Panel window.........................................560 Restore File tab of the Control Panel window............................................ 561 Download Dump Files window.........................................................................562 Update Certificate Files window...................................................................... 563 Update Certificate Files for the SMI-S window................................................ 564 Upload Configuration Files for SMI-S window................................................. 565 SMI-S Artificial Indication window.................................................................... 566 Set or Delete Certificate File for HCS window................................................. 567 TLS Security Settings window ........................................................................ 568 TLS Security Settings Communication Test window .......................................570 Create CSR and Self-Signed Certificate window ............................................572 Flash Enable/Disable window..........................................................................576 CaptiveBundleUpload window......................................................................... 577 WSUS Settings................................................................................................ 577
Appendix G: SMI-S provider configuration file...................................... 579
Supported TLS versions.................................................................................. 579 Array-setting-01.properties file.........................................................................579
Contents
System Administrator Guide for VSP 5000 Series
13
�File description format................................................................................ 579 File organization format..............................................................................579 Parameters defined in user configuration files........................................... 580
VVolForSnapshot parameter.................................................................580 PoolIDForSnapshot parameter............................................................. 581 ResourceGroup parameter................................................................... 582 PullOperationMaxTime parameter........................................................ 583
Contents
System Administrator Guide for VSP 5000 Series
14
�Preface
This document provides information and instructions to help you set up Hitachi Device Manager - Storage Navigator for your storage system and manage user accounts and permissions. It explains the GUI features and provides basic navigation information. Additional information about performing specific tasks in Hitachi Device Manager - Storage Navigator is contained in the software user guides. Please read this document carefully to understand how to use this product, and keep a copy for reference
Intended audience
This document is intended for system administrators, Hitachi Vantara representatives, and authorized service providers who are involved in installing, configuring, and operating Hitachi Virtual Storage Platform 5000 Series storage system.
Readers of this document should be familiar with the following: Data processing and RAID storage systems and their basic functions. The VSP 5000 series and the Hardware Guide for your storage system. The operating system and web browser software on the management client hosting the
Device Manager - Storage Navigator software.
Product version
This document applies to the following product versions: VSP 5000 series: firmware 90-09-0x or later SVOS RF 9.8.6 or later
Release notes
Read the release notes before installing and using this product. They may contain requirements or restrictions that are not fully described in this document or updates or corrections to this document. Release notes are available on the Hitachi Vantara Support Website: https://knowledge.hitachivantara.com/Documents.
Preface
System Administrator Guide for VSP 5000 Series
15
�Changes in this revision
Changes in this revision
Updated the Windows requirements for a Kerberos authentication server (External authentication requirements using authentication server (on page 86)).
Updated the description of the IscsiPortInfo.csv file (IscsiPortInfo.csv (on page 258)).
Updated the description of SOM 164 (#unique_10).
Added information about inactive GUM (Reporting failure information about storage systems (on page 121)).
Added notes to stop using the Windows 8.1 OS on the management client and management PC because it is no longer supported by the vendor.
Document conventions
This document uses the following typographic conventions:
Convention Bold
Italic
Description
Indicates text in a window, including window titles, menus, menu options, buttons, fields, and labels. Example: Click OK.
Indicates emphasized words in list items.
Indicates a document title or emphasized words in text. Indicates a variable, which is a placeholder for actual text provided
by the user or for output by the system. Example:
pairdisplay -g group
Monospace < > angle brackets
[ ] square brackets
(For exceptions to this convention for variables, see the entry for angle brackets.)
Indicates text that is displayed on screen or entered by the user. Example: pairdisplay -g oradb
Indicates variables in the following scenarios: Variables are not clearly separated from the surrounding text or
from other variables. Example:
Status-<report-name><file-version>.csv
Variables in headings.
Indicates optional values. Example: [ a | b ] indicates that you can choose a, b, or nothing.
Preface
System Administrator Guide for VSP 5000 Series
16
�Conventions for storage capacity values
Convention { } braces
| vertical bar
Description
Indicates required or expected values. Example: { a | b } indicates that you must choose either a or b.
Indicates that you have a choice between two or more options or arguments. Examples: [ a | b ] indicates that you can choose a, b, or nothing. { a | b } indicates that you must choose either a or b.
This document uses the following icons to draw attention to information:
Icon
Label
Note
Description Calls attention to additional information.
Tip Important Caution CAUTION WARNING
Provides helpful information, guidelines, or suggestions for performing tasks more effectively.
Highlights information that is essential to the completion of a task.
Warns the user of adverse conditions and/or consequences (for example, disruptive operations, data loss, or a system crash).
Warns the user of a hazardous situation that, if not avoided, could result in major or minor injury.
Warns the user of a hazardous situation which, if not avoided, could result in death or serious injury.
Conventions for storage capacity values
Physical storage capacity values (for example, disk drive capacity) are calculated based on the following values:
Physical capacity unit 1 kilobyte (KB) 1 megabyte (MB) 1 gigabyte (GB)
Value 1,000 (103) bytes 1,000 KB or 1,0002 bytes 1,000 MB or 1,0003 bytes
Preface
System Administrator Guide for VSP 5000 Series
17
�Accessing product documentation
Physical capacity unit 1 terabyte (TB) 1 petabyte (PB) 1 exabyte (EB)
Value 1,000 GB or 1,0004 bytes 1,000 TB or 1,0005 bytes 1,000 PB or 1,0006 bytes
Logical capacity values (for example, logical device capacity, cache memory capacity) are calculated based on the following values:
Logical capacity unit 1 block 1 cylinder
1 KB 1 MB 1 GB 1 TB 1 PB 1 EB
Value 512 bytes Mainframe: 870 KB Open-systems: OPEN-V: 960 KB Others: 720 KB 1,024 (210) bytes 1,024 KB or 1,0242 bytes 1,024 MB or 1,0243 bytes 1,024 GB or 1,0244 bytes 1,024 TB or 1,0245 bytes 1,024 PB or 1,0246 bytes
Accessing product documentation
Product user documentation is available on the Hitachi Vantara Support Website: https:// knowledge.hitachivantara.com/Documents. Check this site for the most current documentation, including important updates that may have been made after the release of the product.
Getting help
The Hitachi Vantara Support Website is the destination for technical support of products and solutions sold by Hitachi Vantara. To contact technical support, log on to the Hitachi Vantara Support Website for contact information: https://support.hitachivantara.com/en_us/contactus.html.
Preface
System Administrator Guide for VSP 5000 Series
18
�Comments
Hitachi Vantara Community is a global online community for Hitachi Vantara customers, partners, independent software vendors, employees, and prospects. It is the destination to get answers, discover insights, and make connections. Join the conversation today! Go to community.hitachivantara.com, register, and complete your profile.
Comments
Please send comments to doc.comments@hitachivantara.com. Include the document title and number, including the revision level (for example, -07), and refer to specific sections and paragraphs whenever possible. All comments become the property of Hitachi Vantara LLC. Thank you!
Preface
System Administrator Guide for VSP 5000 Series
19
�Chapter 1: Initial setup of the management client
The management client is the computer used to log in to and manage your storage system. The management client is LAN-attached to the storage system and communicates with the service processor (SVP). You can use Hitachi Device Manager - Storage Navigator (HDvM SN) as well as other management software such as Hitachi Ops Center Administrator to manage your storage system.
Workflow for setting up the management client
Perform the following tasks to set up the management client for use of Device Manager Storage Navigator (HDvM - SN).
1. Confirm that the management client meets the hardware and software requirements for running HDvM - SN (Requirements for management clients (on page 20)).
2. Configure the network settings on the management client (Configuring the network settings on the management client (on page 24)).
3. Configure the web browser on the management client (Configuring the web browser on the management client (on page 29)).
4. Install Storage Device Launcher on the management client (Installing Storage Device Launcher on the management client (on page 30)).
5. Configure the management client for the HDvM - SN secondary window (Configuring the management client for the HDvM - SN secondary window (on page 32)).
6. Review the cautions and restrictions before logging in to HDvM - SN for the first time (Device Manager - Storage Navigator restrictions (on page 43)).
Requirements for management clients
The Device Manager - Storage Navigator administrator is responsible for setting up management clients. Device Manager - Storage Navigator runs on supported versions of the Windows and UNIX/Linux operating systems. If you use a physical or virtual server running on Windows as a management client, you must configure the server to run Device Manager Storage Navigator.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
20
�General requirements
General requirements
The management client must be connected to the network via LAN. Device Manager Storage Navigator (HDvM - SN) connects to the SVP through a TCP/IP network.
Use category 5e or 6a LAN cable for LAN connections when the transfer speed is 1 Gbps. Maximum cable length is 328 feet (100 meters). For assistance, contact customer support.
Several storage systems can be managed by one management client. HDvM - SN must be set up for each storage system.
A maximum of 32 management clients (HDvM - SN) can access the same storage system at the same time.
License keys are required for programs such as TrueCopy and Encryption License Key. To use HDvM - SN with Adobe AIR on a Windows management client, the SVP software
version must be 90-04-01-xx/xx or later.
Requirements for Windows-based management clients
The management client must meet hardware and software requirements to run Device Manager - Storage Navigator (HDvM - SN) in a Windows® environment.
Hardware requirements for the management client (Windows)
Item Processor (CPU)
Memory (RAM)
Requirement
Windows 11:
64-bit compatible processor with 2 cores or more at 2.1 GHz or better
(Recommended: 64-bit compatible processor with 4 cores or more at 2.1 GHz or better)
Other than Windows 11:
Pentium 4 640 3.2 GHz or better
(Not dependent on a specific CPU vendor or processor family. Core2Duo E6540 2.33 GHz or better is recommended.)
Celeron G1820 2.7 GHz (2 cores) or better
(Not dependent on a specific CPU vendor or processor family.)
Windows 11: 8 GB or more (Recommended: 16 GB or more)
Other than Windows 11: 2 GB or more (Recommended: 3 GB or more)
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
21
�Requirements for Windows-based management clients
Item Available storage space
Monitor Keyboard and mouse Ethernet LAN card for TCP/IP network
Requirement
500 MB or more (+ 80 MB for each managed storage system) When HDvM - SN is using Adobe® AIR® from HARMANTM, an additional 80 MB of free space is required for each storage system managed by HDvM - SN.
True Color 32-bit or better Resolution: 1280 x 1024 or better
You cannot use the mouse wheel feature.
100BASE-TX 1000BASE-T
Software requirements for the management client (Windows) Set the locale of the HDvM - SN management client to either English or Japanese.
Note: To use the storage management software and SVP software on the SVP, you must log in to the SVP as a user with administrator permissions.
On a Windows management client, you can use HDvM - SN with Adobe AIR from HARMAN. The following table specifies the requirements for using HDvM with AIR. The combinations and versions of operating system, architecture, browser, and TLS specified below are fixed requirements. Using other combinations or versions might produce unpredictable results such as the inability to use the HDvM - SN windows.
Note: Some Device Manager - Storage Navigator operations are performed using
the HDvM - SN secondary window that runs within Java. Use software (including the OS) that is currently supported by the vendor. We
do not guarantee the operations using software that has expired.
Requirements for using HDvM with AIR from HARMAN
Operating system Windows 114
Windows 103
Architecture
Web browser
64 bit
Microsoft Edge 102.0 and later5
Google Chrome 102.0 and later
64 bit
Microsoft Edge 92.0 and later1
Google Chrome 63.0 and later Internet Explorer 11.02
TLS
TLS1.2
TLS1.2 must be enabled. AIR does not support TLS1.3.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
22
�Requirements for UNIX/Linux-based management clients
Operating system Architecture
Web browser
TLS
Windows 8.16
64 bit
Microsoft Edge 92.0 and later1 Google Chrome 48.0 and later Internet Explorer 11.02
Notes:
1. Microsoft Edge is supported on the SVP with the following firmware versions:
90-07-03/xx and later
90-06-22/10 and later within 90-06-xx/xx
90-05-03/23 and later within 90-05-03/xx
2. Only the latest version of Internet Explorer that runs on each operating system is supported according to Microsoft® Support Policy.
3. For Internet Explorer 11 (delivered via the Windows 10 Semi-Annual Channel (SAC)), Microsoft has announced that support will end in June 2022. For this reason, we recommend that you use a different browser. For details about the schedule for the end of support, see the Microsoft website.
4. Windows 11 is supported by SVP firmware versions 90-08-81/00 and later. 5. The Internet Explorer mode (IE mode) of Microsoft Edge is not supported. 6. This operating system is no longer supported. Use an operating system that is
currently supported by the vendor.
Requirements for UNIX/Linux-based management clients
The management client must meet hardware and software requirements to run Device Manager - Storage Navigator (HDvM - SN) in a UNIX® or Linux® environment.
Hardware requirements for the management client (UNIX/Linux)
Item Processor (CPU)
Memory (RAM)
Available storage space Monitor Keyboard and mouse
Requirement Pentium 4 640 3.2 GHz or better (Recommended: Core2Duo E6540 2.33 GHz or better) 2 GB or more Recommended: 3 GB 500 MB or more Resolution: 1280 x 1024 or better You cannot use the mouse wheel feature.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
23
�Configuring the network settings on the management client
Item
Ethernet LAN card for TCP/IP network
100BASE-TX 1000BASE-T
Requirement
Software requirements for the management client (UNIX/Linux)
Set the locale of the HDvM - SN management client to either English or Japanese.
The following table specifies the software requirements for using HDvM - SN in a UNIX or Linux environment. The combinations of operating system, architecture, browser, and Java Runtime Environment described below are fixed requirements. Using other combinations or versions might produce unpredictable results such as the inability to use the HDvM - SN windows.
Note: Some HDvM - SN operations are performed using the secondary window within Java.
Operating system Red Hat Enterprise Linux 7.5
Red Hat Enterprise Linux 7.4
Browser
Java Runtime Environment (JRE)
Firefox 52.7 or later
OpenJDK 11.0.2+9 or earlier
IPv6 HTTPS connection from Firefox is not supported.
Chrome 67.0 or later
OpenJDK 11.0.2+9 or earlier
Firefox 58.0 or later
OpenJDK 11.0.2+9 or earlier
IPv6 HTTPS connection from Firefox is not supported.
Chrome 63.0 or later
OpenJDK 11.0.2+9 or earlier
Configuring the network settings on the management client
Before you can use Device Manager - Storage Navigator (HDvM - SN), you must configure the network settings on the management client as follows: Set up TCP/IP for a firewall (see Setting up TCP/IP for a firewall (on page 25)). Configure IPv4/IPv6 communications (see Setting up IPv4/IPv6 communications (on
page 26)). Register the SVP host name (see Registering the SVP host name (on page 27)). Add the SVP to the trusted sites zone (Adding your SVP to the trusted sites zone for
Windows Server computers (on page 28)).
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
24
�Setting up TCP/IP for a firewall
Note: The SVP supports Simple Network Time Protocol version 4 (SNTPv4) for date and time synchronization.
Setting up TCP/IP for a firewall
To connect the Device Manager - Storage Navigator management client and the SVP through a firewall, configure the firewall so that the TCP/IP port for the protocol you use becomes available.
When attaching Device Manager - Storage Navigator to multiple storage systems, the installer must log in to the SVP of each storage system using separate Device Manager Storage Navigator sessions and separate web browser instances.
The following table describes the firewall configuration. For more information about the ports used in software such as middleware and applications that work with the storage system, see the software documentation.
Caution: Do not enable ICMP firewall configuration. If ICMP firewall is enabled, alert notifications might not occur. To disable ICMP firewall, contact the administrator who manages the firewall.
Protocol HTTP HTTPS RMI RMI RMI SMI-S SMI-S SNMP1 SNMP Trap1
CCI
CCI
SVP Connect Utility
Communication from
Port number
Hardware
Any/TCP Any/TCP
Management client
Any/TCP
Any/TCP
Any/TCP
Any/TCP
Any/TCP
Any/UDP
Any/UDP
SVP
Any/UDP
Host
34xxx through 36xxx/UDP2
Any/TCP
SVP SVP
Communication to
Port number
Hardware
80/TCP
SVP
443/TCP
11099/TCP
51099/TCP
51100/TCP
427/TCP
5989/TCP
161/UDP
162/UDP
Management client
31xxx through 33xxx/UDP2
SVP
Any/UDP
Host
7000/TCP3
Maintenance PC
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
25
�Setting up IPv4/IPv6 communications
Communication from
Communication to
Protocol
Port number
Hardware
Port number
Hardware
ASSIST
Any/TCP
ASSIST communication device
4503/TCP4
SVP
ASSIST
Any/TCP
SVP
4500/TCP4 10070/TCP4
ASSIST communication device
Notes:
1. Required if you use a Device Manager - Storage Navigator management client as an SNMP manager.
2. x indicates a number. For details about port numbers that are used for communication between a host and an SVP using CCI, see the Command Control Interface User and Reference Guide.
3. The support personnel use this port number to connect the maintenance PC to the storage system through a firewall.
4. If the remote maintenance by using Remote Ops is not performed, the firewall settings are not required.
Setting up IPv4/IPv6 communications
You should assign the SVP the same type of IP addresses (IPv4 or IPv6) as those used on the storage system. You must also configure the client computers with the same IP version that you assign to the SVP. In addition, use the same communication options for the management client and the SVP. If the SVP uses IPv6, you must configure the management clients to use IPv6 for communication.
If you use IPv6 to display the Device Manager - Storage Navigator main window when both IPv4 and IPv6 are available, IPv6 addresses are displayed in the Device Manager - Storage Navigator secondary window but IPv4 communication is actually used.
For information about how to configure IP communication from an SVP, see the hardware guide for your storage system model.
Configuring IPv6 communication in Windows 7
If the SVP uses IPv6, you must configure Windows 7* management clients to use IPv6 for communication.
* Microsoft ended support for the Windows 7 operating system (OS). Use an OS version that is currently supported.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
26
�Configuring IPv6 communication in Solaris 10
Procedure 1. Select Control Panel > Network and Sharing Center > Manage network connections. 2. Right-click the network where the SVP resides, and then click Properties in the pop-up menu. If the User Account Control dialog box opens click Continue. Otherwise, the Networking dialog box opens. 3. In the Networking dialog box, clear the Internet Protocol Version 4 (TCP/IPv4) check box. 4. Click OK to save the changes and close the dialog box.
Configuring IPv6 communication in Solaris 10
If the SVP uses IPv6 and you plan to use Device Manager - Storage Navigator (HDvM - SN) in a web browser, you must configure Solaris 10 management clients to use IPv6 for communication. If you plan to run HDvM - SN using Adobe AIR, you do not need to perform this task.
Procedure 1. Start a command window or system console. 2. Execute the following command:
ifconfig network-interface-name inet down
Registering the SVP host name
You must register the SVP host name before you can complete any of the following tasks.
Note: If the SVP High Reliability Kit is installed, the storage system has two SVPs: the primary SVP, and the standby SVP that can be used if the primary SVP becomes unavailable. You must register the primary SVP host name.
Specifying a host name instead of an IP address when accessing Device Manager Storage Navigator.
Obtaining the public key certificate for SSL-encrypted communication from the CA (Certificate Authority). You must register the server name as the host name to the DNS server or the hosts file. The server name is entered in the certificate as a common name. Enter the SVP host name and IP address in the DNS server or hosts file of the management client. You can register any host name to the DNS server or the hosts file, but there are restrictions on the characters you can use for the host name.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
27
�Adding your SVP to the trusted sites zone for Windows Server computers
Registering the IP address and host name of the SVP to the DNS server that manages the network to which the SVP is connected.
Entering the IP address and host name of the SVP to the hosts file of the management client. The general directory of the hosts file is: For Windows: C:\Windows\System32\drivers\etc\hosts For UNIX: /etc/hosts
Caution: If the host name listed in the hosts file is also listed in the CCI configuration definition file, CCI must be restarted.
Adding your SVP to the trusted sites zone for Windows Server computers
If you are using Device Manager - Storage Navigator on a Windows Server computer, the following message may appear during login. If it does, you must add the SVP to the trusted sites zone. The message below may appear differently depending on the Windows version you are using.
Procedure
1. Click Add in the message dialog box. The Trusted Sites dialog box opens. 2. In Add this web site to the zone, enter the URL of the SVP that you want to log in to.
For example, if the host name is host01, the URL is http://host01. If the IP address is 127.0.0.1, the URL is http://127.0.0.1. 3. Click Add to add the URL of the SVP to the web sites list. 4. Click Close to close the dialog box.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
28
�Configuring the web browser on the management client
Configuring the web browser on the management client
Configure the web browser on the Hitachi Device Manager - Storage Navigator (HDvM - SN) management client as described below.
Web browser settings The browser must allow first-party, third-party, and session cookies. The pop-up blocker and plug-ins must be disabled. Settings for Microsoft Edge:
Enable cookies (Settings > Cookies and site permissions > Manage and delete cookies and site data > Allow sites to save and read cookie data (recommended)).
Allow pop-ups (Settings > Cookies and site permissions > Pop-ups and redirects > Add, and then enter the IP address or host name of the SVP).
Settings for Windows Server 2016, Windows Server 2012 Update, Windows Server 2012 R2 Update, Windows Server 2012, and Windows 8.1, JavaScript must be enabled. For details, see Enabling JavaScript for Windows (on page 29).
Settings for Windows Server and Internet Explorer: Configure Internet Explorer so it does not save encrypted pages to disk (Tools > Internet Options > Advanced > Do not save encrypted pages to disk). Register the URL of the SVP in Internet Explorer (Tools > Internet Options > Security). Disable compatibility view mode. Open the Compatibility View Setting dialog box, clear the check box for Display intranet sites in Compatibility View, and delete the IP address or host name of the SVP added to Websites you've added to Compatibility View. For Windows Server 2012, set the IE security level for the trusted sites to Mediumhigh (Tools > Internet Options > Security > Trusted sites > Security level for this zone).
For the Japanese version of Firefox, the browser must be configured to use the C locale (default system language) by using the X Server Emulator. In a B Shell, enter the following command:
LANG=C export LANG
In a C Shell, enter the following command:
setenv LANG C
Enabling JavaScript for Windows
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
29
�Installing Storage Device Launcher on the management client
You must enable JavaScript if you use any of the following Windows versions: Windows 11 Windows Server 2016 Windows 10 Windows 8.1 Windows Server 2012 R2 Update Windows Server 2012 Update Use software (including the OS) that is currently supported by the vendor. We do not guarantee operations using software that has expired.
Note: This setting is required when you use Device Manager - Storage Navigator in a browser and when you use Device Manager - Storage Navigator with Adobe AIR.
Procedure 1. In Edge, enable the Allow setting for JavaScript: a. Open the Settings window (click the Settings and more icon (), and then click Settings from the drop-down menu). b. Select Cookies and site permissions in the left pane, and then click JavaScript in the right pane. c. In the right pane, set Allow (recommended) to enabled. d. Exit and then restart Edge.
2. In Internet Explorer, enable the Active scripting security setting: a. Open the Internet Options window (Tools > Internet Options). b. Click the Security tab, and then click Custom Level. c. On the Security Settings - Internet Zone window, set Active scripting to Enable, and then click OK. d. Click YES on the Warning dialog box, and then click OK. e. Exit and then restart Internet Explorer.
Installing Storage Device Launcher on the management client
The Storage Device Launcher application is required to run Hitachi Device Manager Storage Navigator (HDvM - SN) with Adobe AIR from HARMAN. Storage Device Launcher is included in the Web Console Launcher setup file on the SVP. Use the following procedure to download and install Storage Device Launcher on the management client.
Note: If you use other management software to access HDvM - SN (for example, Hitachi Ops Center Administrator), install Storage Device Launcher as a user with administrator permissions on the management client.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
30
�Installing Storage Device Launcher on the management client
Note: If you are using one management client to access multiple storage systems, you only need to install Storage Device Launcher on the management client once.
Before you begin To use HDvM - SN with Adobe AIR, SVP firmware version 90-04-01/00 or later is required.
Procedure 1. Download the Web Console Launcher setup file for Windows from the SVP to the management client. If you can log in to HDvM - SN by using a web browser, click Tool > Download in the HDvM - SN menu bar, and then download the Web Console Launcher setup file for Windows (WCLauncher_win.zip). If you cannot log in to HDvM - SN by using a web browser, download the Web Console Launcher setup file as follows: a. Open a web browser on the management client, and enter the following URL:
https://IP-address-or-host-name-of-SVP/sanproject/ToolDownload
Note: If the SVP firmware version is 90-04-01/00, or between 90-04-01/00 and 90-04-03/00 (excluding 90-04-03/00), enter the following URL instead:
https://IP-address-or-host-name-of-SVP/tool/tooldownload.html
After the download page opens, go to step (c). b. In the authentication window, enter the user name and password. c. Download the Web Console Launcher setup file for Windows
(WCLauncher_win.zip).
Note: When you download a file, make sure to click Save within 30 minutes after the window for selecting a download destination folder appears. If you click Save after 30 minutes have elapsed, an error message (20121-107091) appears. If this error message is displayed, retry downloading the file. 2. Expand the downloaded Web Console Launcher setup file.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
31
�Configuring the management client for the HDvM - SN secondary window
Make sure to expand the setup file in a folder or directory that meets the following requirements: Use only 1-byte alphanumeric characters for the expanded folder or directory name. Use an expanded folder (excluding directly under C: drive) that can be accessed
(Read/Write) by management client users who do not have administrator permissions. If you are installing Storage Device Launcher two or more times on the same management client, expand the setup file each time in the same folder or directory (the one used for the initial installation). If you expand the setup file in a different folder or directory from the first installation, other users will not be able to run Storage Device Launcher.
Note: If a security warning or a window blocking the operation is displayed, do not expand the setup file. Change the properties of the setup file as follows and then expand the file:
a. Right-click WCLauncher_win.zip, and then click Properties. b. In Security, select Unblock, and then click OK.
3. Install Storage Device Launcher as follows: If you are logged in to the management client with administrator permissions, rightclick WCLauncher_win\WCLauncher\Setup_SDLauncher.bat, and run it by selecting Run as Administrator. If you are not logged in to the management client with administrator permissions: a. Right-click WCLauncher_win\WCLauncher\Setup_SDLauncher.bat, and then click Create Shortcut. b. Move the created shortcut onto the desktop.
4. Open WCLauncher_win\WCLauncher\log\Setup.log with a text editor, and confirm that "completed" is displayed.
Caution: Do not move or delete the WCLauncher_win folder after Storage Device Launcher installation is complete. This folder contains files required for running Storage Device Launcher.
Next steps After installing Storage Device Launcher on the management client, you can log in to HDvM SN using AIR. For instructions, see Logging in to HDvM - SN by using AIR (on page 51).
Configuring the management client for the HDvM - SN secondary window
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
32
�Configuring the management client for the HDvM - SN secondary window
If you plan to use any of the following functions, you must configure the management client for use of the Device Manager - Storage Navigator (HDvM - SN) secondary window:
Login Message function
Compatible PAV
Compatible XRC
Data Retention Utility
Volume Retention Manager
Server Priority Manager
The Device Manager - Storage Navigator (HDvM - SN) secondary window runs within the Java Runtime Environment (JRE) on the management client. The secondary window is disabled by default in HDvM - SN and must be enabled by using HDvM - SN or Web Console Launcher (when Java 11 or later is installed on the HDvM - SN management client). If the secondary window is not enabled, the functions listed above are not accessible in HDvM SN.
Restrictions for using the HDvM - SN secondary window
When you open the secondary window, Microsoft Edge displays the following message in the upper right of the browser window: <file name>.jnlp was blocked because this type of file can harm your device.
Click Other actions > Save in the message window, save the object file, and then open the file. You can continue the operation even though a Java security warning is displayed when you open the file.
When you open the secondary window, Google Chrome displays the following message in the lower left of the browser window: This type of file can harm your computer. Are you sure you want to download <file name>.jnlp? . Click Save in the message window and save the object file. Then open the file. You can continue the operation even though a Java security warning is displayed when you open the file.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
33
�Installing and configuring JRE
The SJsvlSNStartServlet (<serial number>).jnlp file is saved in the download folder and duplicated every time you open the secondary window (because it is not overwritten or deleted automatically). To prevent shortage of capacity, delete extraneous downloaded SJsvlSNStartServlet (<serial number>).jnlp files periodically.
To confirm the download location in Microsoft Edge, follow Settings > Downloads > Location.
To confirm the download location in Google Chrome, follow Chrome Menu > Settings > Show advanced settings > Downloads.
When you are using Google Chrome, do not click Discard in the message window. If you do, you will not be able to use HDvM - SN for a while until error (20020-108000) appears. When error (20020-108000) appears, click OK to close the error, and then continue working in HDvM - SN.
If you don't want to wait for the error to appear, you can close Chrome and then log in to HDvM - SN again.
The error also appears if you do not click Save or if you do not open the saved file for some time.
Installing and configuring JRE
JRE must be installed and configured in a Windows or Unix environment. You can download JRE from http://www.oracle.com/technetwork/java/index.html.
Using Web Console Launcher to enable the secondary window (Java 11 or later)
When Java 11 or later is installed on the Device Manager - Storage Navigator (HDvM - SN) management client, you must download and execute Web Console Launcher to enable the HDvM - SN secondary window. The setup file that you download contains the following applications:
Web Console Launcher: This application is required to enable the HDvM - SN secondary window when HDvM - SN is running on a web browser with Java 11 or later installed.
Security settings command file: This command file enables the settings of server certificate on the HDvM - SN management client to enhance communication security.
Storage Device Launcher: This application is required to start HDvM - SN in the Adobe AIR environment. Storage Device Launcher is contained only in the setup file for Windows.
When the HDvM - SN secondary window is opened, you must enable the .jnlp file included in the setup file.
Note: You must perform the following procedure each time the SVP firmware is upgraded.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
34
�Verifying the SVP server certificate
Procedure
1. From the Menu bar, click Tool > Download. 2. Download the Web Console Launcher tool for Windows or UNIX.
Note: When you download a file, make sure you click Save within 30 minutes after the window for selecting a download destination folder appears. If you click Save after 30 minutes have elapsed, an error message (20121-107091) appears. If this error message is displayed, retry downloading the file.
3. Expand and execute the download file by the following OS method:
Windows: Expand the file, right click WCLauncher\Setupwin.bat and execute it by selecting Run as Administrator. If the SVP certificate has been updated, run SecurityToolWin.bat to register the root certificate or self-signed certificate for the SVP.
UNIX:Enter tar zxvf WCLauncher_unix.tgz to expand the file. In the directory to which the file was expanded, enter sudo sh and setupunix.sh to run the shell script. If the SVP certificate has been updated, run SecurityToolUnix.sh to register the root certificate or self-signed certificate for the SVP.
Note: When you execute Web Console Launcher, Java8 is disabled.
Next steps Each time you open the HDvM - SN secondary window with Java 11 or later, you must enable the .jnlp file using Web Console Launcher.
Caution:
Do not delete or move the WCLauncher_win folder. This folder contains files required to run Web Console Launcher.
When you are using SVP microcode version 90-08-81/00 or later, if you update Web Console Launcher from an SVP with microcode version earlier than 90-08-81/00, perform the following:
Verify that [Error] is not output to LauncherBatch.log in the installation-directory-of-Web Console Launcher\WCLauncher \log directory at the time (on the management client) the HDvM - SN secondary window is opened for the first time after the update. If [Error] is output, restart the management client to open the HDvM - SN secondary window again.
Verifying the SVP server certificate
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
35
�Verifying the SVP server certificate
If you updated the initial SVP certificate, you can verify whether the connection destination is correct by registering the server certificate or self-signed certificate for the SVP on the Device Manager - Storage Navigator (HDvM - SN) management client. When verification is enabled, if verification fails, the communication is interrupted, and starting the HDvM - SN secondary window fails. Even when verification is disabled, verification processing is performed. In this case, if verification fails, a confirmation window appears indicating the following message:
The certificate security verification for the TLS communication cannot be performed. Are you sure you want to stop the certificate security verification to continue the connection?
After you click Confirm, the communication continues.
If the server certificate registered on the SVP is a signed public key certificate issued by a Certificate Authority (CA), register the root certificate of the CA on the HDvM - SN management client. If the server certificate is a self-signed certificate, register the server certificate registered on the SVP onto the HDvM - SN management client. A certificate that can be registered on the HDvM - SN management client is in X509 PEM or X509 DER format.
Table 1
Verification item Validity period verification Revocation verification
SAN/CN verification
What is verified?
Note
Verifies whether the server certificate is within the validity period.
Before you verify the validity, ensure that the validity period for the server certificate registered on the SVP is not expired.
Verifies whether the server certificate is not invalidated by using the CRL (list of digital certificates that were invalidated before the expiration date) or OCSP (online check).
You need a network environment in which the CRL repository or OCSP responder can be accessed from the HDvM - SN management client.
Verifies whether the host name (including FQDN) or IP address (IPv4 or IPv6) that is specified for SAN (Subject Alternative Name: additional name that is an extension of CN) or CN (Common Name) in the server certificate is the same as the connection destination.
The host name or IP address of the SVP that you specify as the connection destination on the HDvM SN management client must be contained in SAN or CN in the server certificate registered on the SVP. For the IP address, specify the IP address displayed in the HDvM - SN main window.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
36
�Registering a certificate on the HDvM - SN management client (Windows)
Verification item Certificate chain verification
What is verified?
Note
Verifies whether the root certificate, intermediate certificates, and server certificate are correctly associated with each other in the certificate chain.
If the sever certificate is signed by an intermediate CA, all intermediate certificates including the server certificate must be registered in the certificate to be registered on the SVP.
Caution: If you did not update the initial SVP certificate, disable the verification function to continue the communication as it did before. If you enable the verification function, verification fails, the communication is interrupted, and starting the HDvM - SN secondary window fails.
Registering a certificate on the HDvM - SN management client (Windows)
If you updated the initial SVP certificate, you must register the root certificate or self-signed certificate for the SVP on the Device Manager - Storage Navigator (HDvM - SN) management client.
Before you begin You must have logged into the HDvM - SN management client.
Procedure 1. Store the certificate file on the HDvM - SN management client. 2. Open a command prompt with administrator permissions. 3. Move the current directory to the folder to which the downloaded file was expanded. 4. Run the following command. SecurityToolWin.bat import alias-of-the-SVP path-to-the-certificate Example: SecurityToolWin.bat import SVP1 "C:\monitor\cert.crt" 5. Ensure that the trust store WCLauncher.dat exists in the current directory.
Viewing a certificate on the HDvM - SN management client (Windows)
You can view the root certificate or self-signed certificate that is registered on the Device Manager - Storage Navigator (HDvM - SN) management client.
Before you begin You must have logged into the HDvM - SN management client.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
37
�Deleting a certificate on the HDvM - SN management client (Windows)
Procedure 1. Open a command prompt with administrator permissions. 2. Move the current directory to the folder to which the downloaded file was expanded. 3. Run the following command: SecurityToolWin.bat list 4. Check the displayed contents Output example:
Alias name: abc Creation date: 2020/05/14 Entry type: trustedCertEntry Owner: EMAILADDRESS=svp@str.hitachi.co.jp, CN="Hitachi, Ltd.", OU=IT Platform Division Group, O="Hitachi, Ltd.", L=Odawara, ST=Kanagawa, C=JP Issuer: EMAILADDRESS=svp@str.hitachi.co.jp, CN="Hitachi, Ltd.", OU=IT Platform Division Group, O="Hitachi, Ltd.", L=Odawara, ST=Kanagawa, C=JP Serial number: dc52873fdb5cc76b Valid from: Fri Apr 18 09:16:04 GMT+09:00 2014 until: Thu Apr 18 09:16:04 GMT +09:00 2024 Certificate fingerprints: MD5: B3:A5:60:17:17:91:9D:0E:F7:31:DC:1C:06:FA:51:CA SHA1: 43:14:DF:80:1D:64:AA:09:B8:F3:1C:13:74:2B:7E:95:1D:2F:E9:6F SHA256: 9B:A8:68:45:95:91:3C:72:9B:4C:6A:FE:BB:B9:32:F0:04:E5:9E:DF:B1:47:2F:59:EA:0C:26: 1A: BC:70:E8:15 Signature algorithm name: SHA256withRSA Version: 1
Deleting a certificate on the HDvM - SN management client (Windows)
You can delete the root certificate or self-signed certificate that is registered on the Device Manager - Storage Navigator (HDvM - SN) client.
Before you begin You must have logged into the HDvM - SN management client.
Procedure 1. Check the alias of the SVP connected by using the root certificate or self-signed certificate that is registered on the HDvM - SN management client. 2. Open a command prompt with administrator permissions. 3. Move the current directory to the folder to which the downloaded file was expanded. 4. Run the following command: SecurityToolWin.bat delete alias-of-the-SVP Example: SecurityToolWin.bat delete SVP1
5. Ensure that the certificate was deleted.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
38
�Setting server verification on the HDvM - SN management client (Windows)
Setting server verification on the HDvM - SN management client (Windows)
You can enable or disable server verification on the Device Manager - Storage Navigator (HDvM - SN) management client.
Before you begin You must have logged into the HDvM - SN management client.
Procedure 1. Open a command prompt with administrator permissions. 2. Move the current directory to the folder to which the downloaded file was expanded. 3. Run the following command: SecurityToolWin.bat verify setting-value Example: SecurityToolWin.bat verify enable
Note: If you specify enable, a security settings command file is created in the folder that stores command files. If you specify disable, the security settings command file is deleted.
Viewing whether server verification is enabled on the HDvM - SN management client (Windows)
You can view whether server verification is enabled on the Device Manager - Storage Navigator management client.
Before you begin You must have logged into the HDvM - SN management client.
Procedure 1. Open a command prompt with administrator permissions. 2. Move the current directory to the folder to which the downloaded file was expanded. 3. Run the following command: SecurityToolWin.bat verifysetting 4. Check the displayed contents. Output example: disabled
Viewing the Help on the HDvM - SN management client (Windows)
You can view the Help on the Device Manager - Storage Navigator (HDvM - SN) management client.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
39
�Registering a certificate on the HDvM - SN management client (UNIX)
Before you begin You must have logged into the HDvM - SN management client.
Procedure 1. Open a command prompt with administrator permissions. 2. Move the current directory to the folder to which the downloaded file was expanded. 3. Run the following command: SecurityToolWin.bat help Output example:
Command Line Syntax import <alias> <certificate-file-path> alias: alias of specified certificate certificate-file-path: relative or absolute certificate file path delete <alias> alias: alias of specified certificate list verify <value> value: enable or disable verifysetting help
Registering a certificate on the HDvM - SN management client (UNIX)
If you updated the initial SVP certificate, you must register the root certificate or self-signed certificate for the SVP on the Device Manager - Storage Navigator (HDvM - SN) management client.
Before you begin You must have logged into the HDvM - SN management client.
Procedure 1. Store the certificate file on the HDvM - SN management client. 2. Run the shell as superuser. 3. Move the current directory to the directory to which the downloaded file was expanded. 4. Run the following command as superuser: SecurityToolUnix.sh import alias-of-the-SVP path-to-thecertificate Example: SecurityToolUnix.sh import SVP1 /tmp/cert.crt" 5. Ensure that the trust store WCLauncher.dat exists in the current directory.
Viewing a certificate on the HDvM - SN management client (UNIX)
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
40
�Deleting a certificate on the HDvM - SN management client (UNIX)
You can view the root certificate or self-signed certificate that is registered on the Device Manager - Storage Navigator (HDvM - SN) management client.
Before you begin
You must have logged into the HDvM - SN management client.
Procedure
1. Run the shell as superuser. 2. Move the current directory to the directory to which the downloaded file was expanded. 3. Run the following command as superuser:
SecurityToolUnix.sh list 4. Check the displayed contents.
Output example:
Alias name: test Creation date: 2020/05/14 Entry type: trustedCertEntry Owner: EMAILADDRESS=svp@str.hitachi.co.jp, CN="Hitachi, Ltd.", OU=IT Platform Division Group, O="Hitachi, Ltd.", L=Odawara, ST=Kanagawa, C=JP Issuer: EMAILADDRESS=svp@str.hitachi.co.jp, CN="Hitachi, Ltd.", OU=IT Platform Division Group, O="Hitachi, Ltd.", L=Odawara, ST=Kanagawa, C=JP Serial number: dc52873fdb5cc76b Valid from: Fri Apr 18 09:16:04 JST 2014 until: Thu Apr 18 09:16:04 JST 2024 Certificate fingerprints: MD5: B3:A5:60:17:17:91:9D:0E:F7:31:DC:1C:06:FA:51:CA SHA1: 43:14:DF:80:1D:64:AA:09:B8:F3:1C:13:74:2B:7E:95:1D:2F:E9:6F SHA256: 9B:A8:68:45:95:91:3C:72:9B:4C:6A:FE:BB:B9:32:F0:04:E5:9E:DF:B1:47:2F:59:EA:0C:26: 1A: BC:70:E8:15 Signature algorithm name: SHA256withRSA Subject Public Key Algorithm: 2048-bit RSA key Version: 1
Deleting a certificate on the HDvM - SN management client (UNIX)
You can delete the root certificate or self-signed certificate that is registered on the Device Manager - Storage Navigator (HDvM - SN)r management client.
Before you begin You must have logged into the HDvM - SN management client.
Procedure 1. Check the alias of the SVP connected by using the root certificate or self-signed certificate that is registered on the HDvM - SN management client. 2. Run the shell as superuser.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
41
�Setting server verification on the HDvM - SN management client (UNIX)
3. Move the current directory to the directory to which the downloaded file was expanded. 4. Run the following command as superuser:
SecurityToolUnix.sh delete alias-of-the-SVP Example: SecurityToolUnix.sh delete SVP1 5. Ensure that the certificate was deleted.
Setting server verification on the HDvM - SN management client (UNIX)
You can enable or disable server verification on the Device Manager - Storage Navigator (HDvM - SN) management client.
Before you begin You must have logged into the HDvM - SN management client.
Procedure 1. Run the shell as superuser. 2. Move the current directory to the directory to which the downloaded file was expanded. 3. Run the following command as superuser: SecurityToolUnix.sh verify setting-value Example: SecurityToolUnix.sh verify enable
Note: If you specify enable, a security settings command file is created in the directory that stores command files. If you specify disable, the security settings command file is deleted.
Viewing whether server verification is enabled on the HDvM - SN management client (UNIX)
You can view whether server verification is enabled on the Device Manager - Storage Navigator management client.
Before you begin You must have logged into the HDvM - SN management client.
Procedure 1. Run the shell as superuser. 2. Move the current directory to the directory to which the downloaded file was expanded. 3. Run the following command as superuser: SecurityToolUnix.sh verifysetting
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
42
�Viewing the Help on the HDvM - SN management client (UNIX)
4. Check the displayed contents Output example: disabled
Viewing the Help on the HDvM - SN management client (UNIX)
You can view the Help on the Device Manager - Storage Navigator (HDvM - SN) management client.
Before you begin You must have logged into the HDvM - SN management client.
Procedure 1. Run the shell as superuser. 2. Move the current directory to the directory to which the downloaded file was expanded. 3. Run the following command as superuser: SecurityToolUnix.sh help Output example:
Command Line Syntax import <alias> <certificate-file-path> alias: alias of specified certificate certificate-file-path: relative or absolute certificate file path delete <alias> alias: alias of specified certificate list verify <value> value: enable or disable verifysetting help
Device Manager - Storage Navigator restrictions
Certain actions might cause errors within Device Manager - Storage Navigator or within the browser when using Device Manager - Storage Navigator. To avoid errors when using Device Manager - Storage Navigator, observe the following restrictions.
Note: While the controller model is being upgraded, the Device Manager Storage Navigator windows and buttons might change to the newer version before the controller upgrade is complete. Similarly, while the controller model is being downgraded, the Device Manager - Storage Navigator windows and buttons might change to the older version before the controller downgrade is complete.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
43
�General restrictions
General restrictions
To avoid errors while using Device Manager - Storage Navigator: Do not change the management client clock setting while you are logged in to the SVP. Do not change screen display settings such as resolution or refresh rate. Do not use Microsoft Remote Desktop. Do not use screen savers that change the screen resolution. Do not set the management client to standby or hibernate. Do not allow the management
client battery to discharge far enough so that the management client automatically enters standby or hibernate. If you do, you must restart Device Manager - Storage Navigator. If applicable, disable the auto-login function of any web-based software or web site being used on the management client.
Note: The functions keys, as well as the Home, End, and Delete keys are disabled for Device Manager - Storage Navigator operations.
Web browser restrictions while using Device Manager - Storage Navigator
When using Device Manager - Storage Navigator (HDvM - SN) in a web browser, observe the following cautions and restrictions: When you use a web browser for a long period of time, memory might be heavily used.
Make sure to close and log out of HDvM - SN after each use. Do not change the OS web browser settings (for example, Control Panel > Network and
Internet > Internet Options). If you do and see unexpected results, close the web browser and log in to HDvM - SN again. Do not use the following web browser functions: character encoding, text size, the zoom function, the Ctrl+F (search), Ctrl+A (select all). If you use Back, Next, or web browser shortcut keys such as F5 and Esc, you will be logged out of HDvM - SN. Any settings you made during the session will be lost.
Do not use the button, the Close option in the File menu, or the Alt+F4 shortcut to close the web browser. To close HDvM - SN, click Logout or File > Close in the HDvM SN menu.
If you click a link that is blank or one for which a hyphen is displayed, nothing happens. In Internet Explorer, the window closes automatically when you click Logout in the HDvM -
SN main window. In Google Chrome, the window does not close when you log out.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
44
�Unsupported actions in Windows version of HDvM - SN
Unsupported actions in Windows version of HDvM - SN
The following actions are not supported in any version of Device Manager - Storage Navigator:
The right mouse button does not open a popup menu in the Device Manager - Storage Navigator main window.
The copy (Ctrl+C) and paste (Ctrl+V) shortcuts do not copy and paste text to a text box in Device Manager - Storage Navigator.
No drag-and-drop operation is available in Device Manager - Storage Navigator.
The mouse wheel may not function in the Device Manager - Storage Navigator secondary window.
The web browser zoom function does not work correctly in the Device Manager - Storage Navigator window. When you hold down on the Ctrl key and use the mouse wheel, part of the Device Manager - Storage Navigator window might not be displayed.
Unsupported actions in UNIX version of HDvM - SN
The following actions are not supported in the UNIX version of Device Manager - Storage Navigator:
You cannot change the Device Manager - Storage Navigator window size.
You cannot drag-and-drop objects in the Volume Migration or LUN Manager windows.
If you click the Device Manager - Storage Navigator secondary window when you are using Volume Migration, the Volume Migration window may be fully or partially hidden behind the Device Manager - Storage Navigator window. However you cannot use the front Device Manager - Storage Navigator window.
Close the Volume Migration window before using the Device Manager - Storage Navigator secondary window. If the Volume Migration window is hidden behind the Device Manager Storage Navigator window, click the Volume Migration window to bring it to the foreground, and then close it.
The Close button on the Volume Migration window remains active even if you click Apply while the Volume Migration process is running. If you click Close after clicking Apply, the Volume Migration window closes but the Volume Migration process continues.
The word "Loading..." only appears in the Volume Migration window message dialog box for the first operation. This message does not re-appear after the first operation.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
45
�Applying changes made in Device Manager - Storage Navigator
Applying changes made in Device Manager - Storage Navigator
When applying changes in Device Manager - Storage Navigator, be aware of the following behavior:
When an internal process is running on the SVP (for example, a configuration change, option check, or an operational information acquisition), Device Manager - Storage Navigator processing might be temporarily delayed.
If you request a change to the storage system configuration in the secondary window while another change is being made, an error message appears.
If the error occurs while you are logging in or clicking Apply to implement changes, wait a few minutes, then retry the operation.
If the error occurs while you are either switching between Modify mode and View mode or switching tabs, wait a few minutes, click Refresh on the File menu, and then retry the operation.
When the SVP firmware is being updated, you must exit and restart all web client sessions on the Device Manager - Storage Navigator management client.
When you use Device Manager - Storage Navigator on Windows, the Add or Remove Programs window in the Windows Control Panel might or might not display Device Manager - Storage Navigator. Device Manager - Storage Navigator works in either case.
Updating data after a Volume Migration or Quick Restore operation
During an operation for Volume Migration, ShadowImage, ShadowImage for Mainframe, or Quick Restore, a Device Manager - Storage Navigator window might display old information (data from before the operation) on logical volume (LDEV) configurations. Wait until the operation completes, and then click File > Refresh All to update the Device Manager Storage Navigator window.
Updating data after operations performed with another application
Be aware that it may take time to update the information in Device Manager - Storage Navigator after you have performed an operation on the storage system using another application, such as CCI.
Capacities displayed on the Device Manager - Storage Navigator screen
Unless otherwise specified in this manual, capacity values are rounded down to the second decimal place for TB, GB, or MB or to the nearest integer for Cyl when displayed on the Device Manager - Storage Navigator screen. Therefore, displayed values may be lower than the actual values.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
46
�Caution on LUN ID notation
The value converted from 1Cyl to KB depends on the volume's emulation type. The following table lists cylinder capacities by emulation type.
Open Systems Mainframe
Emulation Type OPEN-V Other -
1 Cylinder Capacity (KB) 960 720 870
Caution on LUN ID notation
The format of LUN IDs in the Device Manager - Storage Navigator main and secondary windows depends on the storage system. The following table describes those differences.
Storage system Virtual Storage Platform 5000 series
USP V/VM Virtual Storage Platform
Format in the main window
Format in secondary windows
Decimal or hexadecimal Default: Decimal
Decimal only
Hexadecimal only
Decimal only
Hexadecimal only
Decimal only
If LUN IDs are displayed in hexadecimal format, you can enter LUN IDs for USP V/VM or VSP as is.
However, if LUN IDs are displayed in decimal format, you must convert them to decimal format before entering them in the Device Manager - Storage Navigator main window.
To switch the LUN ID notation of the Device Manager - Storage Navigator main window between decimal and hexadecimal, use the Edit Information Display Settings window. For details, see Edit Information Display Settings window (on page 546).
Caution on SVP web server restart
The SVP web server might restart automatically due to SVP functions or maintenance operations.
When the SVP web server restarts, take the following actions:
Wait for 10 minutes after the SVP restarted, and then restart Device Manager - Storage Navigator.
If you are using management software with the SVP, also restart the management software 10 minutes after the SVP restarted.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
47
�Caution on SVP web server restart
Caution: When you download a file, make sure you click the Save button within 30 minutes after the window for selecting a download destination folder appears. If you click the Save button after 30 minutes have elapsed, an error message (20121-107091) appears. If this error message is displayed, retry downloading the file.
Chapter 1: Initial setup of the management client
System Administrator Guide for VSP 5000 Series
48
�Chapter 2: Using the Device Manager - Storage Navigator GUI
The Device Manager - Storage Navigator (HDvM - SN) GUI displays the storage system information and allows you to perform operations on the storage system. When you use HDvM - SN on a Windows management client, you can use the HDvM - SN GUI either in a web browser or by using Adobe AIR. When you use HDvM - SN on a UNIX/ Linux management client, you can only use the HDvM - SN GUI in a web browser.
Logging in to HDvM - SN in a browser
There are three ways to log in to Device Manager - Storage Navigator (HDvM - SN) running in a web browser: If you are an administrator, you can log in to HDvM - SN with a one-time-only initial login. If you are a superuser, you can log in first to HDvM - SN to create other user accounts. If you are a HDvM - SN user or administrator, you can log in normally.
Note: If you cannot log in three times with the same user ID, HDvM - SN stops
responding for one minute. This is for security purposes and is not a system failure. The operations (roles) and resource groups that the logged-in user can access are determined when the user logs in. If the roles or resource allocations are changed while the user is logged in, the changes will take effect the next time the user logs back in.
Initial superuser login
When you log in to the storage system for the first time, you must log in as the superuser (includes all permissions) so you can set up the other user accounts.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
49
�Initial superuser login
Important: To prevent unauthorized use of the superuser account, you must change the
password for the superuser account immediately after the initial login. To prevent unauthorized access to the functions available to service
representatives, you must create user accounts that do not have the "Support Personnel (Vendor Only)" role and that have limited access to individual tools. Users that have the "Support Personnel (Vendor Only)" role can perform the same operations as service representatives.
Use the following procedure to log in for the first time by using Device Manager - Storage Navigator.
Procedure 1. Contact customer support to obtain the superuser ID and password. 2. Start a web browser on the management client. 3. In the web browser, enter the URL for your SVP:
https://IP-address-or-host-name-of-SVP/sanproject/
If you changed the port number of the HTTP protocol from the initial value (443), specify the following URL:
https://IP-address-or-host-name-of-SVP:port-number-of-the-protocol/
4. The following actions might be required to open the login window, depending on your environment: If a message indicates that the enhanced security configuration is enabled on the management client, select In the future, do not show this message and then click OK. If the SVP is configured to support SSL-encrypted communication and security messages appear, make sure the certificate is correct and follow the instructions in the dialog box. If a message indicates that certain websites are blocked, you need to add the SVP to the trusted sites zone (see Adding your SVP to the trusted sites zone for Windows Server computers (on page 28)).
5. Type the superuser ID and password, and then click Login. 6. If the Security Information dialog box appears, click Yes.
After you log in, the Device Manager - Storage Navigator main window opens. You can navigate using the menu, tree, or General Tasks. 7. Important: Change the superuser password immediately after you log in to prevent unauthorized use of the superuser account. To change the password, click Settings > User Management > Change Password.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
50
�Logging in to as a user
Logging in to as a user
Use the following procedure to log in to Device Manager - Storage Navigator (HDvM - SN).
Procedure 1. Start a web browser on the management client. 2. In the web browser, specify the following URL:
https://IP-address-or-host-name-of-SVP/sanproject/
3. The following actions might be required to open the login window, depending on your environment: If a message indicates that the enhanced security configuration is enabled on the management client, select In the future, do not show this message and then click OK. If the SVP is set to support SSL-encrypted communication and security messages appear, make sure the certificate is correct and follow the instructions in the dialog box. If a message indicates that certain web sites are blocked, you need to add the SVP to the trusted sites zone (see Adding your SVP to the trusted sites zone for Windows Server computers (on page 28)).
4. Type the user ID and password, and then click Login. 5. If the Security Information dialog box appears, click Yes.
Result After you log in, the HDvM - SN main window opens. You can navigate using the menu, tree, or General Tasks. For instructions on performing operations on the storage system using Device Manager - Storage Navigator, see the applicable user guide (for example, Hitachi Universal Replicator User Guide).
Logging in to HDvM - SN by using AIR
When you log in to HDvM - SN by using Adobe AIR from HARMAN for the first time, Captive Bundle Application (CBA) is downloaded from the SVP to the management client. CBA is the application that enables HDvM - SN to run with AIR. The downloaded file size is about 30 MB. If the CBA version on the SVP is updated later, the new CBA version will be downloaded automatically to the management client. Use the following procedure to log in to HDvM - SN by using AIR for the first time.
Before you begin Storage Device Launcher must be installed on the management client. You must be logged in to the management client as the user who installed Storage Device
Launcher.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
51
�Logging in to HDvM - SN by using AIR
Procedure
1. Open the HDvM - SN login dialog box. You can open the HDvM - SN login dialog box by running Storage Device Launcher on the management client or by opening a web browser and running Storage Device Launcher on the SVP.
To open the HDvM - SN login dialog box by running Storage Device Launcher:
a. If you are logged in to the management client with administrator permissions, on the desktop or in the Start menu, right-click the Storage Device Launcher batch file, and then run it by selecting Run as Administrator.
If Run as Administrator is not displayed, select Open file location under the right-click menu to locate the Storage Device Launcher batch file, and then right-click the Storage Device Launcher batch file and select Run as Administrator.
If you are not logged in to the management client with administrator permissions, on the desktop run the shortcut for the Storage Device Launcher batch file.
Note:
If a security warning or a window blocking the operation is displayed, do not run Storage Device Launcher. Change the properties of the batch file (right-click SDLauncher.bat, click Properties, and then select Unblock in Security), and then run the file.
When you are using SVP firmware version 90-08-81/00 or later, if you update Storage Device Launcher from an SVP with firmware version earlier than 90-08-81/00, perform the following:
Verify that [Error] is not output to LauncherBatch.log in the installation-directory-of-Storage Device Launcher\WCLauncher\log directory at the time (on the management client) the HDvM - SN login window is opened for the first time after the update. If [Error] is output, restart the management client to open the HDvM - SN login window again.
b. Enter the IP address or host name of the SVP. c. Specify 443 for the HTTPS port number, and then click Connect.
If a security warning message is displayed, verify that the security certificate is correct, and then follow the instructions in the dialog box.
To open the HDvM - SN login dialog box by opening a web browser and running Storage Device Launcher on the SVP:
a. Start the web browser on the management client with administrator permissions.
b. Enter the following URL in the web browser:
sdlauncher://IP-address-or-host-name-of-SVP/
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
52
�Logging in to HDvM - SN by using AIR
If the HTTPS port number was changed from the default (443), also specify the new port number as follows:
sdlauncher://IP-address-or-host-name-of-SVP:HTTPS-port-number/
Note:
If a security warning or a window blocking the operation is displayed, do not run the file. Change the properties of the batch file (right-click SDLauncher.bat, click Properties, and select Unblock in Security), and then run the file.
When you are using SVP firmware version 90-08-81/00 or later, if you update Storage Device Launcher from an SVP with firmware version earlier than 90-08-81/00, perform the following:
Verify that [Error] is not output to LauncherBatch.log in the installation-directory-of-Storage Device Launcher\WCLauncher\log directory at the time (on the management client) the HDvM - SN login window is opened for the first time after the update. If [Error] is output, restart the management client to open the HDvM - SN login window again.
c. If a warning message appears and the login window does not open:
For Microsoft Edge: If the message "This site is trying to open SDLauncher.bat." appears, click Open in the pop-up window to start Storage Device Launcher.
For Internet Explorer: If a security warning message is displayed, verify that the security certificate is correct, and then follow the instructions in the dialog box.
2. Wait about 10 seconds for the CBA file to be downloaded to the management client. If you are using one management client to access multiple storage systems, CBA is downloaded for each storage system. When the download is complete, the HDvM - SN login dialog box opens. You can close the web browser.
Note: The following actions might be required to open the login window, depending on your environment:
If a message indicates that the enhanced security configuration is enabled on the management client, select In the future, do not show this message, and then click OK.
If the SVP is configured to support SSL-encrypted communication and security messages appear, make sure the certificate is correct and follow the instructions in the dialog box.
If a message indicating that the site is trying to open SDLauncher.bat, click Open in the pop-up window, and then start Storage Device Launcher.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
53
�Changing your password using HDvM - SN
3. Enter the user name and password, and then click Login. If the Security Information dialog box opens, click Yes. When the storage system configuration information is finished loading, the HDvM - SN main window opens.
Changing your password using HDvM - SN
When the system administrator adds users to Device Manager - Storage Navigator, each user is assigned a user ID and an initial password. When you log in to HDvM - SN for the first time using your initial password, you must change your password to prevent unauthorized access to the storage system. You can also change your password on other occasions as needed.
Note: After you change your user password, you must log out and then log back in using your new password to HDvM - SN to continue operations.
Procedure 1. Log in to HDvM - SN with the user ID and password given to you by the administrator. 2. Click Settings > User Management > Change Password. 3. Enter your initial password and your new password on the Change Password window, and then click Finish. 4. In the confirmation window: a. Enter a task name or accept the default task name. b. If you want the Tasks window to open after you click Apply, select Go to tasks window for status. c. Click Apply. 5. If you want to continue operations in HDvM - SN at this time, you must log out and then log back in using your new password.
Disabling use of Flash Player with HDvM - SN
If desired, you can disable use of Flash Player with HDvM - SN after you start using HDvM SN with Adobe AIR from HARMAN.
Note: If an alert about an SVP failover (SIM reference code: 7ff3xx) is issued within 24 hours after disabling use of Flash Player with HDvM - SN, check the setting and change it again if necessary. Depending on the timing of the SVP failover, this setting might not be saved in the SVP after the failover.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
54
�Navigating the Device Manager - Storage Navigator user interface
Before you begin You must have the Storage Administrator (View & Modify) role to perform this task.
Procedure 1. On the management client, open a web browser. 2. Open the Tool Panel on the SVP by specifying the following URL:
https://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. Click Flash Disable/Enable. 4. On the Login dialog box, enter the administrator user ID and password, and then click
Login. 5. In the Flash Disable/Enable dialog box, select Disable, and then click OK.
If the Security Alert dialog box for the certificate opens before you are returned to the Login dialog box, click View Certificate, verify that the certificate is correct, and then click Yes.
Navigating the Device Manager - Storage Navigator user interface
The following figure shows an example of the GUI main window. In this example, Logical Devices has been selected.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
55
�Menu bar
Menu bar
Item File Actions
Description
Click to return to the previous window.
Click to advance to the next window.
Refresh All: Acquires all the information about the storage system and updates both the SVP and Device Manager - Storage Navigator. You must have the Storage Administrator (initial configuration) permissions to use this function.
Logout: Logs the current user out of Device Manager - Storage Navigator.
Provides actions to the storage system such as creating LDEVs or performing replication copy.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
56
�Using the Device Manager - Storage Navigator main window
Item Reports
Settings
View Maintenance Utility Tool Help
Description
Task Management: Manages the tasks that will be applied to the storage system.
Configuration Report: Creates and downloads storage system configuration reports.
Performance Monitor: Monitors performance of the storage system. Shredding Report: Downloads the shredding report.
User Management: Manages Device Manager - Storage Navigator user accounts, including changing passwords.
Resource management: Performs resource group related operations
Security: Performs audit log or encryption operations Environmental Settings: Configures the license, the refresh interval
of the window or an external server. Resets view settings that can be customized, such as width or order of table column.
Changes the font size in the window.
Launches the storage system's maintenance work window.
Download: Displays the dialog box to download the setup files for Web Console Launcher (required to use the HDvM - SN secondary window with Java 11 or later) and Storage Device Launcher (required to start HDvM - SN running with Adobe AIR).
Displays the online help
Using the Device Manager - Storage Navigator main window
You can perform operations by using the main window and wizards.
Procedure 1. Click a function in the resource tree in the Explorer.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
57
�Main window controls
2. If necessary, choose a tab and use a filter to reduce the number of items in the table.
3. Select an item in the table and click a button to open a wizard.
4. Set options in the wizard and click Finish to confirm the setting. 5. Enter a task name and click Apply to apply the setting to the storage system. The
setting is queued as a task and performed in order. Tip: To open the task window after closing the wizard, select Go to tasks window for status and click Apply in the wizard.
6. Open the task window to verify the result of the operation. A task can be suspended or canceled if the processing of the task is not started.
Main window controls
The following figure shows the buttons that appear in the upper left part of the main window.
Buttons
The Back button displays the previous window; the Next button displays the next window. Device Manager - Storage Navigator tracks up to 10 operations and the windows that display depend on the selection from the navigation tree.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
58
�Table Controls The following figure shows the buttons that appear in the upper right part of the main window.
Table Controls
The following figures shows the controls used to view and filter the results in a main window table:
To scroll through pages of the table, use the left and right arrows or type a page number into the number field. To select all rows in the table, click Select All Pages. To display a table column, click Column Settings. If filter is ON, the filtered rows are selected. To sort the table, click the header of the column that you want to use to sort.
When you sort a capacity column, the column will be sorted by bytes regardless of the capacity unit used in the items in the column. Therefore columns in units of cylinders (cyl) may not necessarily be sorted in ascending or descending order of the number of cylinders. Even if the number of cylinders is the same, the capacity may not be the same according to the emulation type.
To save the displayed information to a TSV file, click Export under More Actions. This action is demonstrated in the following figure.
When you change the default file name, confirm that the file name contains the .tsv extension to save the file.
Filtering
To filter the table, select or input the desired filtering conditions and click Apply.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
59
�Tooltip
Note: Users can set up to 16 conditions. When the input condition is wrong, click Apply to clear the condition. Select the attribute whose date and time values must be entered, and then
enter the values. The values of date and time are "YYYY/MM/DD" and "hh:mm:ss", respectively. After you enter the date in the first box, "00:00:00" is displayed in the second
box as a default time value. Edit this value as needed and click Apply.
Tooltip
When text displays in the main window, ellipses (...) may be displayed to show that the text is truncated. If you place the mouse cursor over an ellipsis (...), the full text displays in a tooltip (a small "hover box").
Main window and Modify mode
There is no Modify mode for the Device Manager - Storage Navigator main window. Main window and wizard operations are queued as tasks and performed in order. However, when using a Device Manager - Storage Navigator secondary window, you must be in Modify mode before changing any settings. Secondary window operations are not queued or displayed in the task window.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
60
�Balloon dialog box
Balloon dialog box
When you click an underlined link on the Device Manager - Storage Navigator screen, additional information may appear as a pop-up, which is called a balloon dialog box. The following illustration shows an example of a balloon dialog box.
Updating your user view
If you remain in the same Device Manager - Storage Navigator view while other users make changes to the storage system, these changes do not appear in your view.
To see how long it has been since your view was updated, check the clock in the title bar to the left of the Update button. This clock displays the SVP time, not the time on your local workstation.
To display the number of minutes that have passed since your view was updated, place the cursor over the clock.
To refresh your view, click Update in the top right corner of the title bar.
Note: The SVP supports Simple Network Time Protocol version 4 (SNTPv4) for date and time synchronization.
Reverting to the default view
You can adjust Device Manager - Storage Navigator settings for column width and order, table options, filter conditions, and similar parameters. Device Manager - Storage Navigator saves these settings after you logout. When you login again, your settings appear as you left them in your last session.
You can also return your settings to default.
To return your settings to default, select Settings > Environmental Settings > Reset User's View Settings.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
61
�Download/Upload window for HDvM - SN with AIR
The parts and items that are recorded as user settings are shown in the following table:
Window part
Item
Magnification
-
Summary
Open/Closed
Table
General
Selecting row
Page
Scroll position
Setting column
Column
Sort
Width
Order
Option
Row/Page
Capacity unit
Filter
ON/OFF
Settings
Open/Closed
Wizard
Option part
Open/Closed
LUN ID notation
-
-
1. The default state varies from window to window.
State after reset Normal (100%) Open NA First page Top left Default state1 NA Default state1 Default state1 1000 GB or Cyl OFF NA Closed Default state1 Decimal integer
Download/Upload window for HDvM - SN with AIR
When you use Device Manager - Storage Navigator (HDvM - SN) with Adobe AIR, a character string that depends on the Adobe AIR environment is displayed in the title of the window used for selecting a file to be downloaded or uploaded.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
62
�Enabling the HDvM - SN secondary window
Enabling the HDvM - SN secondary window
The HDvM - SN secondary window runs within the Java Runtime Environment (JRE) on the management client. The secondary window is disabled by default in HDvM - SN and must be enabled by using HDvM - SN, or by using Web Console Launcher when Java 11 or later is installed on the HDvM - SN management client. If the secondary window is not enabled, the following functions are not accessible in HDvM - SN:
Login Message function
Data Retention Utility
Volume Retention Manager
Compatible PAV
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
63
�Using Device Manager - Storage Navigator secondary windows
Compatible XRC Server Priority Manager
Before you begin Required role: Storage Administrator (View Only)
Procedure 1. From the Settings menu, click Environmental Settings > Edit Information Display Settings. The Edit Information Display Settings window opens. 2. In Secondary window, click Enable. 3. Click Apply.
Using Device Manager - Storage Navigator secondary windows
Some Hitachi Device Manager - Storage Navigator operations are performed through secondary window within the Java Runtime Environment (JRE). This section describes requirements, operation methods, notes, and troubleshooting required to use Hitachi Device Manager - Storage Navigator secondary windows.
Secondary window menus and buttons
The following figure shows the Device Manager - Storage Navigator secondary window.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
64
�Secondary window menus and buttons
The following table describes the menus and buttons accessible in the window.
Item Title bar
File > Refresh All
Description
Provides information about the connected storage system.
IP indicates the IP address of the SVP.
S/N indicates the serial number.
D/N indicates the device name specified in the Edit storage system window.
Updates the information on the SVP. All information displayed on the Device Manager - Storage Navigator secondary window is reacquired from the storage system. We recommend that you use this command only when error recovery is required.
Takes time until the processing has been completed.
While updating, other users are not allowed to perform any operation on the Device Manager - Storage Navigator windows. Maintenance of the storage system or the SVP operation by the service personnel is not allowed, either.
Available only for the user with Storage Administrator (Initial Configuration) role.
Available only when the user is in Modify mode.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
65
�HDvM - SN secondary windows and Modify mode
Item
File > Refresh File > Close Go menu Help menu
View Modify Logged in as Logout Apply
Cancel
Description The information may not display correctly if SVP maintenance is in
progress. Try this command if the configuration information displayed on the
Device Manager - Storage Navigator differs from the actual configuration information that can be recognized from the host.
Displays the latest information on Device Manager - Storage Navigator.
Closes the Device Manager - Storage Navigator secondary window
Indicates software names
About: Opens the About dialog box to show the version of the storage system.
Allows users to switch the operation mode between Modify and View. The button always shows the current user operation mode. To change the modes, click the button. You cannot switch to the Modify mode while any other user is operating in the Modify mode.
Shows the user ID of the currently logged-in user.
Closes the Device Manager - Storage Navigator secondary window.
Implements all the changes or settings displayed in blue bold italics. This button is available only in Modify mode. You can create and store up to 20,000 settings or operations before actually applying them to the storage system. To avoid a possible error, do not apply more than 20,000 settings at a time.
Cancels the changes or settings made on the window. This button is available only in Modify mode.
HDvM - SN secondary windows and Modify mode
A secondary window opens when you click a command from the Device Manager - Storage Navigator menu. To make settings in a secondary window, you must change to Modify mode
by clicking . Modify mode prohibits other users or programs from changing the storage system setting. As soon as you close the secondary window, Modify mode is released.
Modify mode has a timeout period. If you do not access SVP before the end of the timeout period, Modify mode is released. On some windows, the settings made but not yet applied to the storage system will be canceled.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
66
�Resetting the secondary window
Resetting the secondary window
The Device Manager - Storage Navigator secondary window is reset when you do any of the following: Click Apply or Cancel Click Refresh or Refresh All on the File menu Switch tabs
Cautions when using secondary windows
If you use IPv6 to display the Device Manager - Storage Navigator main window when both IPv4 and IPv6 are available, IPv6 addresses are displayed in the Device Manager - Storage Navigator secondary window but actually IPv4 communication is used. The mouse wheel may not function in the Device Manager - Storage Navigator secondary
window. If you accept other processing while you are changing the configuration of the storage
system on the secondary window, an error occurs. If an error occurs when you try to log in or when you click Apply, wait awhile and log in
again. If an error occurs when you switches operation modes (View/Modify) or tabs, wait awhile
and click File > Refresh.
Java updates
Note: If you use Web Console Launcher to display the Device Manager - Storage Navigator secondary window, the following task is not required.
Some Device Manager - Storage Navigator operations are performed using Java applications. You may be prompted to update the Java application when navigating to these operations, as shown in the following figure.
Note: The Java Update Needed dialog box appears when a newer version of Java is available. Depending on your environment, the appearance of this dialog box might differ.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
67
�Troubleshooting secondary windows
Note the following: To download and install the recommended Java version, click Update (recommended). If
the secondary window does not display after the update is complete, see Enabling the HDvM - SN secondary window (on page 63).
To prevent Java content from displaying in the current browser session, click Block. If the secondary window does not display after the update is complete, see Enabling the HDvM - SN secondary window (on page 63).
To use the currently installed Java version, click Later. The Device Manager - Storage Navigator secondary window for the application you are using opens. After you click Later, if the error 20020-108000 appears, open the Device Manager Storage Navigator main window, and then open the secondary window again.
To prevent this dialog box from appearing again, check Do not ask again until the next update is available.
Troubleshooting secondary windows
The following tables list error conditions in the Device Manager - Storage Navigator (HDvM SN) secondary window and provide recommended actions to resolve the errors. Java application errors (on page 68) No response errors (on page 75) Incorrect display errors (on page 78) Other secondary window errors (on page 80)
Java application errors
Error condition
Probable cause / recommended action
When you click the HDvM - SN menu, the system does not respond. One minute later, application error (20020-108000) occurs.
The pop-up blocker function of your web browser might restrict HDvM - SN. If the problem still continues after you perform the
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
68
�Troubleshooting secondary windows
Error condition
Probable cause / recommended action
operation multiple times, perform one or both of the following actions:
Disable the pop-up blocker function of your web browser.
Disable the pop-up blocker function of any browser plug-in/add-on.
If neither of the above can be performed in Microsoft Edge or Internet Explorer, you can open the window by clicking the HDvM - SN menu while holding down the Ctrl key.
Another possible cause is that a Java application was not allowed to start. If a message appears and asks if you want to run an application, click Run.
If none of the above actions solve the problem, reinstall the JRE.
When you click the HDvM - SN menu, a message appears asking you to download the file SJsvlSNStartServlet.do or SJsvlAppStartServlet.do. One minute later, the application error (20020-108000) occurs.
The possible causes are that the JRE is not installed in the management client, the JRE installation failed, or the JRE add-on is disabled on the web browser. Cancel the message, and install the JRE. If the JRE is already installed, reinstall it.
When you click the HDvM - SN menu, a message appears asking you to save a .jnlp file.
Perform the following to save the encrypted page:
1. Open the Windows Internet Options window (Control Panel > Network and Internet > Internet Options).
2. In the Internet Properties dialog box, select the Advanced tab, clear the check box for Do not save encrypted pages to disk, and then click OK.
When you click the HDvM - SN menu, a message regarding the web browser (for example, "How do you want to open this website?") appears. One minute later, the application error (20020-108000) occurs.
The web browser for HDvM - SN operations might not be set as the default browser on the HDvM - SN web client.
Set the default browser to one of the supported browsers.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
69
�Troubleshooting secondary windows
Error condition The application errors (20020-108000
and 10-6027) occur when you click the HDvM - SN menu. The application error (10-6027) occurs and HDvM - SN terminates when you click the HDvM - SN menu.
When you click the HDvM - SN menu, the system does not respond.
Probable cause / recommended action
If the problem continues after you perform the operation multiple times, see the probable causes listed below.
For Windows: Exit all applications using Java, and then terminate the javaw.exe and javaws.exe applications through Task Manager.
Java on the HDvM - SN web client might have failed to start due to timeout. Close all other applications and perform the HDvM - SN operation again.
The version of HDvM - SN installed on the management client might not match the SVP version. Close all the windows of your web browser and then clear the Java and web browser cache.
The management client might have entered standby or hibernate mode. Restart the management client.
If a proxy server is used for network connections, the proxy cache may be storing the older version of the program. If the problem continues after you clear the Java and web browser caches, contact your network administrator.
The network connection between the SVP and the management client might be blocked by a firewall or some kind of device.
Check the firewall settings and contact your network administrator.
If none of the above actions solve the problem, save the dump file, the Java trace file and the log file on the management client, and report to customer support. Then restart HDvM - SN.
If the problem continues after you perform the operation multiple times, close all the HDvM - SN windows and clear the Java and web browser caches.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
70
�Troubleshooting secondary windows
Error condition
Probable cause / recommended action
The application error (1-7050) occurs when you click the HDvM - SN menu.
The version of HDvM - SN installed on the management client might not match the SVP version. Close all the windows of your web browser and then clear the Java and web browser caches. In addition, if a proxy server is used for network connections, the proxy server cache may be storing the older version of the program. If the problem continues after you clear cache of both Java and web browser, contact your network administrator.
Java console is grayed out and does not start when you try to open the HDvM - SN secondary window (Java application).
Restart the management client, or terminate the HDvM - SN process with one of the following methods:
For Windows: Exit all applications using Java, and then terminate the javaw.exe and javaws.exe applications through Task Manager.
For UNIX: Exit all applications using Java, and then terminate javaw and javaws with the kill command.
A message box remains displayed when opening the HDvM - SN secondary window (Java application). The HDvM - SN secondary window does not appear for a long time.
Restart the management client, or terminate the HDvM - SN process with one of the following methods:
For Windows: Exit all applications using Java, and then terminate the javaw.exe and javaws.exe applications through the Task Manager.
For UNIX: Exit all applications using Java, and then terminate javaw and javaws with the kill command.
A message remains displayed when the HDvM - SN secondary window opens and the system does not respond.
The SVP may be set as an exception on the proxy setting of the web browser.
Make the settings the same on the Network Configuration dialog box, which is located in the Java Control Panel's General dialog box.
If you open the Java console dialog box by selecting the Java icon on the system tray while opening the HDvM - SN secondary window (Java application), the browser and Java console may stop responding.
Do not open the Java console dialog box while opening the HDvM - SN secondary window. If the browser and Java console stop responding, restart the management client.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
71
�Troubleshooting secondary windows
Error condition
Probable cause / recommended action
When you click the HDvM - SN menu. The application error (20020-108000) occurs.
If the problem continues after you repeat the operation several times, you might have cancelled the display of the secondary window. Restart the management client, or terminate the HDvM - SN process with one of the following methods: For example:
You might have clicked Exit on the Security Warning window.
You might have clicked Cancel on the Warning - Security window.
Close all the HDvM - SN windows and clear the Java and web browser caches.
If the problem continues after you clear both Java and web browser caches, save the HDvM - SN dump file and the Java trace file, and send them to HDvM - SN.
The following message is displayed in HDvM - SN.
Java has discovered application components that could indicate a security concern.
Block potentially unsafe components from being run. (recommended)
The application contains both signed and unsigned code. Contact the application vendor to ensure that it has not been tampered with.
Select Yes to continue using HDvM - SN. If the problem continues, the cause may be one of the following:
The version of HDvM - SN installed on the management client might not match the SVP version. Close all the windows of your web browser and then clear the cache of both Java and the web browser
If a proxy server is used for network connections, the proxy server cache may be storing an older version of the program. Clear the cache of both Java and the web browser. If the problem remains, contact your network administrator.
In Microsoft Edge, the following pop-up
Third-party browser extensions might be
window appears when you open the HDvM - enabled. Disable third-party browser
SN secondary window:
extensions as follows:
"Microsoft Edge has stopped working. A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available."
1. Open the Windows Internet Options window (Control Panel > Network and Internet > Internet Options).
2. In the Internet Properties dialog box, select the Advanced tab, clear the check box for Enable third-party browser extensions under Browsing, and then click OK.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
72
�Troubleshooting secondary windows
Error condition
Probable cause / recommended action
In Internet Explorer, the following pop-up window appears when you open the HDvM SN secondary window.
"Internet Explorer has stopped working. A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available."
Third-party browser extensions of Internet Explorer might be enabled.
Disable third-party browser extensions as follows:
1. In the Windows menu bar, click Tools > Internet Options, and then click the Advanced tab.
2. In the Advanced tab, clear the Enable third-party browser extensions (requires restart) check box.
3. Restart Internet Explorer.
In Internet Explorer, an application error (10-6027) occurs when you open the HDvM - SN secondary window.
The SmartScreen Filter function might be enabled when you use Internet Explorer 8.0 or later. Turn off SmartScreen Filter as follows:
1. In the Windows menu bar, click Safety > SmartScreen Filter > Turn Off SmartScreen Filter.
2. Restart Internet Explorer.
When you open the HDvM - SN secondary window, an error (22252-005003) occurs.
This problem might occur when the SVP firmware is updated. Download WCLauncher again.
In Microsoft Edge, the following message appears at the upper right of the browser window when you open the HDvM - SN secondary window: <file name>.jnlp was blocked because this type of file can harm your device.
Open the HDvM - SN secondary window after performing the following procedure:
1. Click Other actions > Save to save the file.
2. After the file is saved, open the file. (Ignore the Java security warning.)
In Internet Explorer or Google Chrome, either of the following pop-up windows appears when you open the HDvM - SN secondary window.
"Application Blocked by Java Security" or "Application Blocked by Security Settings"
Note: The following Java versions do not allow the HDvM - SN secondary window to open.
Java 7 Update 55 or later
Java 8 Update 5 or later
To start up the window, you need to change Java security settings.
Also, note that the certificate signed to the SVP program might be expired.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
73
�Troubleshooting secondary windows
Error condition
When you open the HDvM - SN secondary window, an error (22252-005002) occurs.
When you try to open the HDvM - SN secondary window, filename.jnlp is opened by an application other than WCLauncher.bat, and the HDvM - SN secondary window cannot be opened.
Probable cause / recommended action
You can perform the application by adding the SVP URL to the exception site list by using the following procedure:
1. Open the Java Control Panel. 2. Click Edit Site List on the Security tab.
Exception Site List is displayed.
3. Click Add. 4. Enter URL. Begin with http:// or
https://
(example: http://IP-address-ofSVP or https://IP-address-ofSVP).
5. Click OK. If Security Warning - HTTP Location is displayed, click Continue.
6. Click OK on the Java Control Panel and close the window.
7. Restart your web browser.
This problem might occur when the SVP firmware is updated. Download WCLauncher again.
If this problem occurs again, collect the HDvM - SN dump files, the Java logs and trace files, and the WCLauncher logs, and then contact customer support.
The .jnlp extension might be associated with an application other than WCLauncher.bat.
To associate the .jnlp extension with WCLauncher.bat on Windows 10, perform the following procedure. If you are using another OS, follow the setting method for the OS. After that, open the HDvM - SN secondary window.
1. Save filename.jnlp that is opened when the HDvM - SN secondary window is opened.
2. Right-click filename.jnlp that was saved in step 1, and then click Open with > Choose another app.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
74
�Troubleshooting secondary windows
Error condition
Probable cause / recommended action
3. In the "How do you want to open this file?" window, select WCLauncher.bat.
If WCLauncher.bat is not displayed, click Look for another app on this PC and select the following WCLauncher.bat: installation-directoryof-Web Console Launcher \WCLauncher\WCLauncher.bat
Make sure that you use the Web Console Launcher that you installed in Using Web Console Launcher to enable the secondary window (Java 11 or later) (on page 34).
4. Select Always use this app to open .jnlp files, and then click OK.
No response errors
Error condition
Probable cause / recommended action
HDvM - SN hangs and does not respond.
HDvM - SN may hang in the following cases:
When you move a window displayed in front of the HDvM - SN secondary window, the area behind the window remains gray and does not go back to normal for a long period of time.
The entire HDvM - SN secondary window goes gray and does not go back to normal for a long period of time.
From the HDvM - SN secondary window, press Ctrl+Alt+Shift+D all at once to exit HDvM - SN.
If you cannot exit HDvM - SN, reboot the management client or restart HDvM - SN after finishing HDvM - SN forcibly by the following way.
For Windows: Exit all applications using Java, and then terminate the javaw.exe and javaws.exe applications through Task Manager.
For UNIX: Exit all applications using Java, and then terminate javaw and javaws with the kill command.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
75
�Troubleshooting secondary windows
Error condition
Probable cause / recommended action
When you click Refresh All or Refresh in the HDvM - SN secondary window, the message "Loading" is displayed for a long time.
The probable causes are:
Another application such as Command Control Interface may be changing configuration. The window will be updated shortly after the configuration change ends.
Volume Migration operations, Quick Restore operations or Thin Image operations may be in progress. The window will be updated shortly after the operations end.
Error 110-67005 occurred during a HDvM SN operation on the secondary window.
The probable causes are:
Another application such as Command Control Interface may be changing configuration.
Volume Migration operations, Quick Restore operations, or Thin Image operations may be in progress.
The configuration data may not be matched if a communication error occurs between the storage system and the SVP. Wait a few minutes and then click File > Refresh All to reread the configuration information. Then launch Device Manager - Storage Navigator again.
While you are using a HDvM - SN secondary Window, it closes unexpectedly and error 20020-108000 occurs.
Start the HDvM - SN secondary window from the HDvM - SN main window again. If this error occurs repeatedly, close all the HDvM - SN windows, and then clear the Java and web browser caches.
The web browser closes abnormally
This problem can occur if a Mozilla process keeps running after Mozilla stops responding. Delete the "java_vm" and "mozilla" processes and continue with HDvM - SN operations.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
76
�Troubleshooting secondary windows
Error condition One of the following sets of errors occurred when using HDvM - SN: 20121-107024 and 10-6027 20020-108000 and 10-6027 10-6027
One of the following sets of errors occurred when starting the HDvM - SN secondary window. 22252-007007 10-6071
Probable cause / recommended action
The probable causes are:
The SVP may have been restarted. Close HDvM - SN, wait 10 minutes, and then restart it.
The version of HDvM - SN installed on the management client might not match the SVP version. Close all the browser windows and then clear the browser cache.
The management client might be in standby or hibernate mode. Restart HDvM - SN.
If a proxy server is used for network connections, the proxy server cache may be storing the older version of the program. If the problem continues after you clear the browser cache, contact your network administrator.
Restart the web browser
If none of the above actions solve the problem, save the HDvM - SN dump file and send it to customer support.
SSL communication from the HDvM - SN management client to the SVP failed due to one of the following causes:
The initial SVP certificate was not updated, but server verification is enabled. Update the SVP certificate. Otherwise, disable server verification.
The entered host name or IP address is wrong. Specify the correct host name or IP address, and then run the operation again.
The SVP certificate was updated, but the root certificate or self-signed certificate was not registered on the HDvM - SN management client. Register the root certificate or self-signed certificate on the HDvM - SN management client.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
77
�Troubleshooting secondary windows
Error condition
Probable cause / recommended action
One of the following causes occurred:
The root certificate or self-signed certificate that was registered on the HDvM - SN management client is wrong.
The host name or IP address of the SVP is different from the one specified for SAN (subjectAltName) or CN (CommonName) in the SVP server certificate.
The SVP server certificate is expired.
The SVP server certificate is invalidated.
The SVP certificate is signed by an intermediate CA, but only the server certificate is registered on the SVP.
Contact the issuer of the certificate to obtain a valid certificate, and then update the SVP certificate.
In TLS security settings, the selected cipher suite does not match the certificate key type. Select the cipher suite that matches the TLS security settings.
Incorrect display errors
Error condition
Only the Exit button and the Refresh and Refresh All commands are effective when accessing the SVP from HDvM - SN.
Only the Exit button and the Refresh All command are effective when accessing the SVP from the HDvM - SN.
The commands in the Go menu are unavailable.
Probable cause / recommended action
The SVP might not be ready to perform some write processes from the other system. Wait a few minutes and then click File > Refresh. If the SVP is not restored, click Refresh All.
An error may have occurred in the SVP. Click File > Refresh All. If the SVP is not restored, log in to HDvM - SN again.
The required software options might not be installed or an error might occur on the window that appears after you click the command.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
78
�Troubleshooting secondary windows
Error condition
Probable cause / recommended action Make sure that all the required software options are installed. If they are installed, do one of the following:
Click File > Refresh.
Click File > Refresh All.
Log in to HDvM - SN again.
When you switch windows from one window to the HDvM - SN window, the HDvM - SN window is not displayed.
Close all windows, and then log in to HDvM - SN again.
The items in a list are not synchronized with Click the scroll buttons or
a scroll bar.
above and below the scroll bar.
The focus disappears from the edit box.
Close all dialog boxes, and then log in to HDvM - SN again.
The web browser is not displayed correctly, because some GUI items such as labels and icons cannot be loaded properly.
Log out of HDvM - SN, and then log in again. If this error occurs before you log in to the HDvM - SN, close all dialog boxes and then log in to HDvM - SN.
The characters are unreadable because they are overlapped or garbled.
Log out of HDvM - SN, and then log in again.
The characters are garbled in a window where a tree is displayed.
Click File > Refresh.
Even though you have clicked Apply to change storage system settings, the new settings are not displayed in HDvM - SN.
Click File > Refresh.
The dialog box that says Loading... stays open for a long period of time.
A HDvM - SN message dialog box other than the dialog box that says Loading... might be displayed behind this window. Press Alt+Tab to switch the dialog box.
If the dialog box that says Loading... remains displayed for several hours after you apply the settings to the storage system, contact customer support.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
79
�Troubleshooting secondary windows
Error condition
Probable cause / recommended action
The following information is not displayed in HDvM - SN windows:
Information on the storage system, such as ports or HDDs
Information configured with another management client
Click File > Refresh. If the problem continues, close all HDvM - SN windows, and then clear the Web browser caches.
The HDvM - SN secondary window is not displayed.
In the Java Control Panel, click the Temporary Internet Files section. In the Disk Space area, enter 1 MB, and then click Delete Files.
Click Security > Java Control Panel. Ensure that Enable Java content for browser and Web Start applications is checked.
Clear the browser cache.
Ensure that Java Plug-in is enabled.
If none of the above actions solve the problem, the web browser might not recognize Plug-in correctly. Initialize and redo the web browser settings.
Even when sever verification is disabled, verification is performed. If this verification fails, a confirmation window appears indicating the following message:
"The certificate security verification for the TLS communication cannot be performed. Are you sure you want to stop the certificate security verification to continue the connection?"
In this window, the Confirm and Cancel buttons are enabled.
To continue the connection by disabling server verification, click Confirm.
To cancel the processing, click Cancel .
Other secondary window errors
Error condition
If you click in a HDvM - SN secondary window while a dialog box is open, the dialog box disappears behind the HDvM SN secondary window.
Probable cause / recommended action Click the dialog box again.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
80
�HDvM - SN secondary window blocked
Error condition
Probable cause / recommended action
An error occurs because a digital signature or security certificate has expired.
You can continue using HDvM - SN even though the digital signature for the HDvM SN Java application is expired.
You specify IPv6 communication addresses when you start HDvM - SN, but IPv6 is not being used. Instead, IPv6 is being used and IPv4 addresses are output to audit logs for operations on the HDvM - SN secondary window.
IPv4 has higher priority when both IPv4 communication and IPv6 communication can be used. As a result, IPv4 may be used when you specify IPv6 communication addresses. Also, IPv4 addresses may appear in audit logs.
Communication from the HDvM - SN management client to the SVP fails.
The connection destination might be wrong, or server verification during SSL communication might have failed.
A root certificate of the SVP cannot be registered.
Verify the path to the certificate specified in the security setting command.
Verify that the specified certificate must be in X509 PEM or X509 DER format.
The communications cannot be established from the management client to the SVP.
The connection destination might not be correct or the server verification during the SSL communications might have not been performed.
When you run the delete and list command of the security setting command, the following message is issued:
"keytool error: java.lang.Exception: the keystore file does not exist: ExportTool.dat".
Keystore has not been created because the import command of the security setting command has not been run. Run the import command, and then rerun the delete and list command.
HDvM - SN secondary window blocked
If you cannot open the HDvM - SN secondary window on a Windows PC, the default browser might not be set to one of the supported browsers (Edge, Google Chrome, Internet Explorer). Set the default browser to one of the supported browsers, and then retry the operation. If Java 7 Update 55 or later or Java 8 Update 5 or later is installed on the management client, execution of the Device Manager - Storage Navigator secondary window application might be blocked. In this case, use the following procedure to change the Java security settings.
Procedure 1. Check the version and update information of Java installed in your management client. Click Start > Control Panel > Java. 2. On the General tab, click About.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
81
�Saving Java log and trace files
3. Check the version and update information of Java, and then close the About Java dialog box. If your PC uses either Java 7 update 55 or later, or Java 8 Update 5 or later, you need to change Java security settings referring to Step 4 and after.
4. Select the Security tab. 5. Click Edit Site List. 6. In Exception Site List, specify the URL of the SVP as follows, and then click Add.
http://IP-address-of-SVP or https://IP-address-of-SVP 7. Click OK. 8. Select the Advanced tab. 9. For Perform signed code certificate revocation checks on, select Do not check (not
recommended), and then click OK. 10. Close the Control Panel.
Saving Java log and trace files
Note: This task is not required when you use Web Console Launcher to display the Device Manager - Storage Navigator secondary window.
Before you contact your service representative, save the detail dump files collected using the Dump tool, and the Java log and trace file on your Device Manager - Storage Navigator computer, and then restart the web browser. Examples of the Windows trace and log file locations are shown below. C:\Users\logon user ID\AppData\LocalLow\Sun\Java\Deployment\log\*.trace C:\Users\logon userID\AppData\LocalLow\Sun\Java\Deployment\log\*.log Examples of the UNIX trace and log file locations follow: user home directory\.java\deployment\log\*.trace user home directory\.java\deployment\log\*.log
Creating a login message
You can create text to be displayed on the Device Manager - Storage Navigator login page. Prerequisites You must have Security Administrator (View & Modify) role to perform this task. You must enable the Device Manager - Storage Navigator secondary window. See
Enabling the HDvM - SN secondary window (on page 63).
Procedure 1. Click Settings > Security > Login Message. The Device Manager - Storage Navigator secondary window opens.
2. Click
to change to Modify mode.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
82
�Creating a login message
3. Enter the message in the window. Alphanumeric characters and symbols can be used in the message. The maximum length of the message is 2,048 characters.
4. Click Apply to save the message and close the dialog box.
Chapter 2: Using the Device Manager - Storage Navigator GUI
System Administrator Guide for VSP 5000 Series
83
�Chapter 3: Configuring the storage system
Initial storage system configuration includes tasks such as entering the storage system information (name, location, contact information), setting the date and time, creating a login message, configuring SMI-S on the SVP, and setting up the syslog server for the audit logs.
Setting storage system information
You can set the name, contact information, and location of the storage system.
Make sure to document the configured values, because they are required to use SNMP agents.
Caution: When changing a setting more than once, ensure that the current setting is complete before changing it again. Otherwise, only the new change will be applied, and the result might be different from what you expected.
Before you begin
You must have the Storage Administrator (Initial Configuration) role to complete this procedure.
Procedure
1. In the Device Manager - Storage Navigator Storage Systems tree, select the storage system.
2. From Settings, click Environmental Settings > Edit Storage System. 3. Enter the items that you want to set.
You can enter up to 180 alphanumeric characters (ASCII codes) excluding several symbols (\ , / ; : * ? " < > | & % ^). Do not use a space at the beginning or the end. 4. Click Finish. 5. In the Confirm window, check the settings and enter a task name in Task Name. 6. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Tasks window opens to show the status of the task.
Setting up security
Device Manager - Storage Navigator supports a variety of security features for authenticating users and configuring secure system operation. Configure the storage system with the security settings appropriate for your environment.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
84
�Managing authentication and authorization servers
Managing authentication and authorization servers
An authentication server enables users to log in to Device Manager - Storage Navigator with the same password as the password that they use for other applications. The authentication server must be configured for each user. The following figure shows the login workflow without an authentication server:
The following figure shows the login workflow with an authentication server:
If an authorization server works together with an authentication server, the user groups that are registered in the authorization server can be assigned to a user for Device Manager Storage Navigator. The following figure shows the login workflow when an authentication server and an authorization server are used in combination:
You can use the authentication server without knowing the host names and port numbers, if you register the information of the authentication server as a service record (SRV) on the DNS server. If you register multiple numbers of authentication servers to the SRV record, you can determine the authentication server to be used, based on the priority that has been set in advance.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
85
�External authentication requirements using authentication server
Caution: If the affiliated user group registered in the external authentication server and
the user group registered locally in the storage system are different, the user group in the storage system has higher priority. You cannot create a load balancer between the SVP and the external authentication server.
External authentication requirements using authentication server
Authentication servers support the LDAP, RADIUS, and Kerberos protocols. The following lists explain requirements for each protocol.
LDAP TLS Security Settings
LDAPv3 simple bind authentication (Note that Bind DN is used for authentication.)
Authentication format The TLS security settings made in Setting SSL/TLS communications using the Tool Panel (on page 115) must be supported.
Root certificate file format for Device Manager - Storage Navigator X509 DER format X509 PEM format
Requirements for root certificate format for Device Manager - Storage Navigator If the public key of the certificate to be updated is RSA, the key length must not be less than the key length that is set for Minimum Key Length (Key Exchange) in the TLS Security Settings dialog box. If the public key of the certificate to be uploaded is ECDSA, the public key parameter must be any of the following: ECDSA_P256 (secp256r1) ECDSA_P384 (secp384r1) ECDSA_P521 (secp521r1) The signature hash algorithm of the certificate must be SHA-256, SHA-384, or SHA-512.
Requirements for certificate for the connected server If the public key of the certificate is RSA, the key length must be 2048 bits or more. If the public key of the certificate to be uploaded is ECDSA, the public key parameter must be any of the following: ECDSA_P256 (secp256r1) ECDSA_P384 (secp384r1) ECDSA_P521 (secp521r1)
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
86
�External authentication requirements using authentication server
The signature hash algorithm of the certificate must be SHA-256, SHA-384, or SHA-512.
The extended profile fields in the X.509 certificate support the following items as specified in RFC5280:
subjectAltName
CRLDistributionPoint
AuthorityInfoAccess
BasicConstraints
KeyUsage
SubjectKeyIdentifier
When setting a host name for Primary Host Name or Secondary Host Name in the Setup Server window (Settings > User Management > View External Authentication Server Properties > Setup Server), enter the host name of the server in subjectAltName or CommonName of the server certificate.
When setting an IP address for Primary Host Name or Secondary Host Name in the Setup Server window (Settings > User Management > View External Authentication Server Properties > Setup Server), enter the IP address of the server in subjectAltName or CommonName of the server certificate.
When using DNS Lookup to connect to an external authentication server, enter the host name of the server in subjectAltName or CommonName of the server certificate.
When you perform a certificate revocation check by using CRL, set the URI of the CRL repository for cRLDistributionPoint (CRL distribution point) of the intermediate certificate and server certificate set on the connected server. The CRL repository must be on the network that can be accessed by the SVP so that the SVP can communicate with the CRL repository. If the SVP cannot communicate with the CRL repository, external authentication fails.
When you perform a certificate revocation check by using OCSP, correctly set the URI of the OCSP responder for authorityInfoAccess (Authority Information Access) of the intermediate certificate and server certificate set on the connected server. The OCSP responder must be on the network that can be accessed by the SVP so that the SVP can communicate with the OCSP responder. If the SVP cannot communicate with the OCSP responder, external authentication fails.
If no DNS server is used, the IP address of the authentication server must be specified for the common name of the certificate.
Check the number of tiers of the certificate chain to be used. The maximum number supported is 20 tiers. Make sure to use a certificate in a certificate chain with no more than 20 tiers.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
87
�External authentication requirements using authentication server
Note: Acquire the root certificate for the authentication server from the authentication
server administrator. The certificates has an expiration date. If the certificate expires, you will not be
able to connect to the authentication server. Make sure to update the certificate before the expiration date. For more information about the certificate management, contact the key management server administrator.
RADIUS Authentication format
RFC 2865-compliant RADIUS PAP authentication CHAP authentication
Kerberos Authentication format
Kerberos v5
Encryption type Windows AES128-CTS-HMAC-SHA1-96 RC4-HMAC DES3-CBC-SHA1
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
88
�External authentication requirements using authentication server
Note:
Two authentication servers (one primary and one secondary) can be connected to a storage system. When using the secondary server, configure the settings considering the following:
For the secondary server, use the same configuration settings as the primary server, except for the host name and the port number.
The same certificate must be used for the primary server and the secondary server.
If you search for a server using information registered in the SRV records in the DNS server, confirm that the following conditions are satisfied. For RADIUS servers, you cannot use the SRV records.
LDAP server conditions: The environmental setting for the DNS server is completed at the LDAP server.
The host name, port number, and domain name of the LDAP server are registered in the DNS server.
Kerberos server conditions: The host name, port number, and domain name of the Kerberos server are registered in the DNS server.
Because UDP/IP is used to access the RADIUS server, encrypted communications, including negotiation between processes, are not used. To access the RADIUS server in a secure environment, encryption in the packet level, such as IPsec, is required.
If you use Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 as an authorization server, the SSL communications cannot be established by using DHE in the default settings. When you use any of these servers as the authentication server, configure the SSL communication settings by using Device Manager - Storage Navigator to disable the cipher suites that use DHE for key exchange.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
89
�External authorization requirements using authorization server
External authorization requirements using authorization server
The authorization server must satisfy the following requirements to work together with the authentication server:
Note: Use an operating system (OS) and software that continue to be supported by the vendor. Operations performed using an OS or software for which vendor support has expired cannot be guaranteed.
Prerequisite OS Windows Server 2008* Windows Server 2008 R2* Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 * Microsoft support for this operating system has expired. Use an operating system for which Microsoft continues to provide support.
Prerequisite software Active Directory
Authentication protocol for user for searching LDAP v3 simple bind (Note that Bind DN is used for authentication.)
TLS security settings The TLS security settings made in Setting up SSL encryption using Device Manager - Storage Navigator (on page 94) must be supported.
Root certificate file format for Device Manager - Storage Navigator X509 DER format X509 PEM format
Requirements for root certificate format for Device Manager - Storage Navigator If the public key of the certificate to be uploaded is RSA, the key length must not be less than the key length that is set for Minimum Key Length (Key Exchange) in the TLS Security Settings dialog box. If the public key of the certificate to be uploaded is ECDSA, the public key parameter must be any of the following: ECDSA_P256 (secp256r1) ECDSA_P384 (secp384r1) ECDSA_P521 (secp521r1) The signature hash algorithm of the certificate must be SHA-256, SHA-384, or SHA-512. The extended profile fields in the X.509 certificate support the following items as specified in RFC5280:
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
90
�External authorization requirements using authorization server
BasicConstraints KeyUsage SubjectKeyIdentifier Authority Key Identifier Certificate Policies Subject Alternative Name Name Constraints Policy Constraints Extended Key Usage Inhibit anyPolicy
Requirements for certificate for the connected server If the public key of the certificate is RSA, the key length must be 2048 bits or more. If the public key of the certificate to be uploaded is ECDSA, the public key parameter must be any of the following: ECDSA_P256 (secp256r1) ECDSA_P384 (secp384r1) ECDSA_P521 (secp521r1) The signature hash algorithm of the certificate must be SHA-256, SHA-384, or SHA-512. The extended profile fields in the X.509 certificate support the following items as specified in RFC5280: BasicConstraints KeyUsage SubjectKeyIdentifier Authority Key Identifier Certificate Policies Subject Alternative Name Name Constraints Policy Constraints Extended Key Usage Inhibit anyPolicy When setting a host name for Primary Host Name or Secondary Host Name in the Setup Server window (Settings > User Management > View External Authentication Server Properties > Setup Server), enter the host name of the server in subjectAltName or CommonName of the server certificate.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
91
�External authorization requirements using authorization server
When setting an IP address for Primary Host Name or Secondary Host Name in the Setup Server window (Settings > User Management > View External Authentication Server Properties > Setup Server), enter the IP address of the server in subjectAltName or CommonName of the server certificate.
If you set an IP address as the host name of the server for a configuration file (created in Connecting authentication and authorization servers (on page 93)), make sure to also set the IP address for subjectAltName or CommonName of a certificate (for a secure communication) that is created along with the configuration file.
When using DNS Lookup to connect to an external authentication server, enter the host name of the server in subjectAltName or CommonName of the server certificate. If the certificate contains both subjectAltName and CommonName, the IP address or the host name that you set for subjectAltName applies.
When you perform a certificate revocation check by using CRL, set the URI of the CRL repository for cRLDistributionPoint (CRL distribution point) of the intermediate certificate and server certificate set on the connected server. The CRL repository must be on the network that can be accessed by the SVP so that the SVP can communicate with the CRL repository. If the SVP cannot communicate with the CRL repository, communication with the authorization server fails.
When you perform a certificate revocation check by using OCSP, correctly set the URI of the OCSP responder for authorityInfoAccess (Authority Information Access) of the intermediate certificate and server certificate set on the connected server. The OCSP responder must be on the network that can be accessed by the SVP so that the SVP can communicate with the OCSP responder. If the SVP cannot communicate with the OCSP responder, communication with the authorization server fails.
If no DNS server is used, the IP address of the authorization server must be specified for the common name of the certificate.
Check the number of tiers of the certificate chain to be used. The maximum number supported is 20 tiers. Make sure to use a certificate in a certificate chain with no more than 20 tiers.
Note:
Acquire the root certificate for the authentication server from the authentication server administrator.
The certificates has an expiration date. If the certificate expires, you will not be able to connect to the authentication server. Make sure to set the expiration date carefully to prepare the certificate.
For more information about the certificate management, consult with the authentication server administrator and manage it appropriately.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
92
�Connecting authentication and authorization servers
Note: When using an LDAP server or a Kerberos server as an authentication server, and combining it with an authorization server, use the same host for the authentication and authorization servers.
When a RADIUS server is used as an authentication server, two authentication servers (one primary and one secondary) can be specified, but only one authorization server can be specified.
If you use Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 as an authorization server, the SSL communications cannot be established by using DHE in the default settings. When you use any of these servers as the authorization server, configure the SSL communication settings by using Device Manager - Storage Navigator to disable the cipher suites that use DHE for key exchange.
Connecting authentication and authorization servers
Before you can connect an authentication server and an authorization server, you must configure your network.
Before you begin
If you have not already done so, obtain a security administrator account with the View & Modify role.
Contact your server administrator for information about the values to be written in the LDAP, RADIUS, or Kerberos configuration file. If you use LDAP servers, the files of the LDAP servers must be certified; obtain certification.
Contact your network administrator for information about the network settings.
Give your service representative the IP address of the DNS server and ask that representative to configure the SVP.
Procedure
1. Click Settings > User Management > View External Authentication Server Properties.
2. Click Setup Server to open the Setup Server window 3. Select the type of the authentication server. 4. Specify options to connect to the authentication server. If you use more than one
authentication server or an authorization server, specify an option for each server. 5. To test the connection, in the Server Configuration Test field, click Check. 6. Click Finish. 7. Enter a task name, and then click Apply. 8. After you finish setting up the authentication and authorization servers and confirm that
you can use the servers, save a copy of the configuration files for connecting the authentication server.
Note: When the SVP High Reliability Kit is used, the settings are automatically linked to the standby SVP.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
93
�Setting up SSL encryption using Device Manager - Storage Navigator
Setting up SSL encryption using Device Manager - Storage Navigator
To improve security of remote operations from a Device Manager - Storage Navigator SVP to a storage system, you can set up Secure Sockets Layer (SSL) encrypted communication. By setting SSL encryption, the Device Manager - Storage Navigator User ID and Password are encrypted.
SSL communication can be established between the management client and the SVP using the protocols and port numbers specified in the following table.
Protocol HTTPS RMI RMI SMI-S
443 11099 51100 5989
Port Number
SSL communication can be established between the following servers and the SVP: Syslog Server Key management server External authentication or authorization server Hitachi Ops Center server Hitachi Command Suite server The user with the Security Administrator (View & Modify) role can configure the following security settings used for the SSL/TLS communications with the SVP by using the Tool Panel dialog box on Device Manager - Storage Navigator: Protocol Cipher suites Minimum key length of keys used for key exchange Enabling renegotiation
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
94
�Setting up SSL encryption using Device Manager - Storage Navigator
Device Manager - Storage Navigator must satisfy the following security requirements: Protocol
TLS1.2 TLS1.3 Cipher suites Cipher suites supported by TLS1.2
TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 Cipher suite supported by TLS1.3 TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 Minimum key length supported by key exchange algorithm RSA: Supports the key length of 2048 bits, 3072 bits, or 4096 bits. It can be used when TLS1.2 is enabled. DHE: Supports the key length of 2048 bits. It can be used when TLS1.2 or TLS1.3 is enabled. ECDHE: Supports elliptic curve parameters of secp256r1, secp384r1, or secp521r1. It can be used when TLS1.2 or TLS1.3 is enabled. Enabling renegotiation It can be used when TLS1.2 is enabled, however it is recommended to disable renegotiation.
Note: To enable SSL, the private and public key pair and SVP server certificate must be valid. If either the keys or the certificate is expired, the user cannot connect to the SVP.
Note: To add the Secure attribute to cookies using Device Manager - Storage Navigator, you must block HTTP communication. For details, see Blocking HTTP communication to the storage system (on page 110).
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
95
�Setting up SSL encryption using Device Manager - Storage Navigator
Note: Device Manager - Storage Navigator supports HTTP Strict Transport Security (HSTS) with a max range of 31,536,000 seconds (1 year). To enable HSTS, you must use the security certificate issued by a trusted root certificate authority for your Device Manager - Storage Navigator domain. HSTS is valid for one year (31,536,000 seconds), and it is renewed automatically every time the HSTS header is sent to the browser. The security certificate to use is determined by the browser. For details, contact your browser vendor.
Note: If HSTS is enabled on a Web application on a server you wish to install Device Manager - Storage Navigator, use a domain that is written to the security certificate specific to each application. If you use the same domain, the HSTS settings are applied to all Web applications that use the domain, and all connections are switched to https. If you have an application that can be accessed only through http, you cannot establish the connection.
Note: The minimum key length supported by the key exchange algorithm set on the TLS Security Setting dialog box in the Tool Panel dialog box is applied when a certificate with RSA public key is set during the communications between the management client and the SVP.
When the following cipher suites are valid, and when a server certificate, root certificate, or client certificate with an RSA public key is uploaded to the SVP, the key length of the RSA public key of the certificate must be longer than the key length selected on the TLS Security Setting dialog box in the Tool Panel dialog box.
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
When the SVP communicates with a Syslog server, key management server, external authentication and authorization server, or Hitachi Command Suite server, the key length of the key exchange key set on the server must satisfy the following:
RSA: 2048 bits or more
DHE: 2048 bits
ECDHE: secp256r1, secp384r1, or secp521r1
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
96
�Setting up SSL encryption using Device Manager - Storage Navigator
Note:
When using a certificate with a key type of ECDSA and a key length of secp521r1, the Tool Panel dialog box might not open depending on the web browser of the HDvM - SN management client. Take the following actions for each web browser:
Internet Explorer
Configure the group policy setting from the management client. For details, see Configuring the ECC curve order (on page 111).
Microsoft Edge or Google Chrome
The certificate with a key type of ECDSA and a key length of secp521r1 cannot be used as of January 2022. If the key type is ECDSA, the key length must be less than secp521r1. For more information about future availability, check the support status of the security settings for the web browser because whether it can be used in the future depends on the web browser specifications.
Firefox
The problem that the Tool Panel dialog box might not open does not occur.
When using a certificate with a key type of ECDSA and a key length of secp521r1, HDvM - SN might not open depending on the web browser of the HDvM - SN management client. Take the following actions for each web browser:
Internet Explorer, Microsoft Edge, or Google Chrome
Configure the group policy setting from the management client. For details, see Configuring the ECC curve order (on page 111).
Firefox
The problem that the Tool Panel dialog box might not open does not occur.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
97
�SSL terminology
SSL terminology
Note the following SSL terms:
Secure Sockets Layer: SSL is a protocol first developed by Netscape to securely transmit data over the Internet. Two SSL-enabled peers use their private and public keys to establish a secure communication session, with each peer encrypting transmitted data with a randomly generated and agreed-upon symmetric key.
Keypair: A keypair is two mathematically-related cryptographic keys consisting of a private key and its associated public key.
Server Certificate: A Server Certificate (also called a Digital Certificate) forms an association between an identity (in this case the SVP server) and a specific keypair. A Server Certificate is used to identify the SVP server to a client so that the server and client can communicate using SSL. Server Certificates come in two basic types:
Self-signed: You generate your owned self-signed certificate and the subject of the certificate is the same as the issuer of the certificate. If the Device Manager - Storage Navigator computers and the SVP are on an internal LAN behind a firewall, you may find that this option provides sufficient security.
Signed and Trusted: For a Signed and Trusted Server Certificate, a Certificate Signing Request (CSR) is sent to and certified by a trusted Certificate Authority (CA) such as VeriSign (http://www.verisign.com/). Use of this certificate results in higher reliability in exchange for more cost and requirements.
If you enable SSL, you must make sure that the key pair and associated server certificate do not expire. If either the key pair or the server certificate expires, users will be unable to connect to the SVP.
Setting up SSL communications
Before you enable SSL encryption, you must create a private key and a public key to establish a secure communication session.
The following figure shows the procedure to set up SSL communication. Unless otherwise noted, all steps are required. Note that creation of private and public keys requires a dedicated program. You can download a program for creating private and public keys from the OpenSSL website (http://www.openssl.org/).
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
98
�Notes on updating the signed certificate to the SVP
Notes on updating the signed certificate to the SVP
Read the following notes about uploading the signed certificate to the SVP:
While the SVP server certificate is being updated, tasks that are being executed or scheduled for execution on Device Manager - Storage Navigator are not executed.
Certificates for RMI communication are updated asynchronously (within approximately two minutes).
If an SVP certificate is updated during Hitachi Command Suite setup operation, the Hitachi Command Suite setup operation will result in an error.
Update of the SSL certificate gives a great influence to the system and may lead to SVP failure. Therefore take sufficient care about the content of the certificate and private key to be set.
After the certificate update is complete, depending on the environment, the SVP web server can take 30 to 60 minutes to restart. When it takes that long, an internal server error occurs, and the update completion dialog box does not display. However, the certificate update is complete.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
99
�Creating a keypair
When using a certificate with a key type of ECDSA and a key length of secp521r1, the Tool Panel dialog box might not open depending on the web browser of the HDvM - SN management client. Take the following actions for each web browser: Internet Explorer Configure the group policy setting from the management client. For details, see Configuring the ECC curve order (on page 111). Microsoft Edge or Google Chrome The certificate with a key type of ECDSA and a key length of secp521r1 cannot be used as of January 2022. If the key type is ECDSA, the key length must be less than secp521r1. For more information about future availability, check the support status of the security settings for the web browser because whether it can be used in the future depends on the web browser specifications. Firefox The problem that the Tool Panel dialog box might not open does not occur.
When using a certificate with a key type of ECDSA and a key length of secp521r1, HDvM - SN might not open depending on the web browser of the HDvM - SN management client. Take the following actions for each web browser: Internet Explorer, Microsoft Edge, or Google Chrome Configure the group policy setting from the management client. For details, see Configuring the ECC curve order (on page 111). Firefox The problem that the Tool Panel dialog box might not open does not occur.
Creating a keypair
To enable SSL, you must create a keypair consisting of a public and a private key on the management client. The instructions use Windows 8.1 as an example.
Creating a private key using the OpenSSL command
A private key is required to create an SSL keypair. The following procedure for Windows systems creates a private key file called server.key in the c:\key folder.
Before you begin Ensure that OpenSSL is stored in C:\Mapp\OSS\apache\bin\openssl on the SVP. (You do not need to install OpenSSL.) If not, download and install openssl.exe from http:// www.openssl.org/ to the C:\openssl folder.
Note: C:\Mapp indicates the installation directory for the storage management software and SVP software. Specify C:\Mapp for the installation directory if another directory is specified for the installation directory.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
100
�Creating a public key using the OpenSSL command
Procedure 1. When you install OpenSSL, if the read-only attribute is set, release it from the c:\openssl folder. (This step is not necessary if you use OpenSSL on the SVP.) 2. Open a command prompt with administrator permissions. 3. Move the current directory to the folder to which the key file is output (such as c:\key), and execute the following command. (The command to be run differs depending on the key type of the private key to be created.) For RSA C:\key>c:\openssl\bin\openssl genrsa -out server.key keylength
For ECDSA C:\key>c:\openssl\bin\openssl ecparam -genkey -name keylength -out server.key
For key-length, you can specify either of the following: For RSA: 2048, 3072, or 4096 For ECDSA: prime256v1 (secp256r1), secp384r1, or secp521r1
Example command input: When the key type is RSA and the key length is 2048 bit:
C:\key>c:\openssl\bin\openssl genrsa -out server.key 2048
When the key type is ECDSA and the key length is 256 bit (secp256r1): C:\key>c:\openssl\bin\openssl ecparam -genkey -name prime256v1 -out server.key
Creating a public key using the OpenSSL command
A public key, which has the file extension .csr, is required to create an SSL keypair. The following procedure is for the Windows operating system.
Before you begin
Download openssl.exe from the OpenSSL website or determine to use OpenSSL on the SVP.
Procedure
1. Open a command prompt with administrator permissions. 2. Move the current directory to the folder to which the key file is output (such as c:\key),
and then execute the following command: c:\key > c:\openssl req -sha256 -new -key server.key -config c:\openssl\bin\openssl.cfg -out server.csr
Note: This command uses SHA-256, SHA-384, or SHA-512 as a hash algorithm. Do not use MD5 or SHA-1 for a hash algorithm due to its low security level.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
101
�Converting the SSL certificates to PKCS#12 format
3. Enter the following information in the prompt: Country Name (two-letter code) State or Province Name Locality Name Organization Name Organization Unit Name Common Name To create a self-signed certificate, enter the IP address of the SVP. The name you entered here is used as the server name (host name). To obtain a signed and trusted certificate, ensure that the server name is the same as the host name. Email Address Challenge password (optional) Company name (optional)
Example The following example shows the contents of a command window when you create a public key.
......++++++ ..++++++ is 65537 (0x10001) C:\key>c:\openssl\bin\openssl req -sha256 -new -key server.key -config c You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. \openssl\bin\openssl.cfg -out server.csr For some fields there will be a default value. If you enter '.', the field will be left blank. ----Country Name (2 letter code) [AU]:JP State or Province Name (full name) [Some-State]:Kanagawa Locality Name (eg, city) []:Odawara Organization Name (eg, company) [Internet Widgits Pty Ltd]:Hitachi Organization Unit Name (eg, section) []:ITPD Common Name (eg, YOUR name) []:192.168.0.1 Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:
Converting the SSL certificates to PKCS#12 format
Uploaded SSL certificates need to be in PKCS#12 format.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
102
�Obtaining a signed certificate
If you are uploading a created private key and the SSL certificate to the management client, you need to convert the SSL certificate to PKCS#12 format. If you are not uploading the SSL certificate, conversion is not required.
Before you begin You must store a private key and SSL certificate in the same folder. In the following procedure:
The private key file name is "client.key". The SSL certificate file name is "client.crt". The SSL certificate in PKCS#12 format is output to c:\key. If you update SSL certificates in a batch, conversion is not required.
Procedure 1. Open a command prompt with administrator permissions. 2. Enter the following command: C:key>c:\openssl\bin\openssl pkcs12 export -in client.crt inkey client.key -out client.p12 3. Enter a password, which is used when uploading the SSL certificate in PKCS#12 format. You can use up to 128 alphanumeric characters and the following symbols: ! # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~ 4. The client.p12 file is created in the C:\key folder. This client.p12 file is the SSL certificate in PKCS#12 format. 5. Close the command prompt.
Obtaining a signed certificate
After creating a private key and public key, obtain a signed public key certificate file. You can use any of these methods to obtain a signed certificate file. Create a certificate by self-signing. See Obtaining a self-signed certificate (on page 103). Obtain a certificate from the certificate authority that is used by your company. Request an official certificate from an SSL certificate authority. See Obtaining a signed
and trusted certificate (on page 104).
Note: When you send a request to a certificate authority, specify the SVPas the host name. Hitachi recommends that self-signed certificates be used only for testing encrypted communication.
Obtaining a self-signed certificate
To obtain a self-signed certificate, open a command prompt and execute the following command:
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
103
�Obtaining a signed and trusted certificate
c:\key>c:\openssl\bin\openssl x509 -req -sha256 -days 10000 -in server.csr -signkey server.key -out server.crt
Note: This command uses SHA-256 as a hash algorithm. MD5 or SHA-1 is not recommended for a hash algorithm due to its low security level.
This command creates a server.crt file in the c:\key folder, which is valid for 10,000 days. This is the signed private key, which is also referred to as a self-signed certificate.
Obtaining a signed and trusted certificate
To obtain a signed and trusted certificate, you must obtain a certificate signing request (CSR), send that file to a Certificate Authority (CA), and request that the CA issue a signed and trusted certificate. Each certificate authority has its own procedures and requirements. Use of this certificate results in higher reliability in exchange for greater cost and requirements. The signed and trusted certificate is the signed public key.
Creating private and public keys using the Tool Panel dialog box
You can create a CSR (public key), private key, and self-signed certificate using the Tool Panel dialog box. If you want the certificate authority to issue a certificate, create a CSR and private key, and then send the CSR to the certificate authority.
Caution: Creating private and public keys take approximately 6 seconds, which differs
depending on your environment. Do not use the CSR created in this procedure, the certificate created using the
private key, and the self-signed certificate created in this procedure for the purposes other than Device Manager - Storage Navigator.
Before you begin You must have Security Administrator (View & Modify) role to perform this task
Procedure 1. Close all Device Manager - Storage Navigator sessions on the SVP. 2. On the management client, open a web browser and enter the following URL to open the Tool Panel dialog box. http://IP-address-or-host-name-of-SVP/cgi-bin/utility/ toolpanel.cgi 3. In the Tool Panel dialog box, click Create CSR and Self-Signed Certificate. The Create CSR and Self-Signed Certificate login dialog box opens. If SSL communication has been established, the Security Alert dialog box opens before the login dialog box opens. In the Security Alert dialog box, click OK. If the Security Alert dialog box for the certificate opens, click View Certificate to display the certificate. Confirm that the certificate is correct, and click Yes.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
104
�Releasing an SSL certificate passphrase
4. In the Create CSR and Self-Signed Certificate login dialog box, enter the administrator user ID and password, and click Login. The Create CSR and Self-Signed Certificate dialog box opens.
5. In the Create CSR and Self-Signed Certificate dialog box, enter the required items. After you have completed the entries, perform either of the following operations depending on whether you create a self-signed certificate. When you create a self-signed certificate, go to step 6 without clicking Create CSR File and Key File. When you do not create a self-signed certificate, go to step 7 after clicking Create CSR File and Key File.
6. If you create a self-signed certificate, select the check box for Create Self-Signed Certificate. In the Profile field, select either of Default or Custom: Default: If you select Default, 365 days is set as the validity period of the certificate. If you can accept the default settings, click Create Self-Signed Certificate File. Custom: If you select Custom, the .cfg file allows you to specify the number of days that the self-signed certificate is valid. Click Browse or Select File to select the .cfg file. The name of the button to click depends on the browser. And then click Create Self-Signed Certificate File.
Note: It is recommended that the self-signed certificate be valid for less than 825 days (27 months).
7. After step 5 or step 6 is complete, the Download File window is displayed. Click Save, and then confirm that the created self-signed certificate file is stored in the specified folder.
8. In the Create CSR and Self-Signed Certificate dialog box, click Close. The Create CSR and Self-Signed Certificate dialog box is closed, and then the Tool Panel dialog box is displayed.
Releasing an SSL certificate passphrase
An SSL certificate cannot be uploaded to the SVP if the passphrase is set. If the passphrase is set, use the following procedure to release the passphrase for the SSL certificate before applying it to the SVP.
Before you begin The private key (server.key file) must have been created. OpenSSL must be installed. In this procedure, it is installed in C:\openssl. All users must be logged out of Device Manager - Storage Navigator.
Procedure 1. On the SVP, open a command prompt with administrator permissions. 2. Move the current directory to the folder containing the key file (for example, C:\key).
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
105
�Uploading a signed certificate
3. Execute the following command.
Caution: Executing this command will overwrite the current key file. To prevent loss of the key file, either back up the key file before executing the following command, or specify a different key file input destination and output destination when executing the following command.
C:\key>C:\openssl\bin\openssl rsa -in key-file-input-destination -out key-fileoutput-destination
4. When Enter pass phrase for server.key: is displayed, enter the passphrase. The passphrase in the SSL private key is released, and the SSL certificate can be applied to the SVP.
Example (when passphrase is set) When the key type is RSA:
C:\key>C:\openssl\bin\openssl rsa -in server.key -out server.key Enter pass phrase for server.key:
When the key type is ECDSA:
C:\openssl\bin\openssl ec -in server.key -out server.key read EC key Enter PEM pass phrase:
Example (when passphrase is not set) When the key type is RSA:
C:\key>C:\openssl\bin\openssl rsa -in server.key -out server.key writing RSA key
When the key type is ECDSA:
C:\openssl\bin\openssl ec -in server.key -out server.key read EC key writing EC key
Uploading a signed certificate
To use SSL-encrypted communication, you must update and upload the private key and the signed server certificate (Public Key) to the SVP.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
106
�Uploading a signed certificate
Before you begin
You must have the Storage Administrator (Initial Configuration) role to perform this task.
You must be logged into the SVP.
A private key (.key file) has been created. Make sure that the file name is server.key. The passphrase for the private key (server.key file) is released. A signed public key certificate (.crt file) has been acquired. Make sure that the file name
is server.crt. You must be an external authentication user whose external user group mapping is
disabled, or a local authentication user.
If the public key of the certificate to be uploaded is RSA, the key length must not be less than the key length that is set for Minimum Key Length (Key Exchange) in the TLS Security Settings dialog box.
The signature hash algorithm of the certificate to be uploaded must be SHA-256, SHA-384, or SHA-512.
The extended profile fields in the X.509 certificate support the following items as specified in RFC5280:
subjectAltName
CRLDistributionPoint
AuthorityInfoAccess
BasicConstraints
KeyUsage
SubjectKeyIdentifier
Enter the host name or the IP address of the SVP in subjectAltName or CommonName of the certificate to be uploaded.
If the public key of the certificate to be uploaded is ECDSA, the public key parameter must be any of the following:
ECDSA_P256 (secp256r1)
ECDSA_P384 (secp384r1)
ECDSA_P521 (secp521r1)
When you perform a certificate revocation check by using CRL, set the CRL repository URI for the cRLDistributionPoint (CRL distribution point) of the intermediate certificate and server certificate.
When you perform a certificate revocation check by using OCSP, set the OCSP responder URI for authorityInfoAccess (Authority Information Access) of the intermediate certificate and server certificate.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
107
�Uploading a signed certificate
When you perform a certificate revocation check on the management client, the CRL repository or the OCSP responder must be on the network that can be accessed by the management client so that they can be accessed by the management client. If the management client cannot communicate with the CRL repository or the OCSP responder, the connection to Device Manager - Storage Navigator is established without certificate revocation check.
If an intermediate certificate exists, prepare a signed public key certificate file (server.crt) that has a certificate chain that includes the intermediate certificate.
The number of tiers of the certificate chain for the certificate to be uploaded must be 20 tiers or fewer including the root CA certificate.
When using a certificate with a key type of ECDSA and a key length of secp521r1, make sure to use Internet Explorer or Firefox as the web browser of the HDvM - SN management client.
In Internet Explorer, configure the group policy setting from the management client before this operation. For details, see Configuring the ECC curve order (on page 111). The Tool Panel dialog box might not open if you do not configure the ECC curve order.
In Microsoft Edge or Google Chrome, the certificate with a key type of ECDSA and a key length of secp521r1 cannot be used as of January, 2022. If the key type is ECDSA, the key length must be less than secp521r1. For more information about the future availability, check the support status of the security settings for the web browser because whether it can be used in the future depends on the web browser specifications.
Procedure
1. Close all Device Manager - Storage Navigator sessions on the SVP. 2. On the management client, open a web browser and enter the following URL to open
the Tool Panel dialog box.
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. In the Tool Panel dialog box, click Update Certificate Files. If SSL communication has been established, the Security Alert dialog box opens before the login dialog box opens. In the Security Alert dialog box, click OK. The Security Alert dialog box closes and the Login dialog box opens.
4. In the Login dialog box, enter the administrator user ID and password, and click login. The Upload dialog box opens.
5. In the Upload dialog box, enter the public key certificate file name in the Certificate file box and the private Key file name (server.key file) in the Key file box. You can enter the file names directly or by clicking Browse or Select File. The name of the button to click depends on the browser.
6. In the dialog box, confirm the messages about a possible TLS communication failure and recommendations, and then select the check box for I understood that I canceled HTTP blocking or TLS communication might fail.
7. In the Upload dialog box, click Upload. A confirmation dialog box opens.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
108
�Returning the certificate to default
8. Click OK to begin the certificate update. When the update is complete, the SVP web server restarts. Depending on the environment, the SVP web server can take 30 to 60 minutes to restart. When it takes that long, an internal server error occurs, and the update completion dialog box does not display. However, the certificate update is complete.
It can take 30 to 60 minutes for the web server to restart. After the SVP restarts, the Completion dialog box does not appear. Instead, an "internal server error" message is displayed. However, the setting is actually completed.
9. In the error message box, click OK. If the Security Alert dialog box for the certificate opens, click View Certificate to display the certificate. Confirm that the certificate is correct, and click Yes.
Note: If an error occurs during the certificate update, an error message displays. Resolve the problem described in the error message and then repeat this procedure, starting with Step 4 (login) above.
Returning the certificate to default
You can return the certificate that was updated by the procedure in Uploading a signed certificate (on page 106) to default.
Before you begin
You must have the Storage Administrator (Initial Configuration) role to perform this task.
You must be an external authentication user whose external user group mapping is disabled, or a local authentication user.
Procedure
1. Close all Device Manager - Storage Navigator sessions on the SVP. 2. On the Device Manager - Storage Navigator computer, open a web browser and enter
the following URL to open the Tool Panel dialog box.
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. In the Tool Panel dialog box, click Update Certificate Files. The Update Certificate Files login dialog box opens. If SSL communication has been established, the Security Alert dialog box opens before the login dialog box. In the Security Alert dialog box, click OK.
4. In the Login dialog box, enter the administrator user ID and password, and click login. The Upload dialog box opens.
5. In the Upload dialog box, click Return to Default. A confirmation dialog box opens. 6. Click Yes to confirm and close the dialog box.
When the certificate update is complete, the SVP Web server restarts to show the update. When the restart is complete, the Update Completion dialog box opens. 7. In the Update Completion dialog box, click OK. The dialog box closes and the display returns to the Login dialog box.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
109
�Blocking HTTP communication to the storage system
Note: If an error occurs during the certificate update, an error message appears. Resolve the problem described in the error message and then repeat this procedure, starting with Step 4 (login) above.
Note: If the Security Alert dialog box for the certificate opens at other times, click View Certificate to confirm that the certificate is correct and then click Yes.
Blocking HTTP communication to the storage system
If the web server supports SSL (HTTPS), the HTTP setting tool allows you to block access to port 80. When you block access to port 80, the connection used to import the certificate from the web browser to the web server occurs on port 443 (HTTPS). If you are using Hitachi Command Suite to access Device Manager - Storage Navigator, blocking HTTP communication might interfere with that access. Make sure the Hitachi Command Suite can use SSL communication to access Device Manager - Storage Navigator.
Before you begin You must have the Storage Administrator (Initial Configuration) role to perform this task. You must be an external authentication user whose external user group mapping is
disabled.
Procedure 1. Close all Device Manager - Storage Navigator sessions on the SVP. 2. On the Device Manager - Storage Navigator computer, open a web browser and enter the following URL to open the Tool Panel dialog box.
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. In the Tool Panel dialog box, click Set up HTTP Blocking. A login dialog box opens. 4. In the Login dialog box, enter the storage administrator user ID and password, then
click Login. The Set up HTTP Blocking dialog box opens. 5. In the dialog box, click OK. A confirmation dialog box opens. 6. In the confirmation dialog box, click OK to implement HTTP blocking.
When the configuration change is complete, the SVP web server restarts. When the restart is complete, the HTTP Communications Blocked dialog box opens. Depending on the environment, it can take 30 to 60 minutes for the web server to restart. If it does, after the SVP restarts, the Completion dialog box does not appear. Instead, an "internal server error" message appears. However, the setting is actually completed.
7. Click OK to continue the operation and return to the Login dialog box, or click Cancel to cancel the operation and return to the Login dialog box.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
110
�Releasing HTTP communication blocking
Releasing HTTP communication blocking
Before you begin You must have the Storage Administrator (Initial Configuration) role to perform this task. You must be an external authentication user whose external user group mapping is
disabled.
Procedure 1. Close all Device Manager - Storage Navigator sessions on the SVP. 2. On the Device Manager - Storage Navigator computer, open a web browser. Enter the following URL to open the Tool Panel dialog box.
https://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. In the Tool Panel dialog box, click Release HTTP Blocking. 4. Enter the User ID and Password for the root storage administrator, then click Login. The
Release HTTP Blocking dialog box opens. 5. Click OK. A configuration dialog box opens. 6. Click OK to release HTTP blocking. When the configuration change is complete, the
SVP web server reboots. Once the reboot is complete, the Release HTTP Blocking Complete dialog box opens. Depending on the environment, it can take 30 to 60 minutes for the web server to restart. After the SVP restarts, the Completion dialog box does not appear. Instead, an "internal server error" message is displayed. However, the setting is actually completed. 7. Click OK to continue the operation and return to the Login dialog box, or click Cancel to cancel the operation and return to the Login dialog box.
Configuring the ECC curve order
When using a certificate with a key type of ECDSA and a key length of secp521r1, use the following procedure to configure the ECC curve order from the management client. SSL communication with SVP fails, and then the Tool Panel dialog box and HDvM - SN might not open if you do not configure the ECC curve order.
Note: The ECC curve order must be configured also for an OS in the SVP. Ask maintenance personnel to configure the setting in the SVP.
Procedure 1. Open the Run dialog box (press Windows Key + R). 2. Type gpedit.msc, and then press Enter. 3. In the Local Group Policy Editor, navigate to Computer Configuration > Administrative Templates > Network > SSL Configuration Settings. 4. Double-click ECC Curve Order and open the ECC Curve Order window. 5. Select Enabled and add secP521r1 to ECC Curve Order in Options.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
111
�Configuring the ECC curve order
Example:
Curve25519 NistP256 NistP384 secP521r1
6. Click OK and close the Setting window. 7. Close the Local Group Policy Editor, and then restart the management client. 8. Ask maintenance personnel to configure the ECC curve order in the SVP.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
112
�Actions to take when a security warning is displayed
Actions to take when a security warning is displayed
The security warning below might appear during a setting operation using SSL communications. This warning differs depending on the type of web browser. For Microsoft Edge:
Click Advanced and then Continue to <IP-address-or-host-name> (unsafe). Example for Microsoft Edge
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
113
�Actions to take when a security warning is displayed
For Google Chrome: Click Advanced, and then click Proceed to <IP-address> (unsafe). Example for Google Chrome
For Internet Explorer: Click Continue to this website (not recommended). Example for Internet Explorer
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
114
�Setting SSL/TLS communications using the Tool Panel
If this security warning appears, take the following measures:
If this security warning appears after the microprogram replacement, the SSL certificate has been returned to default. In this case, upload the original SSL certificate.
The error code "ERR_CERT_AUTHORITY_INVALID" or the message "The security certificate presented by this website was not issued by a trusted authority" appears if the security certificate is not issued by a trusted certificate authority when connecting to an SSL-enabled Device Manager - Storage Navigator. Register the root certificate for the server in the trusted root certificate authority in the browser.
The error code "ERR_CERT_COMMON_NAME_INVALID" or the message "The security certificate presented by this website was issued for a different website's address." appears if an IP address or a host name specified in the URL does not match the CN (Common Name) or subjectAltName described in the security certificate. Verify that the CN (Common Name) or subjectAltName described in the security certificate is the same as the IP address or host name specified in the URL when connecting to Device Manager Storage Navigator. If it is not the same, register the SVP host name for DNS or hosts file settings.
If no measure is taken, verify the security certificate sent from the server and make sure that the connection destination is the SVP as expected. After confirmation, take the following actions:
Setting SSL/TLS communications using the Tool Panel
Use the following procedure to create the security settings used for SSL/TLS communications with the SVP.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
115
�Setting SSL/TLS communications using the Tool Panel
Caution:
If an SSL/TLS communication setting is not correct, SSL/TLS communication with the SVP might fail. If SSL communication fails, you need to configure the security settings again using the Tool Panel dialog box by using HTTP connection. Therefore, it is recommended to release the HTTP communication blocking using the Tool Panel dialog box before making security settings. For more information about how to release the HTTP communication blocking, see Releasing HTTP communication blocking (on page 111).
When you perform this procedure, use HTTPS connection for access. If you access via an HTTP connection, the ID and password used for login are communicated in clear text.
If the self-signed certificates for the following communication paths are registered in the SVP, some of the test items are not verified in the communication test in this procedure:
SVP Syslog Server
SVP Key Management Server
SVP LDAP Server
SVP HCS server
If this is the case, communication will be performed while security requirements are not met. Use certificates issued by trusted CA (Certificate Authority).
Before you begin
Verify the security settings of the SVP communication destination before the setting. If the protocol is TLS1.3 only, make sure that the communication destination supports TLS1.3.
When you use Device Manager - Storage Navigator with Adobe AIR, you must enable TLS1.2. Adobe AIR does not support TLS1.3.
Verify that no other management or maintenance operations are being performed onDevice Manager - Storage Navigator.
You must have Security Administrator (View & Modify) role to perform this task.
Procedure
1. Close all Device Manager - Storage Navigator sessions on the SVP. 2. On the management client, open a web browser, and then type the following URL to
open the Tool Panel dialog box by using HTTPS connection. https://IP-address-or-host-name-of-SVP/cgi-bin/utility/ toolpanel.cgi 3. In the Tool Panel dialog box, click TLS Security Settings to open the TLS Security Settings login dialog box. If SSL/TLS communication has been established, the Security Alert dialog box opens before the login dialog box opens. In the Security Alert dialog box, click OK.
If the Security Alert dialog box for the certificate opens, click View Certificate to display the certificate, confirm that the certificate is correct, and then click Yes.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
116
�Setting SSL/TLS communications using the Tool Panel
4. In the TLS Security Settings login dialog box, enter the administrator user ID and password, and then click Login.
5. In the TLS Security Settings dialog box, enter the required items.
Caution: When using TLS1.2, select the cipher suites corresponding to the key type of the certificate uploaded to the SVP.
If the key type is RSA, select a cipher suite whose name contains "RSA".
If the key type is ECDSA, select a cipher suite whose name contains "ECDSA".
If the cipher suites are not set correctly, the SSL/TLS communications with the SVP fail, and then a problem, such as a Device Manager - Storage Navigator login error, occurs.
When using TLS1.3, you can select both cipher suites regardless of whether the certificate key type is RSA or ECDSA.
6. In the TLS Security Settings dialog box, confirm the messages about the possible TLS communication failures and recommendations, and then select the check box for I understood that I canceled HTTP blocking or TLS communication might fail.
7. Click Next to perform a communication test. The Communication Test dialog box for TLS Security Settings opens.
8. The communication test using the security settings specified in step 5 starts automatically for the following communication paths:
SVP Syslog Server
SVP Key Management Server
SVP LDAP Server
SVP HCS server
The communication test verifies the following items:
Protocol
Cipher suites
Key length of the key exchange algorithm
Expiration date of the certificate
Certificate chain to the root CA certificate
9. Verify the results of the communication test for each communication path performed in the previous step. In the Communication Test dialog box for TLS Security Settings, wait until any of the following is displayed as the communication test result:
Normal: Communication is complete correctly.
Skipped: Connection settings are not made on Device Manager - Storage Navigator.
ErrorCommunication failed.
10. Confirm the communication test result, and then click Submit in the Communication Test dialog box for TLS Security Settings.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
117
�Configuring certificates for HCS
11. When prompted if you are sure you want to change the settings, click OK. The SVP web server restarts to reflect the security settings. When the SVP Web server restart is complete, the setting completion dialog box for TLS Security Settings opens.
12. Click OK to return to the login dialog box. 13. Back up the new security settings. For details, see Backing up HDvM - SN configuration
files (on page 136).
Configuring certificates for HCS
When you want to manage the storage system by using Hitachi Command Suite and perform the HCS external authentication, you need to register the certificate for HCS on the SVP. When you want to manage the storage system by linking Hitachi Ops Center Administrator and Hitachi Device Manager - Storage Navigator (HDvM - SN), you need to register the certificate for Hitachi Ops Center Administrator on the SVP. You cannot register the certificate for both of the HCS and Hitachi Ops Center Administrator at the same time. Register one of the certificate for the server you are using to manage the storage system.
Registering certificates for HCS
To manage the storage system by using HCS and perform the HCS external authentication, upload an HCS public key certificate to the web server to register the certificate. Complete the steps in the following procedure to upload and register a certificate using the certificate update tool.
Before you begin You must have the Security Administrator (View & Modify) role to perform this task. If the certificate to be registered has an extension other than .crt, change it to .crt. The certificate to be registered must be in X509 PEM or X509 DER format. You must be an external authentication user whose external user group mapping is
disabled, or a local authentication user. If the public key of the certificate to be uploaded is RSA, the key length must not be less
than the key length that is set for Minimum Key Length (Key Exchange) in the TLS Security Settings dialog box. If the public key of the certificate to be uploaded is ECDSA, the public key parameter must be any of the following: ECDSA_P256 (secp256r1) ECDSA_P384 (secp384r1) ECDSA_P521 (secp521r1) The signature hash algorithm of the certificate to be uploaded must be SHA-256, SHA-384, or SHA-512.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
118
�Registering certificates for HCS
The extended profile fields in the X.509 certificate support the following items as specified in RFC5280:
subjectAltName
CRLDistributionPoint
AuthorityInfoAccess
BasicConstraints
KeyUsage
SubjectKeyIdentifier
Enter the host name or the IP address of the server in subjectAltName or CommonName of the certificate for the connected server.
The number of tiers of the certificate chain for the connected server certificate must be 20 tiers or less including the root CA certificate.
Procedure
1. Close all Device Manager - Storage Navigator sessions on the SVP. 2. On the Device Manager - Storage Navigator computer, open a web browser and enter
the following URL to open the Tool Panel dialog box.
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. In the Tool Panel dialog box, click Set or Delete Certificate File for HCS. The Login dialog box opens. If SSL communication has been established, the Security Alert dialog box opens before the Login dialog box. In the Security Alert dialog box, click OK.
4. When the Login dialog box opens, enter the administrator user ID and password, and click Login. The Login dialog box opens.
5. In the dialog box, enter the certificate file for HCS (.crt file) in the Certificate file (The name of the button to click depends on the browser. file) box. You can enter the file name directly or by clicking Browse or Select File and searching for the file name. The name of the button to click depends on the browser.
6. Click Register. The execution confirmation dialog for Set or Delete Certificate File for HCS opens.
7. Click OK to register the certificate. Registration of the certificate starts. When the certificate is registered, the registration completion dialog box for Set or Delete Certificate File for HCS opens.
8. In the registration completion dialog box for Set or Delete Certificate File for HCS, click OK. The display returns to the login dialog box.
Note: If an error occurs during registration of the HCS certificate, an error message displays. Resolve the problem and then run the procedure again, starting with logging in to Set or Delete HCS Certificate.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
119
�Notes on registering certificates for HCS
Note: If the Security Alert dialog box for the certificate opens at other times, click View Certificate to confirm that the certificate is correct and then click Yes.
Notes on registering certificates for HCS
Read the following notes about registering certificates for HCS: Ensure that the certificate to be registered is the right one. If you register a wrong
certificate, the storage system is not manged by using HCS and HCS external authentication is not performed. Only with registration of the correct certificate, the storage system is manged by using HCS and HCS external authentication operates normally. When you perform a certificate revocation check by using CRL, set the URI of the CRL repository for cRLDistributionPoint (CRL distribution point) of the intermediate certificate and server certificate set on the connected server. The CRL repository must be on the network that can be accessed by the SVP so that the SVP can communicate with the CRL repository. If the SVP cannot communicate with the CRL repository, HCS external authentication fails. When you perform a certificate revocation check by using OCSP, correctly set the URI of the OCSP responder for authorityInfoAccess (Authority Information Access) of the intermediate certificate and server certificate set on the connected server. The OCSP responder must be on the network that can be accessed by the SVP so that the SVP can communicate with the OCSP responder. If the SVP cannot communicate with the OCSP responder, HCS external authentication fails.
Deleting certificates for HCS
You can delete the certificates you registered in the procedure of the "Registering certificates for HCS" section. Once you delete a certificate, HCS external authentication cannot be performed.
Before you begin You must have the Security Administrator (View & Modify) role to perform this task. You must be an external authentication user whose external user group mapping is
disabled, or a local authentication user.
Procedure 1. Close all Device Manager - Storage Navigator sessions on the SVP. 2. On the Device Manager - Storage Navigator computer, open a web browser and enter the following URL to open the Tool Panel dialog box.
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
120
�Reporting failure information about storage systems
3. In the Tool Panel dialog box, click Set or Delete Certificate File for HCS. The login dialog box opens. If SSL communication has been established, the Security Alert dialog box opens before the login dialog box. In the Security Alert dialog box, click OK.
4. In the login dialog box, enter the administrator user ID and password, and click Login. The Set or Delete Certificate File for HCS dialog box opens.
5. In the dialog box, click Delete. A confirmation dialog box opens. 6. Click OK to delete the certificate. Deletion of the certificate starts. 7. When the certificate has been deleted, a completion dialog box opens. 8. In the completion dialog box click OK. The display returns to the login dialog box.
Note: If an error occurs during deletion of the certificate for HCS, an error message displays. Resolve the problem and then run the procedure again, starting with logging in, to Set or Delete Certificate for HCS.
Note: If the Security Alert dialog box for the certificate opens at other times, click View Certificate to confirm that the certificate is correct and then click Yes.
Reporting failure information about storage systems
You can report failure information (SIM) about storage systems through Syslog, SNMP trap, and email. Failure information reported through email is the same as SIM displayed on the Alert window or reported through SNMP trap. For SNMP trap, the user needs to access the SNMP Manager to check for failure. However, for report through Syslog or email, the user has only to check Syslog or email to know about the occurrence of failure. For methods of notification with SNMP traps, see the Hitachi Alert Notification Guide.
Note: If an inactive GUM is detected during GUM status monitoring, the GUM might be rebooted. When that occurs, LAN communications become temporarily disabled, pinging devices becomes temporarily disabled, and the connected LAN port links go down and up. If monitoring is performed using SNMP, a ColdStart trap is issued. After the GUM reboot is completed, the GUM is automatically restored to the normal status. As long as the LAN port link is up, and the network communication failure or the ping failure is corrected, you do not need to take any action.
Requirements of the Syslog protocol (TLS1.2/RFC5424)
The Syslog protocol (TLS1.2/RFC5424) requires the following: Operation confirmed Syslog server which supports TLS1.2. The server supports communications using the TLS security settings that are set in
accordance with the procedure in Setting SSL/TLS communications using the Tool Panel (on page 115).
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
121
�Requirements of the Syslog protocol (TLS1.2/RFC5424)
Server certificate that has been set on the Syslog server The server certificate that meets the following requirements can be used:
Certificate type
Server certificate of Syslog server
Requirements
If the public key of the certificate is RSA, the key length must be 2048 bits or more.
If the public key of the certificate is ECDSA, the public key parameter must be any of the following:
ECDSA_P256 (secp256r1)
ECDSA_P384 (secp384r1)
ECDSA_P521 (secp521r1)
The signature hash algorithm of the certificate must be SHA-256, SHA-384, or SHA-512.
The extended profile fields in the X.509 certificate support the following items as specified in RFC5280:
subjectAltName
CRLDistributionPoint
AuthorityInfoAccess
BasicConstraints
KeyUsage
SubjectKeyIdentifier
The IP address of the Syslog server must be entered in subjectAltName or CommonName. Domain name cannot be specified.
When you perform a certificate revocation check by using CRL, set the URI of the CRL repository for cRLDistributionPoint (CRL distribution point) of the intermediate certificate and the server certificate that have been set on the connected server. The CRL repository must be on the network that can be accessed by the SVP so that the SVP can communicate with the CRL repository. If the SVP cannot communicate with the CRL repository, the communications with the Syslog server fails.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
122
�Requirements of the Syslog protocol (TLS1.2/RFC5424)
Certificate type
Requirements
When you perform a certificate revocation check by using OCSP, correctly set the URI of the OCSP responder for authorityInfoAccess (Authority Information Access) of the intermediate certificate and the server certificate that have been set on the connected server. The OCSP responder must be on the network that can be accessed by the SVP so that the SVP can communicate with the OCSP responder. If the SVP cannot communicate with the OCSP responder, the communications with the Syslog server fails.
Check the number of tiers of the certificate chain to be used. The maximum number supported is 20 tiers. Make sure to use a certificate in a certificate chain with no more than 20 tiers.
Root certificate of the Syslog server The root certificate that meets the following requirements can be uploaded to the SVP.
Certificate type Certificate format
Root certificate
Requirements
X509 DER format X509 PEM format
If the public key of the certificate to be uploaded to the SVP is RSA, the key length must not be less than the key length that is set for Minimum Key Length (Key Exchange) in the TLS Security Settings dialog box.
If the public key of the certificate to be uploaded to the SVP is ECDSA, the public key parameter must be any of the following: ECDSA_P256 (secp256r1) ECDSA_P384 (secp384r1) ECDSA_P521 (secp521r1)
The signature hash algorithm of the certificate to be uploaded to the SVP must be SHA-256, SHA-384, or SHA-512
.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
123
�Requirements of the Syslog protocol (TLS1.2/RFC5424)
Client certificate The client certificate that meets the following requirements can be uploaded to the SVP.
Certificate type Certificate format TLS security settings
Client certificate
Requirements
PKCS#12 format
The server supports communications using the TLS security settings that are set in Setting SSL/TLS communications using the Tool Panel (on page 115).
If the public key of the certificate to be uploaded to the SVP is RSA, the key length must not be less than the key length that is set for Minimum Key Length (Key Exchange) in the TLS Security Settings dialog box.
If the public key of the certificate to be uploaded to the SVP is ECDSA, the public key parameter must be any of the following:
ECDSA_P256 (secp256r1)
ECDSA_P384 (secp384r1)
ECDSA_P521 (secp521r1)
The signature hash algorithm of the certificate to be uploaded to the SVP must be SHA-256, SHA-384, or SHA-512.
If an intermediate certificate exists, you must prepare a signed public key certificate in a certificate chain that contains the intermediate certificate.
The number of tiers of the certificate chain for the certificate to be uploaded must be 20 tiers or less including the root CA certificate.
Convert the client certificate signed by a CA (Certificate Authority) on the Syslog server to the PKCS#12 format. For more information, see Obtaining a client certificate for the Syslog protocol (on page 125)
If you do not know the password of the client certificate in the PKCS#12 format, contact the Syslog server administrator.
Caution:
The certificates have expiration dates. If a certificate expires, you will not be able to connect to the Syslog server. Make sure to update the certificate before the expiration date.
For more information about the certificate management, contact the Syslog server administrator.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
124
�Obtaining a client certificate for the Syslog protocol
Obtaining a client certificate for the Syslog protocol
You must obtain a client certificate from the SVP to enable the Syslog protocol.
Procedure 1. Create a private key (.key file). See Creating a private key using the OpenSSL command (on page 100). 2. Create a public key (.csr file). See Creating a public key using the OpenSSL command (on page 101). 3. Send the new key to the Syslog server Certificate Authority for signature to obtain a certificate. The certificate is used as the client certificate.
Caution: If the certificate expires, you cannot connect to the Syslog server. If an intermediate certificate is provided by the certificate authority, set
the intermediate certificate on the Syslog server. 4. Open a Windows command prompt, and then set the current directory to the directory
where the PKCS#12 format client certificate is output. 5. Store the private key (.key file) and client certificate in this folder, and then execute the
command below.
C:\key>c:\openssl\bin\openssl pkcs12 -export -in client.crt -inkey client.key outclient.p12
Where Folder to which the PKCS#12 format client certificate is output: C:\key File name of the private key: client.key File name of the client certificate: client.crt 6. Set the password. The password can have up to 128 characters. You can use alphanumeric characters and the following 31 symbols: ! # $ % & ' ( ) * + ,- . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~
Editing Syslog settings
This topic describes how to specify the Syslog settings necessary to report a failure in the storage system.
Before you begin You must have the Storage Administrator (Initial Configuration) role to perform this task. You must install a server that supports Syslog. You must release the port to be used for sending Syslog data if a firewall is used.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
125
�Editing Syslog settings
If you use the new Syslog protocol (TLS1.2/RFC5424), you must specify, for subjectAltName or CommonName in the syslog server certificate, the host name or IP address of the syslog server.
If you specify the host name of the syslog server as the transfer destination, you must register the host name and domain name of the syslog server in the DNS server.
Procedure
1. Display the Device Manager - Storage Navigator main window. 2. From the Settings menu, select Environmental Setting > Edit Alert Settings. 3. For Notification Alert, select one of the following:
All (Sends alerts of all SIMs.)
Host Report (Sends alerts only of SIMs that report to hosts.)
Alert destinations are common to Syslog, SNMP, and Email.
4. Click the Syslog tab. 5. For Transfer Protocol, select the protocol you want to use for sending Syslog data. 6. To send Syslog data to the primary server, select Enable for Primary Server and then
specify the following items:
IP Address/Host Name
Specify the IPv4 address, IPv6 address, or host name of the syslog server to which you want to send syslog data. To specify the host name, select Identifier and then enter up to 255 characters of alphabets, numerals, and symbols (! $ % - . @ _ ` ~).
Port Number
Client Certificate File Name, Password, and Root Certificate File Name
Specify this setting only when New Syslog Protocol (TLS1.2/RFC5424) is selected for Transfer Protocol.
7. To send Syslog data to the alternative server (secondary server), select Enable for Secondary Server and then specify the following items:
IP Address/Host Name
Port Number
Client Certificate File Name, Password, and Root Certificate File Name
Specify this setting only when New Syslog Protocol (TLS1.2/RFC5424) is selected for Transfer Protocol.
8. Specify a name you want for Location Identification Name to identify the storage system.
9. If New Syslog Protocol (TLS1.2/RFC5424) is selected for Transfer Protocol, specify the values for Timeout, Retry Interval, and Number of Retries.
10. Click Send Test Message to Syslog Server, if necessary, to test the settings. 11. Confirm that the Syslog server received the log message (detailed data: "RefCode:
7FFFFF, This is Test Report."). 12. Click Finish.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
126
�Editing alert notification email settings
13. Confirm the settings in the Confirm window, and then enter the task name in Task Name.
14. Click Apply. The task is registered. If the check box for Go to tasks window for status is selected, the Tasks window opens.
Editing alert notification email settings
This topic describes how to specify the email settings necessary to report failure trap reference codes (SIMs).
Before you begin
You must have the Storage Administrator (Initial Configuration) role to perform this task.
You must have installed a mail server that supports Simple Mail Transfer Protocol (SMTP). The SVP uses PLAIN or LOGIN of SMTP authentication (SMTP-AUTH) to connect to the mail server. CRAM-MD5 and DIGEST-MD5 of SMTP-AUTH are not supported.
You must release Port 25 if a firewall is used (because Port 25 is used for communication between the SVP and the mail server).
Procedure
1. Display the Device Manager - Storage Navigator main window. 2. From the Settings menu, select Environmental Setting > Edit Alert Settings. 3. For Notification Alert, select one of the following:
All (Sends alerts of all SIMs.)
Host Report (Sends alerts only of SIMs that report to hosts.)
Alert destinations are common to Syslog, SNMP, and Email.
4. Click the Email tab. 5. For Mail Notice, select Enable to enable that option. 6. In Email Settings, enter the destination email address and the attribute (To, Cc, Bcc).
To add an email address, click Add and then specify the email address and attribute in the Add Address window.
To change an email address and the attribute, select the check box for the email address you want to change, and then click Change. You can change the email address and attribute in the Change Settings window.
You can select multiple email addresses. If you select multiple email addresses, you can change their attributes only.
To delete email addresses, select the check boxes for the email addresses you want to delete, and then click Delete.
Make sure that you specify these settings if Mail Notice is set to Enable.
7. Enter the source email address (required) and the return email address (option). You can enter up to 255 characters of alphabets, numerals, and symbols (!, #, $, %, &, `, +, -, *, /, ', ^, {, }, _, and .).
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
127
�Changing advanced system settings
8. Enter the information of the email server. Identifier To specify the host name, select Identifier and then enter up to 63 characters of alphabets, numerals, and symbols (! $ % ( ) ' - _ . @ ~). IPv4 To specify an IPv4 address, select IPv4 and then enter four numbers (0 to 255) in the following format: XXX.XXX.XXX.XXX (Each XXX indicates a number.) IPv6 To specify an IPv6 address, select IPv6 and then enter eight hexadecimal numbers (0 to FFFF) in the following format: YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY (Each YYYY indicates a hexadecimal number.) You can also specify the abbreviated format of IPv6 addresses. Make sure that you specify these settings if Mail Notice is set to Enable.
9. In SMTP Authentication, select Enable (to use SMTP authentication) or Disable (to not to use SMTP authentication). If you select Enable, also enter the account name and password that you use for SMTP authentication. You can enter up to 255 characters of alphabets, numerals, and symbols (! $ % ( ) ' - _ . @ ~). Make sure that you specify these settings if Mail Notice is set to Enable.
10. Click Send Test Email, if necessary, to test the settings. 11. Confirm that you received the test email. 12. Click Finish. 13. Confirm the settings in the Confirm window, and then enter the task name in Task
Name. 14. Click Apply.
The task is registered. If the check box for Go to tasks window for status is selected, the Tasks window opens.
Changing advanced system settings
You can change alert display settings and data acquisition settings in advanced system settings.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
128
�Changing advanced system settings
Before you begin You must have the Storage Administrator (Initial Configuration) role to perform this task.
Procedure
1. In the Device Manager - Storage Navigator main menu, click Settings > Environmental Settings > Edit Advanced System Settings.
2. Select the desired advanced system settings, and then click Enable to enable the selected settings or Disable to disable the selected settings.
Setting
Description
Hide alert information
If you enable this setting, the Alert window in the Device Manager - Storage Navigator main window does not open.
Refresh forcibly after Apply
If you enable this advanced system setting, after settings changes are applied to the storage system, the configuration information for the storage system is always updated to the latest information.
Disable data polling
If you enable this advanced system setting, polling stops.
Disable retry of data updating
If you enable this advanced system setting, retry does not occur even if data cannot be acquired.
Enable Storage Navigator 2 All Function
If you enable this advanced system setting, the restrictions on login from Device Manager - Storage Navigator's login window are cleared, including the restrictions on the users who can log in and on the functions available after login. When enabling or disabling this advanced system setting, log in again.
Switch the control of differential bitmaps of volumes used for TC/TCMF/ UR/URMF/GAD pairs whose capacity is 4TB or less (for open volumes)/ 262,668Cyl or less (for MF volumes) at creation or resynchronization of pairs
When enabled, for a TC, TCMF, UR, URMF, or GAD pair that uses an open volume (DP-VOL) with user capacity of 4,194,304 MB or less, or a mainframe volume with user capacity of 262,668 Cyl or less, the differential data management for the target volume is enabled by the hierarchical difference at new pair creation or pair resynchronization (hierarchical difference management).
In addition, for a TC, TCMF, UR, URMF, or GAD pair that uses an open volume (DP-VOL) with user capacity exceeding 4,194,304 MB, or a mainframe volume with user capacity exceeding 262,668 Cyl, the differential data management for the target volume is enabled by the hierarchical difference at the new pair creation regardless of this setting.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
129
�Changing advanced system settings
Setting
Description
For details about this setting, see the Hitachi TrueCopy® User Guide, Hitachi Universal Replicator User Guide, or Global-Active Device User Guide.
Switch the control of differential bitmaps of volumes used for TC/TCMF/ UR/URMF/GAD pairs whose capacity is 4TB or less (for open volumes)/ 262,668Cyl or less (for MF volumes) at creation of pairs
When enabled, for a TC, TCMF, UR, URMF, or GAD pair that uses an open volume (DP-VOL) with user capacity of 4,194,304 MB or less, or a mainframe volume with user capacity of 262,668 Cyl or less, the differential data management for the target volume is enabled by the hierarchical difference at new pair creation (hierarchical difference management).
In addition, for a TC, TCMF, UR, URMF, or GAD pair that uses an open volume (DP-VOL) with user capacity exceeding 4,194,304 MB, or a mainframe volume with user capacity exceeding 262,668 Cyl, the differential data management for the target volume is enabled by the hierarchical difference at the new pair creation regardless of this setting.
For details about this setting, see the Hitachi TrueCopy® User Guide, Hitachi Universal Replicator
User Guide, or Global-Active Device User Guide.
External Authentication Compatibility option
If you enable this setting, the authentication method is switched from VSP 5000 series to VSP.
Enable reboot of background service
If you enable this setting, when either of the following values exceeds its threshold value, the background service process for managing configuration information is restarted. Enable this setting only when requested.
The amount of memory used in the background service process.
Time elapsed after the background service process is started.
Notify an alert when tier relocation is suspended by system
If you enable this setting, when tier relocation is suspended by the system, an alert is issued to users. For details about an alert (SIM) to be issued, see the Troubleshooting chapter of the Provisioning Guide for Open Systems or Provisioning Guide for Mainframe Systems.
The consistency time of a Hitachi Universal Replicator software for Mainframe pair shows the time stamp of the data that has just been copied to a restored journal volume
When enabled, the time included in the time stamp of the data that has just been copied to a restored journal volume shows the consistency time.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
130
�Updating Storage Device Launcher on the management client
Setting After delta resync, the pair status remains COPY during journal data copy
One minute after remote path failure detection, the mirror is split
After remote path failure detection, the mirror is split The copy pace for mirror option (Medium) becomes one level faster
The copy pace for mirror option (Medium) becomes two levels faster
Description
If you enable this setting, when a delta resync is performed in a 3DC multi-target configuration with TC and UR, the pair status remains COPY during journal data copy.
If you enable this setting, when a remote path failure is detected, the mirror is split if the remote path is not restored within one minute after the detection.
This setting is enabled only when After remote path failure detection, the mirror is split is enabled. When No. 16 is disabled, the mirror is not split even if a remote path failure is detected.
When enabled, after a remote path failure is detected, the mirror is split.
When enabled, the pace for copying data during initial copy becomes one level faster when the copy pace for journal option is Medium. This setting can be used to make the initial copy operation in Medium speed mode perform faster.
When enabled, the pace for copying data during initial copy becomes two levels faster when the copy pace for journal option is Medium. This setting can be used to make the initial copy operation in Medium speed mode perform faster.
3. Click Finish.
4. In the confirmation window, check the settings and enter a task name in Task Name.
5. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Tasks window opens to display the status of the task.
6. After you have enabled or disabled the desired advanced system settings, log off Device Manager - Storage Navigator and then log in again.
Updating Storage Device Launcher on the management client
The Storage Device Launcher software on the HDvM - SN management client is not automatically updated. If the Storage Device Launcher version on the SVP is updated (for example, when the SVP firmware is updated), you must download the Storage Device Launcher setup file from the SVP and install the updated Storage Device Launcher software on the HDvM - SN management client.
Use the following procedure to check the Storage Device Launcher version on the management client and SVP. If the versions are different, update the Storage Device Launcher software on the management client.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
131
�Updating Captive Bundle Application on the SVP
Procedure 1. Check the Storage Device Launcher version on the management client: In the Start menu, select Open StorageDeviceLauncher to open the Storage Device Launcher window. (Note that the Start menu might display the following: Storage Device Launcher > Open Storage Device Launcher) The Storage Device Launcher window displays the Storage Device Launcher version on the management client. 2. Check the Storage Device Launcher version on the SVP by clicking Tool > Download to open the download dialog box. The download dialog box displays the Storage Device Launcher version on the SVP. If the version on the SVP is not the same as the version on the management client, download Storage Device Launcher from the SVP and install it on the management client. For instructions, see Installing Storage Device Launcher on the management client (on page 30).
Updating Captive Bundle Application on the SVP
If Captive Bundle Application (CBA) on the SVP needs to be updated, you need to upload CBA from the management client to the SVP.
Note: Do not remove CBA on the management client before updating CBA on the SVP. If you need to increase the available free space on the management client, you can remove all files stored in the following location while HDvM - SN is not running: Storage_Device_Launcher_installation_directory \WCLauncher\SDLauncher\micro.
Before you begin You must have the CBA file to be uploaded to the SVP on the management client. If you
do not have the CBA file, contact customer support. You must have the Security Administrator (View & Modify) role to perform this task.
Procedure 1. On the management client, open a web browser. 2. Open the Tool Panel dialog box by specifying the following URL:
https://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. Click CaptiveBundleUpload. 4. Enter the administrator user ID and password, and then click Login.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
132
�Backing up and restoring HDvM - SN configuration files
5. Click Browse or Select File, navigate to and select the CBA file on the management client, and then click Upload. The name of the button to click depends on the browser.
If the CBA version to be uploaded is earlier than the CBA version on the SVP, a message asking if you want to downgrade CBA is displayed. If you are sure about downgrading the CBA version, click OK to continue. If you are not sure, click Cancel to cancel the upload, and then contact customer support.
If the SVP firmware version and the CBA version to be uploaded are not compatible, a message is displayed. Click OK to cancel the upload, and then contact customer support.
6. Verify the CBA version on the SVP and the CBA version to be uploaded, and then click OK to upload CBA to the SVP. Wait up to 10 minutes for the upload to complete.
7. When the version confirmation message is displayed, click OK. You are returned to the Login dialog box.
If the Security Alert dialog box for the certificate opens before you are returned to the Login dialog box, click View Certificate, verify that the certificate is correct, and then click Yes.
Caution: On the management client, do not delete the CBA file that you uploaded to the SVP. This CBA file might be required for SVP failure recovery or other purposes.
8. Log in to HDvM - SN by using AIR, and then verify that the CBA version in the Storage Systems window is correct (same as the CBA version you uploaded).
Backing up and restoring HDvM - SN configuration files
You can make backup copies of the various Device Manager - Storage Navigator (HDvM SN) configuration files by downloading them to a folder that you specify. You can then use the backup configuration files to restore one or more of the files to the existing SVP if necessary or to configure a new SVP.
The following table lists the backup file items that have SVP firmware version requirements. If you need to restore these settings on an SVP that does not meet the minimum SVP firmware version requirement, first download the configuration file without selecting these backup file items, perform the restore operation using the configuration file, and then perform the operation in the following table to restore these settings.
Backup file item
Flash Disable File
SIMSyslog Transfer Information
Minimum SVP version
Operation to restore the setting
90-04-0x/xx
None (not applicable).
90-04-0x/xx
Configure the SIMSyslog transfer settings on the Syslog tab of the Edit Alert Settings window.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
133
�Backing up and restoring HDvM - SN configuration files
Backup file item
Minimum SVP version
Operation to restore the setting
TLS Security Settings 90-02-0x/xx
Configure the TLS settings.
User Account Information
90-08-22/00
None (not applicable)
The following table lists the items that are not backed up and provides the required action to save and re-register each item.
Item
Action
Configuration reports of the storage system
See Using reports to view storage system information (on page 212).
Configuration to block HTTP communication to SVP
See Blocking HTTP communication to the storage system (on page 110).
Interval for the automatic updates of the Tasks window of Device Manager - Storage Navigator
See Setting the status refresh interval of the Tasks window (on page 211).
Audit logs saved in SVP
See Hitachi Audit Log User Guide.
Private key and certificate used for SSL communication between the SVP and the management client
See Uploading a signed certificate (on page 106).
Advanced system settings
See Changing advanced system settings (on page 128).
Storage system information
See Setting storage system information (on page 84).
Certificates for SMI-S provider
See Uploading a signed certificate to the SMI-S provider (on page 138).
Configuration files for SMI-S provider
See Uploading an SMI-S provider configuration file (on page 141).
Certificates for Hitachi Command Suite
See Registering certificates for HCS (on page 118).
Mail notice settings
See Email tab in Edit Alert Settings window (on page 490).
You must have one of the following roles, depending on the configuration you are backing up or restoring:
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
134
�Backing up and restoring HDvM - SN configuration files
Configuration file
Description
Required role to back up a file
Required role to restore a file
User Account Information
User account information registered to HDvM - SN
Security
Security
Administrator (View Administrator (View
Only)
& Modify)
Environment
Parameter information in the entire
Parameter List system
Storage Administrator (Initial Configuration)
Storage Administrator (Initial Configuration)
Log Transfer Information
Settings made in the Edit Audit Log Settings and Edit Alert Settings windows
Audit log
Audit log
Administrator (View Administrator (View
Only)
& Modify)
SIMSyslog Transfer Information
Settings made in the Edit Alert Settings window
Storage Administrator (Initial Configuration)
Storage Administrator (Initial Configuration)
External
Connection to the authentication server
Authentication
Security Administrator (View)
Security Administrator (View & Modify)
Key Management Server
Connection to the Key Management Server*
* The client certificate in use when the key management (KMIP) server is connected cannot be backed up or restored by Device Manager - Storage Navigator. Consult the administrator of the key management server (KMS) to determine the best way to use the server to manage and back up the certificate.
Security Administrator (View & Modify)
Security Administrator (View & Modify)
TLS Security Settings
Security settings used for communications with SVP
Storage Administrator (Initial Configuration) or Security Administrator (View & Modify)
Storage Administrator (Initial Configuration) or Security Administrator (View & Modify)
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
135
�Backing up HDvM - SN configuration files
Configuration file
Description
Required role to back up a file
Required role to restore a file
REST API Configurations
Remote storage information and job history information*
* While downloading or restoring the REST API configuration files, the REST services are stopped. The REST services might be stopped for a few minutes due to the configuration file sizes because the download or restoration can take some time depending on the configuration file sizes.
Storage Administrator (Initial Configuration)
Storage Administrator (Initial Configuration)
WSUS Settings
Settings to disable or enable use of Windows Server Update Services (WSUS), and settings for the WSUS server URL and the active hours*
* If the SVP High Reliability Kit (standby SVP) is installed, the WSUS setting file cannot be downloaded.
Security
Security
Administrator (View Administrator (View
& Modify)
& Modify)
Backing up HDvM - SN configuration files
You can restore the backup copies of one or more configuration files if it becomes necessary.
Before you begin You must be an external authentication user whose external user group mapping is
disabled.
Procedure 1. Start a web browser and enter the following URL to open the tool panel:
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
2. Click Control Panel to open the Control Panel. 3. Enter the user ID and password and click Login. 4. Click the Download tab to open the Download file window. 5. Click the files to be downloaded. You can download only the files for which you have
permission. 6. Click Submit. The Download File dialog box shows the list of the files to be
downloaded. 7. Click Download. The File Download dialog box opens. 8. Click Save. The Save As dialog box opens.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
136
�Restoring HDvM - SN configuration files
9. Specify the name of a folder to save the compressed file, and then click Save to start downloading.
10. Decompress the downloaded *.tgz file as required. To decompress the *.tgz file, use a tool supporting tar and gzip.
Restoring HDvM - SN configuration files
You can restore the backup copies of one or more configuration files if it becomes necessary.
Procedure 1. Start a web browser and enter the following URL to open the tool panel:
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
2. Click Control Panel to open the Control Panel. 3. Enter the user ID and password and click Login. 4. Click the Restore tab to open the Restore File window. 5. Click Archive Files, and then click Browse or Select File to specify the directory of the
file. The name of the button to click depends on the browser. You can restore only the files for which you have permission. 6. Click Next. 7. Click the configuration files to restore. 8. Click Submit. 9. If the Password check dialog box opens, enter User ID, Password, and Re-enter Password of the storage administrator on the backup user list, and click Submit on the Password check dialog box. The Restore File dialog box opens. 10. Confirm the restoring process has been completed successfully. 11. Click Close to close the dialog box.
Using the SMI-S function with a Device Manager - Storage Navigator user account
The storage systems support the SMI-S function developed by SNIA. Storage administrators can use the SMI-S function by using SMI-S compliant management software.
Using the SMI-S function
To use the SMI-S function, create a Device Manager - Storage Navigator user account and specify a storage system as the access destination from the management software.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
137
�Uploading a signed certificate to the SMI-S provider
Procedure 1. Create a Device Manager - Storage Navigator user account in the management software. The user account must belong to one of the following built-in user groups: Storage Administrator (View & Modify) User Group: Users have full permissions to access the SMI-S function from the management software. Storage Administrator (View Only) User Group: Users have read- only permissions to access the SMI-S function from the management software.
2. In the management software program, enter the following storage system information: IP Address of the SVP Protocol: specify HTTPS Port: 5989 Namespace:root/hitachi/smis or interop
Note: If you cannot access the storage system with error message "An error (20121-107097) occurred and the Device Manager - Storage Navigator login fails", you might not have selected the cipher suites corresponding to the key type of the certificate on the TLS Security Settings dialog box.
a. Connect to the Tool Panel dialog box via an HTTP connection, and enable all cipher suites.
b. Make sure you can log in to Device Manager - Storage Navigator. c. Verify the settings of the cipher suites. If this problem occurs again, verify the network environment and the access destination. If you still cannot access to the storage system after taking actions, contact customer support.
Uploading a signed certificate to the SMI-S provider
To use certificates in SSL communication with the SMI-S provider, you must update and upload the private key and the signed server certificate (public key) to the SMI-S provider to update the certificate. Use the following procedure to upload and update certificates using a certificate update tool.
Before you begin Ensure that the following items have been completed: You must have the Storage Administrator (View & Modify) role to perform this task. A private key (.key file) has been created. Change the file name to server.key unless the
file is already named that. See Creating a private key using the OpenSSL command (on page 100). The passphrase for the private key (server.key file) is released. A signed public key certificate (.crt file) has been acquired. Change the file name to server.crt unless the file is already named that. See Creating a public key using the OpenSSL command (on page 101).
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
138
�Uploading a signed certificate to the SMI-S provider
When using TLS1.2, you must set the cipher suites corresponding to the key type of the certificate that is uploaded to the SVP or the SMI-S provider.
Verify the settings of the cipher suites on the TLS Security Settings dialog box using the Tool Panel dialog box:
If the key type is RSA, select a cipher suite whose name contains "RSA".
If the key type is ECDSA, select a cipher suite whose name contains "ECDSA".
If the cipher suites corresponding to the key type of the certificate are not set, you cannot connect the storage system using the management software.
You must be an external authentication user whose external user group mapping is disabled, or a local authentication user.
If the public key of the certificate to be uploaded is RSA, the key length must not be less than the key length that is set for Minimum Key Length (Key Exchange) in the TLS Security Settings dialog box.
If the public key of the certificate to be uploaded is ECDSA, the public key parameter must be any of the following:
ECDSA_P256 (secp256r1)
ECDSA_P384 (secp384r1)
ECDSA_P521 (secp521r1)
The signature hash algorithm of the certificate to be uploaded must be SHA-256, SHA-384, or SHA-512.
The extended profile fields in the X.509 certificate support the following items as specified in RFC5280:
subjectAltName
CRLDistributionPoint
AuthorityInfoAccess
BasicConstraints
KeyUsage
SubjectKeyIdentifier
Enter the host name or the IP address of the SVP in subjectAltName or CommonName of the certificate to be uploaded.
When you perform a certificate revocation check by using CRL, set the CRL repository URI for the cRLDistributionPoint (CRL distribution point) of the intermediate certificate and server certificate.
When you perform a certificate revocation check by using OCSP, set the OCSP responder URI for authorityInfoAccess (Authority Information Access) of the intermediate certificate and server certificate.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
139
�Uploading a signed certificate to the SMI-S provider
When you perform a certificate revocation check on the management client, the CRL repository or the OCSP responder must be on the network that can be accessed by the management client so that they can be accessed by the management client. If the management client cannot communicate with the CRL repository or the OCSP responder, the connection to Device Manager - Storage Navigator is established without certificate revocation check.
If an intermediate certificate exists, prepare a signed public key certificate file (server.crt) that has a certificate chain that includes the intermediate certificate.
The number of tiers of the certificate chain for the certificate to be uploaded must be 20 tiers or less including the root CA certificate.
Procedure
1. Close all Device Manager - Storage Navigator sessions on the SVP. 2. On the Device Manager - Storage Navigator computer, open a web browser and enter
the following URL to open the Tool Panel dialog box.
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. In the Tool Panel dialog box, click Update Certificate Files for SMI-S. The login dialog box for Update Certificate Files for SMI-S opens. If SSL communication has been established, the Security Alert dialog box opens before the login dialog box. In the Security Alert dialog box, click OK.
4. In the login dialog box for Update Certificate Files for SMI-S, enter the administrator's user ID and password, and click Login. The upload dialog box for Update Certificate Files for SMI-S opens.
5. In the upload dialog box for Update Certificate Files for SMI-S, enter both the public key certificate file name in the Certificate file (server.crt file) box and the Private Key file (server.key file) box. You can enter the file names directly or by clicking Browse or Select File. The name of the button to click depends on the browser.
6. Click Upload. The execution confirmation dialog box for Update Certificate Files for SMI-S opens.
7. Click OK to update the certificate. Update of the certificate starts. Upon completion of the certificate update, the SMI-S provider restarts to reflect the update.
Upon completion of the restart of the SMI-S provider, the update completion dialog box for Update Certificate Files for SMI-S opens
8. In the update completion dialog box for Update Certificate Files for SMI-S, click OK. The display returns to the login dialog box.
Note: If an error occurs during update of the certificate, an error message displays. Resolve the problem and then run the procedure again, starting with logging in, to upload configuration files for SMI-S.
Note: If the Security Alert dialog box for the certificate opens at other times, click View Certificate to confirm that the certificate is correct and then click Yes.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
140
�Returning an SMI-S provider certificate to default
Returning an SMI-S provider certificate to default
You can return a certificate updated in Uploading a signed certificate to the SMI-S provider (on page 138) to default.
Before you begin You must have the Storage Administrator (View & Modify) role to perform this task.
Procedure 1. Close all Device Manager - Storage Navigator sessions on the SMI-S provider. 2. On the Device Manager - Storage Navigator computer, open a web browser and enter the following URL to open the Tool Panel dialog box.
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. In the Tool Panel dialog box, click Upload Configuration Files for SMI-S. The Upload Configuration Files Login dialog box opens. If SSL communication has been established, the Security Alert dialog box opens before the login dialog box. In the Security Alert dialog box, click OK.
4. In the Login dialog box, enter the administrator's user ID and password, and click Login. The upload dialog box for Update Certificate Files for SMI-S opens.
5. In the upload dialog box for Update Certificate Files for SMI-S, click Return to the default configuration. The execution confirmation dialog box for Update Certificate Files for SMI-S opens.
6. Click OK to update the certificate. Update of the certificate starts. Upon completion of the certificate update, the SMI-S provider restarts to reflect the update. Upon completion of the restart of the SMI-S provider, the update completion dialog box for Update Certificate Files for SMI-S opens.
7. In the update completion dialog box for Update Certificate Files for SMI-S, click OK. The display returns to the login dialog box.
Note: If an error occurs during update of the certificate, an error message displays. Resolve the problem and then run the procedure again, starting with logging in, to update certificate files for SMI-S.
Note: If the Security Alert dialog box for the certificate opens at other times, click View Certificate to confirm that the certificate is correct and then click Yes.
Uploading an SMI-S provider configuration file
You can control the SMI-S function using the SMI-S provider configuration file that you create.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
141
�Returning an SMI-S provider configuration file to default
Before you begin Ensure that the SMI-S provider configuration file has already been created. If the
configuration is not already named array-setting-01.properties, rename it to that name. You must have the Storage Administrator (View & Modify) role to perform this task.
Procedure 1. Close all Device Manager - Storage Navigator sessions on the SMI-S provider. 2. On the Device Manager - Storage Navigator computer, open a web browser and enter the following URL to open the Tool Panel dialog box.
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. In the Tool Panel dialog box, click Upload Configuration Files for SMI-S. The Login dialog box opens. If SSL communication has been established, the Security Alert dialog box opens before the Login dialog box. In the Security Alert dialog box, click OK to confirm and open the Login dialog box.
4. In the Login dialog box, enter the administrator user ID and password, and click Login. The Upload dialog box opens.
5. In the Upload dialog box, enter the SMI-S provider configuration file (arraysetting-01.properties). Enter a file name in Configuration file or click Browse or Select File, and then select a file in the displayed dialog box. The name of the button to click depends on the browser.
6. Click Upload. The execution confirmation dialog box opens. 7. Click OK to update the configuration file. Update of the configuration file starts.
Upon completion of the configuration file update, the SMI-S provider restarts to reflect the update. Upon completion of the restart of the SMI-S provider, the update completion dialog box for Upload Configuration Files for SMI-S opens. 8. In the Upload Configuration Files for SMI-S dialog box, click OK. The display returns to the login dialog box.
Note: If an error occurs during update of the certificate, an error message displays. Resolve the problem and then run the procedure again, starting with logging in, to upload configuration files for SMI-S.
Note: If the Security Alert dialog box for the certificate opens at other times, click View Certificate to confirm that the certificate is correct and then click Yes.
Returning an SMI-S provider configuration file to default
You can return a configuration file updated in Uploading an SMI-S provider configuration file (on page 141).
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
142
�Sending SMI-S artificial indication
Before you begin
You must have the Storage Administrator (View & Modify) role to perform this task.
Procedure
1. Close all Device Manager - Storage Navigator sessions on the SMI-S provider. 2. On the Device Manager - Storage Navigator computer, open a web browser and enter
the following URL to open the Tool Panel dialog box.
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. In the Tool Panel dialog box, click Upload Configuration Files for SMI-S. The Login dialog box opens. If SSL communication has been established, the Security Alert dialog box opens before the Login dialog box. In the Security Alert dialog box, click OK to confirm and open the Login dialog box.
4. In the Login dialog box, enter the administrator user ID and password, and click Login. The Upload dialog box opens.
5. In the Upload dialog box, click Return to the default configuration. A confirmation dialog box opens.
6. In the confirmation dialog box, click OK to update the configuration file. The update process starts. When the file has been updated, the SMI-S provider restarts to include the update. When the SMI-S provider restarts, the update completion dialog box opens.
7. In the update completion dialog box, click OK to confirm and return to the Login dialog box.
Note:
If an error occurs during update of the SMI-S provider configuration file and an error message appears, resolve the problem as described in the error message, and then run the procedure again starting with Step 4.
If the Security Alert dialog box for the certificate opens at other times, click View Certificate to confirm that the certificate is correct and then click Yes.
Sending SMI-S artificial indication
You can send an SMI-S artificial indication to determine whether the communication between the listeners and the SMI-S provider succeeds or fails.
Before you begin
SMI-S Provider software application must be installed.
The network environment is configured so that the computer on which the listener application operates is connected to the SVP.
The listeners are subscribed to the SMI-S provider.
You must have the Storage Administrator (View & Modify) role to perform this task.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
143
�Setting up WSUS function
Procedure
1. Close all Device Manager - Storage Navigator sessions connected to the related SMI-S provider.
2. On the Device Manager - Storage Navigator computer, open a web browser and enter the following URL to open the Tool Panel dialog box.
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. In the Tool Panel dialog box, click SMI-S Artificial Indication. The SMI-S Artificial Indication dialog box opens.
4. In the SMI-S Artificial Indication dialog box, enter the user ID and password, and click Test. The testing begins.
5. When the test communication is completed, SMI-S Artificial Indication Result window opens. In the SMI-S Artificial Indication Result window, click OK.
The dialog box closes and the display returns to the SMI-S Artificial Indication dialog box.
Note: If the SMI-S artificial indication fails, an error message and a code display. Resolve the problem described in the error message.
Setting up WSUS function
Windows Server Update Services (WSUS) provides centralized management for applying updates provided by the Microsoft Corporation. When the WSUS server works with the SVP, Security Updates for which our operation verification has been complete can automatically apply to the SVP .
This allows customers to centrally manage the application of Security Updates to the SVP, which was previously performed as a maintenance operation. To use this function, perform the following procedure for enabling the WSUS function.
Before you begin
The WSUS server must be prepared by the customer.
Configure the network so that the WSUS server can communicate with the SVP.
Set the WSUS server so that Security Updates can be received by the SVP.
Set the WSUS server so that only Security Updates for which our operation verification has been complete applies to the SVP.
You must have the Security Administrator (View & Modify) role to perform this task.
A single SVP configuration must be created. In a duplex SVP configuration with the SVP High Reliability Kit installed, the WSUS function cannot be enabled.
To enter the host name in the WSUS server URL, set the host name and the domain name of the WSUS server for the DNS server.
Caution: Applying Security Updates for which our operation verification has not been complete to the SVP might produce unpredictable results such as the inability to operate the SVP.
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
144
�Setting up WSUS function
Note: Make a note of the settings during the following operating procedure, which might be useful if you reconfigure the WSUS settings to replace the SVP.
Procedure 1. On the management client, open a web browser. 2. Open the Tool Panel dialog box by specifying the following URL:
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. Click WSUS Settings. 4. Enter the administrator user ID in the User ID field and the password in the Password
field, and click Login. The WSUS Settings dialog box opens. 5. Select a radio button.
Caution: Even if you change the WSUS settings from Enable to Disable, the downloaded Security Updates might apply to the SVP. 6. To enable the WSUS function, enter the WSUS server URL. Example: http://wsus.example.com, http://192.0.2.0 7. Set the active hours between 6 and 18 hours . 8. Click Next to open the dialog box opens to confirm the WSUS settings updates. 9. Click OK. 10. Check the following audit logs to verify whether Security Updates are applied by using the WSUS function. Function name: BASE Operation Name: WindowsServerUpdateServices
Chapter 3: Configuring the storage system
System Administrator Guide for VSP 5000 Series
145
�Chapter 4: User administration using Device Manager - Storage Navigator
You can use the Device Manager - Storage Navigator to create, modify, or delete users, user groups, and accounts.
User administration overview
Device Manager - Storage Navigator provides a rich set of user administration, roles and permissions, and access control features. Administrators can manage users by groups and set up access control by defining who can access what storage resources.
Manage roles and permissions
You can use Device Manager - Storage Navigator to view existing user groups and to create, modify, or delete them. Before creating or editing user groups, read and understand the following precautions: When a user is assigned to multiple user groups, the user has the permissions of all the
roles in each user group that are enabled on the resource groups assigned to each user group. If a user has All Resource Groups Assigned set to Yes, the user can access all the resources in the storage system. For example, if a user is a security administrator and a storage administrator taking care of some resources, have all resource groups assigned, and has roles of Security Administrator (View & Modify) and Storage Administrator (View & Modify), the user can modify storage system settings for all the resources. If this is a problem, the recommended solution is to register the following two user accounts in the storage system and use these different accounts for different purposes: A security administrator user account that has All Resource Groups Assigned set to
Yes. A storage administrator user account that does not have all resource groups assigned
and has only some of the resource groups assigned.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
146
�Roles and user groups
For the user groups whose roles are other than the Storage Administrator, All Resource Groups Assigned is automatically set to Yes. If you delete all the roles except the Storage Administrator, reassign resource groups to the user group because All Resource Groups Assigned is automatically set to No. To assign resource groups to the user group, see Changing assigned resource groups (on page 157).
Regardless of assigned roles, users in a user group to which no resource groups are assigned cannot modify storage system settings.
Security settings that affect the entire system is configured by the administrator.
Resource group 10 is configured by user A.
Resource group 20 is configured by user B.
To implement the above configuration, assign the users to the user groups as shown below.
User
User group to be registered
Roles to be assigned to the user group
Resource group to be assigned to user group
Administ user group 1 rator
Security Administrator (View & Modify)
All Resource Groups Assigned1
User A user group 10
Storage Administrator2
Resource group 10
User B user group 20
Storage Administrator2
Resource group 20
Notes:
1. For the user group that is assigned the Security Administrator role, All Resource Groups Assigned is automatically set to Yes.
2. There are a few types of storage administrators. For more information, see Roles and permissions (on page 149).
Roles and user groups
Roles are defined for each user group. The tasks that users can do on the system depend on the roles assigned to the user groups to which they belong. Users can belong to from one to eight groups. To change the privileges that are assigned to users, use either of the following methods: Add users to groups with the permissions they need or delete users from groups with
permissions they don't need. Change the roles assigned to the group to which the users belong.
Resource groups and user groups
Resource groups determine the resources that users can manage. The resource groups are associated with user groups rather than individual users.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
147
�User group registration example
There are two ways to change the resources that a user has permission to manage: Move the user to another user group. Change the resource groups assigned to the user group to which the user belongs.
User group registration example
Security settings that affect the entire system is configured by the administrator. Resource group 10 is configured by user A. Resource group 20 is configured by user B. To implement the above configuration, assign the users to the user groups as shown below.
User
User group to be registered
Roles to be assigned to the user group
Resource group to be assigned to user group
Administ user group 1 rator
Security Administrator (View & Modify)
All Resource Groups Assigned1
User A user group 10
Storage Administrator2
Resource group 10
User B user group 20
Storage Administrator2
Resource group 20
Notes:
1. For the user group that is assigned the Security Administrator role, All Resource Groups Assigned is automatically set to Yes.
2. There are a few types of storage administrators. For more information, see Roles and permissions (on page 149).
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
148
�Precautions when working with user groups
Precautions when working with user groups
Before creating or manipulating user groups, read and understand the following precautions. When a user is assigned to multiple user groups, the user has the permissions of all the
roles in each user group that are enabled on the resource groups assigned to each user group. If a user has All Resource Groups Assigned set to Yes, the user can access all the resources in the storage system. For example, if a user is a security administrator and a storage administrator taking care of some resources, have all resource groups assigned, and has roles of Security Administrator (View & Modify) and Storage Administrator (View & Modify), the user can edit the storage for all the resources. If this is a problem, the recommended solution is to register the following two user accounts in the storage system and use these different accounts for different purposes: A security administrator user account that has All Resource Groups Assigned set to
Yes. A storage administrator user account that does not have all resource groups assigned
and has only some of the resource groups assigned. For the user groups whose roles are other than the Storage Administrator, All Resource
Groups Assigned is automatically set to Yes. If you delete all the roles except the Storage Administrator, reassign resource groups to the user group because All Resource Groups Assigned is automatically set to No.
Naming a user group in Device Manager - Storage Navigator
When you create a user group in Device Manager - Storage Navigator, you name the group with the user's memberOf attribute value which is found in the Active Directory. Device Manager - Storage Navigator supports Active Directory nested groups. After entering the user group name, verify that the user group name that you entered is registered in the authorization server.
Note: The domain name (DN) of the user group to be set to Active Directory must be between 1 and 250 characters. The number of user groups that can be registered at one time is 20 at maximum.
Caution: If a user needs to use different user groups for different purposes, create local user accounts on Device Manager - Storage Navigator. Do not use the authorization server.
Roles and permissions
The following table lists all of the available user roles and shows the permissions that each role provides to the users. Custom user roles are not supported.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
149
�Roles and permissions
Important: The Support Personnel group and the Support Personnel (Vendor Only) role contain permissions to perform maintenance on the storage system. Assign this role only to the accounts used by support personnel from vendors responsible for maintenance.
Role
Permissions
Security Administrator (View Only)
Viewing information about user accounts and encryption settings
Viewing information about the encryption key in the key management server
Security Administrator (View & Modify)
Configuring user accounts Creating encryption keys and configuring encryption settings Viewing and switching where encryption keys are generated Backing up and restoring encryption keys Deleting encryption keys backed up in the key management server Viewing and changing the password policy for backing up encryption keys
on the management client Connection to the external server Backing up and restoring connection configuration to the external server Configuring the certificate used for the SSL communication Configuring resource groups Editing virtual management settings Setting reserved attributes for global-active device TLS security setting CSR creation and self-signed certificate creation
Audit Log Administrator Viewing audit log information and downloading audit logs (View Only)
Audit Log Administrator Configuring audit log settings and downloading audit logs (View & Modify)
Storage Administrator (View Only)
Viewing storage system information
Storage Administrator (Initial Configuration)
Configuring settings for storage systems Configuring settings for SNMP Configuring settings for e-mail notification Configuring settings for license keys
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
150
�Roles and permissions
Role Storage Administrator (System Resource Management)
Storage Administrator (Provisioning)
Permissions Viewing, deleting, and downloading storage configuration reports Acquiring all the information about the storage system and updating
Device Manager - Storage Navigator window by clicking Refresh All
Configuring settings for CLPR Configuring settings for MP unit Deleting tasks and releasing exclusive locks of resources Completing SIMs
Completing SIMs is permitted for users who are assigned to both the Storage Administrator (System Resource Management) role and the Storage Administrator (Provisioning) role. Configuring attributes for ports Configuring LUN security Configuring namespace security using CCI Configuring Server Priority Manager Configuring tiering policies
Configuring caches Configuring LDEVs, pools, and virtual volumes Formatting and shredding LDEVs Configuring external volumes Configuring alias volumes for Compatible PAV Configuring Dynamic Provisioning Configuring host groups, paths, and WWN Configuring NVM subsystems, namespaces, paths, and host NQNs using
CCI Configuring Volume Migration except splitting Volume Migration pairs
when using CCI Configuring access attributes for LDEVs Configuring LUN security Configuring namespace security using CCI Creating and deleting quorum disk used with global-active device Creating and deleting global-active device pairs
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
151
�Built-in user groups
Role
Storage Administrator (Performance Management) Storage Administrator (Local Copy)
Storage Administrator (Remote Copy)
Support Personnel (Vendor Only)
Permissions Completing SIMs
Completing SIMs is permitted for users who are assigned to both the Storage Administrator (System Resource Management) role and the Storage Administrator (Provisioning) role. Editing virtual management settings Setting reserved attributes for global-active device.
Configuring monitoring Starting and stopping monitoring
Performing pair operations for local copy Configuring environmental settings for local copy Splitting Volume Migration V2 pairs when using CCI
Remote copy operations in general Performing operations on existing global-active device pairs (pair creation
and pair deletion are not allowed)
Normally, this role is reserved for service representatives. However, if the role is assigned to a user account, dump files can be downloaded using the Dump tool. Configuring the SVP Downloading dump files using the Dump tool
Built-in user groups
You can assign users to one or more built-in user groups and custom user groups. You cannot change roles or resource groups set to the built-in groups, but you can create custom user groups according to the needs of your storage environment.
The following table shows all the built-in groups, and their built-in roles and resource groups.
Built-in group Administrator
Role
Security Administrator (View & Modify)
Audit Log Administrator (View & Modify)
Storage administrator (Initial Configuration)
Resource group
All Resource Groups Assigned
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
152
�Built-in user groups
Built-in group
System
Security Administrator (View Only) Security Administrator (View & Modify) Audit Log Administrator (View Only)
Role Storage Administrator (System
Resource Management)
Storage Administrator (Provisioning)
Storage Administrator (Performance Management)
Storage Administrator (Local Copy)
Storage Administrator (Remote Copy)
Security Administrator (View & Modify)
Audit Log Administrator (View & Modify)
Storage Administrator (Initial Configuration)
Storage Administrator (System Resource Management)
Storage Administrator (Provisioning)
Storage Administrator (Performance Management)
Storage Administrator (Local Copy)
Storage Administrator (Remote Copy)
Security Administrator (View Only)
Audit Log Administrator (View Only)
Storage Administrator (View Only)
Security Administrator (View & Modify)
Audit Log Administrator (View & Modify)
Storage Administrator (View Only)
Audit Log Administrator (View Only)
Storage Administrator (View Only)
Resource group
All Resource Groups Assigned
All Resource Groups Assigned All Resource Groups Assigned
All Resource Groups Assigned
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
153
�Verifying the roles available to a user group
Built-in group Audit Log Administrator (View & Modify) Storage Administrator (View Only) Storage Administrator (View & Modify)
Support Personnel
Maintenance User
Role
Audit Log Administrator (View & Modify)
Storage Administrator (View Only)
Storage Administrator (View Only)
Storage Administrator (Initial Configuration)
Storage Administrator (System Resource Management)
Storage Administrator (Provisioning) Storage Administrator (Performance
Management) Storage Administrator (Local Copy) Storage Administrator (Remote
Copy)
Storage Administrator (Initial Configuration)
Storage Administrator (System Resource Management)
Storage Administrator (Provisioning) Storage Administrator (Performance
Management) Storage Administrator (Local Copy) Storage Administrator (Remote
Copy) Support Personnel (Vendor Only)
Storage Administrator (View Only) Maintenance User (User)
Resource group
All Resource Groups Assigned meta_resourc e meta_resourc e
All Resource Groups Assigned
All Resource Groups Assigned
Verifying the roles available to a user group
You can use Device Manager - Storage Navigator to verify the roles that are available to use with any user group.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
154
�Verifying the roles available to a user group
Before you begin You must have the Security Administrator (View Only) role to perform this task.
Procedure 1. In the Device Manager - Storage Navigator tree, click User Administration. 2. On the User Groups tab, click the name (not the checkbox) of a user group whose roles you want to check. 3. In the User Administration window, click the Roles tab. The list of roles applied to the selected user group is displayed. 4. To return to the User Administration window, click User Administration.
Verifying the roles available to a user group
You can use Device Manager - Storage Navigator to verify the roles that are available to use with any user group. You can assign users to one or more built-in user groups and custom user groups. You cannot change roles or resource groups set to the built-in groups, but you can create custom user groups according to the needs of your storage environment.
Before you begin You must have the Security Administrator (View Only) role to perform this task.
Procedure 1. In the Device Manager - Storage Navigator Administration tree, click User Administration. 2. On the User Groups tab, click the name (not the checkbox) of a user group whose roles you want to check. 3. In the User Administration window, click the Roles tab. The list of roles applied to the selected user group is displayed. 4. To return to the User Administration window, click User Administration.
Creating a new user group
You can customize a user group, as long as it supports your storage system. This section explains how administrators can create a user group. A user group name consists of 1 to 64 characters including alphanumeric characters, spaces, and the following symbols: ! # $ % & ' ( ) + - . = @ [ ] ^ _ ` { } ~ The system can support a maximum of 256 user groups, including the built-in user groups.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
155
�Changing a user group name
Before you begin
You must have the Security Administrator (View & Modify) role to perform this task.
Procedure
1. In the Administration tree, select User Groups. 2. In the User Groups tab, click Create User Groups to open the Create User Group
window. 3. Enter a user group name. 4. If you use an authorization server, click Check and verify that the entered user group
name is registered in the authorization server. 5. Click Next to open the Assign Roles window. 6. Select the roles to assign to the user group, and click Add. 7. Click Next to open the Assign Resource Groups window. 8. Select the resource groups to assign to the user group, and click Add. If you select a
role other than the storage administrator in the Assign Roles window, you do not need to select resource groups because all the resource groups are assigned automatically. 9. Click Finish to finish and confirm settings. Click Next to add another user. 10. Check the settings and enter a task name in Task Name. 11. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Tasks window opens to show the status of the task.
Changing a user group name
You can change the name of a user group by using Hitachi Device Manager - Storage Navigator.
Before you begin
You must have the Security Administrator (View & Modify) role to perform this task.
The names of built-in groups cannot be changed.
A user group name consists of 1 to 64 characters including alphanumeric characters (ASCII), spaces and the following symbols:
# $ % & ' ( ) + - . = @ [ ] ^ _ ` { } ~
Procedure
1. In the Administration tree, select User Groups. 2. In the User Groups tab, select the user group. 3. Click More Actions > Edit User Group. 4. In the Edit User Group window, enter a new user group name. 5. If you use an authorization server, click Check and verify that the entered user group
name is registered in the authorization server. 6. Click Finish. 7. In the Confirm window, check the settings and enter a task name in Task Name.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
156
�Changing user group permissions
8. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Tasks window opens to display the status of the task.
Changing user group permissions
You can change the permissions that are assigned to user groups by using Hitachi Device Manager - Storage Navigator.
Before you begin You must have the Security Administrator (View & Modify) role to perform this task. The permissions of a built-in group cannot be changed.
Procedure 1. In the Device Manager - Storage Navigator Administration tree, select User Groups. 2. In the User Groups tab, select the user group whose permission you want to change. 3. Click the Roles tab. 4. Click Edit Role Assignment. 5. In the Edit Role Assignment window, change roles to be assigned to the user group. Select roles to add, and then click Add. Select a role to remove, and then click Remove. 6. Click Finish. 7. In the Confirm window, check the settings and enter a task name in Task Name. 8. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Tasks window opens.
Changing assigned resource groups
You can change the resource groups that are assigned to user groups by using Hitachi Device Manager - Storage Navigator.
Before you begin You must have the Security Administrator (View & Modify) role to perform this task. Create a resource group to be assigned to the user group in advance. You cannot change the resource groups of a user group that has All Resource Groups
Assigned set to Yes You cannot change resource groups of a built-in group.
Procedure 1. In the Device Manager - Storage Navigator Administration tree, select User Groups. 2. On the User Groups tab, select a user group to change the resource group. 3. Select the Resource Groups tab.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
157
�Deleting a user group
4. Click Edit Resource Group Assignment to open the Edit Resource Group Assignment window.
5. In the Edit Resource Group Assignment window, change resource groups to be assigned to the user group. Select the resource group to add, and click Add. Select the resource group to remove, and click Remove.
6. Click Finish. 7. In the Confirm window, check the settings and enter a task name in Task Name. 8. Click Apply. The task is now registered. If the Go to tasks window for status check
box is checked, the Tasks window opens to display the status of the task.
Deleting a user group
You do not have to retain a user group for the life of the project. You can delete it at any time by using Hitachi Device Manager - Storage Navigator.
Before you begin You must have the Security Administrator (View & Modify) role to perform this task. You cannot delete a built-in user group. You cannot delete a user group if the users in it belong to only the user group to be
deleted.
Procedure 1. In the Device Manager - Storage Navigator Administration tree, select User Groups. 2. In the User Groups tab, select the user-created user groups that you want to delete. 3. Click More Actions > Delete User Groups. 4. Check the settings, then click Apply.
User accounts
When adding a new user, you need to add it to a user group with desired permissions. You can use one of the built-in user group or a custom user group. For more information about roles, permissions, and user groups, see Roles and permissions (on page 149). You will need to use the local administrator account created during the initial setup step, or create administrator accounts using the procedures described in this chapter as needed to access the storage system temporarily when the management software is not available.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
158
�Creating user accounts
Important:
Create more than one user account in case the system administrator is not available when the management software becomes unavailable, or when someone else needs to access the system. This is also helpful if multiple users need to access Device Manager - Storage Navigator to use storage features that are not available in the management software.
Create user accounts that do not have the "Support Personnel (Vendor Only)" role to prevent unauthorized access to the functions available to service representatives. Users that have the "Support Personnel (Vendor Only)" role can perform the same operations as service representatives.
Creating user accounts
When you create a user account, you register the user to the applicable user groups with appropriate permissions. The storage system supports a maximum of 512 user accounts, including the built-in user accounts. To prevent unauthorized access to the storage system, users must change their password immediately after logging in for the first time.
Important: After the user accounts have been created, back up the user account information. If a controller failure or other problem occurs, recover from the failure and then restore the backup file. You will be able to use the user account information again after the backup file is restored.
Before you begin
You must have the Security Administrator (View & Modify) role to perform this task.
You or an authorized technical support representative can log in to Device Manager Storage Navigator and CCI with user accounts that are created in Device Manager Storage Navigator.
Procedure
1. In the Device Manager - Storage Navigator Administration tree, select User Groups. 2. On the User Groups tab, select a user group to which to add a user. This is dependent
on which permissions you want to give to the user. Support representatives must have the Support Personnel (Vendor Only) role to log in. 3. On the Roles tab, confirm that the displayed permissions are appropriate for the user. 4. On the Users tab, click Create. 5. Enter the user name. 6. Select Enable or Disable for the account. If you select Disable, the user of this account is disabled and cannot log in to Device Manager - Storage Navigator. 7. To use an authentication server, select External. To authenticate users with only Device Manager - Storage Navigator, select Local. 8. If you select Local, enter the password for this user account in two places. You can use all alphanumeric characters and symbols for the password. The password must be between 6 and 256 characters.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
159
�Character restrictions for user names and passwords
9. Click Finish. 10. In the Confirm window, check the settings. 11. Click Apply. The task is now registered. If Go to tasks window for status is checked,
the Tasks window opens to display the status of the task.
Character restrictions for user names and passwords
The user account you created for Device Manager - Storage Navigatorcan also be used for SVP and CCI. Note that the Support Personnel (View & Modify) role is required to log in to SVP. The number of characters and characters you can use for the user name and password are determined by the software you will use to log in. You can log in to one or more of Device Manager - Storage Navigator, SVP, CCI. If you log in to multiple programs, specify the user name and the password that satisfy the user name and password requirements (listed below) for the applicable software applications. Note the following restrictions for user names and passwords.
User name and password for Device Manager - Storage Navigator
Note: If you cannot log in on a Tool Panel dialog box screen, check to see if you have used a number sign (#) in the user name, or used a quotation mark (") or a backslash (\) in the password.
Item User name
Password
Length in characters
Characters that can be used
1-256
Alphanumeric (ASCII code) characters The following symbols:
# $ % & ' * + - . / = ? @ ^ _ ` { | } ~ You cannot use the # symbol when you enter a user name in a screen from the Tool Panel dialog box.
6-256
Alphanumeric (ASCII code) characters
All symbols
You cannot use the quotation mark (") or backslash (\) symbols when you enter a password in a screen from the Tool Panel dialog box.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
160
�Changing user passwords using HDvM - SN
User name and password for logging in to SVP
Item User name
Password
Length in characters
Characters that can be used
1-128
Alphanumeric (ASCII code) characters The following symbols:
! # $ % & ' - . @ ^ _ ` { } ~
6- 127
Alphanumeric (ASCII code) characters All symbols
User name and password for logging in to CCI
Item
Length in characters
Characters that can be used
User name
1-63
Alphanumeric (ASCII code) characters The following symbols1:
- . @ _
Password
6- 63
Alphanumeric (ASCII code) characters The following symbols2:
- , . :@ _
Note:
1. If the host on which CCI is installed is running on UNIX, a slash (/) can be specified. 2. If the host on which CCI is installed is running on Windows, a back slash (\) can be
specified.
Changing user passwords using HDvM - SN
Security administrators with the View & Modify role can change the password of Device Manager - Storage Navigator (HDvM - SN) users using HDvM - SN.
Tip: If the user has a local user account for the authentication server, the security administrator can use the authentication server, if desired, to change the user's password. After the password is changed, the user can use the new password both on the authentication server and in HDvM - SN.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
161
�Changing your own user password
Caution: When using management software (for example, Ops Center, Hitachi
Command Suite), you might need to change the password information registered in the software. For details, see the documentation for the software product. If you change the password of a user who is currently logged in to HDvM - SN, the user must log out and then log back in using the new password to continue operations.
Before you begin You must have the Security Administrator (View & Modify) role to perform this task. The target user must have a local user account for HDvM - SN.
Procedure 1. In the HDvM - SN Administration tree, select User Groups. 2. On the User Groups tab, select the user group to which the user belongs. 3. On the User tab, select the user whose password you want to change, and then click Change Password. 4. In the Change Password dialog box, specify the new password for the user in the two password fields, and then click Finish. 5. In the Confirm window, check the settings and enter a task name in Task Name or accept the default name. If you want the Tasks window to open automatically after you click Apply, make sure Go to tasks window for status is checked. 6. Click Apply. The task is now registered. If Go to tasks window for status was checked, the Tasks window now opens.
Changing your own user password
You can change your own password when you are logged in to Device Manager - Storage Navigator. If you want to continue operations in Device Manager - Storage Navigator after changing your password, you must log out and then log back in using your new password.
Caution: When using management software (for example, Ops Center, Hitachi Command Suite), you might need to change your password registered in the software. For details, see the documentation for the software product.
Procedure 1. In the Device Manager - Storage Navigator Administration tree, select User Groups. 2. On the User Groups tab, select the user group to which you belong. 3. On the User tab, select your user name, and then click Change Password. 4. Enter your current password to open the Change Password dialog box.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
162
�Changing user permissions
5. In the Change Password dialog box, specify your new password in the two password fields, and then click Finish.
6. In the Confirm window, check the settings and enter a task name in Task Name or accept the default name. If you want the Tasks window to open automatically after you click Apply, make sure Go to tasks window for status is checked.
7. Click Apply. The task is now registered. If Go to tasks window for status was checked, the Tasks window now opens.
Changing user permissions
You can change user permissions by changing membership in the user group. A user can belong to multiple user groups. For example, if you want to change the role of the user who manages security to the performance management role, add this user to the Storage Administrator (Performance Management) role group and then remove the user from the Security Administrator (View & Modify) role group.
Before you begin You must have the Security Administrator (View & Modify) role to perform this task. The user whose permissions you want to change must belong to at least one user group. A user group can contain a maximum of 512 user accounts, including the built-in user
accounts.
Adding a user
Procedure 1. In the Device Manager - Storage Navigator Administration tree, select User Groups. 2. On the User Groups tab, select the user group that has the role you want the user to have, and then add or remove users. To add users to the selected groups: a. Click Add Users. b. In the Add Users window, select a user and click Add. To remove users from the selected groups: a. In the Remove Users window, select one or more users. b. Click More Actions > Remove Users.
3. Click Finish. 4. In the Confirm window, check the settings. If the Task Name field is empty, enter a task
name. 5. Click Apply. The task is now registered. If you selected the Go to tasks window for
status check box, the Tasks window opens to show the status of the task.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
163
�Enabling and disabling user accounts
Enabling and disabling user accounts
To allow or prevent a user from logging in to Device Manager - Storage Navigator, follow the steps below.
Before you begin Log into an account that is different from the user whose account that you want to disable. You must have the Security Administrator (View & Modify) role to perform this task.
Procedure 1. In the Device Manager - Storage Navigator Administration tree, click User Groups. 2. On the User Group tab, select the user group. 3. On the Users tab, select a user. 4. Click Edit User. 5. Click the Account Status check box, then click Disable. 6. Click Finish. 7. In the Confirm window, check the settings. 8. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Tasks window opens to show the status of the task.
Unlocking a user account
A user account is automatically locked after three unsuccessful login attempts to Device Manager - Storage Navigator or Command Control Interface. The account is locked for 60 seconds. If necessary, you can release the locked status before the lock times out.
Before you begin You must have the Security Administrator (View & Modify) role to perform this task.
Procedure 1. In the Administration tree, select User Groups. 2. On the User Groups tab, click a user group to which the locked-out user belongs. 3. On the User tab, select the user you want to unlock. 4. On the User tab, click More Actions > Release Lockout. The Release Lockout window opens. 5. Specify a task name, and then click Apply.
Deleting user accounts
Security Administrators can delete a user account when the account is no longer in use. Builtin user accounts cannot be deleted.
Before you begin You must have the Security Administrator (View & Modify) role to perform this task.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
164
�Managing resource groups
Procedure 1. In the Device Manager - Storage Navigator Administration tree, select User Groups. 2. On the User Groups tab, click a user group to which a user belongs. 3. On the Users tab, select the user whose account you want to delete. 4. Click More Actions > Delete Users. 5. In the Delete Users window, select the user to be deleted, then click Finish. 6. In the Confirm window, check the settings. 7. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Tasks window opens to show the status of the task.
Managing resource groups
You can divide a provisioned storage system into resource groups that allow you to manage the storage system as multiple virtual private storage systems. Configuring resource groups involves creating resource groups, moving storage system resources into the resource groups, and assigning resource groups to user groups.
About resource groups
A storage system can connect to multiple hosts and be shared by multiple divisions in a company or by multiple companies. Many storage administrators from different organizations can access the storage system. Managing the entire storage system can become complex and difficult. Potential problems are that private data might be accessed by other users, or a volume in one organization might be accidentally destroyed by a storage administrator in another organization. To avoid such problems, use Hitachi Resource Partition Manager software to set up resource groups that allow you to manage one storage system as multiple virtual private storage systems. The storage administrator in each resource group can access only their assigned resources. Resource groups prevent the risk of data leakage or data destruction by another storage administrator in another resource group. The following resources can be assigned to resource groups. LDEV IDs Parity groups External volumes Ports Host group IDs iSCSI target IDs
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
165
�Resource access requirements for Device Manager - Storage Navigator operations
Note: Before you create LDEVs, you can reserve the desired number of LDEV IDs and assign them to a resource group for future use. You can also reserve and assign host group IDs and iSCSI target IDs in advance because the number of host groups or iSCSI targets per port is limited.
meta_resource The meta_resource group is the resource group consisting of the resources that exist on the storage system (other than external volumes) before Resource Partition Manager is installed. By default, all existing resources initially belong to the meta_resource group to ensure compatibility with older software when a system is upgraded to include Resource Partition Manager.
Operation lock When a task is being processed on a resource, all of the resource groups assigned to the logged-on user are locked for exclusive access. When a resource is locked, a status indicator appears on the Device Manager - Storage Navigator status bar. To view information about the locked resource, click Operation Locked.
Note: Opening a Device Manager - Storage Navigator secondary window (such as Basic Information Display) or performing an operation from the service processor (SVP) locks all of the resource groups in the storage system.
Resource access requirements for Device Manager - Storage Navigator operations
When you log on to Device Manager - Storage Navigator, your user access privileges determine the resources you can view and the operations you can perform. User access privileges are determined by the user groups to which a user belongs and the resources assigned to those user groups. To perform an operation on the storage system, you must have access to the resources (for example, volumes, pools, ports) that are required for the operation.
These tables specify the resource access requirements for Device Manager - Storage Navigator operations.
Access requirements for Compatible FlashCopy®
This table specifies the resource access requirements for Compatible FlashCopy® operations.
Operation name Create LDEVs
Condition
If TSE-VOLs are created, LDEV IDs must be assigned to the Storage Administrator group that is permitted to manage them.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
166
�Access requirements for Compatible PAV
Operation name Expand V-VOLs
Condition
You can expand only TSE-VOLs that are assigned to the Storage Administrator group permitted to manage them.
Access requirements for Compatible PAV
This table specifies the resource access requirements for Compatible PAV operations.
Operation name Assign aliases
Remove aliases
Condition
The specified base volumes and free volumes must be assigned to the Storage Administrator group permitted to manage them.
The specified base volumes and alias volumes must be assigned to the Storage Administrator group permitted to manage them.
Access requirements for Data Retention Utility
This table specifies the resource access requirements for Data Retention Utility operations.
Operation name Set access attributes
Condition The specified LDEV must be assigned to users.
Access requirements for Dynamic Provisioning and Dynamic Tiering
This table specifies the resource access requirements for Dynamic Provisioning and Dynamic Tiering operations.
Operation name Create LDEVs
Delete LDEVs
Condition
If DP-VOLs are created, these items must be assigned to the Storage Administrator group that is permitted to manage them. LDEV ID Pool-VOL of the pool
If DP-VOLs are deleted, these items must be assigned to the Storage Administrator group that is permitted to manage them. LDEV ID Pool-VOL of the pool
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
167
�Access requirements for Encryption License Key
Operation name Create pools Expand pools
Edit pools Delete pools Expand V-VOLs
Reclaim zero pages Stop reclaiming zero pages
Condition
Volumes to be specified as pool-VOLs must be assigned to the Storage Administrator group permitted to manage them.
All the volumes that are specified when creating a pool must belong to the same resource group.
Pool-VOLs of the specified pool must be assigned to the Storage Administrator group permitted to manage them.
You can expand only the DP-VOLs that are assigned to the Storage Administrator group permitted to manage them.
You can reclaim or stop reclaiming zero pages only for the DPVOLs that are assigned to the Storage Administrator group permitted to manage them.
Access requirements for Encryption License Key
This table specifies the resource access requirements for Encryption License Key operations.
Operation name Edit encryption keys
Condition
When you specify a parity group and open the Edit Encryption window, the specified parity group and LDEVs carved from the parity group must be assigned to the Storage Administrator group permitted to manage them.
When you open the Edit Encryption window without specifying a parity group, more than one parity group and LDEVs carved from the parity group must be assigned to the Storage Administrator group permitted to manage them.
Access requirements for FICON® CHB ports
This table specifies the resource access requirements for managing FICON® ports.
Operation name Edit ports
Condition
The specified ports must be assigned to the Storage Administrator group permitted to manage them.
Access requirements for global-active device
This table specifies the resource access requirements for global-active device operations.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
168
�Access requirements for LUN Manager
Operation name Edit Ports Add Remote Connection Edit Remote Connection Options Create Pairs
Split Pairs
Resync Pairs Delete Pairs
Edit Pair Options Add Remote Paths Remove Remote Paths Edit Remote Connection Options Remove Remote Connections Force Delete Pairs
Add Quorum Disks
Remove Quorum Disks
Condition
Specified ports must be assigned to the user.
Specified ports must be assigned to the user.
Operation can be performed with no conditions.
Primary volumes must be assigned to the user. Ports of remote paths that are connected with the primary volume in the remote storage must be assigned to the user.
Specified primary volumes or secondary volumes must be assigned to the user.
Primary volumes must be assigned to the user.
Specified volumes must be assigned to the user. If primary volumes are specified, the ports of remote paths that are connected with the primary volume in the remote storage must be assigned to the user.
Primary volumes must be assigned to the user.
Specified ports must be assigned to the user.
Specified ports must be assigned to the user.
Ports of remote paths that are connected to a specified remote storage must be assigned to the user.
Ports of remote paths that are connected to a specified remote storage must be assigned to the user.
Specified primary volumes or secondary volumes must be assigned to the user.
LDEVs to be set as quorum disks must be assigned to the user.
LDEVs set as quorum disks to be deleted must be assigned to the user.
Access requirements for LUN Manager
These tables specify the resource access requirements for LUN Manager operations. For Fibre Channel
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
169
�Access requirements for LUN Manager
Operation name Add LUN paths
Delete LUN paths
Edit host groups Add hosts Edit hosts
Remove hosts Edit ports Create alternative LUN paths
Condition
When you specify host groups and open the Add LUN Paths window, the specified host groups must be assigned to the Storage Administrator group permitted to manage them.
When you specify LDEVs and open the Add LUN paths window, the specified LDEVs must be assigned to the Storage Administrator group permitted to manage them.
When you specify a host group and open the Delete LUN Paths window, the specified host group must be assigned to the Storage Administrator group permitted to manage them.
When you specify LDEVs and open the Delete LUN Paths window, the specified LDEVs must be assigned to the Storage Administrator group permitted to manage them.
When selecting the Delete all defined LUN paths to above LDEVs check box, the host groups of all the alternate paths in the LDEV displayed on the Selected LUNs table must be assigned to the Storage Administrator group permitted to manage them.
The specified host groups and ports must be assigned to the Storage Administrator group permitted to manage them.
The specified host groups must be assigned to the Storage Administrator group permitted to manage them.
The specified host group must be assigned to the Storage Administrator group permitted to manage them.
When you select the Apply same settings to the HBA WWN of all ports check box, all the host groups where the specified HBA WWNs are registered must be assigned to the Storage Administrator group permitted to manage them.
When you select the Remove hosts from all host groups containing the hosts in the storage system check box, all the host groups where the HBA WWNs displayed in the Selected Hosts table are registered must be assigned to the Storage Administrator group permitted to manage them.
The specified port must be assigned to the Storage Administrator group permitted to manage them.
The specified host groups and all the LDEVs where the paths are set to the host groups must be assigned to the Storage Administrator group permitted to manage them.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
170
�Access requirements for LUN Manager
Operation name Copy LUN paths
Edit command devices Edit UUIDs Delete UUIDs Create host groups
Delete host groups
Release Host-Reserved LUNs
Condition
The specified host groups and the LDEVs where the paths are set must be assigned to the Storage Administrator group permitted to manage them.
LDEVs where the specified paths are set must be assigned to the Storage Administrator group permitted to manage them.
The specified LDEV must be assigned to the Storage Administrator group permitted to manage them.
The specified LDEV must be assigned to the Storage Administrator group permitted to manage them.
When you open the Create Host Groups window by specifying host groups, the specified host groups must be assigned to the Storage Administrator group permitted to manage them.
The specified host groups and all the LDEVs where the paths are set to the host groups must be assigned to the Storage Administrator group permitted to manage them.
LDEVs where the specified paths are set must be assigned to you.
For iSCSI Operation name
Add LUN paths
Delete LUN paths
Condition
When you specify host groups and open the Add LUN Paths window, the specified iSCSI target must be assigned to the Storage Administrator group permitted to manage them.
When you specify LDEVs and open the Add LUN paths window, the specified LDEVs must be assigned to the Storage Administrator group permitted to manage them.
When you specify an iSCSI target and open the Delete LUN Paths window, the specified iSCSI target must be assigned to the Storage Administrator group permitted to manage them.
When you specify LDEVs and open the Delete LUN Paths window, the specified LDEVs must be assigned to the Storage Administrator group permitted to manage them.
When selecting the Delete all defined LUN paths to above LDEVs check box, the iSCSI target of all the alternate paths in the LDEV displayed on the Selected LUNs table must be assigned to the Storage Administrator group permitted to manage them.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
171
�Access requirements for LUN Manager
Operation name Add hosts Edit hosts
Remove hosts Edit ports Create alternative LUN paths Copy LUN paths
Edit command devices Edit UUIDs Delete UUIDs Release Host-Reserved LUNs Create iSCSI targets
Edit iSCSI targets Delete iSCSI targets
Condition
The specified iSCSI target must be assigned to the Storage Administrator group permitted to manage them.
The specified iSCSI target must be assigned to the Storage Administrator group permitted to manage them.
When you select the Apply same settings to the HBA WWN of all ports check box, all the iSCSI targets where the specified HBA WWNs are registered must be assigned to the Storage Administrator group permitted to manage them.
The specified iSCSI target must be assigned to the Storage Administrator group permitted to manage them.
The specified port must be assigned to the Storage Administrator group permitted to manage them.
The specified iSCSI target and all the LDEVs where the paths are set to the iSCSI target must be assigned to the Storage Administrator group permitted to manage them.
The specified iSCSI target and the LDEVs where the paths are set must be assigned to the Storage Administrator group permitted to manage them.
LDEVs where the specified paths are set must be assigned to the Storage Administrator group permitted to manage them.
The specified LDEV must be assigned to the Storage Administrator group permitted to manage them.
The specified LDEV must be assigned to the Storage Administrator group permitted to manage them.
LDEVs where the specified paths are set must be assigned to you.
When you open the Create iSCSI targets window by specifying iSCSI targets, the specified iSCSI targets must be assigned to the Storage Administrator group permitted to manage them.
The specified iSCSI targets and ports must be assigned to the Storage Administrator group permitted to manage them.
The specified iSCSI targets and all the LDEVs where the paths are set to the iSCSI targets must be assigned to the Storage Administrator group permitted to manage them.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
172
�Access requirements for Performance Monitor
Access requirements for Performance Monitor
This table specifies the resource access requirements for Performance Monitor operations.
Operation name
Add to ports
Add new monitored WWNs
Edit WWNs
Condition
The specified ports must be assigned to the Storage Administrator group permitted to manage them.
Access requirements for ShadowImage
This table specifies the resource access requirements for ShadowImage operations.
Operation name Create pairs
Split pairs Suspend pairs Resynchronize pairs Release pairs
Condition
Both primary volume and secondary volumes must be assigned to the Storage Administrator group permitted to manage them.
Primary volumes must be assigned to the Storage Administrator group permitted to manage them.
Access requirements for ShadowImage for Mainframe
This table specifies the resource access requirements for ShadowImage for Mainframe operations.
Operation name Create pairs
Split pairs Suspend pairs Resynchronize pairs Release pairs
Condition
Both primary volumes and secondary volumes must be assigned to the Storage Administrator group permitted to manage them.
Primary volumes must be assigned to the Storage Administrator group permitted to manage them.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
173
�Access requirements for Server Priority Manager
Access requirements for Server Priority Manager
This table specifies the resource access requirements for Server Priority Manager operations.
Operation name
Conditions
Set priority of ports (attribute/ threshold/upper limit)
Release settings on ports by the decrease of ports
The specified ports must be assigned to the Storage Administrator group permitted to manage them.
Set priority of WWNs (attribute/upper limit)
Change WWNs and SPM names
Add WWNs (add WWNs to SPM groups)
Delete WWNs (delete WWNs from SPM groups)
Add SPM groups and WWNs
Delete SPM groups
Set priority of SPM groups (attribute/ upper limit)
Rename SPM groups
Add WWNs
Delete WWNs
Initialization Set threshold
All ports must be assigned to the Storage Administrator group permitted to manage them.
Access requirements for Thin Image
This table specifies the resource access requirements for Thin Image operations.
Operation name Create LDEVs
Condition
If LDEVs for Thin Image are created, these items must be assigned to the Storage Administrator group that is permitted to manage them.
LDEV ID
Pool VOL of the pool
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
174
�Access requirements for TrueCopyTrueCopy for Mainframe
Operation name
Delete LDEVs
Create pools Expand Pool
Edit Pools Delete Pools Create pairs
Split pairs Suspend pairs Resynchronize pairs Release pairs
Condition A data reduction shared volume (DRS-VOL) cannot be created by using Hitachi Device Manager - Storage Navigator.
If LDEVs for Thin Image are deleted, these items must be assigned to the Storage Administrator group that is permitted to manage them.
LDEV ID
Pool VOL of the pool
Volumes that are specified when creating or expanding pools must be assigned to the Storage Administrator group that is permitted to manage them.
All the volumes that are specified when creating pools must belong to the same resource group.
Pool-VOLs of the specified pools must be assigned to the Storage Administrator group that is permitted to manage them.
Both primary volumes and secondary volumes must be assigned to the Storage Administrator group that is permitted to manage them.
The pair creation cannot be performed by using Hitachi Device Manager - Storage Navigator.
Primary volumes must be assigned to the Storage Administrator group that is permitted to manage them.
Access requirements for TrueCopyTrueCopy for Mainframe
This table specifies the resource access requirements for TrueCopyTrueCopy for Mainframe operations.
Operation name Edit Ports Add Remote Connection Edit Remote Connection Options Create Pairs
Condition Specified ports must be assigned to the user. Specified ports must be assigned to the user. Operation can be performed with no conditions.
Primary volumes must be assigned to the user.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
175
�Access requirements for Universal ReplicatorUniversal Replicator for Mainframe
Operation name
Split Pairs
Resync Pairs Delete Pairs
Edit Pair Options Add Remote Paths Remove Remote Paths Edit Remote Connection Options Add SSIDs
Remove SSIDs
Remove Remote Connections Force Delete Pairs
Condition Ports of remote paths that are connected with the primary volume in the remote storage must be assigned to the user.
Specified primary volumes or secondary volumes must be assigned to the user.
Primary volumes must be assigned to the user.
Specified volumes must be assigned to the user. If primary volumes are specified, the ports of remote paths that are connected with the primary volume in the remote storage must be assigned to the user.
Primary volumes must be assigned to the user.
Specified ports must be assigned to the user.
Specified ports must be assigned to the user.
Ports of remote paths that are connected to a specified remote storage must be assigned to the user.
Ports of remote paths that are connected to a specified remote storage must be assigned to the user.
Ports of remote paths that are connected to a specified remote storage must be assigned to the user.
Ports of remote paths that are connected to a specified remote storage must be assigned to the user.
Specified primary volumes or secondary volumes must be assigned to the user.
Access requirements for Universal ReplicatorUniversal Replicator for Mainframe
This table specifies the resource access requirements for Universal ReplicatorUniversal Replicator for Mainframe operations.
Operation name Edit Ports Add Remote Connection Add Remote Paths
Condition Specified ports must be assigned to the user. Specified ports must be assigned to the user. Specified ports must be assigned to the user.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
176
�Access requirements for Universal ReplicatorUniversal Replicator for Mainframe
Operation name Create Journals
Assign Journal Volumes
Assign MP Unit Edit Remote Connection Options Create Pairs
Split Pairs Split Mirrors Resync Pairs Resync Mirrors Delete Pairs
Delete Mirrors Edit Pair Options Force Delete Pairs Edit Journal Options
Edit Mirror Options
Condition
All LDEVs that are specified when creating a journal must belong to the same resource group. Volumes to be assigned to a journal must be assigned to the user.
Volumes to be assigned to a journal must be assigned to the user. All volumes to be assigned to a journal must belong to a same resource group to which the existing journal volumes belong.
Journal volumes must be assigned to the user.
Operation can be performed with no conditions.
Journal volumes for pair volumes and primary volumes must be assigned to the user. Ports of remote paths that are connected with the primary volume in the remote storage must be assigned to the user.
Specified primary volumes or secondary volumes must be assigned to the user.
All data volumes configured to a mirror must be assigned to the user.
Primary volumes must be assigned to the user.
All data volumes configured to a mirror must be assigned to the user.
Specified volumes or secondary volume must be assigned to the user. Ports of remote paths that are connected with the primary volume in the remote storage must be assigned to the user.
All data volumes configured to a mirror must be assigned to the user.
Primary volumes must be assigned to the user.
Specified volumes must be assigned to the user.
All data volumes consisting of the specified journal must be assigned to the user. Journal volumes must be assigned to the user.
All data volumes configuring the specified journal must be assigned to the user. Journal volumes must be assigned to the user.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
177
�Access requirements for Universal Volume Manager
Operation name Remove Journals Edit Remote Connection Options Remove Remote Paths Move LDEVs to other resource groups
Assign Remote Command Devices
Release Remote Command Devices
Condition
Journal volumes must be assigned to the user.
Ports of remote paths that are connected to a specified remote storage must be assigned to the user.
Specified ports must be assigned to the user.
When you move LDEVs used for journal volumes to other resource groups, you must specify all the journal volumes of the journal to which the LDEVs belong.
Journal volumes must be assigned to the user. Specified remote command devices must be assigned to the user.
Journal volumes must be assigned to the user. Specified remote command devices must be assigned to the user.
Access requirements for Universal Volume Manager
This table specifies the resource access requirements for Universal Volume Manager operations.
Operation name Add external volumes
Delete external volumes
Disconnect external storage systems
Reconnect external storage systems
Condition
When creating an external volume, a volume is created in the resource group where the port belongs.
When you specify a path group and open the Add External Volumes window, all the ports that compose the path group must be assigned to the Storage Administrator group permitted to manage them.
The specified external volume and all the LDEVs allocated to that external volume must be assigned to the Storage Administrator group permitted to manage them.
All the external volumes belonging to the specified external storage system and all the LDEVs allocated to those external volumes must be assigned to the Storage Administrator group permitted to manage them.
All the external volumes belonging to the specified external storage system and all the LDEVs allocated to those external volumes must be assigned to the Storage Administrator group permitted to manage them.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
178
�Access requirements for Universal Volume Manager
Operation name
Condition
Disconnect external volumes
The specified external volumes and all the LDEVs allocated to those external volume must be assigned to the Storage Administrator group permitted to manage them.
Reconnect external volumes
The specified external volumes and all the LDEVs allocated to those external volumes must be assigned to the Storage Administrator group permitted to manage them.
Edit external volumes
The specified external volumes must be assigned to the Storage Administrator group permitted to manage them.
Assign MP Unit
The specified external volumes and all the ports of the external paths connecting the external volumes must be assigned to the Storage Administrator group permitted to manage them.
Disconnect external paths Ports of the specified external paths and all the external volumes connecting with the external path must be assigned to the Storage Administrator group permitted to manage them.
When you specify By Ports, all the external paths connecting with the specified ports and all the external volumes connecting with the external paths must be assigned to the Storage Administrator group permitted to manage them.
When you specify By External WWNs, all the ports of the external paths connecting to the specified external WWN and all the external volumes connecting with those external paths must be assigned to the Storage Administrator group permitted to manage them.
Reconnect external paths
Ports of the specified external paths and all the external volumes connecting with those external paths must be assigned to the Storage Administrator group permitted to manage them.
When you specify By Ports, all the external paths connecting with the specified ports and all the external volumes connecting with the external paths must be assigned to the Storage Administrator group permitted to manage them.
When you specify By External WWNs, all the ports of the external paths connecting to the specified external WWN and all the external volumes connecting with those external paths must be assigned to the Storage Administrator group permitted to manage them.
Edit external WWNs
All the ports of the external paths connecting to the specified external WWN and all the external volumes connecting with the external paths must be assigned to the Storage Administrator group permitted to manage them.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
179
�Access requirements for Virtual LUNVirtual LVI
Operation name
Edit external path configuration
Condition
Ports of all the external paths composing the specified path group and all the external volumes that belong to the path group must be assigned to the Storage Administrator group permitted to manage them.
Access requirements for Virtual LUNVirtual LVI
This table specifies the resource access requirements for Virtual LUNVirtual LVI operations.
Operation name Create LDEVs
Delete LDEVs Edit LDEVs Restore LDEVs
Block LDEVs
Format LDEVs
Condition
When you specify a parity group and open the Create LDEVs window, the parity group must be assigned to the Storage Administrator group permitted to manage them.
When you create an internal or external volumes, the parity groups to which the LDEVs belong and the IDs of the new LDEVs must be assigned to the Storage Administrator group permitted to manage them.
When deleting an internal or external volume, the deleted LDEV and parity groups where the LDEV belongs must be assigned to the Storage Administrator group permitted to manage them.
The specified LDEV must be assigned to the Storage Administrator group permitted to manage them.
When you specify LDEVs and open the Restore LDEVs window, the specified LDEVs must be assigned to the Storage Administrator group permitted to manage them.
When you specify a parity group and open the Restore LDEVs window, the specified parity group and all the LDEVs in the parity group must be assigned to the Storage Administrator group permitted to manage them.
When you specify LDEVs and open the Block LDEVs window, the specified LDEVs must be assigned to the Storage Administrator group permitted to manage them.
When you specify a parity group and open the Block LDEVs window, the specified parity group and all the LDEVs in the parity group must be assigned to the Storage Administrator group permitted to manage them.
When you specify LDEV and open the Format LDEVs window, the specified LDEV must be assigned to the Storage Administrator group permitted to manage them.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
180
�Access requirements for Virtual Partition Manager
Operation name
Condition
When you specify a parity group and open the Format LDEVs window, the specified parity group and all the LDEVs in the parity group must be assigned to the Storage Administrator group permitted to manage them.
Access requirements for Virtual Partition Manager
This table specifies the resource access requirements for Virtual Partition Manager operations.
Operation name Migrate parity groups
Condition
When you specify virtual volumes, the specified LDEV must be assigned to the Storage Administrator group permitted to manage them.
When you specify a parity group, the specified parity group must be assigned to the Storage Administrator group permitted to manage them.
Access requirements for Volume Retention Manager
This table specifies the resource access requirements for Volume Retention Manager operations.
Operation name Set access attributes
Condition The specified LDEV must be assigned to users.
Access requirements for Volume Shredder
This table specifies the resource access requirements for Volume Shredder operations.
Operation name Shred LDEVs
Condition
When you specify LDEVs and open the Shred LDEVs window, the specified LDEVs must be assigned to the Storage Administrator group permitted to manage them.
When you specify a parity group and open the Shred LDEVs window, the specified parity group and all the LDEVs in the parity group must be assigned to the Storage Administrator group permitted to manage them.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
181
�Examples
Examples
The following examples illustrate how you can configure resource groups on your storage system.
Resource groups sharing a port
If you have a limited number of ports, you can still operate a storage system effectively by sharing ports using resource groups. The following example shows the system configuration of an in-house division providing virtual private storage system for two divisions. Divisions A and B each use their own assigned parity group, but share a port between the two divisions. The shared port is managed by the system division.
The Security Administrator in the system division creates resource groups for each division in the storage system and assigns them to the respective divisions. The Storage Administrator in Division A can manage the resource groups for Division A but cannot access the resource groups for Division B. In the same manner, the Storage Administrator in Division B can manage the resource groups for Division B but cannot access the resource groups for Division A.
The Security Administrator creates a resource group for managing the common resources, and the Storage Administrator in the system division manages the port that is shared between Divisions A and B. The Storage Administrators in Divisions A and B cannot manage the shared port belonging to the resource group for common resources management.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
182
�Resource groups not sharing ports
Configuration workflow for resource groups sharing a port 1. The system division forms a plan about the resource group creation and assignment of the resources. 2. The Security Administrator creates the resource groups. 3. The Security Administrator creates the user groups. 4. The Security Administrator assigns the resource groups to the user groups. 5. The Storage Administrator in the system division sets a port. 6. The Security Administrator assigns resources to the resource groups. 7. The Security Administrator assigns the Storage Administrators to the appropriate user groups.
After the above procedures, the Storage Administrators in Divisions A and B can manage the resource groups assigned to their own division.
Resource groups not sharing ports
If you assign ports to each resource group without sharing, performance can be maintained on a different port even if the bulk of I/O is issued from one side port. The following shows a system configuration example of an in-house system division providing the virtual private storage system for two divisions. Divisions A and B each use individual assigned ports and parity groups. In this example, they do not share a port.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
183
�Resource group assignments
The Security Administrator in the system division creates resource groups for each division in the storage system and assigns them to the respective divisions. The Storage Administrator in Division A can manage the resource groups for Division A but cannot access the resource groups for Division B. In the same manner, the Storage Administrator in Division B can manage the resource groups for Division B but cannot access the resource groups for Division A.
Configuration workflow for resource groups not sharing a port
1. The system division forms a plan about creating resource groups and the assigning resources to the groups.
2. The Security Administrator creates the resource groups. 3. The Security Administrator creates the user groups. 4. The Security Administrator assigns the resource groups to user groups. 5. The Storage Administrator in the system division sets ports. 6. The Security Administrator assigns resources to the resource groups. 7. The Security Administrator assigns each Storage Administrator to each user group.
After the above procedures, the Storage Administrators in Divisions A and B can access the resource groups allocated to their own division.
Resource group assignments
All resource groups are normally assigned to the Security Administrator and the Audit Log Administrator.
Each resource group has a designated Storage Administrator who can access only their assigned resources and cannot access other resources.
All resource groups to which all resources in the storage system belong can be assigned to a user group. Configure this in Device Manager - Storage Navigator by setting All Resource Groups Assigned to Yes.
A user who has All Resource Groups Assigned set to Yes can access all resources in the storage system. For example, if a user is a Security Administrator (with View & Modify privileges) and a Storage Administrator (with View and Modify privileges) and All Resource Groups Assigned is Yes on that user account, the user can edit the storage for all the resources.
If allowing this access becomes a problem with security on the storage system, then register the following two user accounts and use these different accounts for different purposes.
A user account for a Security Administrator where All Resource Groups Assigned is set to Yes.
A user account for a Storage Administrator who does not have all resource groups assigned and has only some of the resource groups assigned.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
184
�Resource group rules, restrictions, and guidelines
Resource group rules, restrictions, and guidelines
Rules The maximum number of resource groups that can be created on a storage system is
1023. If you are providing a virtual private storage system to different companies, you should not share parity groups, external volumes, or pools if you want to limit the capacity that can be used by each user. When parity groups, external volumes, or pools are shared between multiple users, and if one user uses too much capacity of the shared resource, the other users might not be able to create an LDEV.
Creating resource groups
When you create a resource group, you enter a name and assign the desired resources (parity groups, LDEVs, ports, host groups, and iSCSI targets) to the new group. You can create more than one resource group at a time.
Before you begin You must have Security Administrator (View & Modify) role to perform this task.
Procedure 1. In the Explorer pane, expand the Storage Systems tree, click the Administration tab, and then select Resource Groups. 2. In the Explorer pane, expand the Storage Systems tree, and then click the Administration tab. 3. Select Resource Groups, and then click Create Resource Groups. 4. In the Create Resource Groups window, enter the name for the new group, select the desired resources for the new group, and click Add to add the new group to list of resource groups to be added. Naming guidelines: A resource group name can use alphanumeric characters, spaces, and the following symbols: ! # $ % & ' ( ) + - . = @ [ ] ^ _ ` { } ~ The characters in a resource group name are case-sensitive. Duplicate occurrences of the same name are not allowed. You cannot use the following names: meta_resource
5. Repeat the previous step for each new resource group to be added. If you need to remove a group from the list of resource groups to be added, select the group, and click Remove.
Note: The maximum number of resource groups that can be created on a storage system is 1023.
6. When you are finished configuring new resource groups in the Create Resource Groups window, click Next.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
185
�Adding resources to a resource group
7. Enter a task name or accept the default, and then click Submit. If you select View task status, the Tasks & Alerts tab opens.
Adding resources to a resource group
You can add resources to, remove resources from, and rename existing resource groups. Note the following restrictions for editing resource groups: Only resources allocated to meta_resource can be added to resource groups. Resources removed from a resource group are returned to meta_resource. No resource can be added to or removed from meta_resource. The name of the meta_resource group cannot be changed or used for any resource group
other than the meta_resource group. The system does not allow duplicate names. LDEVs with the same pool ID or journal ID cannot be added to multiple resource groups or
partially removed from a resource group. For example, if two LDEVs belong to the same pool, you must allocate both to the same resource group. You cannot allocate them separately. You cannot partially remove LDEVs with the same pool ID or journal ID from a resource group. If LDEV1 and LDEV2 belong to the same pool, you cannot remove LDEV1 leave only LDEV2 in the resource group. Use the sort function to sort the LDEVs by pool ID or journal ID. Then select the IDs and add or remove them all at once. To add or delete DP pool volumes, you must first add or delete DP pools.
Before you begin
You must have Security Administrator (View & Modify) role to perform this task.
Procedure
1. In the Explorer pane, click the Administration tab, and then select Resource Groups. 2. Select the desired resource group (check the box next to the name of the resource
group) to display the resource information for the resource group.
To change the name of the selected resource group, click Edit Resource Group, and enter the new name.
To add resources to the selected resource group, select the Parity Groups, LDEVs, Ports, or Host Groups / iSCSI Targets tab, click Add Resources, and follow the instructions on the Add Resources window.
To remove resources from the selected resource group, select the Parity Groups, LDEVs, Ports, or Host Groups / iSCSI Targets tab, select the resources to be removed, and then click Remove Resources.
3. Enter a task name or accept the default, and then click Submit. If you select View task status, the Tasks & Alerts tab opens.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
186
�Deleting resource groups
Deleting resource groups
You can delete a resource group only when the resource group does not contain any resources and is not assigned to any user groups. The following resource groups cannot be deleted: meta_resource A resource group that is assigned to a user group A resource group that has resources assigned to it Resource groups included in different resource groups cannot be removed at the same
time.
Before you begin The Security Administrator (View & Modify) role is required to perform this task.
Procedure 1. In the Explorer pane, expand the Storage Systems tree, click the Administration tab, select Resource Groups. 2. Click the check box of a Resource Group Name. 3. Click Delete Resource Groups. 4. Enter a task name or accept the default, and then click Submit. If you select View task status, the Tasks & Alerts tab opens.
Chapter 4: User administration using Device Manager - Storage Navigator
System Administrator Guide for VSP 5000 Series
187
�Chapter 5: Managing license keys
Accessing software functionality for your storage system requires a license key.
License keys overview
When you install a license key, it is also enabled. The functionality for the software that you installed is available in Device Manager - Storage Navigator. The license key can be disabled. This allows you to conserve time on a term key, for example. If you have a 365-day term key for a software product, the license server starts the count the day you install the key. However, you may not use the license immediately, in which case you can disable the key. Disabling stops the count. You re-enable the key when you become ready to use it. This topic provides information in the order it is required: License key types and prerequisite software (on page 188). Lists the key types; explains
whether keys are permanent or temporary; shows the term limit, if any; and provides the estimated license capacity, if required. Using the term key (on page 190). Explains that you can conserve the term key when you are not using it. Using the temporary key (on page 191). Explains that you can conserve the temporary key when you are not using it. Estimating licensed capacity (on page 191). Provides information and instructions for calculating license capacity according to your system and organization requirements. Installing and uninstalling software (on page 198). Provides instructions for installing, disabling, enabling, and removing keys. License key expiration (on page 203) provide information for dealing with these situations.
License key types and prerequisite software
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
188
�License key types and prerequisite software
License key types The following table lists and describes the types of license keys.
Type
Description
Effective term*
Estimating licensed capacity
Permanent
For purchase
No limit Required
Term
For purchase
365 days Required
Temporary
For trial use before purchase (try and buy) 120 days Not required
Emergency For emergency use
30 days Not required
* When you log in to Device Manager - Storage Navigator, a warning message appears if 45 days or fewer remain before the license expires.
When you install a license key, it is automatically enabled and the timer on the license starts at that time. To preserve time on a term key license, you can disable the license without uninstalling it. When you need to use the software again, you can re-enable the license.
You can use software with licensed capacity for a term key by installing a term key and overwriting a permanent key as long as the term key is valid. If the term key expires while the system is being used and the capacity needed for the operation is insufficient, operations that you can perform are limited. In this case, a SIM that indicates the term key expiration (reference code 7ff7xx) is output on the Alerts tab in the Storage Systems window.
Note: When you need to enable a license key, install the prerequisite software first, and then enable the key. If you install the software after you enable the key, the software will install correctly but will be disabled.
Prerequisite software
The following table lists the software products that have prerequisite software. The prerequisite software must be installed before you can install the software product. If the prerequisite software becomes unusable during operations, the software product also becomes unusable.
Software product Universal Replicator Remote Replication Extended Server Priority Manager Dynamic Tiering Thin Image
Prerequisite software TrueCopy Universal Replicator Performance Monitor Dynamic Provisioning Dynamic Provisioning
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
189
�Using the permanent key
Software product Thin Image Advanced
Active flash Dedupe and compression
Prerequisite software
Dynamic Provisioning and Adaptive Data Reduction
Dynamic Tiering
Dynamic Provisioning
Using the permanent key
You can purchase the permanent key to use a software application indefinitely. You must estimate a licensed capacity required for using the software application and purchase a license key for the amount of the required capacity.
If insufficient license capacity is installed, Not Enough License displays in the status field of the License Keys window, and the software application is not enabled.
If the capacity of the usable volume exceeds the licensed capacity while the storage system is running (for example, when an LDEV is additionally installed), Grace Period displays in the status field of the License Keys window. You can continue to perform the same operations, but the deficient amount of license capacity must be purchased within 30 days.
Using the term key
You can purchase the term key to use the software application for a specific number of days. You must estimate a licensed capacity required for using the software application and purchase a license key for the amount of the required capacity.
If insufficient license capacity is installed, Not Enough License or Grace Period displays in the status field of the License Keys window.
You can enable or disable the term key for each software application. Unlike the temporary key and the emergency key, the number of days the term key is enabled is counted as the number of effective days of the term key rather than the number of elapsed days from the installation date.
The number of effective days is decremented by one day when the date changes.
For example, if the term key is set to be enabled for 150 days during installation and the term key is disabled for 100 days and a total of 250 days have elapsed since the installation, the number of remaining effective days of the term key is 215 days. This is determined by subtracting 150 days from 365 days. By disabling the term key on the days when the software application is not used, you can prevent the unnecessary shortening of the period in which the term key can be used.
If the term key is expired, Not Installed displays in the status field of the License Keys window, and the software application is disabled.
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
190
�Using the temporary key
Using the temporary key
You can use the temporary key for trial purposes. The effective term is 120 days from the time of installation of the temporary key. The effective term is not increased even if the temporary key is reinstalled during the effective term. If you uninstall the temporary key, even though the effective term remains, Temporary is displayed in the status field, Not Installed is displayed in the Key Type field, and the remaining days of the effective term are displayed in the Term (Days) field of the License Keys window. If the temporary key expires, you cannot reinstall the temporary key for 180 days. Expired displays in the status field of the License Keys window, and the software application is disabled.
Using the emergency key
You can use the emergency key if the license key cannot be purchased, or if an emergency occurs, such as a system failure or a communication error. You can also use the emergency key if the configuration of the software application that is installed by the temporary key remains in the changed status and cannot be restored to the original status. For example, if you do not plan to purchase the software application after using the temporary key for trial purposes, you can restore the changed configuration to the original status by temporarily enabling the software application with the emergency key.
Caution: If an emergency key is installed for a software application for which a
permanent or term key is installed, the effective term of the license key is 30 days. However, because the emergency key can be reinstalled during the effective term, the effective term can be restored to 30 days. In other scenarios, the emergency key can be installed only once.
For details about software bundles for your storage system, contact customer support.
Estimating licensed capacity
The licensed capacity is volume capacity that you are licensed to use with the software application. You must estimate the amount of capacity that you want to use with the software application before you purchase the permanent key or the term key.
Software and licensed capacity
The following table describes the three types of licensed capacity: used capacity, mounted capacity, and unlimited capacity. The type you select depends on the software application.
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
191
�Software and licensed capacity
Table 2 Licensed capacity types
Type Used capacity
Mounted capacity / usable capacity
Unlimited capacity
Description
The licensed capacity is calculated by using one of the following capacities:
Normal volumes (volumes)
External volumes mapped to the storage system
Pools
If the pool contains pool volumes that belong in accelerated compression-enabled parity groups, you must purchase physical capacity of the pool for the license capacity.
The licensed capacity is estimated by using the capacity of all the volumes in the storage system.
When you estimate for the capacity of the accelerated compressionenabled parity groups, the physical capacity of the parity group is the maximum of the estimated capacity, even if you created an internal volume which exceeds the physical capacity of the accelerated compression-enabled parity group. See the Provisioning Guide for an explanation of accelerated compression.
You can use the software regardless of the volume capacity.
The following table lists the software options and specifies the licensed capacity type for each option.
Option name Device Manager - Storage Navigator SNMP Agent
JAVA API
SMI-S Provider LUN Manager
Virtual LVI
Licensed capacity
Mounted capacity
Mounted capacity
Mounted capacity
Unlimited
Mounted capacity
Mounted capacity
Notes
Used for open-systems devices. Includes LUN security.
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
192
�Software and licensed capacity
Option name Open Volume Management Volume Shredder Performance Monitor Server Priority Manager Volume Quality of Service Volume Migration
Volume Migration V2 TrueCopy
TrueCopy for Mainframe
Universal Replicator
Universal Replicator for Mainframe
Remote Replication Extended
Licensed capacity
Notes
Mounted capacity
Used for open-systems devices.
Mounted capacity
Mounted capacity
Mounted capacity
To use Server Priority Manager, first install Performance Monitor.
Unlimited
blank
Mounted capacity
To use Volume Migration, first install Performance Monitor.
For information about Volume Migration, contact customer support.
Mounted capacity
For information about Volume Migration V2, contact customer support.
Used capacity for normal volumes*
Default state*
Used capacity for normal volumes*
Used capacity for normal volumes*
TrueCopy is a prerequisite for Universal Replicator. Install TrueCopy first, and then installUniversal Replicator, .
Used capacity for normal volumes*
TrueCopy for Mainframe is a prerequisite for Universal Replicator for Mainframe. Install TrueCopy for Mainframe first, and then installUniversal Replicator for Mainframe.
Unlimited
Universal Replicator or Universal Replicator for Mainframe is a prerequisite for Remote Replication Extended. Install Universal Replicator or Universal Replicator for Mainframe first, and then install Remote Replication Extended.
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
193
�Software and licensed capacity
Option name
Licensed capacity
Notes
ShadowImage
Used capacity for normal volumes*
ShadowImage for Mainframe
Used capacity for normal volumes*
Compatible FlashCopy® V2
Used capacity for normal volumes*
Hitachi Compatible FlashCopy® Used capacity for normal volumes*
Thin Image
Used capacity for normal volumes* + total pool capacity
Dynamic Provisioning is a prerequisite for Thin Image. Install Dynamic Provisioning first, and then install Thin Image.
Thin Image Advanced
Used capacity for normal volumes* + total pool capacity
Dynamic Provisioning and Adaptive Data Reduction are prerequisite.
The license is installed automatically and the installed license capacity is unlimited. The license cannot be uninstalled.
Dynamic Provisioning
Used capacity (Total pool capacity)
Dynamic Provisioning for Mainframe
Used capacity (Total pool capacity
Dynamic Provisioning is a prerequisite for Dynamic Provisioning for Mainframe. Install Dynamic Provisioning first, and then install Dynamic Provisioning for Mainframe.
Dynamic Tiering
Used capacity (Total pool capacity)
Dynamic Provisioning is a prerequisite for Dynamic Tiering. Install Dynamic Provisioning first, and then install Dynamic Tiering.
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
194
�Software and licensed capacity
Option name
Licensed capacity
Notes
Dynamic Tiering for Mainframe
Used capacity (Total pool capacity
Dynamic Provisioning for Mainframe and Dynamic Tiering are prerequisites for Dynamic Tiering for Mainframe. Install Dynamic Provisioning for Mainframe and Dynamic Tiering first, and then install Dynamic Tiering for Mainframe.
Active flash
Used capacity (Total pool capacity
Dynamic Tiering is a prerequisite for active flash. Install Dynamic Tiering first, and then install active flash.
Active flash for mainframe
Used capacity (Total pool capacity
active flash and Dynamic Tiering for Mainframe are prerequisites for active flash for mainframe. Install active flash and Dynamic Tiering for Mainframe first, and then install active flash for mainframe.
Compatible PAV
Used capacity for normal volumes
Compatible Hyper PAV
Unlimited
Compatible PAV is a prerequisite for Compatible Hyper PAV. Install Compatible PAV first, and then install Compatible Hyper PAV.
Compatible XRC
Used capacity for normal volumes
FICON® Data Migration
Used capacity for external volumes
High Performance Connectivity Unlimited for FICON®
Data Retention Utility
Mounted capacity
Volume Retention Manager
Mounted volumes
Universal Volume Manager
Used capacity for external volumes
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
195
�Software and licensed capacity
Option name
Licensed capacity
Notes
Virtual Partition Manager
Unlimited
You may use up to four CLPRs without the Virtual Partition Manager license key. With a license key, you can define up to 32 CLPRs.
Resource Partition Manager
Unlimited
Nondisruptive migration
Used capacity for external volumes
Encryption License Key
Unlimited
Global-active device
Used capacity for normal volumes*
Dedupe and compression
Unlimited
License for the capacity saving function.
Dynamic Provisioning is a prerequisite for Dedupe and compression. Install Dynamic Provisioning first, and then install Dedupe and compression.
Adaptive Data Reduction
Unlimited
The license is installed automatically and cannot be uninstalled.
Hybrid mode activation license Unlimited
- (hyphen)
VSP Multi-Node Full Controller Unlimited Model Activation
This software option name has changed from VSP 5500 model activation license to VSP Multi-Node Full Controller Model Activation.
If the old name is displayed in HDvM SN windows, there is no problem with installation and post-installation operations.
* If you use Dynamic Provisioning, Dynamic Provisioning for Mainframe, Dynamic Tiering, or Dynamic Tiering for Mainframe V-VOLs as P-VOLs or S-VOLs of the following software applications, the license capacity is calculated using the page capacity allocated to the VVOLs (that is, used pool capacity).
ShadowImage
Thin Image
Thin Image Advanced
TrueCopy
Universal Replicator
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
196
�Calculating licensed capacity for a normal volume
Option name
Licensed capacity
ShadowImage for Mainframe
TrueCopy for Mainframe
Universal Replicator for Mainframe
Compatible FlashCopy®
Global-active device
Notes
Calculating licensed capacity for a normal volume
A normal volume is a volume that is not blocked or protected. The volume can be written to. The calculation of the normal volume capacity depends on the volume emulation type. Use the formula in the following table to estimate capacity for purchase. When you calculate the volume capacity, round the value up to the second decimal place.For OPEN-V volumes, the licensed capacity of a volume is the same as the capacity specified when creating the volume.
Table 3 Formulas for calculating capacity of a normal volume
Volume emulation type 3390-x1
Formula for calculating capacity of a normal volume 870 KB × number-of-user-cylinders
OPEN-x1
Same as the capacity specified when creating the volume
Notes:
1. x indicates a number or a letter. For example, OPEN-x refers to emulation types such as OPEN-3 and OPEN-V.
An example is shown in the following table. Table 4 Example of calculating license capacity
Item Volume emulation type Number of user cylinders Number of volumes Total capacity of all the volumes
Value 3390-3 3,339 2,048 870 KB × 3,339 × 2,048 = 5,949,296,640 KB 5,949,296,640 KB / 1,024 = 5,809,860 MB 5,809,860 MB / 1,024 5,673.70 GB
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
197
�Calculating licensed capacity for an external volume
Item Estimated required capacity
Value 5,673.70 GB / 1,024 5.55 TB At least 6 TB
Calculating licensed capacity for an external volume
Use the following equation to calculate the licensed capacity for an external volume: External Volume Capacity (KB) = Volume Capacity (number of blocks) X 512 (bytes) / 1,024
Calculating pool capacity
The license capacity of Dynamic Provisioning is calculated using the total capacity of the Dynamic Provisioning pool. If you use Dynamic Provisioning V-VOLs as P-VOLs or S-VOLs of ShadowImage, TrueCopy, Universal Replicator, or global-active device, the license capacity of ShadowImage, TrueCopy, Universal Replicator, or global-active device is calculated by using the page capacity allocated to the Dynamic Provisioning V-VOLs (that is, used pool capacity). For more information on calculating pool capacity, see the Provisioning Guide for Open Systems and the Provisioning Guide for Mainframe Systems.
Accelerated compression-enabled parity group capacity
For the actual capacity of accelerated compression-enabled parity groups, the total capacity of LDEVs created in the parity group and the physical capacity are compared. The one with the least capacity is added as the actual capacity. See the following table for an example.
Total LDEV capacity in the parity group
12 TB
24 TB
Physical capacity 20 TB 20 TB
Actual capacity which is added
12 TB
20 TB
Installing and uninstalling software
This section provides instructions for installing and uninstalling software.
Installing license keys using Device Manager - Storage Navigator
Use license keys to install software.
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
198
�When the status is Installed (Disabled)
Before you begin You must have the Storage Administrator (Initial Configuration) role to perform this task. You must install a license key for each software application before you use it.
Procedure
1. From the Administration tree, click License Keys. 2. In the License Keys window, click Install Licenses. 3. Select whether to enter a key code or specify a license key file.
Key Code: Enter a key code to install the software. In Key Code, enter the license key code for the software.
File: Specify a license key file to install the software. Click Browse and specify the license key file. You can use a file name of up to 200 alphanumeric characters, excluding several symbols (" \ ; : * ? < > | / ,). The file extension is "plk".
4. Click Add . 5. In the Selected License Keys table, set the status of license keys for each software
application.
Enable Licenses: Installs license keys in enabled status. You can select more than one software application to install licenses for.
Disable Licenses: Installs license keys in disabled status. You can select more than one software application to install licenses for.
Clear All: Delete all license keys from the Selected License Keys table.
6. Click Finish. The Confirm window opens. 7. In the Confirm window, check the settings. In the Task Name field, enter a task name. 8. Click Apply. The task is registered. If the Go to tasks window for status check box is
checked, the Tasks window opens. If a software installation fails, the Error Message window opens. To display the cause of error, from the Error Message window, select the software and click Detail.
When the status is Installed (Disabled)
If you do not install the prerequisite software before you install the license key software, the software will install correctly but will be disabled. To enable a license key, install the prerequisite software, and then enable the key.
Enabling a license
You can enable a license that is in disabled status.
Before you begin You must have the Storage Administrator (Initial Configuration) role to perform this task.
Procedure 1. From the Administration tree, click License Keys.
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
199
�Disabling a license
2. In the License Keys window, select one or more licenses to enable, and then click Enable Licenses.
3. Check the settings, and then click Apply.
Disabling a license
You can disable a license that is in enabled status.
Before you begin You must have the Storage Administrator (Initial Configuration) role to perform this task.
Procedure 1. From the Administration tree, click License Keys. 2. In the License Keys window, select one or more licenses to disable, and then click Disable Licenses. 3. Check the settings, and then click Apply.
Removing a software application
You can remove a software application (for example, global-active device) from the storage system by uninstalling the license key for that software.
Caution: If you uninstall a license key, you will not be able to use the license key file that was used to install the software. If you want to install the software again, contact customer support to request a new license key file.
Before you begin You must have the Storage Administrator (Initial Configuration) role to perform this task.
Procedure 1. From the Administration tree, click License Keys. 2. In the License Keys window, select one or more licenses to uninstall.
Note: On rare occasions, a software option that is listed as Not Installed but still has available licensed capacity (shown as XX TB) might remain in the list. In this case, select that option, and then uninstall the software. 3. Click Remove to display the Remove Licenses window. 4. Check the settings, and then click Apply.
Note: To reinstall a license key after uninstalling it, contact customer support to reissue the license key file.
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
200
�Updating license status
Updating license status
In the following cases, the status of software might remain at Not Enough License or Grace Period. In that case, update the license status. When the licensed capacity exceeds the mounted capacity after you reduce the number of
LDEVs When the licensed capacity exceeds the used capacity after you delete pairs or pool
volumes
Before you begin You must have the Storage Administrator (Initial Configuration) role to perform this task.
Procedure 1. From the Administration tree, click License Keys. 2. In the License Keys window, click Update License Status. 3. Check the settings, and then click Apply
Examples of license information
The following table provides examples of license information displayed in the License Key window.
License key status (example)
Status
Not installed
Not installed
Installed with the permanent key
Installed
Installed with the term Installed key and set to Enabled
Installed with the term Installed key and set to Disabled (Disabled)
Installed with the temporary key.
Installed
Installed with the emergency key.
Installed
A temporary key was installed, but has expired.
Expired
Key type blank permanent
Licensed capacity
Blank
Permitted
Term (Days) Blank -
term term
Permitted Permitted
Number of remaining days before expiration
-
temporary
-
emergency
-
temporary
-
Number of remaining days before expiration
Number of remaining days before expiration
Number of remaining days before expiration
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
201
�Cautions on license capacities in license-related windows
License key status (example)
Status
A term key or an emergency key was installed, but has expired.
Not installed
Installed with the permanent key or the term key, but the licensed capacity was insufficient.
Not Enough License
Installed with the permanent or term key, and then LDEVs are added, but the license capacity was insufficient.
Grace Period
Installed with the temporary key, and then reinstalled with the permanent key, but the license capacity was insufficient.
Installed
Installed with the permanent or term key, then reinstalled with the emergency key.
Installed
Key type blank
permanent or term
permanent or term
temporary
emergency
Licensed capacity
Blank
Term (Days) Blank
Permitted and
-
Used
Permitted and Used
Number of remaining days before expiration
Permitted and Used
Number of remaining days before expiration
Permitted and Used
Number of remaining days before expiration
Cautions on license capacities in license-related windows
License capacities are displayed not only in license-related windows but also in the Pools window and the Replication window.
When you install or overwrite a temporary key or an emergency key for an installed software application, the license capacity before the overwrite installation is displayed as Permitted (TB) in license-related windows. However, Unlimited (license capacity for the temporary key or emergency key) is displayed as Licensed Capacity in the Pools window and the Replication window.
For example: You install a term key that has a license capacity of 5 TB for Compatible FlashCopy®, and when the term expires, you use an emergency key. In license-related windows, 5 TB is displayed in the Permitted (TB) field. However, in the Licensed Capacity field in a Replication window, Unlimited (capacity of the emergency key) is displayed.
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
202
�Cautions on licenses
Cautions on licenses
Observe the following precautions when working with licenses:
Caution: If you use Dynamic Provisioning, the licensed capacity might become insufficient because the used capacity of Dynamic Provisioning pools could increase even if you do not add any volumes. If this occurs, you must purchase an additional license within 30 days to cover the capacity shortage. For details on how to calculate pool capacity, see the Provisioning Guide for Open Systems.
Caution: When you remove Data Retention Utility an error might occur even if the Permitted Volumes column of the License Keys window indicates that the licensed capacity is 0 TB.
Resolving errors when removing Data Retention Utility
If a Data Retention Utility error occurs during removal, you must resolve it before continuing removal. For details about the Data Retention window, see the Provisioning Guide for Open Systems.
Procedure 1. Click Actions > Other Function > Data Retention to open the Data Retention window. 2. In the Data Retention window, find logical volumes that are unusable as S-VOLs (secondary volumes). 3. Change the settings so that the logical volumes are usable as S-VOLs. 4. Uninstall Data Retention Utility.
License key expiration
If the license key for software-A expires, the license key for software-B is also disabled if software-B requires an enabled software-A. In this scenario, Installed (Disabled) is shown for software-B in the Status column of the License Keys table. After that, when you re-enable software-A, software-B is also re-enabled. If the Status column for software-B continues to display Installed (Disabled), go to the License Keys table and manually change the status of software-B back to Installed. After your license key expires, no new configuration settings can be made, and no monitoring functions can be used with Performance Monitor. Configuration settings made before the expiration of the license key remain in effect. You can cancel configuration changes for some software.
Chapter 5: Managing license keys
System Administrator Guide for VSP 5000 Series
203
�Chapter 6: Viewing and managing the storage system
Use Device Manager - Storage Navigator to view storage system information, manage system configuration reports, and manage queued operations. This section describes how to navigate to your storage system information, create and download system configuration reports, and manage Device Manager - Storage Navigator tasks.
Viewing storage system information
Use Device Manager - Storage Navigator to view high-level information, create reports, and manage tasks. The storage system information appears immediately when you start Device Manager Storage Navigator.
Viewing basic information
The main window shows basic information about the storage system.
Chapter 6: Viewing and managing the storage system
System Administrator Guide for VSP 5000 Series
204
�Viewing specific information
Viewing specific information
You can view more specific information when you make a selection in the resource tree in the left pane.
Viewing other system information
You can also find other system information such as a port status and data regarding used and unused resources. This information displays in a Device Manager - Storage Navigator secondary window.
Procedure
1. Click Settings > Environmental Settings > License Keys. Java starts. 2. If a message appears and asks if you want to run the Java application, click Run. The
Device Manager - Storage Navigator secondary window opens. 3. In the Device Manager - Storage Navigator secondary window, click File > Basic
Information. The Basic Information Display dialog box opens. 4. Click the tab to display the Basic Information Display dialog box. 5. To save information in the dialog box, click Export. In the dialog box that opens, enter
location and file name, then click Save.
Chapter 6: Viewing and managing the storage system
System Administrator Guide for VSP 5000 Series
205
�Viewing port conditions
Viewing port conditions
You can view port conditions by clicking Actions > Component > View Port conditions.
Status icons for certain resources
The status of certain resources is indicated by the following icons:
Status
Description The resource can be used normally.
Chapter 6: Viewing and managing the storage system
System Administrator Guide for VSP 5000 Series
206
�Managing tasks
Status
Description
The resource has the following status: The resource can be used, but has a limit on I/O performance and so
on. The status of the resource is changing. The status of the resource is being confirmed. The resource has subresources of different status.
For example, parity groups are in this status if the statuses of logical volumes in the parity groups are not the same. In this case, the subresources might be blocked. Confirm the status of subresources.
The resource has the following status: The resource cannot be used because it is blocked due to a failure or
maintenance operations. The status of the resource is unknown. Restore the resource to the normal status.
Managing tasks
You can use Device Manager - Storage Navigator to handle multiple tasks without interruption.
Because Device Manager - Storage Navigator operations are executed in the background, you start the next task immediately after performing the previous one. You keep track of your tasks' progress by entering a task name during each Device Manager - Storage Navigator procedure and then tracking its status and other information using the Tasks window.
Each procedure you perform requires a task name. For example, when you provision or configure the system, create a pair, or any other procedure, you must assign a name for the task.
Each task is queued and then processed by the storage system in the order of its arrival.
Note: You cannot use a secondary window to make any settings while a task in the main window has a status of In Progress, Waiting, or Suspended.
Only one task is executed at the same time, except for the following. In the case of the following operations, the next task may be executed before the current task completes or fails.
Create LDEVs
Format LDEVs
Shred LDEVs
Chapter 6: Viewing and managing the storage system
System Administrator Guide for VSP 5000 Series
207
�Managing your tasks
Shrink Pool Edit Encryption
Managing your tasks
The Tasks window can display up to 384 tasks, including up to 128 tasks with a status of In Progress, Waiting, or Suspended, and up to 256 tasks with a status of Completed or Failed. If the number exceeds these limits, the oldest completed tasks are automatically removed from the window. Device Manager - Storage Navigator allows you to suspend, resume, cancel, and prevent tasks from being automatically deleted.
Before you begin Users that execute the task or users with Storage Administrator (System Resource
Management) role can view the details of tasks. Users with the Storage Administrator (System Resource Management) role can delete,
suspend, resume tasks, and enable or disable auto-deletion of tasks.
Procedure 1. In the tree, click Storage Systems > Tasks. The list of tasks appears. 2. In the list, click the task or tasks that you want to modify. 3. In the bottom right corner of the window, click the corresponding button for the task you want to perform: Click Delete Tasks to delete or cancel a task. Click Suspend Tasks to suspend a queued task. Click Resume Tasks to resume a suspended task. Click More Actions > Enable Auto Delete to delete tasks from the Task list when they have completed and the task list is full. This allows you to check for completed tasks and to clear the list when the limit (384) is reached. Click More Actions > Disable Auto Delete to keep tasks in the task list after the tasks are completed. 4. Verify the displayed settings and click Apply.
Referencing the detailed task status
To view the Task Status, click Status for each task in the Tasks window. When an operation that contains several connected tasks is set as one task, you can still check the status of each task in the Tasks window. You can also check which task has failed. The following example shows that an error has occurred for the task action number 2.
Chapter 6: Viewing and managing the storage system
System Administrator Guide for VSP 5000 Series
208
�Referencing the detailed task status
In the LDEV creations or LUN operations, some tasks are processed as one and the individual result may not be reported. Some of the settings may not be applied because internal processing has been stopped due to the error displayed in the following Tasks window.
Chapter 6: Viewing and managing the storage system
System Administrator Guide for VSP 5000 Series
209
�Referencing the detailed task status
For example, the following figure shows a single task in which "an LDEV 01 and an LDEV 02" are created. Though shown as a single task, this task is internally divided into two parts: a setting for LDEV 01 (setting A) and a setting for LDEV 02 (setting B). If an error occurs in the setting A task, the setting B task will not be processed. The operation result for the setting A task is displayed in the Status of the Tasks window. The setting B task will also not be processed for LDEV 01.
After the task operation is complete, check both the LDEV 02 which has failed in the setting A task and the setting A task for LDEV 01 which has completed. Then run the necessary task again.
Chapter 6: Viewing and managing the storage system
System Administrator Guide for VSP 5000 Series
210
�Stalled tasks
Stalled tasks
If a queued task is not performed over a reasonable period, check the following: Did the task fail? Click failed to view the reason. Then delete the task using the Delete
Tasks window, correct the problem, and try the task again. Are too many tasks in the task list because Auto Delete is disabled? Use the Enable Auto
Delete window to remove tasks from the window. Is another program changing the storage system configuration? Check this by observing
whether Operation Lock is displayed for too long a time. If so, verify that another program is running and then wait until its changes are completed. The percentage of progress of an ongoing task may not change if another operation is in progress.
Setting the status refresh interval of the Tasks window
By default, the Tasks window in Device Manager - Storage Navigator is set to refresh automatically every 60 seconds. You can change this refresh time interval or, if desired, you can disable the automatic refresh for the Tasks window.
Procedure 1. In the Device Manager - Storage Navigator main window, click Settings > Environmental Settings > Edit Information Display Settings. 2. For Task Screen Refresh Interval, specify the desired refresh interval (range: 10 3600 seconds) or select No Update. If you select No Update, the Tasks window will not be automatically updated after it has been opened. In this case, you must use Refresh or File > Refresh All to update the Tasks window while it is open. 3. Click Apply.
Chapter 6: Viewing and managing the storage system
System Administrator Guide for VSP 5000 Series
211
�Chapter 7: Using reports to view storage system information
Device Manager - Storage Navigator can generate reports that contain information about your storage system's physical configurations and logical settings. Reports can cover specific areas of the storage system, such as reporting on configuration, ports, channel board, and disk board. You can save reports as comma-separated-value (CSV) files or as HTML files. Tables in the HTML version of the configuration reports are sortable.
Before making changes to a storage system, generate reports of your storage system's physical configurations and logical settings. Generate a similar report after the changes, and then compare the reports to verify that new settings were made as intended.
If you log in as the user who created the report, you can download / delete only the report created by the user. If you log in as a user with the Storage Administrator (Initial Configuration) role, you can download / delete the reports created by all users.
Creating configuration reports
You can create and store up to 20 configuration reports for each storage system. There are two types of reports:
Configuration Reports, which are generated in HTML format
Detail Configuration Reports, which are generated in CSV format
Before you begin
You must have the Storage Administrator (Initial Configuration) role to create a configuration report.
Verify that there are less than 20 reports listed on the Reports window. If there are already 20 reports, you must delete one or more existing reports before you can create a new report.
Procedure
1. If CCI has been used to create parity groups or LDEVs, click File > Refresh All to update the configuration information before creating a configuration report.
2. In the Device Manager - Storage Navigator main menu, click Reports > Configuration Report > Create Configuration Report.
3. In the Create Configuration Report window, specify a task name or accept the default task name (yymmdd-CreateConfigurationReport). This task name is used as the report name in the Reports window.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
212
�Downloading and viewing the HDvM - SN configuration reports
4. In the Selected Reports table, select the desired report type: Configuration Reports (HTML) or Detail Configuration Reports (CSV).
5. If you want the Tasks window to open after you click Apply, select Go to tasks window for status (selected by default).
6. Click Apply to create the selected report. The create configuration report process takes approximately 10 minutes to complete. When the process is complete, the new report is displayed on the Reports window. If necessary, click Refresh to update the list of reports.
Downloading and viewing the HDvM - SN configuration reports
Use the following procedure to download configuration reports created on HDvM - SN to the management client.
Note:
Configuration reports created with SVP firmware version 90-04-01/xx or later might not be displayed depending on the web browser version on the management client. You must use the latest version of the web browser. (Use the management client running an OS that supports the latest version of the web browser.)
If you want to view configuration reports created with SVP firmware version earlier than 90-08-01/xx, use a web browser other than Microsoft Edge.
If you use Google Chrome and the SVP firmware version is earlier than 90-08-01/xx, specify the Start Option allow-file-access-from-files.
If you use Google Chrome, the window used to specify the folder in which the report will be saved might not appear when downloading the report. In this case, click Chrome Menu > Settings > Show advanced settings, and then under Privacy clear the check box for Protect you and your device from dangerous sites.
If you use Firefox and you want to view configuration reports created on HDvM - SN with SVP firmware version earlier than 90-08-01/xx, use Firefox version 67.0 or earlier.
Before you begin
Users can view the reports that they created.
Users who have the Storage Administrator (Initial Configuration) role can view all reports.
Procedure
1. Expand the Storage Systems tree, and then click Reports. 2. Specify the report to download. 3. Click Download Reports.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
213
�Viewing configuration reports in the Reports window
Note: A character string that depends on the AIR environment is displayed in the title of the download window. 4. Specify the folder in which to save the .tgz file.
Note: When you download a file, make sure to click Save within 30 minutes after the window for selecting a download destination folder appears. If you click Save after 30 minutes have elapsed, an error message (20121-107091) appears. If this error message is displayed, retry downloading the file. 5. Extract the downloaded .tgz file. 6. Display the report. For HTML reports, open the file extracted-folder\html\index.html. The following warning message might appear when you open the HTML file: An ActiveX control on this page might be unsafe to interact with other parts of the page. Do you want to allow this interaction? This message appears when the program embedded in the report accesses a local file. Click Yes to continue the operation. For CSV reports, open the CSV file in the folder extracted-folder\csv.
Viewing configuration reports in the Reports window
You can view only HTML format reports in the Reports window.
Note: If you use Microsoft Edge, open the Settings window (click the icon, and
then click Settings), and then set Allow sites to be reloaded in Internet Explorer mode to disabled. If you use Google Chrome with an old version of SVP firmware, specify the Start Option --allow-file-access-from-files. If you use Internet Explorer, in the Compatibility View Settings dialog box clear the check box for Display intranet sites in Compatibility View, and then delete the IP address or host name of the SVP, if any, from Websites you've added to Compatibility View.
Procedure 1. Expand the Storage Systems tree, and then click Reports. 2. Click the name of the report to display. The report is displayed in the Reports window. 3. In the Reports window, click the name of the report in the list at the left, and then view the report at the right.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
214
�Deleting configuration reports
Deleting configuration reports
You can delete a configuration report when you no longer need it, or to make room in the Reports window when the number of reports is near the limit (20).
Caution: Do not perform Device Manager - Storage Navigator or CCI operations while you are deleting configuration reports. If you perform such operations, deletion of configuration reports might fail.
Before you begin You must have the Storage Administrator (Initial Configuration) role to delete a
configuration report.
Procedure 1. Expand the Storage Systems tree, and then click Reports. 2. In the Reports window, select the report to delete, and then click Delete Reports. 3. In the Delete Reports window, specify a task name or accept the default task name (yymmdd-DeleteReports). 4. If you want the Tasks window to open after you click Apply, select Go to tasks window for status (selected by default). 5. Click Apply.
Examples of Device Manager - Storage Navigator storage configuration reports
The Device Manager - Storage Navigator can show configuration reports for your storage system in table, graph, and CSV formats. The following examples show various storage configuration reports in table, graph, and CSV formats.
Report examples: table view
Some Device Manager - Storage Navigator reports appear in table format.
The following figure provides examples of reports in table format. The icons are displayed before the names of the reports in table view. If the icons are not displayed correctly, update the window. To sort data in table reports, click any column header.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
215
�CHAP Users report
CHAP Users report
The following figure shows an example of a CHAP Users report. The table following the figure describes the items in the report.
Item Port Location User Name iSCSI Target Alias iSCSI Target Name
Description Name of the port Name of the CHAP user for authentication Alias of the iSCSI target Name of the iSCSI target
Disk Boards report
The following illustration shows an example of a disk boards report. The table following the illustration describes the items in the report.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
216
�Host Groups / iSCSI Targets report
Item
Description
DKB
Location of the disk board (also called a back-end director).
"External" is displayed when the storage system has an external storage system.
"External (FICON DM)" is displayed when the storage system has volumes for FICON DM.
Number of PGs
The number of the parity groups that the disk board controls.
If "DKB" is "External", this item indicates the number of parity groups mapped to external volumes.
If "DKB" is "External (FICON DM)", this item indicates the number of parity groups mapped to volumes for FICON DM.
Number of LDEVs (Total) The number of the logical volumes belonging to the parity groups that the disk board controls.
Number of LDEVs (Unallocated)
The number of the logical volumes that are inaccessible from the host and belong to the parity groups controlled by the disk board.
Total LDEV Capacity (MB)
Total capacity of the logical volumes belonging to the parity groups that the disk board controls.
Unallocated LDEV Capacity (MB)
Total capacity of the logical volumes that are inaccessible from the host and belong to the parity groups controlled by the disk board.
Host Groups / iSCSI Targets report
The following figure shows an example of a Host Groups / iSCSI Targets report. The table following the figure describes the items in the report.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
217
�Host Groups / iSCSI Targets report
Item
Description
Port Location
Name of the port
Type
Type of the host group
Host Group Name / iSCSI Target Alias
Name of the host group / alias of the iSCSI target
Host Group ID / iSCSI Target ID
Number of the host group / ID of the iSCSI target
iSCSI Target Name
Name of the iSCSI target
Resource Group Name Resource Group Name where the host group belongs
Resource Group ID
Resource Group ID where the host group belongs
Number of LUNs
The number of LU paths defined to the host group
Number of LDEVs
The number of logical volumes that are accessible from the hosts in the host group
Number of PGs
The number of parity groups with logical volumes that are accessible from the hosts in the host group
Number of DKBs
The number of disk boards controlling the parity groups where the logical volumes that are accessible from the hosts in the host group belong
Total LDEV Capacity (MB)
Total capacity of the logical volumes accessible from the hosts in the host group. This is the total capacity of LDEVs referred to in "Number of LDEVs".
Port Security
Security of the port
Authentication : Method
iSCSI target method authentication settings CHAP None Comply with Host Setting
Authentication : Mutual CHAP
Enable or disable the iSCSI target mutual CHAP Enabled Disabled
Authentication : User Name
Authenticated iSCSI target user name
Authentication : Number The number of authenticated users registered in the iSCSI target of Users
Host Mode
Host mode of the host group
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
218
�Hosts report
Item Host Mode Option
Number of Hosts
Description
Host mode option of the host group. Host mode options are separated by semicolons (;) when more than one option is specified.
The number of the hosts in the host group.
Hosts report
The following figure shows an example of a hosts report. The table following the figure describes the items in the report. When a host is registered to more than one port, more than one record shows information about the same host.
Item Port Location Type Port Internal WWN Port Security Host Group Name / iSCSI Target Alias iSCSI Target Name Host Mode Host Mode Option
Host Name HBA WWN / iSCSI Name
Description Name of the port Port type Port WWN Port security setting Name of the host group / alias of the iSCSI target
Name of the iSCSI target Host mode of the host group Host group host mode option. When more than one host mode option is specified, they are separated by semicolons (;) Name of the host that can access the LU path through the port Host WWN (16-digit hexadecimal) or host iSCSI name
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
219
�Logical Devices report
Logical Devices report
Item LDEV ID LDEV Name Capacity (MB) Emulation Type Resource Group Name Resource Group ID PG
RAID Level Drive Type/RPM
Drive Type-Code Drive Capacity PG Members
Description
The logical volume number
The logical volume name
Capacity of the logical volume
Emulation type of the logical volume
Name of the resource group to which the LDEV belongs
ID of the resource group to which the LDEV belongs
Number of the parity group to which the LDEV belongs. If the number starts with "E" (for example, E1-1), the parity group
contains external volumes. If the number starts with "M" (for example, M1-1), the parity group
contains FICON DM volumes. A hyphen (-) is displayed for Dynamic Provisioning and Thin Image VVOLs.
RAID level of the parity group to which the LDEV belongs*
Drive type, drive control name, and revolutions-per-minute (RPM) (unit: krpm) of the drives in the parity group to which the LDEV belongs. A hyphen (-) is displayed for RPM when the drive type is not HDD.*
Type code of the drives in the parity group to which the logical volume belongs*
Capacity of the drives in the parity group to which the LDEV belongs*
Drive locations of the parity group to which the LDEV belongs*
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
220
�Logical Devices report
Item Allocated
SSID CVS OCS Attribute Provisioning Type Pool Name
Pool ID
Current MPU Setting MPU Command Device: Security Command Device: User Authentication Command Device: Device Group Definition
Description
Information about whether the host can access the LDEV: Y: For open-systems volumes, Y indicates that the host can access the
volume. For mainframe volumes and multi-platform volumes, Y is displayed unless the volume is in the reserved status. N: For opens-systems volumes, N indicates that the host cannot access the volume. For mainframe volumes and multi-platform volumes, N indicates that the volume is in the reserved status.
SSID of the LDEV
Information about whether the LDEV is a custom-size volume
Oracle checksum
Attribute of the LDEV
Provisioning type of the LDEV
For V-VOLs of Dynamic Provisioning, the name of the pool related to the logical volume is displayed.
If the logical volume attribute is Pool, the name of the pool to which the logical volume belongs is displayed.
When neither of the above is displayed, the pool name is blank.
ID of the pool indicated by "Pool Name". A hyphen (-) is displayed for volumes other than pool-VOLs or V-VOLs.
MP unit currently controlling the LDEV
MP unit that you specified to control the LDEV
Indicates whether Security is specified as the attribute for the command device. A hyphen (-) is displayed when "Attribute" is not "CMDDEV".
Indicates whether User Authentication is specified as the attribute for the command device. A hyphen (-) is displayed when "Attribute" is not "CMDDEV".
Indicates whether Device Group Definition is specified as the attribute for the command device. A hyphen (-) is displayed when "Attribute" is not "CMDDEV".
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
221
�LUNs report
Item
Description
Encryption
Indicates whether the parity group to which the LDEV belongs is encrypted: For internal volumes: Enabled (encrypted) or Disabled (not encrypted) For external volumes: blank
ALUA Mode
Indicates whether the ALUA mode is enabled: Enabled: ALUA mode is enabled. Disabled: ALUA mode is disabled.
T10 PI
Indicates the T10 PI attribute set for the LDEV: Enabled Disabled Blank if the emulation type is not OPEN-V
Namespace ID
Indicates the namespace ID of the LDEV. If the LDEV is not registered as a namespace, this field remains blank.
* A hyphen (-) is displayed if the LDEV is an external volume or a FICON DM volume.
LUNs report
The following figure shows an example of an LU path definitions report. A record is created for each LU path. The table following the figure describes the items in the report.
Item Port Location
Name of the port
Description
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
222
�MP Unit report
Item Internal WWN / Internal iSCSI Name Port Security Host Group Name / iSCSI Target Alias iSCSI Target Name Host Mode Host Mode Option
LUN LDEV ID Emulation Type Capacity (MB) Asymmetric Access State
Description Port WWN (16-digit hexadecimal) or port iSCSI name
Name of the type of security of the port Name of the host group or alias of the iSCSI target
Name of the iSCSI target Host mode of the host group Host mode option of the host group. Host mode options are separated by semicolons (;) when more than one option is specified. Logical unit number Logical volume number Emulation type of the logical volume Capacity of the logical volume Asymmetric access status: Active/Optimized: Prioritized Active/Non-Optimized: Lower priority
MP Unit report
The following illustration shows an example of an MP unit report. The table following the illustration describes the items in the report.
Item
MP Unit ID
Auto Assignment
Number of Resources (LDEV)
Description MP unit ID Auto assignment attribute for the MP unit The number of logical volumes that the MP unit controls
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
223
�MP unit details report
Item
Number of Resources (Journal)
Number of Resources (External Volume)
Number of Resources (Total)
Description The number of journals that the MP unit controls
The number of external volumes that the MP unit controls, including FICON DM volumes The total number of resources that the MP unit controls The sum of "Number of Resources (LDEV)", "Number of Resources (Journal)", and "Number of Resources (External Volume)"
MP unit details report
The following illustration shows an example of an MP unit details report. The table following the illustration describes the items in the report.
Item MP Unit ID Auto Assignment Resource ID Resource Name
Type
Description
MP unit ID
Auto assignment attribute for the MP unit
ID of this resource that the MP unit controls
The name of the resource that the MP unit controls. If "Type" is LDEV, the LDEV name that is set is displayed. A hyphen (-) displays for journal volumes or external volumes.
The type of the resource that the MP unit controls
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
224
�Parity Groups report
Parity Groups report
Item
Description
PG
Parity group number
If the number starts with "E" (for example, E1-1), the parity group contains external volumes.
If the number starts with "M" (for example, M1-1), the parity group contains volumes for FICON® DM.
DKB
Name of the disk board that controls the parity group1
RAID Level
RAID level of the parity group1
Resource Group Name Name of the resource group in which the parity group belongs
Resource Group ID
ID for the resource group in which the parity group belongs
Emulation Type
Emulation type of the parity group
Number of LDEVs (Total) Number of logical volumes in the parity group
Number of LDEVs (Unallocated)
Number of logical volumes in the parity group that the host cannot access
Total LDEV Capacity (MB)
Capacity of the logical volumes in the parity group
Unallocated LDEV Capacity (MB)
Capacity of the logical volumes in the parity group that the host cannot access
Drive Type-Code
Type code of the drive in the parity group
Type code of the first drive in the parity group
If the parity group contains external volumes, the drive type code displays the vendor, the model, and the serial number of the storage system.
A hyphen (-) is displayed if the parity group contains volumes for FICON® DM.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
225
�Physical Devices report
Item
Description
Drive Type/ Interface/RPM
Drive type, drive control name, and revolutions-per-minute (RPM) (unit: krpm) of the drives in the parity group to which the LDEV belongs1
A hyphen (-) is displayed instead of the RPM when the drive type is not HDD.
Drive Capacity
Capacity of the drive in the parity group1
RAID Concatenation #0 Number indicating a parity group #0 connected to this parity group1,2
RAID Concatenation #1 Number indicating a parity group #1 connected to this parity group1,2
RAID Concatenation #2 Number indicating a parity group #1,2 connected to this parity group1,2
Encryption
Indicates whether the parity group is encrypted For internal volumes: Enabled (encrypted) or Disabled (not encrypted) For external volumes: A hyphen (-) is displayed.
Accelerated Compression
Accelerated compression of the parity group
If accelerated compression is supported, Enabled or Disabled is displayed.
If accelerated compression is not supported, a hyphen (-) is displayed.
Notes:
1. A hyphen (-) is displayed if the parity group contains external volumes or FICON® DM volumes.
2. A hyphen (-) is displayed if the parity group is not connected with another parity group or if the parity group contains external volumes for FICON® DM.
Physical Devices report
The following table describes the items in the Physical Devices report.
Item Location CR#
PG Emulation Type
Description PDEV name C# and R# (2-digit hexadecimal numbers that identify the PDEV Output in the format XX/YY, where: XX: C# YY: R# PDEVs parity group PDEVs emulation type
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
226
�Physical Devices report
Item Drive Type
Interface
RPM
Drive Type-Code
Drive Size
Drive Capacity Drive Version DKB1 DKB2 DKB3 DKB4 Serial Number# RAID Level
RAID Concatenation#0 RAID Concatenation#1 RAID Concatenation#2 Resource Group Name Resource Group ID
Description PDEVs drive type Output example: HDD, FMD DC2, SCM, SSD PDEVs control type Output example: SAS, SATA, NVMe Revolutions per minute (unit: rpm) A hyphen (-) indicates that the drive is not a hard disk drive (HDD). Drive type code of the drive to which the parity group belongs Output example: SLB5E-M19RSS;SLB5G-M19RSS If multiple drive types are configured, they are separated by semicolons (;). Drive size (inches) Output example: 2.5, 3.5 Physical drive capacity (GB or TB) Drive firmware version Name of the DKB1 controlling the PDEV Name of the DKB2 controlling the PDEV Name of the DKB3 controlling the PDEV Name of the DKB4 controlling the PDEV Serial number of this PDEV RAID level of PDEVs Output example: RAID1(2D+2D), RAID5(7D+1P), RAID6(14D+2P) Number of parity group (#0) being concatenated to Physical drive Output example: 2-1, 3-1, 4-1 Number of parity group (#1) being concatenated to Physical drive Output example: 2-1, 3-1, 4-1 Number of parity group (#2) being concatenated to Physical drive Output example: 2-1, 3-1, 4-1 Name of the resource group to which the PDEV parity group belongs ID of the resource group to which the PDEV parity group belongs (0 to 1023, decimal number)
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
227
�Ports report
Item Encryption
Description Encryption status of the parity group to which the PDEV belongs: Enabled: Encryption is enabled Disabled: Encryption is disabled
Ports report
The following figure shows an example of a Ports report. The Ports report includes several more columns of information that are described below but not shown here.
The following table describes the items in a ports report.
Item CHB Type Port Location Port Attribute iSCSI Virtual Port Mode
Description Name of the channel board (also called a front-end director) Package type of the channel board Name of the port on the channel board Attribute of the port Mode of the iSCSI virtual port A hyphen (-) is displayed for any ports other than iSCSI ports.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
228
�Ports report
Item TCP Port Number Internal WWN / Internal iSCSI Name Fabric
Connection Type
IPv4 : IP Address
IPv4 : Subnet Mask
IPv4 : Default Gateway
IPv6 : Mode IPv6 : Link Local Address IPv6 : Global Address
IPv6 : Global Address 2
Description Port number to use for a socket (decimal) A hyphen (-) is displayed for any ports other than iSCSI ports. Port WWN (16-digit hexadecimal) or iSCSI name of the port
One of the Fibre topology settings indicating the setting status of the Fabric switch A hyphen (-) is displayed for mainframe ports. Fibre topology setting: Point to Point FC-AL A hyphen (-) is displayed for mainframe ports. IPv4 address of the port Output example: 192.168.0.100 A hyphen (-) is displayed for any ports other than iSCSI ports. IPv4 subnet mask of the port Output example: 255.255.255.0 A hyphen (-) is displayed for any ports other than iSCSI ports. IPv4 default gateway of the port Output example: 255.255.255.0 A hyphen (-) is displayed for any ports other than iSCSI ports. IPv6 settings of the port (enabled or disabled) A hyphen (-) is displayed for any ports other than iSCSI ports. IPv6 link local address of the port (16-digit hexadecimal) A hyphen (-) is displayed for any ports other than iSCSI ports. IPv6 global address of the port. Output example: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (hexadecimal) A hyphen (-) is displayed for any ports other than iSCSI ports. IPv6 global address 2 of the port. Output example: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (hexadecimal) A hyphen (-) is displayed for any ports other than iSCSI ports.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
229
�Ports report
Item
Description
IPv6 : Assigned Default Gateway
Assigned IPv6 default gateway A hyphen (-) is displayed for any ports other than iSCSI ports.
Selective ACK
Selective ACK mode (enabled or disabled) A hyphen (-) is displayed for any ports other than iSCSI ports.
Ethernet MTU Size (Byte)
MTU settings (binary) Output example: 1,500 A hyphen (-) is displayed for any ports other than iSCSI ports.
Keep Alive Timer
iSCSI keep alive timer (0 to 64,800) (sec) A hyphen (-) is displayed for any ports other than iSCSI ports.
VLAN : Tagging Mode
Tagging mode of VLAN (enabled or disabled) A hyphen (-) is displayed for any ports other than iSCSI ports.
VLAN : ID
Number of VLAN set to the port (1 to 4,094) A hyphen (-) is displayed for any ports other than iSCSI ports.
CHAP User Name
User name for the CHAP authentication A hyphen (-) is displayed for any ports other than iSCSI ports.
iSNS Server : Mode
iSNS mode settings (on or off) A hyphen (-) is displayed for any ports other than iSCSI ports.
iSNS Server : IP Address IP address of the iSNS server (30 to 65,535) A hyphen (-) is displayed for any ports other than iSCSI ports.
iSNS Server : TCP Port Number
Number of the TCP port used in iSNS (binary) A hyphen (-) is displayed for any ports other than iSCSI ports.
Address (Loop ID)
Fibre port address and Loop ID of the port A hyphen (-) is displayed for mainframe ports.
Port Security
Security of the port Enable Disable A hyphen (-) is displayed for mainframe ports.
Speed
Data transfer speed of the port
SFP Data Transfer Rate Maximum transfer rate of SFP which the mounted package supports. Output example: 32G
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
230
�Power Consumption report
Item
T10 PI Mode
Resource Group Name Resource Group ID Number of Hosts Number of LUNs Number of LDEVs Number of PGs Number of DKBs Mode
Description A hyphen (-) is displayed for mainframe ports. If a hyphen (-) is displayed, you can confirm the SFP maximum data transfer rate by checking the channel board type displayed in Type. 4Mx16 (Mfibre): 16 Gbps 4Mx32 (Mfibre): 32 Gbps
Indicates whether the T10 PI mode can be applied to the port. Enabled Disabled - (hyphen): iSCSI or FICON port
Name of the resource group to which the port belongs
ID of the resource group to which the port belongs (0 to 1023)
Number of hosts registered to the port A hyphen (-) is displayed for mainframe ports.
Number of LU paths defined to the port A hyphen (-) is displayed for mainframe ports.
Number of logical volumes that can be accessed through the port A hyphen (-) is displayed for mainframe ports.
Number of parity groups having the logical volumes that can be accessed through the port A hyphen (-) is displayed for mainframe ports.
Number of disk boards controlling the parity group that contains the logical volumes that can be accessed through the port A hyphen (-) is displayed for mainframe ports.
Operation mode of the Fibre Channel port: SCSI: An enabled port in the SCSI mode. NVMe: An enabled port in the NVMe mode. - (hyphen): The port is not used for Fibre Channel.
Power Consumption report
The following figure shows an example of a power consumption report. A record is created every two hours for each power consumption and temperature monitoring data. The table following the figure describes the items in the report.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
231
�Power Consumption report
Note: If the storage system is turned off, no records are created. If the system is in
maintenance mode or if the SVP is rebooted, up to 2 hours of records could be lost. If a failure occurs in the storage system, the correct information might not be output. If the power and temperature information cannot be acquired due to a unit or network failure, a hyphen(-) is displayed.
Item
Description
Power Consumption Average (W)
Average of the power consumption
Power Consumption Maximum (W)
Maximum of the power consumption
Power Consumption Minimum (W)
Minimum of the power consumption
TEMP:HSNBX0-HSNPANEL0 Average (°C) Average temperature of HSNBX0:HSNPANEL0
TEMP:HSNBX0-HSNPANEL0 Maximum (°C)
Maximum temperature of HSNBX0:HSNPANEL0
TEMP:HSNBX0-HSNPANEL0 Minimum (°C) Minimum temperature of HSNBX0:HSNPANEL0
TEMP:HSNBX1-HSNPANEL1 Average (°C) Average temperature of HSNBX1:HSNPANEL1
TEMP:HSNBX1-HSNPANEL1 Maximum (°C)
Maximum temperature of HSNBX1:HSNPANEL1
TEMP:HSNBX1-HSNPANEL1 Minimum (°C) Minimum temperature of HSNBX1:HSNPANEL1
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
232
�Power Consumption report
Item TEMP:DKC0-Cluster1 Average (°C) TEMP:DKC0-Cluster1 Maximum (°C) TEMP:DKC0-Cluster1 Minimum (°C) TEMP:DKC0-Cluster2 Average (°C) TEMP:DKC0-Cluster2 Maximum (°C) TEMP:DKC0-Cluster2 Minimum (°C) TEMP:DKC1-Cluster1 Average (°C) TEMP:DKC1-Cluster1 Maximum (°C) TEMP:DKC1-Cluster1 Minimum (°C) TEMP:DKC1-Cluster2 Average (°C) TEMP:DKC1-Cluster2 Maximum (°C) TEMP:DKC1-Cluster2 Minimum (°C)
Description Average temperature of DKC0:CL1 Maximum temperature of DKC0:CL1 Minimum temperature of DKC0:CL1 Average temperature of DKC0:CL2 Maximum temperature of DKC0:CL2 Minimum temperature of DKC0:CL2 Average temperature of DKC1:CL1 Maximum temperature of DKC1:CL1 Minimum temperature of DKC1:CL1 Average temperature of DKC1:CL2 Maximum temperature of DKC1:CL2 Minimum temperature of DKC1:CL2
Table 5 Power Consumption report for DKU00
Item
TEMP:DKU00-DBS000-1 Average (°C) TEMP:DKU00-DBS000-1 Maximum (°C) TEMP:DKU00-DB000-1 Minimum (°C) ... ,TEMP:DKU00-DB007-2 Average (°C) TEMP:DKU00-DB-2 Maximum (°C) TEMP:DKU00-DB-2 Minimum (°C)
Description
Average temperature, maximum temperature, and minimum temperature of the drive box (DB) for the two-hour period. Outputs in the following format:
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
233
�Spare Drives report
Item
Description
TEMP:DKUXX-DBYYY-DBPSYYY-A Average, Maximum, or Minimum (°C)
DKUXX: DKU location number (decimal)
DBYYY or DBYYY&ZZZ: DB location number
The display format of DB location numbers differs depending on the type of DB.
DBYYY: DBL location number (decimal)
DBYYY&ZZZ: Location number of DBS2, DBF3, or DBN (decimal)
Two DB numbers are written together, and then displayed as one DB location.
DBPSYYY-A: DBPS location number
YYY: DB location number (decimal)
A: DBPS number (1, 2)
Spare Drives report
The following figure shows an example of a spare drives report. The table following the figure describes the items in the report.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
234
�SSD Endurance report
Item Drive Capacity Drive Type-Code Location
Description Capacity of the spare drive Type code of the spare drive Location of the spare drive
SSD Endurance report
The following figure shows an example of an SSD/SCM endurance report. The table following the figure describes the items in the report.
Item Drive Type-Code
Type code of the drive
Description
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
235
�Storage System Summary report
Item
Drive Capacity
Location
Used Endurance Indicator (%)
Description
Capacity of the drive
Location of the drive
The used endurance of SSD life (0 to 100) The value of this indicator increases due to drive operation associated with internal processing of the storage system, and the host I/O. Even when no data is copied due to a drive failure, the value of this indicator increases because the spare drive also performs internal processing.
Storage System Summary report
The following illustration shows an example of part of a report of a summary of the storage system. The actual report includes several more rows of information. The table following the illustration describes the items in the report.
The following table describes the items in a Storage System Summary report.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
236
�Storage System Summary report
Item Storage System Type Serial Number IP Address Software Versions
Description Type of the storage system. Serial number of the storage system. IP address of the SVP. Version of the following programs. DKCMAIN HTP MFMH ISCF FCBK ISW
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
237
�Storage System Summary report
Item
DKB DKBN SVP CBA SSVP GUM FCDG ROMBOOT RAMBOOT Expander NSW CONFIG CFM HDD HDD (SVP) Printout Tool EDKBN
Description
Number of CUs
The number of control units in the storage system
Shared Memory Size (GB)
Shared memory capacity Includes the cache management information (directory)
Cache Size (GB)
Cache capacity
Number of DKBs
The number of disk boards on the module
System Options
List of the system options specified for the storage system
Drive Capacity (TB)
Total capacity of drives in the storage system except for external volumes
Spare Drive Capacity (TB)
Total capacity of the spare drives in the storage system
Free Drive Capacity(TB) Total capacity of the free drives in the storage system
OPEN Volume Capacity (GB)
List of the capacity of the open volumes You cannot sort this list.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
238
�Report examples: graphical view
Item M/F Volume Capacity (GB)
Number of LDEVs
Description
The list of the capacity of the mainframe volumes and multi-platform volumes You cannot sort this list.
List of the numbers of the volumes in the following status. allocated unallocated reserved free The list for open-systems and the list for mainframe-systems are separate. You cannot sort these lists.
Report examples: graphical view
Some Device Manager - Storage Navigator reports appear in graphical format.
The reports described in this topic display as graphics. icons are displayed before the names of reports in graphical view. If the icons or graphics are not displayed properly, update the window.
Cache Memories report
This report shows cache memory data, including shared memory capacity, controller boards, and DIMM cache.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
239
�Channel Boards report
Channel Boards report
This report shows the channel boards (also called front-end directors) and the ports, and also indicates the type of channel boards for each port. The keys (green = installed, gray= not installed) show which channel boards are installed and which are not installed.
Physical View report
This report shows controller chassis and drive box, and includes channel boards (also called front-end directors), disk boards (also called back-end directors), data drives, spare drives, and free drives.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
240
�Report examples: CSV files
The report also shows the storage system type, serial number, and software version. You can also check the legend for disk units, such as HDD, SSD, Spare, Free, or Not Installed.
Report examples: CSV files
Some Device Manager - Storage Navigator reports appear in CSV format. This topic describes reports that are saved in CSV format.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
241
�AllConf.csv
AllConf.csv
This is the concatenated file of all the csv files.
CacheInfo.csv
This CSV file contains information about cache packages. A record is created for each cache package.
Table 6 CacheInfo.csv file (Title: <<Cache>>)
Item Location CMG#0 Size(GB) CMG#1 Size(GB) Cache Size (GB) SM Size (GB)
CFM#0 Type CFM#1 Type
Content Name of cache package Cache memory capacity (in GB) of CMG(#0) in CTL Cache memory capacity (in GB) of CMG(#1) in CTL Total cache capacity of this package (in GB) Shared memory capacity (in GB). Includes the cache management information (directory). Output only when Cache Location is CACHE-1CA or CACHE-2CA. Blank displays in other cases. CFM(#0) type in Cluster CFM(#1) type in Cluster
ChapUserInfo.csv
This CSV file contains information about the iSCSI CHAP authenticated user registered to the port in the channel board. A record is created for each target related to the CHAP authenticated user.
Item
Content
Port
Port name
User Name
Name of the CHAP authenticated user1
iSCSI Target ID2
The iSCSI number of the target (00 to fe, hexadecimal)
Notes:
1. If the character string contains a comma, the comma is converted to a tab. 2. For the target information, see the record information with the same iSCSI target ID in
IscsiTargetInfo.csv.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
242
�ChaStatus.csv
ChaStatus.csv
This CSV file contains information about the status of each channel board (CHB). A record is created for each CHB.
Item
CHB Location
CHB name
PCB Status
Status of this CHB*
Port#00, #01, ..., #07
Status of ports on this CHB*
* 1: Normal, 0: Abnormal
Content
CTLInfo.csv
This CSV file contains information about the controller (CTL). A record is created for each CTL.
Item CTL Location
Board Type
Content Location of the CTL Output: CTLxx where xx: 01, 02, 11, 12, 21, 22, 31, 32, 41, 42, 51, 52 CTL type Output example for VSP 5100 and VSP 5500: CTL Output example for VSP 5200 and VSP 5600: CTL L
DeviceEquipInfo.csv
This CSV file contains information about equipment and devices that are part of the storage system, including DKC power supply, DB power supply, batteries, BKMF, and SVP. A record is created for each device.
Item Device Location Equip Status
Content Device location name. Equipment status of the device: Equipped Not Equipped
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
243
�DkaInfo.csv
Status
Item
Content
Status of the device: Normal Abnormal Blank if "Equip Status" is Not Equipped
DkaInfo.csv
This CSV file contains information about disk boards (DKBs). A record is created for each DKB. DKBs can also be called disk adapters (DKAs).
Table 7 DkaInfo.csv file (Title: <<DKA Information>>)
Item DKB Location Package Type
Content DKB name DKB type Example: Non-encryption DKB: DKB (2 Port) Non-encryption DKBN: DKBN (2 Port) Encryption DKB: EDKB (2 Port) Encryption DKBN: EDKBN (2 Port)
DkaStatus.csv
This CSV file contains information about the status of disk boards (DKBs). A record is created for each DKB.
Table 8 DkaStatus.csv file (Title: <<DKA Status>>)
Item DKB Location PCB Status BECON#00, #01 BEPORT#0000, #0001, ..., #0003.
Content DKB name Status of this DKB1 Status of BECON on this DKB1 Status of BEPORT on this DKB.1 Items are output in the format of "BEPORT#XXYY". XX: BE controller number (2-digit hexadecimal (00))
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
244
�DkcInfo.csv
Item
Content YY: BE port number (2-digit hexadecimal (00 to 03))
Notes: 1. 1: Normal, 0: Abnormal
DkcInfo.csv
This CSV file contains information about DKC. A record is created for each module. When Module #1 is not installed, the record for Module #1 is not created.
Table 9 DkcInfo.csv file (Title: <<DKC Information>>)
Item
Content
Storage System Type
Storage system type. Output example: VSP 5100 [Tab] 5500 [Tab] 5100H [Tab] 5500H3 VSP 5200 [Tab] 5600 [Tab] 5200H [Tab] 5600H3
Serial Number #
Serial product number (in decimal format, from 1 to 99999)
IP Address
IP address1 Output example: xxx.xxx.xxx.xxx (xxx is in decimal format)
Subnet Mask
Subnet mask1 Output example: xxx.xxx.xxx.xxx (xxx is in decimal format)
Number of CUs
Number of CUs (number in the decimal format)1
Number of DKBs
Number of DKBs (number in the decimal format)2
Configuration Type
Configuration type1 Output example: PCM
DKC#
DKC Number
Notes:
1. The same value is output for all DKCs. 2. Different values are output for all DKCs. 3. The model names are output concatenated with TAB characters.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
245
�DkuTempInfo.csv
DkuTempInfo.csv
This CSV file contains information about DB temperature for every two hours. The acquisition interval of temperature data cannot be changed from two hours. A record is DB temperature information obtained from the environment monitor. A record output to the first line shows the latest temperature information. Because DB temperature information is measured by DBPS, items are displayed in this unit*.
DkuTempInfo.csv shows the average temperature as DB temperature data. The total number of items is 1153.
The DB temperature data displayed in DkuTempAveInfo.csv (average temperature only), DkuTempMaxInfo.csv (maximum temperature only), and DkuTempMinInfo.csv (minimum temperature only) is the same value as the DB temperature data for DkuTempInfo.csv.
No records are created if the DKC is turned off. If the system is in maintenance mode or the SVP is rebooted, the data that is output every two hours might not contain data for the period.
If a failure occurs in the storage system, the correct information might not be output.
Table 10 DkuTempInfo.csv file (Title: <<DKU temperature Information>>)
Date
Item
DKU00 DB000 DBPS0001 Temperature average DKU00 DB000 DBPS0001 Temperature maximum value DKU00 DB000 DBPS0001 Temperature minimum value DKU27 DB191 DBPS1912 Temperature average DKU27 DB191 DBPS1912 Temperature maximum value DKU27 DB191 DBPS1912 Temperature minimum value
Description
Year, month, and date when temperature data was acquired in the format: YYYY/MM/DD hh:mm:ss
Average temperature (°C) for the two-hour period of DKU00 DB000 DBPS0001
Maximum temperature (°C) for the two-hour period of DKU00 DB000 DBPS0001
Minimum temperature (°C) for the two-hour period of DKU00 DB000 DBPS0001
Average temperature (°C) for the two-hour period of DKU27 DB191 DBPS1912
Maximum temperature (°C) for the two-hour period of DKU27 DB191 DBPS1912
Minimum temperature (°C) for the two-hour period ofDKU27 DB191 DBPS1912
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
246
�DkuTempInfo.csv
Note: An item name is displayed as "DKU DByyy DBPSyyya" or "DKUxx DByyy&zzz DBPSyyya". DKUxx: DKU location number (decimal) DByyy or DByyy&zzz: DB location number
The display format of DB location numbers differs depending on the type of DB. DByyy: DBL location number (decimal) DByyy&zzz: Location number of DBS2, DBF3, or DBN (decimal)
Two DB numbers are written together, and then displayed as one DB location. DBPSyyya: DBPS location number
yyy: DB location number (decimal) a: DBPS number (1, 2) The following table shows the locations and values for DKUxx, DByyy, and DByyy&zzz. If DB is not implemented, the item name is displayed with the same as DBL, and the data part is blank. In the case of DBS2, DBF3, and DBN, the data of the same item is displayed twice in duplicate by DB location.
DKU #
0
1
x
0
1
y
0
0
DKUxy
DKU00 DKU10
DKUPSxy DKU00zc DKU10zc zc
2 0 1 DKU01 DKU01zc
3 1 1 DKU11 DKU11zc
4 0 2 DKU02 DKU02zc
5 1 2 DKU12 DKU12zc
DKU # x y DKUxx DKUxxy
6
7
0
1
3
3
DKU03 DKU13
DKU03zc DKU13zc
8 0 4 DKU04 DKU04zc
9 1 4 DKU14 DKU14zc
10 0 5 DKU05 DKU05zc
11 1 5 DKU15 DKU15zc
The following tables list DKUPSxyzc: zc values (where DKC# is 0 and xy is 00)
DKU location number
DKU location number (DBS2/DBF3/DBN)
DKU00
DB000&001
DB002&003
DB004&005
DB006&007
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
247
�DkuTempAveInfo.csv
DKU location number
DKU location number (DBS2/DBF3/DBN)
DKU01
DB008&009
DB010&011
DB012&013
DB014&015
DKU26
DB176&177
DB178&179
DB180&181
DB182&183
DKU27
DB184&185
DB186&187
DB188&189
DB190&191
DKU locatio
n number
DKU location number (DBS2/DBF3/DBN)
DKU00 DB000 DB001 DB002 DB003 DB004 DB005 DB006 DB007
DKU01 DB008 DB09 DB010 DB011 DB012 DB013 DB014 DB015
DKU26 DB176 DB177 DB178 DB179 DB180 DB181 DB182 DB183
DKU27 DB184 DB185 DB186 DB187 DB188 DB189 DB190 DB191
A hyphen(-) is displayed if the power and temperature information cannot be acquired due to a unit or network failure.
DkuTempAveInfo.csv
This CSV file contains information about DB temperature for every two hours. The acquisition interval of temperature data cannot be changed from two hours. A record is DB temperature information obtained from the environment monitor. A record output to the first line shows the latest temperature information. Because DB temperature information is measured by DBPS, items are displayed in this unit*.
DkuTempAveInfo.csv shows the average temperature as DB temperature data. The total number of items is 385.
The DB temperature data displayed in DkuTempAveInfo.csv (average temperature only), DkuTempMaxInfo.csv (maximum temperature only), and DkuTempMinInfo.csv (minimum temperature only) is the same value as the DB temperature data for DkuTempInfo.csv.
No records are created if the DKC is turned off. If the system is in maintenance mode or the SVP is rebooted, the data that is output every two hours might not contain data for the period.
If a failure occurs in the storage system, the correct information might not be output.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
248
�DkuTempMaxInfo.csv
Table 11 DkuTempAveInfo.csv file (Title: <<DKU temperature average value Information>>)
Date
Item
DKU00 DB000 DBPS0001 Temperature average DKU27 DB191 DBPS1912 Temperature average
Description
Year, month, and date when temperature data was acquired in the format: YYYY/MM/DD hh:mm:ss
Average temperature (°C) for the two-hour period of DKU00 DB000 DBPS0001
Average temperature (°C) for the two-hour period of DKU27 DB191 DBPS1912
Note: An item name is displayed as "DKU DByyy DBPSyyya" or "DKUxx DByyy&zzz DBPSyyya".
DKUxx: DKU location number (decimal)
DByyy or DByyy&zzz: DB location number
The display format of DB location numbers differs depending on the type of DB.
DByyy: DBL location number (decimal)
DByyy&zzz: Location number of DBS2, DBF3, or DBN (decimal)
Two DB numbers are written together, and then displayed as one DB location.
DBPSyyya: DBPS location number
yyy: DB location number (decimal)
a: DBPS number (1, 2)
See DkuTempInfo.csv (on page 246) for locations and values for DKUxx, DByyy, and DByyy&zzz.
A hyphen(-) is displayed if the power and temperature information cannot be acquired due to a unit or network failure.
DkuTempMaxInfo.csv
This CSV file contains information about DB temperature for every two hours. The acquisition interval of temperature data cannot be changed from two hours. A record is DB temperature information obtained from the environment monitor. A record output to the first line shows the latest temperature information. Because DB temperature information is measured by DBPS, items are displayed in this unit*.
DkuTempMaxInfo.csv shows the maximum temperature as DB temperature data. The total number of items is 385.
The DB temperature data displayed in DkuTempAveInfo.csv (average temperature only), DkuTempMaxInfo.csv (maximum temperature only), and DkuTempMinInfo.csv (minimum temperature only) is the same value as the DB temperature data for DkuTempInfo.csv.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
249
�DkuTempMinInfo.csv
No records are created if the DKC is turned off. If the system is in maintenance mode or the SVP is rebooted, the data that is output every two hours might not contain data for the period.
If a failure occurs in the storage system, the correct information might not be output.
Table 12 DkuTempMaxInfo.csv file (Title: <<DKU temperature maximum value Information>>)
Date
Item
DKU00 DB000 DBPS0001
Temperature maximum value DKU27 DB191 DBPS1912 Temperature maximum value
Description
Year, month, and date when temperature data was acquired in the format: YYYY/MM/DD hh:mm:ss
Maximum temperature (°C) for the two-hour period of DKU00 DB000 DBPS0001
Maximum temperature (°C) for the two-hour period of DKU27 DB191 DBPS1912
Note: An item name is displayed as "DKU DByyy DBPSyyya" or "DKUxx DByyy&zzz DBPSyyya". DKUxx: DKU location number (decimal) DByyy or DByyy&zzz: DB location number
The display format of DB location numbers differs depending on the type of DB. DByyy: DBL location number (decimal) DByyy&zzz: Location number of DBS2, DBF3, or DBN (decimal)
Two DB numbers are written together, and then displayed as one DB location. DBPSyyya: DBPS location number
yyy: DB location number (decimal) a: DBPS number (1, 2) See DkuTempInfo.csv (on page 246) for locations and values for DKUxx, DByyy, and DByyy&zzz. A hyphen(-) is displayed if the power and temperature information cannot be acquired due to a unit or network failure.
DkuTempMinInfo.csv
This CSV file contains information about DB temperature for every two hours. The acquisition interval of temperature data cannot be changed from two hours. A record is DB temperature information obtained from the environment monitor. A record output to the first line shows the latest temperature information. Because DB temperature information is measured by DBPS, items are displayed in this unit*.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
250
�DkuTempMinInfo.csv
DkuTempMinInfo.csv shows the minimum temperature as DB temperature data. The total number of items is 385.
The DB temperature data displayed in DkuTempAveInfo.csv (average temperature only), DkuTempMaxInfo.csv (maximum temperature only), and DkuTempMinInfo.csv (minimum temperature only) is the same value as the DB temperature data for DkuTempInfo.csv.
No records are created if the DKC is turned off. If the system is in maintenance mode or the SVP is rebooted, the data that is output every two hours might not contain data for the period.
If a failure occurs in the storage system, the correct information might not be output.
Table 13 DkuTempMinInfo.csv file (Title: <<DKU temperature minimum value Information>>)
Date
Item
DKU00 DB000 DBPS0001 Temperature minimum value DKU27 DB191 DBPS1912 Temperature minimum value
Description
Year, month, and date when temperature data was acquired in the format: YYYY/MM/DD hh:mm:ss
Minimum temperature (°C) for the two-hour period of DKU00 DB000 DBPS0001
Minimum temperature (°C) for the two-hour period of DKU27 DB191 DBPS1912
Note: An item name is displayed as "DKU DByyy DBPSyyya" or "DKUxx DByyy&zzz DBPSyyya". DKUxx: DKU location number (decimal) DByyy or DByyy&zzz: DB location number
The display format of DB location numbers differs depending on the type of DB. DByyy: DBL location number (decimal) DByyy&zzz: Location number of DBS2, DBF3, or DBN (decimal)
Two DB numbers are written together, and then displayed as one DB location. DBPSyyya: DBPS location number
yyy: DB location number (decimal) a: DBPS number (1, 2) See DkuTempInfo.csv (on page 246) for locations and values for DKUxx, DByyy, and DByyy&zzz. A hyphen(-) is displayed if the power and temperature information cannot be acquired due to a unit or network failure.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
251
�ELunInfo.csv
ELunInfo.csv
This CSV file contains information about external volumes. Information about one external volume is output to multiple records according to the number of prioritized paths between the local and the external storage systems.
For details about external volumes, see the Hitachi Universal Volume Manager User Guide.
Item VDEV# Characteristic1
Characteristic2 Device
Capacity(blocks) Cache Mode
ECC Group
Current MPU Setting MPU Vendor Product Name Serial Number# Path Mode
Content
Virtual device number to which the external volume is mapped
Identification number of the external volume If the character string contains a comma, the comma is converted to a tab.
Extended information for identifying the external volume
Product name reported to the host by the external volume If the character string contains a comma, the comma is converted to a tab.
Capacity of the external volume (in blocks)
Indicates whether the write data from the host to the external storage system is reflected synchronously or asynchronously Enabled: Asynchronously Disabled: Synchronously
Number of parity group to which the external volume is mapped. If the number starts with "E" (for example, E1-1), the parity group contains external volumes.
Number of a current MP unit controlling the parity group to which the external volume is mapped
Number of an MP unit configured to control the external volume indicated by ECC Group
Vendor name of the external storage system
Product name of the external storage system
Serial product number of the external storage system
Mode which indicates how the paths between local and external storage systems operate Multi Single ALUA
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
252
�ELunInfo.csv
Item Port WWN LUN Priority
Status
IO TOV QDepth Resource Group ID (ECC Group) Resource Group Name (ECC Group) Load Balance Mode
Path Mode on Profile
ALUA Settable
Content
Name of a local port from which the external path is connected to the external storage system
Port identifier number of the external storage system This item is blank when the "Package Type" is iSCSI.
LU number set for the external volume.
Priority of the paths between the storage systems to be used for connection with the external volume. "1" indicates the path with the highest priority.
Status of the path between storage systems. Normal Blocked
I/O timeout value for the external volume
The number of Read/Write commands that can be issued to the external volume at a time
Resource group ID for the parity group that is mapping external volumes (in hexadecimal format)
Resource group name of the parity group that is mapping external volumes
I/O load balance distribution logic specified for external volume: Normal Round-robin Extended Round-robin Disabled - (hyphen): Single is specified in Path Mode.
Path mode on profile information of the external storage system: Multi Single
Indicates whether ALUA mode can be set as path mode on the external storage system Yes: ALUA mode can be set No: ALUA mode cannot be set
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
253
�EnvMonInfo.csv
Item ALUA Permitted Target Port Asymmetric Access State
Package Type IP Address
TCP Port Number iSCSI Target Name Virtual Port ID
Content
Indicates whether ALUA mode is used as path mode on the local storage system: Enabled: ALUA mode is used Disabled: ALUA mode is not used
Status of the port on the external storage system when the path mode is ALUA: Active/Optimized Active/Non-Optimized Blank: The path mode is other than ALUA.
Type of CHB to which a port of the local storage system connecting to the external storage system belongs: Output example for FC: 4HF32R(Fibre) Output example for iSCSI: 2HS10S(iSCSI)
IP address for an iSCSI target of an external storage system IPv6:
(XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX) XX: 00 to FF (hexadecimal) IPv4: (XXX.XXX.XXX.XXX) XXX: 0 to 255 (decimal) - (blank): The "Package Type" is other than iSCSI.
TCP port number (1 through 65535) for the iSCSI target of an external storage system This item is blank when the "Package Type" is other than iSCSI.
iSCSI target name of an external storage system This item is blank when the "Package Type" is other than iSCSI.
Virtual port number of own storage system to which external storage system is connected. If Virtual Port Mode is Disabled, this column is blank.
EnvMonInfo.csv
This CSV file contains information about the power and temperature of the storage system. Power and temperature measurements from the environment monitor are recorded every 2 hours.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
254
�HSNBXTempInfo.csv
No records are created if the storage system is turned off. If the system is in maintenance mode or the SVP is rebooted, up to 2 hours of records could be lost.
If a failure occurs in the storage system, the correct information might not be output.
A hyphen(-) is displayed if the power and temperature information cannot be acquired due to a unit or network failure.
Item
Description
Date
Year, month, and date when record data was acquired for the 2-hour period in the format:
YYYY/MM/DD HH:MM:SS
Electric power average Average value of electric power (W)
Electric power maximum Maximum value of electric power (W) value
Electric power minimum value
Minimum value of electric power (W) In the following cases, a lower value might be temporarily displayed: When the storage system is starting up Right after replacing storage system parts During or after microcode/firmware update
DKC0 CLT01 Temperature average
DKC0: Average temperature of CLT01 (°C)
DKC0 CLT01 Temperature maximum value
DKC0: Maximum temperature of CLT011 (°C)
DKC0 CLT01 Temperature minimum value
DKC0: Minimum temperature of CLT01 (°C)
DKC5 CLT52 Temperature average
DKC5 CLT52: Average temperature of CL2 (°C)
DKC5 CLT52 Temperature maximum value
DKC5 CLT52: Maximum temperature of CL2 (°C)
DKC5 CLT52 Temperature minimum value
DKC5 CLT52: Minimum temperature of CL2 (°C)
HSNBXTempInfo.csv
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
255
�HduInfo.csv
This CSV file contains information about HSNBX temperature for every two hours. The acquisition interval of temperature data cannot be changed from two hours. A record is HSNBX temperature information obtained from the environment monitor. A record output to the first line shows the latest temperature information.
No records are created if the DKC is turned off. If the system is in maintenance mode or the SVP is rebooted, up to two hours of records could be lost.
If a failure occurs in the storage system, the correct information might not be output.
Date
Item
HSNBX0 HSNPANEL0 Temperature average
HSNBX0 HSNPANEL0 Temperature maximum value
HSNBX0 HSNPANEL0 Temperature minimum value
HSNBX1 HSNPANEL1 Temperature average
HSNBX1 HSNPANEL1 Temperature maximum value
HSNBX1 HSNPANEL1 Temperature minimum value
Description Year, month, and date when record data was acquired for the two-hour period in the format: YYYY/MM/DD HH:MM:SS HSNBX0: Average temperature of CLT01 (°C) HSNBX0: Maximum temperature of CLT011 (°C)
HSNBX0: Minimum temperature of CLT01 (°C)
HSNBX1: Average temperature of CL2 (°C) HSNBX1: Maximum temperature of CL2 (°C)
HSNBX1: Minimum temperature of CL2 (°C)
A hyphen(-) is displayed if the power and temperature information cannot be acquired due to a unit or network failure.
HduInfo.csv
This CSV file contains information about drive boxes (DBs). A record is created for each DB.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
256
�HduInfo.csv
Note: Multiple DBs (for example, DB000&001) output to DB Location are DBs that have multiple DB information internally in one physical DB. For these DBs, the same number of records as the number of DB information is output. You can also check the DB Location output to this CSV in the Physical View report.
Example:
DB Location,DB Status,Slot Size,DB Type DB00&01,Installed,2.5,DBS2 DB00&01,Installed,2.5,DBS2 DB02&03,Installed,2.5,DBS2 DB02&03,Installed,2.5,DBS2 DB04,Installed,2.5,DBS DB05,Installed,2.5,DBS DB06,Installed,2.5,DBS <omit> DB50&51,Installed,2.5,DBS2 DB50&51,Installed,2.5,DBS2 DB52&53,Installed,2.5,DBS2 DB52&53,Installed,2.5,DBS2 DB54,Installed,2.5,DBS DB55,Installed,2.5,DBS
<omit>
Item DB Location DB Status Slot Size
DB Type
Content DB location name Output example: HDU000 Information about whether this DB is installed or not Installed Not Installed Slot size (inches) 2.5 3.5 Blank when DB is DBF3(FMD DC2) DB type of HDU DBL (DB for 3.5-inch drive) DBS2 (2.5 inch SAS DB) DBF3 (DB for FMD DC2) DBN (2.5-inch NVMe DB)
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
257
�IscsiHostInfo.csv
IscsiHostInfo.csv
This CSV file contains information about iSCSI Initiator (Host) set to the channel board port. A record is created for each iSCSI Host (Initiator) target.
Item
Content
Port
Port name
iSCSI Name
iSCSI host name
Host Name
Nickname for iSCSI host name
iSCSI Target ID1
iSCSI target number (hexadecimal format, 00 to fe)
Notes:
1. For the target information, see the record information with the same iSCSI target ID in IscsiTargetInfo.csv.
IscsiPortInfo.csv
This CSV file contains iSCSI information for the channel board (CHB) ports. A record is created for each iSCSI host (initiator) target.
Item Port IPv4 | IP Address
IPv4 | Subnet Mask
IPv4 | Default Gateway
IPv6 | Mode
Content Port name IPv4 address Output example: xxx.xxx.xxx.xxx (decimal) This item is blank if "Virtual Port Mode" is Enabled. IPv4 subnet mask (decimal) Output example: xxx.xxx.xxx.xxx (decimal) This item is blank if "Virtual Port Mode" is Enabled. Port IPv4 default gateway Output example: xxx.xxx.xxx.xxx (decimal) This item is blank if "Virtual Port Mode" is Enabled. Port IPv6 settings Enabled Disabled This item is blank if "Virtual Port Mode" is Enabled.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
258
�IscsiPortInfo.csv
Item
Content
IPv6 | Link Local Address Port IPv6 link local address Output example: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (hexadecimal) Output example: Auto Auto is displayed if the link address is automatically set. This item is blank if "IPv6 | Mode" is Disabled or "Virtual Port Mode" is Enabled.
IPv6 | Global Address
IPv6 global address of the port Output example: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (hexadecimal) Output example: Auto Auto is displayed if the link address is automatically set. This item is blank if "IPv6 | Mode" is Disabled or "Virtual Port Mode" is Enabled.
IPv6 | Assigned Default Gateway
Port IPv6 assigned default gateway
Output example: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (hexadecimal)
This item is blank if "IPv6 | Mode" is Disabled or "Virtual Port Mode" is Enabled.
Channel Speed
Data transfer speed of the port (for example, 1G, 10G, Auto)
Security Switch
Port security switch settings On Off
TCP Port Number
The number of the port for using socket (1 to 65535) This item is blank if "Virtual Port Mode" is Enabled.
Ethernet MTU Size (Byte) | MTU
MTU settings 1500 4500 9000 This item is blank if "Virtual Port Mode" is Enabled.
Keep Alive Timer (sec.)
Keep alive timer value of iSCSI (30 to 64800) (sec) This item is blank if "Virtual Port Mode" is Enabled.
Selective ACK
Selective ACK mode Enabled Disabled
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
259
�IscsiPortInfo.csv
Item
Content This item is blank if "Virtual Port Mode" is Enabled.
Delayed ACK
Delayed ACK mode Enabled Disabled This item is blank if "Virtual Port Mode" is Enabled.
Maximum Window Size (KB)
Window scale option settings 64KB 128KB 256KB 512KB 1024KB This item is blank if "Virtual Port Mode" is Enabled.
iSNS Server | Mode
iSNS mode settings On Off
iSNS Server | IP Address IP address of the iSNS server IPv4: xxx.xxx.xxx.xxx (decimal) IPv6: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (hexadecimal) - (blank): "iSNS Server | Mode" is Off.
iSNS Server | TCP Port Number
Port number of TCP used for iSNS (1 to 65535). This item is blank if "iSNS Server | Mode" is Off.
VLAN | Tagging Mode
VLAN tagging mode set to the port On Off This item is blank if "Virtual Port Mode" is Enabled.
VLAN | ID
VLAN number set to the port (1 to 4094)
This item is blank if "VLAN | Tagging Mode" is Off or "Virtual Port Mode" is Enabled.
Resource Group ID (Port)
Resource group ID of the port (0 to 1023 in decimal)
Resource Group Name(Port)
Resource group name of the port
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
260
�IscsiTargetInfo.csv
Item iSCSI Name CHAP User Name IPv6 | Global Address 2
Virtual Port Mode
Content
iSCSI name of the port
Authenticated user name of the port
IPv6 global address 2 of the port Output example: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (hexadecimal) Output example: Auto Auto is displayed if the global address 2 is automatically set. This item is blank if "IPv6 | Mode" is Disabled or "Virtual Port Mode" is Enabled.
Virtual port mode of the port Enabled Disabled
IscsiTargetInfo.csv
This CSV file contains information about iSCSI target information set to the channel board port. A record is created for each iSCSI target.
Item Port iSCSI Target Alias iSCSI Target ID iSCSI Target Name Host Mode Host Mode Option
Security Switch
Authentication | Method
Content Port name iSCSI target alias Number of the iSCSI target (00 to fe, hexadecimal) Name of the iSCSI target Host mode set to the iSCSI target (hexadecimal) Host mode option set to the iSCSI target (decimal) Separated with a semicolon (;) if multiple host mode options are set. Security switch status set to the iSCSI target port On Off Authentication method settings of the iSCSI target CHAP None Comply with Host Setting
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
261
�JnlInfo.csv
Item Authentication | Mutual CHAP
Authentication | User Name Resource Group ID (iSCSI Target) Resource Group Name (iSCSI Target)
Content Mutual CHAP authentication function settings of the iSCSI target Enabled Disabled User name set when iSCSI target was authenticated
Resource group ID of the iSCSI target (0 to 1023)
Resource group name of the iSCSI target
JnlInfo.csv
This CSV file contains information about Journals. A record is created for each journal. Table 14 JnlInfo.cvs file (Title: <<JNL Information>>)
Item JNL# Current MPU Setting MPU
Content Journal number (in the hexadecimal format) Number of MP unit currently controlling the journal Number of MP unit configured to control the journal
LdevCapaInfo.csv
This CSV file contains information about LDEV capacities. A record is created for each of the classifications shown in "Volume Kind".
Item Volume Kind
Content
The following classifications are output: Internal OPEN Volumes Internal Mainframe Volumes External OPEN Volumes External Mainframe Volumes Total OPEN Volumes Total Mainframe Volumes
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
262
�LdevCountInfo.csv
Item
Content
Allocated LDEV Capacity Allocated LDEV capacity (GB)
Unallocated LDEV Capacity (GB)
Unallocated LDEV capacity
Reserved Capacity (GB) Reserved LDEV capacity
Total Volume Capacity (GB)
Total capacity of "Allocated LDEV Capacity", "Unallocated LDEV Capacity" and "Reserved Capacity"
Free Space (GB)
Free Space
Total Capacity (GB)
Total Capacity The sum of "Total Volume Capacity" and "Free Space"
LdevCountInfo.csv
This CSV file contains information about the number of logical devices (LDEVs). A record is created for each of the classifications shown in "Volume Kind".
Item
Content
Volume Kind
The following classifications are output: Internal Volumes External Volumes Total Volumes
Allocated OPEN LDEVs Number of allocated open-system volumes (LDEVs)
Unallocated OPEN LDEVs
Number of unallocated open-system volumes (LDEVs)
Reserved OPEN LDEVs Number of reserved open-system volumes (LDEVs)
Allocated Mainframe LDEVs
Number of allocated mainframe and multi-platform volumes (LDEVs)
Reserved Mainframe LDEVs
Number of reserved mainframe and multi-platform volumes (LDEVs)
V-VOL
Number of virtual volumes
This item is output only when "Volume Kind" is Total Volumes.
This item is blank when "Volume Kind" is Internal Volumes or External Volumes.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
263
�LdevInfo.csv
Item Total(All LDEVs) ECC Groups
Total number of LDEVs Total number of parity groups
Content
LdevInfo.csv
This CSV file contains information about logical devices (LDEVs). A record is created for each LDEV. For details about LDEVs, see the Provisioning Guide.
Item ECC Group
LDEV# LDEV Name LDEV Emulation LDEV Type
LDEV Attribute
Content
Number of parity group to which the LDEV belongs If the number starts with "E" (for example, E1-1), the parity group
contains external volumes. If the number starts with "M" (for example, M1-1), the parity group
contains FICON® DM volumes. If "LDEV Type" is Dynamic Provisioning, Thin Image V-VOL, or ALU
(Administrative Logical Unit), a hyphen (-) is output.
LDEV number
LDEV name If the character string contains a comma, the comma is converted to a tab.
LDEV emulation type
LDEV type: Basic Dynamic Provisioning External Thin Image (Thin Image V-VOL) ALU
LDEV Attribute: CMDDEV (Command device) CMDDEV* (Remote command device) Journal (Journal volume) Pool (Pool volume) Reserve (Reserved volume)
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
264
�LdevInfo.csv
Item
Volume Size(Cyl) Volume Size(MB) Volume Size(Blocks) CVS Pool ID
RAID Concatenation#0 RAID Concatenation#1 RAID Concatenation#2 ORACLE CHECK SUM
Content Quorum disk (Quorum Disk used with global-active device) TSE (mainframe track space efficient (TSE) volume) ESE (mainframe extent space efficient (ESE) volume) ALU SLU (Subsidiary Logical Unit) Deduplication system data volume Regular (Others)
LDEV capacity (in cylinders)
LDEV capacity (in MB)
LDEV capacity (in blocks)
Information about whether the LDEV is a custom-sized volume: On: The volume is a custom-sized volume. Off: "Off" is output for all other volumes.
Pool number The pool number is output in the following cases: "LDEV Type" is Dynamic Provisioning LDEV Attribute is Pool This item is blank for all other cases.
Number of parity group to be concatenated to parity group (#0) identified by ECC Group This item is blank when the parity group is not concatenated to another parity group.
Number of parity group to be concatenated to parity group (#1) identified by ECC Group This item is blank when the parity group is not concatenated to another parity group.
Number of parity group to be concatenated to parity group (#2) identified by ECC Group This item is blank when the parity group is not concatenated to another parity group.
Information about whether this LDEV is Oracle check sum target:
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
265
�LdevInfo.csv
Item
Current MPU Setting MPU Allocated
Pool Name CmdDevSecurity
CmdDevUserAuth
CmdDevDevGrpDef
Content For open-systems and multi-platform volumes: On Off For mainframe volumes, this item is blank.
Number of MP unit currently controlling the LDEV
Number of MP unit configured to control LDEV
Information about whether this LDEV is allocated to a host: For open-systems volumes, Y indicates that the volume is accessible to
the host. For mainframe and multi-platform volumes, Y is output for all volumes except Reserved volumes. For open-systems volumes, N indicates that the volume is not accessible to the host. For mainframe and multi-platform volumes, N indicates that the volume is Reserved.
Name of the pool indicated by Pool ID If the character string contains a comma, the comma is converted to a tab.
Indicates whether Security is specified as the attribute for the command device: Enabled: Command device security is set. Disabled: Command device security is not set. Blank: "LDEV Attribute" is not CMDDEV.
Indicates whether User Authentication is specified as the attribute for the command device: Enabled: User authentication is set. Disabled: User authentication is not set. Blank: "LDEV Attribute" is not CMDDEV.
Indicates whether Device Group Definition is specified as the attribute for the command device: Enabled: Device group definition is set. Disabled: Device group definition is not set. Blank: "LDEV Attribute" is not CMDDEV.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
266
�LdevStatus.csv
Item Resource Group ID (LDEV) Resource Group Name (LDEV) Encryption
ALUA Mode
T10 PI
Accelerated Compression
Namespace ID
Content LDEV resource group ID (decimal number)
LDEV resource group name
Indicates whether the parity group identified by ECC Group is encrypted: For internal volumes: Enabled (encrypted) Disabled (not encrypted) For external volumes, this item is blank. Indicates whether the ALUA mode is enabled: Enabled Disabled Blank: The volume is a mainframe volume. Indicates the T10 PI attribute set for the LDEV: Enabled Disabled Blank: The "LDEV Emulation" is not OPEN-V. Indicates whether accelerated compression is enabled: For internal volumes: Enabled: Accelerated compression is enabled. Disabled: Accelerated compression is disabled. Blank: The parity group with LDEV does not support accelerated
compression. For external volumes, this item is blank. Indicates the namespace ID of the LDEV If the LDEV is not registered as a namespace, this field remains blank.
LdevStatus.csv
This CSV file contains information about the status of logical devices (LDEVs). A record is created for each LDEV.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
267
�LogPathStatus.csv
Item VDEV# VDEV Status
HDEV# HDEV Status
LDEV Emulation ECC Group
Content
Virtual device number in which the LDEV is defined
VDEV status of "VDEV#" 1: Normal 0: Abnormal
LDEV number
LDEV status 1: Normal 0: Abnormal
LDEV emulation type
Number of the parity group to which the LDEV belongs. If the number starts with "E" (for example, E1-1), the parity group
contains external volumes. If the type of the LDEV is a Dynamic Provisioning, Thin Image V-VOL, or
ALU virtual volume, a hyphen (-) is output. Refer to "LdevInfo.csv" for information about the LDEV type.
LogPathStatus.csv
This CSV file contains information about mainframe logical paths. Table 15 LogPathStatus.csv file (Title: <<Main Frame Logical Path Status>>)
Item LPN# CHB Location Port Link
LGCL LDKC# CU#
Content Logical path number (in the hexadecimal format) CHB name Port name Link address of the connected host (6-digit number in the hexadecimal format) Logical address of the connected host (number in the hexadecimal format) Number of connected LDKC (in the hexadecimal format) Number of connected CU (in the hexadecimal format)
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
268
�LPartition.csv
LPartition.csv
This CSV file contains information about the cache logical partitioning function. A record is created for each cache partition for a managed resource. For details about the cache logical partitioning function, see the Performance Guide.
Item CLPR# CLPR Name Cache Size(MB) Cache Residency Size(MB) ECC Group LDEV#(V-VOL)
Content CLPR ID (decimal number) Name of the CLPR Cache size (in MB) allocated to this CLPR ID Cache Residency Manager cache size (in MB) allocated to this CLPR ID
Number of parity group allocated to this CLPR ID Number of LDEVs allocated to this CLPR ID The type of this LDEV is Dynamic Provisioning, Thin Image V-VOL, or ALU. This item is blank when no LDEVs are assigned to the CLPR ID.
LunInfo.csv
This CSV file contains information about LU path definitions. A record is created for each LU path definition. When only the port name (Port) is output, it indicates that no LU path is defined for the port (which is used only for a remote path or an external path). For details about LU path definitions, see the Provisioning Guide for Open Systems. For information about iSCSI targets, see IscsiTargetInfo.csv.
Item Port Host Group Host Mode Host Mode Option
LUN#
Description Port name Host group name If "Package Type" is iSCSI, the iSCSI target alias is output. Host mode specified for this host group (hexadecimal) Host mode option set for this host group (number in the decimal format) If more than one option is specified, the options are separated by semicolons (;). This item is blank when no host mode option has been specified. LUN number for this LU path definition (hexadecimal) This item is blank when no LU path is defined for the host group.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
269
�LunInfo.csv
Item LDEV# Command Device
Command Security
CVS
CHB Location Package Type
Resource Group ID (Host Group) Resource Group Name (Host Group) T10 PI Mode
Description LDEV number for this LU path definition This item is blank when no LU path is defined for the host group. Information about whether the LDEV is a command device: On: Command Device On*: Remote Command Device Off: Others Blank: No LU path is defined for the host group. Information about whether the command device is secured: On Off Blank: No LU path is defined for the host group. Information about whether the LDEV is a custom-sized volume: On: Customized volume Off: Other volumes Blank: No LU path is defined for the host group. Name of the CHB on which this port is installed CHB type for CHB Location Output example for Fibre: 4HF32R(Fibre) Output example for iSCSI: 2HS10S(iSCSI) Resource group ID of a host group (0 to 1,023, decimal)
Resource group name of a host group
Indicates whether the T10 PI mode can be applied to the port for which the LU path is defined: Enabled Disabled Blank: "Package Type" does not support T10 PI mode.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
270
�LunPortInfo.csv
T10 PI
Item
Asymmetric Access State
Description
Information about the T10 PI attribute which is set for the LDEV number of the LU path definition. Enabled Disabled Blank: The LDEV# is blank.
Asymmetric access status (output only for an open-systems CHB that is FC or FCoE) Indicates the asymmetric access status: Active/Optimized: Prioritized Active/Non-Optimized: Lower priority Blank: "Package Type" is iSCSI
LunPortInfo.csv
This CSV file contains information about LU path definition. A record is created for each port. For details about LU path definition, see the Provisioning Guide.
Item Port Security Switch
Port Address Loop ID Fabric
Content Port name The setting status of the security switch: On Off Port address (2-digit hexadecimal number) 00 to ff This item is blank when "Package Type" is iSCSI. Port address (0 - 125, decimal) This item is blank when "Package Type" is iSCSI. Setting status of the Fabric switch: On Off Blank: "Package Type" is iSCSI.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
271
�MfDMInfo.csv
Item Connection
Channel Speed WWN CHB Location Package Type
T10 PI Mode
Content Fibre topology setting: Point to Point FC-AL Blank: "Package Type" is iSCSI. Channel speed of this port (for example, 4G, 10G, 32G) WWN of this port (hexadecimal number) This item is blank when "Package Type" is iSCSI. CHB on which the port is installed. CHB type for CHB Location Output example for Fibre: 4HF32R(Fibre) Output example for iSCSI: 2HS10S(iSCSI) Output example for FICON®: 4Mx16(Mfibre) Indicates whether the T10 PI mode can be applied to the port: Enabled Disabled
MfDMInfo.csv
This CSV file contains information about migration volumes for mainframe. A record is created for each migration volume.
Table 16 MfDMInfo.csv file (Title: <<M/F DM Information>>)
Item
Content
Migration Volume Group Number of the migration volume The number starts with "M" (for example, M1-1)
Current MPU
Number of the MP unit that is controlling the migration volume
Setting MPU
Number f the MP unit specified to control the migration volume
Resource Group ID (ECC Group)
Resource group ID of migration volume (number in the decimal format)
Resource Group Name (ECC Group)
Resource group name of migration volume
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
272
�MfPortInfo.csv
This CSV file contains the port information on the mainframe system. Table 17 MfPortInfo.csv (Title: MainFramePortInfo.csv)
Item Port Channel Speed
WWN CHB Location Package Type
Content Port name Data transfer speed of the port Output examples: 16G 32G AUTO WWN of the port (16-digit hexadecimal) CHB location on which the port is installed Type of the CHB displayed in CHB Location Output examples: FICON16G: 4Mx16 (Mfibre) FICON32G: 4Mx32 (Mfibre)
MfPortInfo.csv
MicroVersion.csv
This CSV file contains information about microcode, firmware, and software versions. Table 18 MicroVersion.csv file (Title: <<Micro Version>>)
Item DKCMAIN HTP DKB SVP CBA SSVP FCDG ROM BOOT RAM BOOT
Content The version of the microcode for the RAID storage system (10 digits) HTP firmware version (6 digits) DKB firmware version (6 digits) Version of the firmware installed on the service processor (8 digits) CBA version (12 digits) SSVP firmware version (8 digits) FCDG firmware version (6 digits) ROM BOOT firmware version (6 digits) RAM BOOT firmware version (6 digits)
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
273
�MlcEnduranceInfo.csv
Config HDD
Item
HDD (SVP) Expander CFM Printout Tool ISCF GUM FCBK ISW DKBN NSW EDKBN MFMH
Content Config firmware version (8 digits) HDD firmware version (4 digits) HDD version in the format of "(HDD device type - code):(version)." If an HDD drive is not installed, only a colon (:) is displayed. HDD(SVP) firmware version (4 digits) Expander firmware version (6 digits) CFM firmware version (8 digits) Printout tool version ISCF version (8 digits) GUM firmware version (8 digits) FCBK version (8 digits) ISW firmware version (8 digits) DKBN version (6 digits) NSW version (6 digits) EDKBN version (6 digits) MFMH version (8 digits)
MlcEnduranceInfo.csv
This CSV file contains information about endurance information of SSD, SCM, or FMD DC2. A record is created for each SSD, SCM, or FMD DC2 endurance information.
If you change the SVP time 1 month or more, the history acquisition months will not be in order.
Item ECC Group CR#
Content Number of parity groups. C# and R# (2-digit hexadecimal numbers), which identify the PDEV Output in the format of "XX/YY" where: XX: C# YY: R#
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
274
�ModePerLpr.csv
Item Device Type-Code
Used Endurance Indicator (%)
History1 (date) History1 (%) History2 (date) History2 (%) History3 (%) ... History 119 (%) History120 (date)
History120 (%)
Content Drive type code of this drive Output example: SLR5B-M200SS The current used endurance of SSD life (0 to 100) The value of this indicator increases due to drive operation associated with internal processing of the storage system, and the host I/O. Even when no data is copied due to a drive failure, the value of this indicator increases because the spare drive also performs internal processing. Date on which the used endurance of SSD life was acquired (1 month ago) The used endurance of SSD life (0 to 100)(1 month ago) Date on which the used endurance of SSD life was acquired (2 months ago) The used endurance of SSD life (0 to 100) (2 months ago) Life (0 to 100) (3 months ago ...119 months ago)
Date on which the used endurance of SSD life was acquired (120 months ago) The used endurance of SSD life (0 to 100) (120 months ago)
ModePerLpr.csv
This CSV file contains information about system option modes. A record is created for each system option mode.
Item
System Option Mode#
LPR#0, LPR#1, ..., LPR#31
Content System option mode # (decimal number) System option mode for LPR#0 to LPR#31 If the system option mode is on:
On If the system option mode is not on:
Blank
MpPathStatus.csv
This CSV file contains information about the status of logical paths. A record is created for each MP unit or CTL.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
275
�MpPathStatus.csv
Item MPU#/CTL#
Table 19 MpPathStatus.csv file (Title: <<MP Path Status>>)
Content MP unit number or CTL number (2-digit hexadecimal numbers): For MP unit number
MPU#00 to MPU#0b
For CTL number CTL#00 to CTL #0b
CMG#00-00 to CMG#00-0b
CMG#01-00 to CMG#01-0b
CMG#02-00 to CMG#02-0b
CMG#03-00 to CMG#03-0b
MPU#00-00 to MPU#00-0b
MPU#01-00 to MPU#01-0b
MPU#02-00 to MPU#02-0b
MPU#03-00 to MPU#03-0b
CMG#00-00 to CMG#00-0b
CMG#01-00 to CMG#01-0b
CMG#02-00 to CMG#02-0b
CMG#03-00 to CMG#03-0b
MPU#00-00 to MPU#00-0b
MPU#01-00 to MPU#01-0b
MPU#02-00 to MPU#02-0b
Cache module path status for MP unit number in the format of "CMG#XXYY".1 (CMG#XX-YY) XX: I path (00 to 03), YY: CMG# (00 to 0b)
MP unit path status for MP unit number in the format of "MPU#XX-YY".1 MPU#XX-YY) XX: I path (00 to 03), YY: MPU# (00 to 0b )
Cache module path status for CTL number in the format of "CMG#XX-YY".1 (CMG#XX-YY) XX: I path (00 to 03), YY: CMG# (00 to 0b): MSW number in one module (2-digit number in the hexadecimal format)
MP unit path status for CTL number in the format of "MPU#XX-YY".1 (MPU#XX-YY) XX: I path (00 to 03), YY: MPU# (00 to 0b)
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
276
�MpPcbStatus.csv
Item MPU#03-00 to MPU#03-0b
Notes: 1. 1=Normal, 0=Abnormal
Content
MpPcbStatus.csv
This CSV file contains information about the status of MP unit. A record is created for each MP unit.
Table 20 MpPcbStatus.csv file (Title: <<MP PCB Status>>)
Item
Content
MPU ID
MP unit ID
Auto Assignment
Information about whether this MP unit is set to be automatically assigned to each resource or not Enabled
Set to be automatically assigned Disabled
Not set to be automatically assigned
PCB Status
MP unit status1
MP#00, #01, #02..., #13 MP status on MP unit #0 to #131
Notes: 1. 1=Normal, 0=Abnormal
PcbRevInfo.csv
This CSV file contains information about revisions of packages such as channel boards (CHBs) and others. A record is created for each package.
Item Location FRU number PK Revision Factory
Content Part name Product name of the package or some other name Revision of the package Factory manufacturing the package
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
277
�PdevCapaInfo.csv
Item Number MAC Address
Content Serial number of the package MAC address of the package This item always remains blank.
PdevCapaInfo.csv
This CSV file contains information about physical device (PDEV) capacities. A record is created for each of the classifications shown in "PDEV Kind".
Item PDEV Kind
HDD Drive Spare Drive
SSD Drive Free Drive
Content
The following four classifications are output: OPEN System (TB) Mainframe System (TB) Total Capacity (TB) Number of PDEVs
HDD drive capacity (TB)
Spare drive capacity (TB) This item is blank if "PDEV Kind" is "OPEN System (TB)" or "Mainframe System (TB)".
SSD/SCM capacity (TB)
Free drive capacity (TB) This item is blank if "PDEV Kind" is "OPEN System (TB)" or "Mainframe System (TB)".
PdevInfo.csv
This CSV file contains information about physical devices (PDEVs). A record is created for each PDEV.
Item ECC Group
Content Number of parity group of which this PDEV is a component: Spare Drive: For spare drives
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
278
�PdevInfo.csv
Item Emulation Type
CR#
PDEV Location Device Type Interface RPM
Device Type-Code Device Size
Device Capacity Drive Version DKB1 DKB2 DKB3 DKB4 Serial Number # RAID Level
RAID Concatenation #0
RAID Concatenation #1
Content Emulation type for the parity group indicated by "ECC Group" This item is blank when the ECC Group is Spare Drive. C# and R# (2-digit hexadecimal numbers that identify the PDEV) Output in the format XX/YY, where: XX: C# YY: R# PDEV location name Drive type (for example, HDD, SSD, FMD, SCM) Drive control interface (for example, NVMe, SAS, SATA) Revolutions per minute (unit: rpm) A hyphen (-) is output when the drive type is not HDD. Device type code of this drive (for example, DKR5D-J600SS) Drive size (inches) (for example, 2.5, 3.5) This item is blank when the drive type is FMD. Drive capacity (GB or TB) Drive firmware version Name of the DKB (1) controlling the PDEV Name of the DKB (2) controlling the PDEV Name of the DKB (3) controlling the PDEV Name of the DKB (4) controlling the PDEV Serial number of this drive RAID level of the parity group indicated by "ECC Group" This item is blank when the "ECC Group" is Spare Drive Number of parity group to be concatenated to parity group (#0) identified by "ECC Group" This item is blank when the parity group is not concatenated to another parity group or is Spare Drive. Number of parity group to be concatenated to parity group (#1) identified by "ECC Group" This item is blank when the parity group is not concatenated to another parity group or is Spare Drive.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
279
�PdevStatus.csv
Item RAID Concatenation #2
Resource Group ID (ECC Group) Resource Group Name (ECC Group) Encryption
Content Number of parity group to be concatenated to parity group (#2) identified by "ECC Group" This item is blank when the parity group is not concatenated to another parity group or is Spare Drive. Resource group ID of parity group (decimal number)
Resource group name of parity group
Encryption status of the parity group to which the PDEV belongs: Enabled: Encryption is enabled. Disabled: Encryption is disabled.
PdevStatus.csv
This CSV file contains information about the status of physical devices (PDEVs). A record is created for each PDEV.
Item
Content
CR#
C# and R# (2-digit hexadecimal numbers), which identify the PDEV Output in the format XX/YY, where: XX: C# YY: R#
Pdev Status
PDEV status1
Port0 Status
Status of Port 0 on this PDEV1
Port1 Status
Status of Port 1 on this PDEV1
Pdev Location
Location name of this PDEV
Notes: 1. 1=Normal, 0=Abnormal
PhyPathStatus.csv
This CSV file contains information about mainframe physical paths.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
280
�PkInfo.csv
Table 21 PhyPathStatus.csv file (Title: <<Main Frame Physical Path Status>>)
Item Module# CHB Location Port Link(Self) Link(Dest) Status
Type/Model
SeqNumber Tag WWN(N_Port_Name) WWN(Node_Name) Speed
Content
Module number
CHB name
Port name
DKC port address (6-digit number in the hexadecimal format)
Link address of the adjacent node (6-digit number in the hexadecimal format)
Information about whether the adjacent node is enabled: VALID (CUR) INVALID
Type of the adjacent node (6-digit number in the hexadecimal format) and model name of the adjacent node (3-digit number in the hexadecimal format)
Serial product number of the adjacent node (14-digit number in the hexadecimal format)
Tag information of the adjacent node (4-digit number in the hexadecimal format)
N_Port_Name of the adjacent node (16-digit number in the hexadecimal format)
Node_Name of the adjacent node (16-digit number in the hexadecimal format)
Data transfer speed: 2 Gbps 4 Gbps 8 Gbps
PkInfo.csv
This CSV file contains information about channel boards (CHBs). A record is created for each CHB.
Table 22 PkInfo.csv file (Title: <<PK>>)
Item CHB Location
CHB name
Content
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
281
�Item DKC Emulation Port# Port Package Type
SFP Kind SFP Status
Port Type
Fabric
PkInfo.csv
Content DKC emulation type This item is output only for a mainframe CHB. For other CHBs, this item is left blank. Number of the port installed on the CHB (2-digit number in hexadecimal format) Name of port installed on the CHB CHB type CHB for CHB location: Fibre: 4HF32R (Fibre) iSCI: 2HS10S (iSCI) FICON16G: 4Mx16 (Mfibre) FICON32G: 4Mx32 (Mfibre) SFP type Short Wave Long Wave SFP status Normal Failed Not Fix Port type Bidirectional Target HTP FNP One of the Fibre topology settings indicating the setting status of the Fabric switch. On Off This item is output only for an open-systems CHB that is Fibre. For other CHBs, this item is left blank.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
282
�PkInfo.csv
Item
Content
Connection
One of the Fibre topology settings. Point to Point FC-AL This item is output only for an open-systems CHB that is Fibre. For other CHBs, this item is left blank.
Port Address
Port address (2-digit number in the hexadecimal format)
This item is output only for an open -systems CHB that is Fibre. For other CHBs, this item is left blank.
Resource Group ID (Port)
Resource group ID of port (number in decimal format)
Resource Group Name (Port)
Resource group name of port
Port Internal WWN
WWN of the port This item remains blank for an open-systems CHB that is iSCSI.
T10 PI Mode
Indicates whether the T10 PI mode can be applied to the port. Enabled Disabled This item is output only for an open-systems CHB that is Fibre. For other CHBs, this item is left blank.
SFP Data Transfer Rate
Maximum SFP data transfer rate that is supported by installed packages:
Output example: 32G
This item is output only for an open-systems CHB that is Fibre or iSCSI. For other CHBs, this item is left blank. If this item is left blank for a FICON® port, you can confirm the SFP maximum data transfer rate by checking the channel board type displayed in Package Type:
4Mx16 (Mfibre): 16 Gbps
4Mx32 (Mfibre): 32 Gbps
Mode
Operation mode of the Fibre Channel port: SCSI: An enabled port in the SCSI mode. NVMe: An enabled port in the NVMe mode. This item is left blank for any ports other than Fibre Channel ports.
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
283
�PpInfo.csv
PpInfo.csv
This CSV file contains information about the software. A record is created for each software product. For details about the license key, see Managing license keys (on page 188).
Item Program Product Name Install Key Type
Permitted Volumes(TB)
Expiration Date
Status
Content
Software name
Information about whether the installed license key is enabled: Enabled: Installed and the software can be used. Disabled: Installed but the software cannot be used.
Installed license key type: Permanent Temporary Emergency Term Not Installed: No license key is installed.
Permitted volume capacity for this software (in TB). (The used volume capacity is not output.) If no upper limit value is set for the capacity, "Unlimited" is output. This item is blank in either of the following cases: A new license key whose "Key Type" is Temporary or Emergency has
been installed. No license key has been installed.
Expiration date of the software The format is mm/dd/yyyy (month/day/year). This item is blank in either of the following cases: The effective term of the license key is unlimited. No license key has been installed.
License key status of the software: Installed Not Enough License Grace Period Expired
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
284
�SMfundat.csv
Item
Not Installed Installed (Disabled)
Content
SMfundat.csv
This CSV file contains information about SM functions. A record is created for each of the classifications shown in "SM Install Function".
Item SM Install function
Availability
Content
The following classifications are output: Base Extension1 Extension2 Extension3
Information about whether the function of "SM Install function" is enabled Enabled Disabled
SsdDriveInfo.csv
This CSV file contains information about SSDs. A record is created for each drive.
Item ECC Group CR#
PDEV Location Device Type-Code Device Capacity
Content Number of the parity group to which this SSD belongs C# and R# (2-digit hexadecimal numbers that identify the PDEV) Output in the format XX/YY, where: XX: C# YY: R# Location name of the PDEV Output example: SLR5B-M200SS Drive type code Output example: SLR5B-M200SS Drive capacity in GB or TB
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
285
�SsidInfo.csv
Item
SSD Device Type
Used Endurance Indicator (%)
Used Endurance Indicator Threshold (%)
Used Endurance Indicator Warning SIM (%)
Content SSD drive type (for example, SSD, SSD(RI), FMD, SCM) Used endurance of SSD life (0 to 100)
Drive life threshold (0 to 100)
Warning SIM threshold (0 to 100)
SsidInfo.csv
This CSV file contains information about SSIDs. A record is created for each SSID.
Item DEV# Start DEV# End SSID
Content First LDEV number for the SSID Last LDEV number for the SSID Subsystem ID (hexadecimal)
SysoptInfo.csv
This CSV file contains information about system options.
Item Spare Disk Recover Dynamic Sparing
Correction Copy
Content
Speed of copying data to the spare drive. Interleave mode Full Speed mode
Information about whether to perform automatic copy to a spare drive if the occurrences of drive failures exceed the threshold. On Off
Information about whether to perform correction copy to a spare drive if a drive is blocked. On Off
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
286
�WwnInfo.csv
Item Disk Copy pace
System Option On Link Failure Threshold WDCP Enable
DDUMP Enable
Content
Speed of copying the spare drive in the Interleave mode. Faster Medium Slower
System options that are set to ON. Output example: modeXXXX (0 to 2047, decimal number)
Threshold to notify the link failure (0 to 255, decimal)
Information about whether the WDCP option is set or not. Output only in cases where the Config type is H. On Off
DDUMP Enable Information about whether the DDUMP option is set or not. Output only in cases where the Config type is H. On Off
WwnInfo.csv
This CSV file contains information about hosts. A record is created for each host.
For details about the host setting, see the Provisioning Guide for Open Systems. For information about iSCSI hosts, see IscsiHostInfo.csv. For information about iSCSI targets, see IscsiTargetInfo.csv.
Item Port Host Group
Host Mode Host Mode Option
WWN
Content Port name Host group name If "Package Type" is iSCSI, the iSCSI target alias is output. Host mode that is set for the host group (number in hexadecimal format) Host mode option that is set for the host group (hexadecimal number) Multiple options are separated by semicolons (;). This item is blank when no host mode option is specified. World Wide Name of the host bus adapter registered to the host group (hexadecimal number)
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
287
�Item Nickname Host Group# CHB Location Package Type
T10 PI Mode
WwnInfo.csv
Content This item is blank when no valid WWN is specified or when Package Type is iSCSI. Nickname of the host This item is blank when no nickname is specified or when Package Type is iSCSI. Host group number (hexadecimal) If "Package Type" is iSCSI, the iSCSI target alias is output. CHB on which the port is installed CHB type for CHB Location Output example for Fibre: 4HF32R (Fibre) Output example for iSCSI: 2HS10S (iSCSI) Output example for FICON®: 4Mx16 (Mfibre) Indicates whether the T10 PI mode can be applied to the port: Enabled Disabled
Chapter 7: Using reports to view storage system information
System Administrator Guide for VSP 5000 Series
288
�Chapter 8: Troubleshooting
Troubleshooting for Device Manager - Storage Navigator involves identifying the cause of the error condition and resolving the problem.
General troubleshooting
If you have a problem with Device Manager - Storage Navigator, check the following items. If you cannot resolve an error condition, contact customer support.
Check the cabling and the LAN. Verify that both the management client and LAN cabling are firmly attached, and that the LAN is operating properly.
Close any programs on the management client that are not responding. If necessary, reboot the management client and restart a Device Manager - Storage Navigator web client session.
Clear the Java and web browser caches to solve the problem. To clear the Java cache, click Delete the temporary files in the General dialog box of the Java Control Panel.
Check for other general error conditions. For a complete list of Device Manager - Storage Navigator error codes, see the Hitachi Device Manager - Storage Navigator Messages.
Check the alert icon. Confirm the severity level of the storage system alert by clicking Alert in the Device Manager - Storage Navigator main window.
Service information messages
The storage systems generate service information messages (SIM) to identify normal operations. For example, TrueCopy pair status change, as well as service requirements and errors or failures. For assistance with SIMs, contact customer support.
SIMs can be generated by the front-end directors, back-end directors, and the SVP. All SIMs generated by the storage system are stored on the SVP for use by support personnel, displayed by the Device Manager - Storage Navigator software, and reported over SNMP to the open-systems host. The SIM display on Device Manager - Storage Navigator enables users to remotely view the SIMs reported by the attached storage systems. Each time a SIM is generated, the amber Message LED on the control panel turns on. Remote Ops also reports all SIMs to the support center.
SIMs are classified in four severity levels: service, moderate, serious, and acute. The service and moderate SIMs (lowest severity) do not require immediate attention and are addressed during routine maintenance. The serious and acute SIMs (highest severity) are reported to the host system once every eight hours.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
289
�Monitoring SIM alerts in Device Manager - Storage Navigator
Note: If a serious-level or high-level SIM is reported, contact customer support immediately to ensure the problem is being addressed.
The following figure illustrates a typical 32-byte SIM from the storage system. The SIMs are displayed by reference code (RC) and severity. The six-digit RC comprises bytes 22, 23, and 13, identifies the possible error and determines the severity. The SIM type, located in byte 28, indicates which component experienced the error.
Figure 1 Service information message
Monitoring SIM alerts in Device Manager - Storage Navigator
The Alert icon at the top of the Device Manager - Storage Navigator main window indicates whether service information messages (SIMs) have been issued by the storage system. Use the following procedure to view the list of SIMs issued by the storage system and identify the error conditions that need to be resolved.
Procedure 1. In the Device Manager - Storage Navigator main window, click Alert.
2. To check the details of an alert, select and right-click the alert, and then click Detail in the pop-up menu.
3. If any of the SIM reference codes in the following table are listed, you must resolve the error condition.
For details about resolving error conditions, see the manual for the software (for example, Hitachi Thin Image User Guide or the Provisioning Guide for Mainframe Systems).
Reference code 601xxx* 602xxx*
Program product Thin Image (HTI only)
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
290
�Login errors
Reference code
Program product
602ffe
620xxx* 621xxx*
Dynamic Provisioning Dynamic Provisioning for Mainframe
622xxx*
624000
Thin Image (HTI only) Dynamic Provisioning Dynamic Provisioning for Mainframe
625000 626xxx*
Dynamic Provisioning Dynamic Provisioning for Mainframe
641xxx*
Dynamic Tiering Dynamic Tiering for Mainframe
* xxx indicates the pool number. Pool numbers are decimal and displayed on the Alert Properties window.
Login errors
The following table lists login errors and provides recommended actions for each error condition.
Error condition
Failed to log in is displayed.
Probable cause / Recommended action
Check that the user name and password are correct. If you forget your password, log in with the Security Administrator (View & Modify) and set a new password.
When you are using an external authentication server such as LDAP, check the following:
The authentication server has been started.
The authentication server can be accessed from the SVP via the network
The user account has been established on the authentication server
The settings for the authentication server are correct.
The certificate used for communication with the external authentication server satisfies the requirements.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
291
�Login errors
Error condition
Probable cause / Recommended action
If the symptom recurs even after you correct the above settings, use the dump tool to collect HDvM - SN normal dump files to some recording media and then contact customer support.
If Hitachi Command Suite (HCS) is used, the certificate used for communication with the HCS server satisfies the requirements.
The page is not
Enter the URL of the desired SVP in the Trusted sites section of the Internet
displayed because of an Options dialog box.
invalid syntax error.
The HDvM - SN window Make sure that the TLS setting of SVP and that of the browser are correct. is not displayed.
HDvM - SN does not
Close all the web browser windows and then clear the web browser cache.
start even with repeated attempts.
Use the Task Manager to check for "hung" or duplicate processes.
A network error
Close all dialog boxes and log in to the HDvM - SN again. If the same error
occurred when you
occurs, check the network environment.
logged in to HDvM - SN.
The login to a storage system from the Hitachi Command Suite server fails.
If you change your password for a storage system, you need to change the information registered in Hitachi Command Suite. For details, see the section describing how to change storage system settings in the Hitachi Command Suite User Guide.
Check the number of tiers of the certificate chain to be used in Hitachi Command Suite. The maximum number supported is 20 tiers. Make sure to use a certificate in a certificate chain with no more than 20 tiers.
When starting HDvM SN running in an Adobe AIR environment, the display goes gray and the login window does not open.
Make sure that the TLS setting is enabled for the browser.
The login window does not open for HDvM - SN running on a web browser.
Internet Explorer 11 might be used with Adobe Flash Player whose version is 10.0 or earlier. Confirm the version of Adobe Flash Player.
If you use Microsoft Edge, install Storage Device Launcher and run HDvM SN in an Adobe AIR environment because Microsoft Edge does not support Adobe Flash Player.
An error (20121-107097) occurs and the HDvM - SN login fails.
You might not have selected the cipher suites corresponding to the key type of the certificate on the TLS Security Settings dialog box.
1. Connect to the Tool Panel dialog box via an HTTP connection, and enable all cipher suites.
2. Make sure you can log in to Device Manager - Storage Navigator.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
292
�No-response errors
Error condition
Probable cause / Recommended action
3. Verify the settings of the cipher suites. 4. The maximum number of tiers of the certificate chain is 20 tiers. Make
sure to use a certificate in a certificate chain with no more than 20 tiers.
No-response errors
The following table lists no-response errors in Device Manager - Storage Navigator and provides the probable cause and recommended actions for each error.
Error condition
The following error occurs when using Device Manager - Storage Navigator: 20121-107024
The following error occurs when using Device Manager - Storage Navigator: 20121-107022 20121-107025
Error (20121-107096) occurs repeatedly while you are using Device Manager - Storage Navigator.
The following errors occur when using Device Manager - Storage Navigator: 20121-107024 20121-107025 20121-107096 20121-107097
The following application error occurs when using Device Manager - Storage Navigator: 20020-108000
Probable cause / Recommended action
The SVP web server might have been restarted. Close HDvM - SN, wait 10 minutes, and then restart HDvM - SN.
The session information might not be stored correctly. Set to enable cookies for your web browser. For more information, see Configuring the web browser on the management client (on page 29)
A timeout error may have occurred in Adobe AIR.
Close the HDvM - SN window. Click X in the corner of the browser window or click the window and press Alt+F4.
This error may occur if the load to the management client is high, or if you start multiple instances of HDvM - SN by using multiple tabs in a tab browser or multiple browsers.
Close the other applications which cause the high load, or make sure to start only one HDvM - SN
Retry the operations on HDvM - SN. If the problem occurs again, take the following actions:
The version of HDvM - SN installed on the management client might not match the SVP version. Close all the browser windows and then clear the browser cache.
The management client might have entered standby or hibernate mode. Restart HDvM - SN.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
293
�No-response errors
Error condition
Probable cause / Recommended action
If a proxy server is used for network connections, the proxy server cache may be storing the older version of the program. If the problem continues after you clear the browser cache, contact your network administrator.
Java content might be disabled in the web browser using the JRE 7.0 Update 10 or later. Enable Java content in the web browser and then restart the browser.
The JRE used by the secondary window might not support the protocols or cipher suites used in TLS communications. Check whether your JRE supports the protocols and cipher suites used in TLS communications. If not, install a new JRE that supports these protocols and cipher suites.
If none of the above actions solves the problem, save the HDvM - SN dump file and send it to customer support. Then restart the web browser.
Device Manager - Storage Navigator does not respond.
Device Manager - Storage Navigator may hang in the following cases:
The HDvM - SN main window is grayed out and does not display the percentage of progress, and you cannot perform any operation for a long period of time.
You cannot perform any operation for a long period of time and the dialog box that says Loading... is not displayed.
The dialog box that says Loading... opens when the window switches. However, you cannot move the dialog box or perform any operation for a long period of time.
The login window does not appear and the white screen continues.
You clicked the cross mark
or Close,
however the window cannot be closed.
Close the web browser and reopen it. When using the HDvM - SN secondary window, exit HDvM - SN by pressing Ctrl+Alt+Shift+D all at once.
If you close the web browser but you cannot exit HDvM - SN, reboot the management client or restart HDvM - SN after forcibly closing HDvM - SN as follows:
In Windows:
Exit the web browser, and then use the Task Manager to terminate msedge.exe (for Microsoft Edge), iexplorer.exe (for Internet Explorer), or chrome.exe (for Google Chrome).
In UNIX:
Exit the web browser, and then terminate firefoxbin with the kill command.
If the problem continues, ask your maintenance personnel to restart the SVP.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
294
�No-response errors
Error condition
Probable cause / Recommended action
A network error occurred. There is no response to any operation even after 30 minutes.
Restart the management client. An operation can take over 30 minutes depending on the use condition. For example, when several HDvM - SN web clients are running, an operation might take a long time.
An internal error occurs, or a web browser ended abnormally.
Close all dialog boxes, and then log in to HDvM - SN again. If the same error occurs, restart the management client.
During a Device Manager - Storage Navigator operation, the web browser suddenly disappears.
Restart the management client.
An error (1-4011) occurs while you are using Device Manager - Storage Navigator.
The clock time of the management client may have been changed. Log in to HDvM - SN again.
The management client reboots on its own.
Restart the management client.
A Device Manager - Storage Navigator window is forcibly closed during a time-consuming process, such as LDEV formatting.
Close all windows, wait until processing finishes, and then restart HDvM - SN.
A Device Manager - Storage Navigator window is incorrectly closed when you do one of the following:
Click
Use commands such as File > Close on the web browser
Press the Alt and F4 keys
Restart HDvM - SN. If you cannot log in, wait for one minute and try again.
When you log out of Device Manager - Storage Navigator, a Microsoft Edge or Internet Explorer error occurs.
The probable causes are as follows:
Microsoft Edge or Internet Explorer has not been updated.
Action: Install the latest updates.
Microsoft Edge or Internet Explorer may be configured incorrectly.
Action: Re-install Microsoft Edge or Internet Explorer.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
295
�No-response errors
Error condition
Probable cause / Recommended action
When you click File > Refresh All or Refresh in the Device Manager - Storage Navigator main window, the percentage of progress remains 99%.
The probable causes are as follows:
Another application such as Command Control Interface may be changing configuration. The window will be updated shortly after the configuration change ends.
Volume Migration operations, Quick Restore operations or Thin Image operations may be in progress. The window will be updated shortly after the operations end.
One of the following errors occurred during a Device Manager - Storage Navigator operation in the main window 20123-107027 20123-107008 20123-108004 00002-058578 00003-002003 xxxxx-065740 xxxxx-068800 where xxxxx indicates any code.
Another application such as Command Control Interface may be changing configuration.
Volume Migration operations, Quick Restore operations, or Thin Image operations may be in progress.
The capacity expansion processing of a data reduction shared volume (DRS-VOL) might be in progress. Retry the operation in the main window after the capacity expansion processing is complete. For details about the time required for the capacity expansion of the DRS-VOL, see the procedure for expanding the V-VOL capacity in the Provisioning Guide for Open Systems.
The configuration data may not be matched if a communication error occurs between the storage system and SVP.
Wait a few minutes and then click File > Refresh All to reload the configuration information. Then run HDvM - SN again. If a configuration change operation was performed, check that all the configuration changes that caused the error were applied, and then set the settings that were not applied again.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
296
�No-response errors
Error condition
Probable cause / Recommended action
When using Encryption License Key, do the following:
If a failure (00002-058578) occurs when you set the Encryption Environment for the first time from the Edit Encryption Environmental Settings window, do the following:
1. Wait a few minutes and then click File > Refresh All to reload the configuration information.
2. Initialize the Encryption Environment Settings.
3. Set the Encryption Environment again.
If a failure (00002-058578) occurs when you set the Encryption Environment again from the Edit Encryption Environmental Settings window, do the following:
1. Wait a few minutes and then click File > Refresh All to reload the configuration information.
2. Set the Encryption Environment again.
The Device Manager - Storage Navigator window turns white and the icon shown below displays in the center of the web browser when you use Device Manager - Storage Navigator.
Restart the management client.
Icon in Internet Explorer:
Icon in Google Chrome:
Operations cannot be performed due to a problem with the Device Manager - Storage Navigator main window. For example, tables are not displayed correctly or some buttons are not displayed. Logging out and back in does not solve the problem.
The HDvM - SN window setting information may have been saved with an incorrect value. Click Settings > Environmental Settings > Reset View to Settings in the HDvM - SN main window to clear the window setting information. Then click any button in the HDvM - SN window and check that it operates correctly. You do not need to log out and back in.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
297
�Incorrect display errors
Error condition
Probable cause / Recommended action
Device Manager - Storage Navigator closes automatically when operating the IPv6 address setting from Device Manager - Storage Navigator.
When the symptom occurs, the resource group status remains locked.
Open the Operation Lock Properties window and release the locked resource group caused by the symptom. Suspend other operations when releasing the resource group, as other resource groups are also released the lock. See Operation Lock Properties window (on page 554).
A pop-up block message appears when Microsoft Edge is used.
In Microsoft Edge settings, pop-ups might be blocked. Change the settings in Edge to allow popups for the SVP.
An error message "Error: 290-6125 A permission error occurred." is displayed during login on the Tool Panel dialog box, and the login cannot be performed.
Restart your web browser. If this problem occurs again, verify that the cookie settings for your web browser are enabled.
In Internet Explorer (Internet Options > Privacy tab > Advanced), verify the following settings:
Accept is selected for First-party Cookies.
Accept is selected for Third-party Cookies.
Always allow session cookies is checked.
In Microsoft Edge (Settings > Cookies and site permissions > Cookies and data stored), verify that Allow sites to save and read cookie data (recommended) is turned on to unblock cookies.
A security warning repeatedly appears while you perform HDvM - SN operations.
The SVP certificate might have been updated. Log out from HDvM - SN.
The security warning window may not respond for a while, but it will be automatically closed in about two minutes.
Log in to HDvM - SN again.
Incorrect display errors
The following table lists incorrect display errors and provides the probable cause and recommended action for each error condition.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
298
�Incorrect display errors
Error condition
Probable cause / Recommended action
A question mark or icon is displayed in a table or other area of the window.
When a question mark appears in the Tier Properties window, see the topic describing this window in the Provisioning Guide. If the problem persists, contact customer support.
When a question mark appears in the Add External Volumes window, see the topic describing this window in the Hitachi Universal Volume Manager User Guide. If the problem persists, contact customer support.
If a question mark or icon appears in another window, update the window. If the question mark or icon remains after you update the window, contact customer support.
The product name, vendor name, and function name displayed in HDvM - SN are incorrect.
The product information might not be correctly obtained because of any of the following situations:
The controller model is being upgraded.
The upgrade of the controller model is temporarily interrupted and is not complete.
The controller model is being downgraded.
The downgrade of the controller model is temporarily interrupted and is not complete.
Check the execution status of the upgrade or downgrade of the controller model. If any of the previous situations does not apply, in the HDvM - SN main window, click File > Refresh All, and then confirm that the product name, vendor name, and function name in HDvM - SN are correct. If these items are still displayed incorrectly, ask maintenance personnel to restart the SVP. If the problem persists, contact customer support.
A part of the HDvM - SN window is not displayed.
You might be using the zoom-in and zoom-out function of the web browser. Do not use this web browser function when using HDvM - SN.
The display on HDvM - SN's main window is not updated to the latest information. "Last Updated" on HDvM - SN's main window is not updated.
Volume Migration operations, Quick Restore operations, or Thin Image operations might be in progress. The window will be updated shortly after the operations end.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
299
�Incorrect display errors
Error condition
Probable cause / Recommended action
When many items are set, some items might not be displayed even if you scroll through the table.
Depending on the size of a window, some items in a table might not be displayed. Do the following:
Increase the resolution so that more areas of the table can be shown.
Use the zoom in or zoom out function of your browser to adjust the viewing area.
Note: Text might become too small.
If you still cannot solve the problem, contact customer support.
The Tools panel of Google Chrome is not displayed correctly in Japanese.
Click the Chrome menu > Settings > Show advanced settings > Languages > Language and input settings.
1. If you do not have Japanese in the list, click Add to add Japanese.
2. From the list, select Japanese, and then click Display Google Chrome in this language > Done.
3. To apply the changes, close all Google Chrome windows.
4. Click the Chrome menu > Settings > Show advanced settings > Languages > Language and input setting.
5. In the languages list, select another language. Click the x symbol which is displayed when you select another language to delete the selected language. Delete all languages except Japanese.
6. Click Done to close the window.
The message "Unable to launch the application" appears on the secondary window, then operation ends abnormally.
Perform the following:
If you use JRE 8, Solaris is not supported.
Confirm Use TLS 1.2 for Java is enabled.
If this problem persists after performing the above actions, click Detail in the window and collect information displayed in the window by copying and pasting it or by capturing the screen shot, and then contact customer support.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
300
�UNIX operation errors
Error condition
Probable cause / Recommended action
After an upgrade or downgrade of the controller model, the display of HDvM - SN windows and buttons does not match the installed version.
The product information might not be correctly displayed because of any of the following situations:
The controller model is being upgraded.
The upgrade of the controller model is temporarily interrupted and is not complete.
The controller model is being downgraded.
The downgrade of the controller model is temporarily interrupted and is not complete.
Check the execution status of the upgrade or downgrade of the controller model. If any of the previous situations does not apply, in the HDvM - SN main window, click File > Refresh All, and then check the HDvM - SN windows and buttons. If they still do not match the installed version, ask maintenance personnel to restart the SVP. If the problem persists, contact customer support.
A pop-up block message appears when Microsoft Edge is used.
In Microsoft Edge settings, pop-ups might be blocked. Change the settings in Microsoft Edge on the SVP to allow pop-ups.
UNIX operation errors
The following table lists UNIX operation errors:
Error condition
The web browser is incorrectly displayed because GUI items, such as labels and icons, cannot be loaded properly.
Part of a button is outside the window.
Probable cause / Recommended action
If you use Device Manager - Storage Navigator on the Japanese version of Firefox, log out of Device Manager - Storage Navigator, and then log in to Device Manager - Storage Navigator again. Enter the following commands using the X Server Emulator.
B Shell:
LANG=C
export LANG
C Shell:
setenv LANG C
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
301
�HDvM - SN secondary window blocked
Error condition The web browser closes abnormally.
The following error occurs when using Device Manager - Storage Navigator with Firefox: 20020-107094
Probable cause / Recommended action
This problem can occur if a Mozilla process keeps running after Mozilla stops responding. Delete the "java_vm" and "mozilla" processes and continue with Device Manager - Storage Navigator operations.
The server certificate might not be appropriate. Obtain either of the following certificates to perform the operations:
Certificate issued by the certificate authority that is used by your company.
Official certificate issued by an SSL certificate authority such as VeriSign to which you need to send a certificate signing request.
HDvM - SN secondary window blocked
If you cannot open the HDvM - SN secondary window on a Windows PC, the default browser might not be set to one of the supported browsers (Edge, Google Chrome, Internet Explorer). Set the default browser to one of the supported browsers, and then retry the operation.
If Java 7 Update 55 or later or Java 8 Update 5 or later is installed on the management client, execution of the Device Manager - Storage Navigator secondary window application might be blocked. In this case, use the following procedure to change the Java security settings.
Procedure
1. Check the version and update information of Java installed in your management client. Click Start > Control Panel > Java.
2. On the General tab, click About. 3. Check the version and update information of Java, and then close the About Java
dialog box. If your PC uses either Java 7 update 55 or later, or Java 8 Update 5 or later, you need to change Java security settings referring to Step 4 and after. 4. Select the Security tab. 5. Click Edit Site List. 6. In Exception Site List, specify the URL of the SVP as follows, and then click Add. http://IP-address-of-SVP or https://IP-address-of-SVP 7. Click OK. 8. Select the Advanced tab. 9. For Perform signed code certificate revocation checks on, select Do not check (not recommended), and then click OK. 10. Close the Control Panel.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
302
�Storage Device Launcher errors
Storage Device Launcher errors
Error condition
Probable cause / Recommended action
Installation of Storage Device Launcher failed with error message "CPU Address Width".
The storage management software and SVP software installed on the SVP support only English and Japanese.
Set the locale of the HDvM - SN management client to either English or Japanese.
Storage Device Launcher After installing Storage Device Launcher, the
cannot start. Or a
WCLauncher_win folder used for the installation might
message appears asking have been deleted or moved. If the WCLauncher_win
if you have entered the folder remains, restore it to the location where it was
name correctly
installed. Or, reinstall Storage Device Launcher in the new
because ..\..\bundle location to which it has been moved.
\jre_win\bin\javaw cannot be found.
If you cannot find the WCLauncher_win folder, download the setup file and reinstall Storage Device Launcher. For
HDvM - SN that can run details, see Installing Storage Device Launcher on the
in the Adobe AIR
management client (on page 30).
environment cannot start from a web browser.
Check the number of tiers of the certificate chain that is used in Hitachi Command Suite. The maximum number
supported is 20 tiers for VSP 5000 series. Make sure to use
a certificate in the certificate chain with no more than 20
tiers.
Other errors
The following table lists other errors that occur in Device Manager - Storage Navigator (HDvM - SN) and the Tool Panel utilities and provides recommended actions for resolving the errors.
Error condition
Probable cause / Recommended action
Error about insufficient
Configuration information displayed in HDvM - SN and controller
capacity when creating an
configuration information might not match.
LDEV with sufficient capacity. Click File > Refresh All in the Device Manager - Storage Navigator
Operation error about an
main window to reload configuration information.
LDEV that does not exist when creating a pair for an
If the problem persists, contact customer support.
LDEV that does exist.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
303
�Other errors
Error condition
Probable cause / Recommended action
The firmware on the SVP is upgraded or downgraded.
Close all HDvM - SN windows, and then clear the browser cache. Even when you are not sure that the firmware on the SVP is upgraded or downgraded, clear the browser cache.
An item added to the table by upgrading or downgrading the SVP firmware is placed on the right edge of the table. Move the column to a more appropriate location if necessary.
HDvM - SN processing is temporarily delayed.
Internal processing (for example, configuration change, P.P. check, operational information acquisition) might be running on the SVP.
Installing of signed SSL certificate fails.
The passphrase for the SSL certificate might be set. Release the passphrase. If needed, see Releasing an SSL certificate passphrase (on page 105).
Failed in the certification of the user. appears when you create a configuration report of a storage system and try to view it in a browser.
Close the tab of the configuration report or the window, and then open it again.
If the problem cannot be solved, take the following actions:
If you log in to HDvM - SN from the SVP, download the configuration report. For details, see Downloading and viewing the HDvM - SN configuration reports (on page 213).
If you log in to HDvM - SN from the management client, address mismatch of SSL certificates between the SVP and the management client might have occurred. To reconfigure SSL communication, see Setting up SSL communications (on page 98). If the SSL communication cannot be reconfigured immediately (for example, you do not have permission), you can also download and verify the configuration report. For details, see Downloading and viewing the HDvM - SN configuration reports (on page 213).
Otherwise, you can display the configuration report by logging in to HDvM - SN using HTTP.
Note: You cannot connect HDvM - SN that operates on Adobe AIR by using HTTP (only HTTPS connection is available).
A message is displayed indicating that the exclusive setting cannot be released, a different user is using the resource, or a different user is locking the resource.
Take the following actions:
This operation cannot be performed while a different user is changing the configurations. Wait for a while, and then retry the operation.
This operation might not be performed while a task is running. Wait for a while, and then retry the operation. If a task is waiting to run, suspend the task so that the waiting task does not run.
In other cases, ask the storage administrator to perform Force Release System Lock. After the system lock is forcibly released, retry the operation.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
304
�Other errors
Error condition
Probable cause / Recommended action
If this problem persists, ask maintenance personnel to restart the SVP.
After you log in to HDvM - SN, a warning message (20122-108035) appears indicating that the account management method was updated.
This message appears when there is a user whose account version is Ver.1. (The account information management method was changed at SVP firmware version 90-08-22/xx.)
Check the account version of each user, and ask the user whose account version is Ver.1 to log in to HDvM - SN, or change the password of that user. (Both of these actions change the account version to Ver.2.)
When the Operation Lock Properties window is displayed, the status of System Lock is displayed as Locked, and the status of Resource group is displayed as Unlocked.
Ask maintenance personnel to restart the SVP, and then retry the operation in HDvM - SN.
HDvM - SN operation is slow, although the hardware requirements for the SVP are satisfied.
Verify that no anti-virus software is running on the SVP.
You cannot resolve an error condition.
1. Copy the HDvM - SN detailed dump files onto recording media using the Dump tool.
2. Obtain the Java log and trace files.
3. Contact customer support.
HDvM - SN cannot be displayed after setting SSL communication using HDvM - SN.
Your browser might not allow the protocol selected in the TLS Security Settings dialog box. Take the following measures:
Check whether your browser supports the protocol selected in the TLS Security Settings dialog box. If your browser does not support the protocol, change the browser that supports the protocol, and then change the TLS security settings.
Access the Tool Panel dialog box by using HTTP connection, and then change the TLS settings that satisfies the requirements or prerequisites again.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
305
�Other errors
Error condition
Probable cause / Recommended action
You cannot open the Tool Panel dialog box after uploading the certificate with a key type of ECDSA and a key length of secp521r1.
The security settings that use the certificate with a key type of ECDSA and a key length of secp521r1 might not be allowed. Take the following actions for each web browser:
Internet Explorer
Configure the group policy setting. For details, see Configuring the ECC curve order (on page 111).
Microsoft Edge
The key length must be less than secp521r1. Use the following procedure:
1. Configure the group policy setting. For details, see Configuring the ECC curve order (on page 111).
2. In Microsoft Edge, enable the compatibility settings.
a. Click the Settings and More icon (...) on the top-right corner, select Settings from the drop-down menu, and then the Settings window opens.
b. Click Default browser in the left pane. c. Turn on the Allow sites to be reloaded in Internet
Explorer mode toggle switch.
3. Click the Settings and More icon (...), select the More tools submenu, and then click Reload in Internet Explorer mode.
4. Update to the certificate whose key length is less than secp521r1. For details, see Uploading a signed certificate (on page 106).
Google Chrome
The key length must be less than secp521r1. Use the following procedure:
1. Ask maintenance personnel to return the SVP certificate to the default certificate.
2. Update to the certificate whose key length is less than secp521r1. For details, see Uploading a signed certificate (on page 106).
HDvM - SN cannot open after uploading the certificate with a key type of ECDSA and a key length of secp521r1.
The security settings that use the certificate with a key type of ECDSA and a key length of secp521r1 might not be allowed. Configure the group policy setting from the management client. For details, see Configuring the ECC curve order (on page 111).
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
306
�Other errors
Error condition
Probable cause / Recommended action
HDvM - SN cannot be displayed after setting a certificate.
The configured certificate might not be consistent with the cipher suite selected in the TLS security settings. Connect to the Tool Panel dialog box via an HTTP connection, and then change the cipher suite (in TLS Security Settings) that satisfies the requirements or prerequisites.
After the certificate for Syslog, key management server, or external authentication server is set, you cannot communicate with each server.
The possible causes are as follows:
The set certificate might not satisfy the requirements or prerequisites for the certificate. If the requirements or prerequisites are not satisfied, set a certificate that satisfies the requirements or prerequisites again.
The set certificate might not consistent with the cipher suites that were selected in the TLS Security Settings dialog box. Select cipher suites that are consistent with the certificate, or set a certificate that suits the cipher suites again.
Check the number of tiers of the certificate chain to be used. The maximum number supported is 20 tiers. Make sure to use a certificate in a certificate chain with no more than 20 tiers.
When you open the Tool Panel dialog box while Microsoft Edge Developer Tools is open, an error message is displayed on the Developer Tools console.
Change the Microsoft Edge browser setting as follows:
1. Open the Settings window (click the Settings and more icon (), and then click Settings from the drop-down menu).
2. In the Settings window, click Default browser in the left pane of the window.
3. In the right pane, set Allow sites to be reloaded in Internet Explorer mode to disabled.
No audit log for WindowsServerUpdateServices has been output for more than two weeks even though Security Updates were approved
Verify that the server URL in the WSUS Settings dialog box is correct.
Verify the operation status on the WSUS server.
If this problem persists, ask a Support Personnel to perform the following operations:
1. Collect the dump file with dump type: WSUS information dump from Autodump on the SVP.
2. Restart the SVP.
An audit log for WindowsServerUpdateServices is output, while a log indicating the successful installation of Security Updates has not been output.
Verify the settings of the WSUS server. If this problem persists after at least 27 hours, ask a Support Personnel to perform the following operations:
1. Collect the dump file with dump type: WSUS information dump from Autodump on the SVP.
2. Restart the SVP.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
307
�Other errors
Error condition
Probable cause / Recommended action
If restarting the SVP does not solve the problem after at least 27 hours, contact customer support.
You cannot open the HDvM - SN secondary window on a Windows PC.
If you cannot open the HDvM - SN secondary window on a Windows PC, the default browser might not be set to one of the supported browsers (for example, Edge, Google Chrome). Set the default browser to one of the supported browsers, and then retry the operation.
After the server certificate for the Verify that the server certificate satisfies the requirements and
syslog server, the key
prerequisites. If not, set a server certificate that satisfies the
management server, or the
requirements and prerequisites.
external authentication server is set, you cannot communicate with the server.
Check the number of tiers of the certificate chain to be used. The maximum number supported is 20 tiers for VSP 5000 series. Make sure to use a certificate in the certificate chain with no
more than 20 tiers.
In Microsoft Edge, the following pop-up window appears when you open the HDvM - SN secondary window:
"Microsoft Edge has stopped working. A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available."
Third-party browser extensions might be enabled. Disable thirdparty browser extensions as follows:
1. Open the Windows Internet Options window (Control Panel > Network and Internet > Internet Options).
2. In the Internet Properties dialog box, select the Advanced tab, clear the check box for Enable third-party browser extensions under Browsing, and then click OK.
In Microsoft Edge, the following message appears at the upper right of the browser window when you open the HDvM - SN secondary window:
<file name>.jnlp was blocked because this type of file can harm your device.
Open the HDvM - SN secondary window after performing the following procedure:
1. Click Other actions > Save to save the file. 2. After the file is saved, open the file. (Ignore the Java security
warning.)
In the maintenance utility, when a firmware update window opens, a message prompting you to save the jnlp file appears.
<file name>.jnlp was blocked because this type of file can harm your device.
For Microsoft Edge and Google Chrome: Click Other actions > Save to save the file.
Internet Explorer: Configure Internet Explorer so it saves encrypted pages to disk (click Tools > Internet Options > Advanced, and then clear Do not save encrypted pages to disk).
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
308
�Forcibly fail over the SVP
Error condition
Error message 20121-107091 appears.
Probable cause / Recommended action
When you download a file, make sure you click the Save button within 30 minutes after the window for selecting a download destination folder appears. If you click Save after 30 minutes have elapsed, an error message (20121-107091) appears. If this error message is displayed, retry downloading the file.
Forcibly fail over the SVP
When you are requested by the support personnel to manually change the SVP to the standby SVP, change the SVP by using the following procedure. Perform this task only when requested by the support personnel.
Before you begin The standby SVP is installed on the storage system. Check the IP addresses or the host names of both the master SVP and the standby SVP
in advance. You must have the Storage Administrator (Initial Configuration) role to perform this task.
Procedure 1. Verify that you can use the standby SVP. On the Device Manager - Storage Navigator computer, open a web browser and enter the following URL to open the Tool Panel dialog box for the standby SVP.
http://IP-address-or-host-name-of-standby-SVP/cgi-bin/utility/toolpanel.cgi
When the Tool Panel dialog box is displayed, you can change the SVP. Proceed to step 2.
When the Tool Panel dialog box is not displayed, the message "This page cannot be displayed." or "dns_server_failure" appears and you cannot change the SVP. Close the web browser, and then contact customer support.
2. Close the web browser 3. Verify that you can connect to the master SVP. On the Device Manager - Storage
Navigator computer, open a web browser and enter the following URL to open the Tool Panel dialog box for the master SVP.
http://IP-address-or-host-name-of-master-SVP/cgi-bin/utility/toolpanel.cgi
When the Tool Panel dialog box is displayed, proceed to step 4. When the Tool Panel dialog box is not displayed, proceed to step 10.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
309
�Forcibly fail over the SVP
4. In the Tool Panel dialog box, click Forcibly disable SVP. The login dialog box for Forcibly disable SVP opens.
5. In the login dialog box for Forcibly disable SVP, enter the administrator user ID in the User ID field and the password in the Password field, and then click Login. The Forcibly disable SVP dialog box opens.
6. Click OK. A confirmation dialog box opens. 7. Click OK. The Forcibly disable SVP dialog box opens again. 8. Click OK. The operation to forcibly disable the SVP starts. Wait up to five minutes to
complete the processing of forcibly disable the SVP. After the forcibly disable the SVP operation is complete, the Forcibly disable SVP dialog box does not appear again 9. Reload the web browser and check that the Tool Panel dialog box does not appear. If the Tool Panel dialog box cannot be displayed, the message "This page cannot be displayed" or "dns_server_failure" appears. 10. Close the web browser. 11. On the Device Manager - Storage Navigator computer, open a web browser and enter the following URL to open the Tool Panel dialog box for the standby SVP.
http://IP-address-or-host-name-of-standby-SVP/cgi-bin/utility/toolpanel.cgi
12. In the Tool Panel dialog box for the standby SVP, click Forcibly Fail Over SVP. The login dialog box for Forcibly Fail Over SVP opens.
13. In the login dialog box for Forcibly Fail Over SVP, enter the administrator user ID in the User ID field and the password in the Password field, and then click Login. The Forcibly Fail Over SVP dialog box opens.
14. Click OK. A confirmation dialog box opens. 15. Click OK. The Forcibly Fail Over SVP dialog box opens again. 16. Click OK. The operation to forcibly fail over the SVP starts. Wait up to five minutes for
the forcibly fail over the SVP operation to complete processing. The forcibly fail over the SVP operation takes over the IP address or the host name of the master SVP to the standby SVP. After the forcibly fail over the SVP operation is complete, the Tool Panel dialog box does not appear again. 17. Reload the web browser and check that the Tool Panel dialog box does not appear. If the Tool Panel dialog box cannot be displayed, the message "This page cannot be displayed" or "dns_server_failure" appears. 18. Verify that forcibly fail over the SVP operation is completed correctly. On the Device Manager - Storage Navigator computer, open a web browser and enter the following URL to open the Tool Panel dialog box for the master SVP.
http://IP-address-or-host-name-of-master-SVP/cgi-bin/utility/toolpanel.cgi
When the Tool Panel dialog box is displayed, the forcibly fail over the SVP operation is complete correctly. Proceed to step 19.
When the Tool Panel dialog box is not displayed, fthe forcibly fail over the SVP operation could not be performed. Close the web browser, and then contact customer support.
19. Close the web browser. Wait up to 10 minutes before you can log in.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
310
�Firefox web browser problems on UNIX
20. Verify that you can log in to Device Manager - Storage Navigator. If you cannot log in, contact customer support.
Firefox web browser problems on UNIX
Note the following when using Firefox web browser on UNIX: If a Mozilla process or a Firefox web browser process becomes unavailable, Device
Manager - Storage Navigator performance is affected. Delete the abnormal process and continue with Device Manager - Storage Navigator operations. When using Device Manager - Storage Navigator on the Japanese version of the Firefox web browser, you must use the X Server Emulator to properly configure the browser, as follows: In a B Shell, enter the following command:
LANG=C export LANG
In a C Shell, enter the following command:
setenv LANG C
When you use Device Manager - Storage Navigator with Firefox, movements of the focus may differ from movements of the focus in Internet Explorer. For example: When the Device Manager - Storage Navigator login window appears, the focus is not on
the User Name box. Even is the User Name box is emphasized, you cannot enter any characters in it. When you move the focus by using the Tab key, the destination browser window does not become active. In Firefox, when you click Logout at the upper right corner of the Device Manager - Storage Navigator main window, the Device Manager - Storage Navigator login window appears after you logout. With Internet Explorer, the window closes after the logout. When you use Device Manager - Storage Navigator with Firefox, the files might not be uploaded depending on the type of server certificate. In this case, you must obtain either of the following certificates provided in Obtaining a signed and trusted certificate (on page 104).: Certificate issued by the certificate authority that is used by your company. Official certificate issued by an SSL certificate authority such as VeriSign to which you need to send a certificate signing request.
Troubleshooting the SMI-S function
If you cannot access the SMI-S function, check the network environment and access destination. If access cannot be made even though there is no problem with the network environment and access destination, contact customer support.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
311
�Troubleshooting the SMI-S function
The SMI-S certificate might have expired when you receive a storage system. If so, you must upload a new signed certificate to the SMI-S provider. Follow the procedure in Uploading a signed certificate to the SMI-S provider (on page 138).
The following tables list SMI-S error conditions and provide recommended action to resolve the error condition.
SMI-S artificial indication errors
Error condition
Probable cause / Recommended action
The user ID or the password is not valid. (00190 77302)
User ID or password is invalid. Enter the correct user ID or password, and then retry the operation.
An error occurred during the listener information An error occurred during the listener information
acquisition. (00190 77303)
acquisition. Check the number of tiers of the
certificate chain to be used. The maximum
number supported is 20 tiers. Make sure to use a
certificate in a certificate chain with no more than
20 tiers.
If this problem occurs again, collect Device Manager - Storage Navigator normal dump file using the dump tool.
No listeners are subscribed to the provider. (00190 77304)
The listeners are not subscribed to the SMI-S provider. Have the listeners subscribe to the provider, and retry.
The artificial indication cannot be sent to some listeners. (00190 77305)
The artificial indication cannot be sent to some listeners. Use the dump tool to collect and save Device Manager - Storage Navigator normal dump files. Then contact customer support.
A time-out error occurred. (00190 77306)
Send the artificial indication again. If this problem persists, use the dump tool to collect Device Manager - Storage Navigator normal dump files to some recording media and then contact customer support.
An internal error occurred. (00190 77307)
Use the dump tool to collect Device Manager Storage Navigator normal dump files to some recording media and then contact customer support.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
312
�Downloading dump files using the Dump tool
SMI-S provider errors
Error condition
The following response was received from the SMIS provider:
Return Value : 4(Failed) ErrorMessage : Could not find FCPort with CtrlID: <Port Number> on device <Serial Number>
Probable cause / Recommended action Ask maintenance personnel to restart the SVP.
The HostGroup information referenced by using Ask maintenance personnel to restart the SVP. Device Manager - Storage Navigator cannot be referenced from the SMI-S provider.
Downloading dump files using the Dump tool
Use the Dump tool to download dump files onto a Device Manager - Storage Navigator computer. The downloaded dump files can be used to: Troubleshoot the system. Use the Dump tool to download dump files from the SVP to
provide to customer support. Check the system configuration. Click File > Refresh All to update the configuration
information, and then use the Dump tool to download the dump files.
Before you begin Verify that all other users (including the SVP user) have stopped using the Dump tool. Stop all maintenance operations. You must have Support Personnel role to log in. You must be an external authentication user whose external user group mapping is
disabled.
Procedure 1. Start a web browser and specify the following URL to open the Tool Panel:
https://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
2. Click Download Dump Files. The Login dialog box opens. 3. Enter the user ID and password and click Login. The Download Dump Files dialog box
opens.
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
313
�Saving Java log and trace files
4. Select a file that you want to download.
Existing Dump Files indicates the last dump file that you downloaded. Select this when you want to re-download a previously downloaded dump file. If you have not downloaded any dump files from the Tool Panel, this item does not display even if you have acquired a dump file via SVP.
Normal Dump includes all information about the SVP and the minimum information about the storage system. Select this when you have a less serious problem such as incorrect display.
Detail Dump includes all information about the SVP and the storage system. Select this when Device Manager - Storage Navigator has a serious problem (for example, Device Manager - Storage Navigator does not start) or when you need to determine if the storage system has a problem.
Detail Dump (for DKC Performance) contains the I/O-performance-related information. This includes performance monitor collection information, in addition to information applicable to Detail Dump. Choose Detail Dump (for DKC Performance) to check for I/O performance problems.
Note that while processing takes place, DKC I/O performance may be affected. During processing, you cannot use Device Manager - Storage Navigator to change the system configuration or perform SVP maintenance operations.
5. Click Next. A message appears confirming the execution of compression of the dump files.
6. Click OK. File compression processing starts. When the file is compressed, the Download Dump Files dialog box opens for the download.
7. Click Download. The File Download dialog box opens. 8. On the File Download dialog box, click Save this file to disk, and then click OK. The
Save As dialog box opens. 9. Specify the download destination, and then click Save. When the file is downloaded
successfully, the Download complete dialog box opens.
Saving Java log and trace files
Note: This task is not required when you use Web Console Launcher to display the Device Manager - Storage Navigator secondary window.
Before you contact your service representative, save the detail dump files collected using the Dump tool, and the Java log and trace file on your Device Manager - Storage Navigator computer, and then restart the web browser.
Examples of the Windows trace and log file locations are shown below.
C:\Users\logon user ID\AppData\LocalLow\Sun\Java\Deployment\log\*.trace
C:\Users\logon userID\AppData\LocalLow\Sun\Java\Deployment\log\*.log
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
314
�Examples of the UNIX trace and log file locations follow: user home directory\.java\deployment\log\*.trace user home directory\.java\deployment\log\*.log
Saving Java log and trace files
Chapter 8: Troubleshooting
System Administrator Guide for VSP 5000 Series
315
�Appendix A: System option modes (SOMs)
System option modes allow the storage system to be configured to specific customer operating requirements.
System option modes for VSP 5000 series
To provide greater flexibility, the storage systems have additional operational parameters called system option modes (SOMs) that allow you to tailor the storage system to your unique operating requirements. The SOMs are set on your storage system by your service representative.
The following table lists and describes the SOMs for DKCMAIN microcode version 90-08-81. Review the SOMs for your storage system, and work with your service representative to ensure that the appropriate SOMs for your operational environment are configured on your storage system.
Note: The SOM information might have changed since this document was published. For the latest SOM information, contact customer support.
Mode
Category
15
Common
Description
MCU/RCU
This SOM can reduce the host response time to be within about 6 seconds.
Mode 15 = ON (default):
Upper limit for retry of drive is reduced from 2 sec. to 0.5 sec.
If a drive failure occurs in read processing, a correction read processing is executed immediately.
I/O watching time is changed from 6.5 sec. to 4.5 sec. (I/O watching time including DMA transfer is 10 sec.)
Read or write processing is not retried for time-out failure.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
316
�System option modes for VSP 5000 series
Mode
Category
20
TrueCopy for
Mainframe
Universal Replicator for Mainframe
22
Common
Description
Mode 15 = OFF:
Upper limit for retry of drive is 2 sec.
If a drive failure occurs in read processing, a retry processing corresponding to the type of failure is executed.
I/O watching time is 6.5 sec. (I/O watching time including DMA transfer is 10 sec.)
Read or write processing is retried for time-out failure.
Notes:
1. This SOM applies at a site where a drive response delay may affect business operations.
2. When Dynamic Sparing or Auto Correction Mode is used, because host I/Os conflict with copy processing, the I/O watching time is 30 seconds even when this SOM is set to ON.
3. Even though SOM 15 is set to ON, the function does not apply to SATA or NL-SAS drives.
4. When SOM 771 or SOM 797 is set to ON, the setting of SOM 771/797 is prioritized for the read I/O watching time.
5. For additional details about this SOM (interaction with other SOMs, operational details), contact customer support (see SOM015 sheet).
MCU/RCU
S-VOL read only function (secondary system only).
RCU
Mode 20 = ON: The S-VOL accepts host read operations while the pair is split.
Mode 20 = OFF (default): The S-VOL does not accept host read operations while the pair is split.
Regarding the correction copy or the drive copy, in case ECCs/LRC PINs are set on the track of copy source HDD, SOM 22 can be used to interrupt the copy processing (default) or to create ECCs/LRC PINs on the track of copy target HDD to continue the processing.
None
Mode 22 = ON: If ECCs/LRC PINs (up to 64) have been set on the track of copy source HDD, ECCs/LRC PINs (up to 64) will be created on the track of copy target HDD so that the copy processing will continue. If the number of ECCs/LRC PINs exceeds 64, the corresponding copy processing will be interrupted.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
317
�System option modes for VSP 5000 series
Mode
Category
36
TrueCopy for
Mainframe
64
TrueCopy for
Mainframe
Description
Mode 22 = OFF (default): If ECCs/LRC PINs have been set on the track of copy source HDD, the copy processing will be interrupted. (First recover ECCs/LRC PINs by using the PIN recovery flow, and then perform the correction copy or the drive copy again).
One of the controlling option for correction/drive copy.
MCU/RCU
Selects function of CRIT=Y(ALL) or CRIT=Y(PATHS).
Mode 36 = ON: CRIT=Y(ALL) => equivalent to Primary Volume Fence Level = Data.
Mode 36 = OFF (default): CRIT=Y(PATHS) => equivalent to Primary Volume Fence Level = Status.
MCU
Mode 64 = ON:
When receiving the Freeze command, pair volumes in the storage system that fulfill the conditions below are suspended and the status change pending (SCP) that holds write I/Os from the host is set. The path between MCU and RCU is not deleted. Query is displayed only but unusable.
When receiving the RUN command, the SCP status of the pairs that fulfill the conditions below is released.
When a Failure Suspend occurs while Freeze Option Enable is set, except the pair in which the Failure Suspend occurs, other pairs that fulfill the conditions below go into SCP state.
Conditions:
TCz P-VOL
Mainframe volume
Pair status: Duplex/Pending
Both
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
318
�System option modes for VSP 5000 series
Mode
Category
Description
Mode 64 = OFF (default):
When receiving the Freeze command, pairs that fulfill the conditions below are suspended and the SCP is set. In the case of CU emulation type 2105/2017, the path between MCU and RCU is deleted, while the path is not deleted but unusable with Query displayed only in the case of CU emulation type 3990.
When receiving the RUN command, the SCP status of the pairs that fulfill the conditions below is released.
When a Failure Suspend occurs while the Freeze Option Enable is set, except the pair in which the Failure Suspend occurs, other pairs that fulfill the conditions below go into SCP state.
Conditions:
TCz P-VOL
Mainframe volume
Pair status: Duplex/Pending
A pair whose RCU# is identical to the RCU for which the Freeze command is specified.
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
319
�System option modes for VSP 5000 series
Mode
Category
104
TrueCopy for
Mainframe
114
TrueCopy for
Mainframe
Universal Replicator for Mainframe
Notes:
Description
1. General use: SOM 64 = OFF (default).
2. When all the following conditions are met, set SOM 64 to ON:
Customer requests to stop the update I/O operation to the RCU of a TCz pair for the whole storage system.
Disaster Recovery function such as GDPS,
HyperSwap, or Fail Over/ Fail Back, which requires compatibility with IBM® storage, is not used as SOM 64 operates without having compatibility with IBM®
storage.
Only Peer-to-Peer-Remote-Copy operation. (Do not use it in combination with Business Continuity Manager.)
3. Even though the Failover command is not an applicable criterion, when executing the Failover command while SOM 114 is ON, since ports are not automatically switched, the Failover command fails.
4. With increase of Sync pairs in storage system, the time period to report the completion of Freeze command and RUN command gets longer (estimate of time to report completion: 1 second per 1000 pairs), and MIH may occur.
MCU/RCU
Changes the default of the CGROUP Freeze option. Mode MCU 104 = OFF is the default setting.
This SOM enables or disables LCP/RCP port to be automatically switched over when PPRC command ESTPATH/DELPATH is performed.
MCU
Mode 114 = ON: Automatic port switching during ESTPATH/DELPATH is enabled.
Mode 114 = OFF (default): Automatic port switching during ESTPATH/DELPATH is disabled.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
320
�System option modes for VSP 5000 series
Mode
Category
142
Common
164
Common
Description
Notes:
1. If an incorrect port is selected while this SOM is set to ON, and if ESTPATH is executed when no logic path exists, the port is switched to RCP.
2. If TPC-R (IBM® software for disaster recovery), set this SOM to OFF.
3. For Fibre Channel interface, do not use the CESTPATH and CDELPATH commands at the same time as the SCSI path definition function. Fibre Channel interface ports need to be configured as initiator ports or RCU target ports before the CESTPATH and CDELPATH commands are issued.
MCU/RCU
This SOM is used to prevent storage systems from going down by blocking a failure drive at an early point when timeout occurs frequently for commands issued to the drive.
When a command issued to a drive times out, the failure is counted on the failure counter of the drive port. If the failure counter reaches the port blockage threshold, the drive port is blocked. By setting this SOM to ON, the port is blocked when the number of failures reaches half of the threshold, which mitigates the occurrence possibility of the host timeout.
Mode 142 = ON (default): The threshold value of blocking a drive port due to command time-out is changed to half of the normal threshold.
Mode 142 = OFF: The threshold value of blocking a drive port due to command time-out does not change.
Notes:
1. This SOM should always be set to ON. This SOM can be set to OFF only when the customer does not allow to set this SOM to ON for a storage system already in production.
2. Settings of SOM 363, SOM 365, and SOM 809 are related each other. The order of priority for the setting to be enabled is SOM 809, SOM 363, SOM 365, and then SOM 142. For details, contact customer support (see the mode document of each SOM).
3. This SOM is effective for the entire storage system.
This SOM is used to select whether to suppress performing the write-through operation for writes from a host if CM/SM one-side blockage occurs. The write-through operation directly writes data to a drive to secure data, which reduces
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
321
�System option modes for VSP 5000 series
Mode
Category
Description
I/O response compared to cache writes. By enabling SOM 164 (which suppresses the write-through operation), I/O response is not reduced and performance is maintained.
Mode 164 = ON: When CM/SM is blocked or in transition to blockade status, the write-through operation and I/O multiple-operation prevention are not performed. However, the write through operation and I/O multiple-operation prevention during power supply failure mode commanded from HP-UX are performed.
Mode 164 = OFF (default): Write-through-operation and IO-multiple-operation prevention are performed when CM/SM is blocked or in transition to blockade status.
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
322
�System option modes for VSP 5000 series
Mode
Category
Notes:
Description
1. Data is not secured at the failure on both sides of CM/SM. Recovery from all volume backups is required.
2. Determine whether to set the mode to ON or OFF on the following basis:
OFF: The mode is set to OFF to secure the data even when a CM/SM dual failure occurs. As the write through works for data assurance at CM/SM one-side blockage, make sure to design a system where performance degradation such as I/O response is acceptable in a configuration where data from host is duplicated on primary and secondary storage systems.
ON: The mode is set to ON to prioritize maintaining the performance over data assurance as a single storage system when a CM/SM dual failure occurs. When the mode is set to ON, the data may be lost at the CM/SM dual failure. If high data reliability is required for the storage system like RAID, data duplication should be realized by the entire system like a configuration where data from host is duplicated on primary and secondary storage systems.
Caution: If you set SOM 164 to ON for GAD, volumes that are being used by functions other than GAD and volumes in the SMPL status behave the same as GAD volumes. Before you set SOM 164 to ON, check the effects on other functions.
3. Using this SOM poses a risk of losing the data at a CM/SM dual failure. If high data reliability is required for the storage system like RAID, data duplication should be realized by the entire system like the configuration in which data from host is duplicated on primary and secondary storage systems.
4. When this SOM is used, the time required for blocking CM/SM at maintenance is longer than that when this SOM is set to OFF so that the maintenance operation may end abnormally if the amount of write pending is large. Therefore, perform the maintenance operation when the amount of write pending is as less as possible. If the maintenance operation ends abnormally, replace the blocked part to recover.
5. When setting the function to each LDEV is desired, contact customer support. (See "WR Through" function on the System Option window. See 2.13 System option
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
323
�System option modes for VSP 5000 series
Mode
Category
190
TrueCopy for
Mainframe
305
Mainframe
Description
in the SVP section of Maintenance Manual. Also, follow the above (1) even when the "WR Through" is used.)
MCU/RCU
Allows you to update the VOLSER and VTOC of the S-VOL while the pair is suspended if both SOM 20 and SOM 190 are ON.
Both
Mode 190 = ON: When SOM 20 (S-VOL read-only option) and this SOM are both ON, you can update the VOLSER and VTOC of the S-VOL while the pair is suspended. When the pair is resumed, the VOLSER and VTOC of the S-VOL are overwritten with the VOLSER and VTOC of the P-VOL.
Mode 190 = OFF (default): Even when SOM 20 (S-VOL read-only option) is ON, you cannot update the VOLSER or VTOC of the S-VOL while the pair is suspended.
Notes:
1. This SOM is applied along with SOM 20 when data writing to a VTOC area in the S-VOL of a suspended TCz pair is required.
2. If a write I/O is issued wrongly to an S-VOL VTOC area of a suspended TCz pair, the consistency between the P-VOL and the S-VOL is lost, but the inconsistency is solved by a resume operation.
This SOM enables the pre-label function (creation of VTOC including VOLSER).
Mode 305 = ON: Pre-label function is enabled.
Mode 305 = OFF (default): Pre-label function is disabled.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
324
�System option modes for VSP 5000 series
Mode
Category
308
TrueCopy for
Mainframe
Universal Replicator for Mainframe
310
Common
454
Virtual Partition
Manager
Description
Notes:
1. Set SOM 305 to ON before performing LDEV Format for a mainframe volume if you want to perform OS IPL (volume online) without fully initializing the volume after the LDEV Format. However, full initialization is required in actual operation.
2. Processing time of LDEV format increases by as much as full initialization takes.
3. The following functions and conditions are not supported:
Quick format
3390-A (Dynamic Provisioning attribute)
Volume Shredder
4. Full initialization is required in actual operation.
MCU/RCU
Allows you to specify whether the Remote Copy Path status, SIM218x, is reported to the host.
SIM RC=2180 (RIO path failure between MCU and RCU) is not reported to host. The storage system reports SSB with F/M=F5 instead of reporting SIM RC=2180 in the case. Micro-program has been modified to report SIM RC=2180 with newly assigned SOM as individual function for specific customer.
Mode 308 = ON: SIM RC 2180 is reported, which is compatible with older Hitachi specification.
Mode 308 = OFF (default): Reporting is compatible with IBM - Sense Status report of F5.
MCU
Mode 310 = ON: The monitoring timer for MP hang-up is 6 seconds and returning a response to the host within 8 seconds is guaranteed.
Mode 310 = OFF (default): The monitoring timer for MP hang-up remains 8 seconds.
Notes:
1. This SOM applies to a site where strict host response performance is required.
2. If a hardware failure occurs when this SOM is set to ON, the time until MPB blockage that is determined is shorter than usual.
CLPR (function of Virtual Partition Manager) partitions the cache memory in the storage system into multiple virtual
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
325
�System option modes for VSP 5000 series
Mode
Category
Description
cache and assigns the partitioned virtual cache for each use. If a large amount of cache is required for a specific use, it can minimize the impact on other uses. The CLPR function works as follows depending on whether SOM 454 is set to ON or OFF.
Mode 454 = OFF (default): The amount of the entire destage processing is periodically determined by using the highest workload of all CLPRs (*a). (The larger the workload is, the larger the amount of the entire destage processing becomes.)
*a: (Write Pending capacity of CLPR#x of concerned MPB) ÷ (Cache capacity of CLPR#x of concerned MPB), x=0 to 31
CLPR whose value above is the highest of all CLPRs
Because the destage processing would be accelerated depending on CLPR with high workload, when the workload in a specific CLPR increases, the risk of host I/O halt would be reduced.
Therefore, set SOM 454 to OFF in most cases.
Mode 454 = ON: The amount of the entire destage processing is periodically determined by using the workload of the entire system (*b). (The larger the workload is, the larger the amount of the entire destage processing becomes.)
*b: (Write Pending capacity of the entire system of concerned MPB) ÷ (Cache capacity of the entire system of concerned MPB)
Caution: Because the destage processing would not be accelerated even if CLPR has high workload, when the workload in a specific CLPR increases, the risk of host I/O halt would be increased. Therefore, set SOM 454 to ON only when a CLPR has constant high workload and the I/O performance in a CLPR with low workload has higher priority than host I/O halt in the CLPR with high workload.
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
326
�System option modes for VSP 5000 series
Mode
Category
457
Universal
Volume
Manager
459
ShadowImage
ShadowImage for Mainframe
Description
Notes:
1. When this SOM is set to ON, even if there is an overloaded CLPR (CLPR with large Write Pending capacity), the amount of destage processing would not increase easily. Therefore TOV(MIH) may occur in the overloaded CLPR. Set this SOM to ON only when the overloaded state of a specific CLPR would not affect other CLPRs.
When the UR function is used, if user volumes and journal volumes are defined in different CLPRs, when the CLPR to which the journal volumes are assigned overflows, the user volumes become inaccessible. Therefore it is recommended to set this SOM to OFF.
MCU/RCU
2. Because the destage processing will have a lower priority in the overloaded CLPR, the overloaded state of the overloaded CLPR is not removed, and TOV(MIH) might occur.
(1) High-Speed LDEV Format for External Volumes
Both
The high-speed LDEV format for external volumes is available by SOM 457 to ON. When SOM 457 is ON, if you select an external volume group and perform an LDEV format, any write processing on the external logical units will be skipped. However, if the external LDEV is a mainframe volume, the write processing for mainframe control information only will be performed after the write skip.
(2) Support for Mainframe Control Block Write GUI
Control Block Write of the external LDEVs in Mainframe emulation has been supported by HDvM - SN (GUI) since 90-04-0x.
Notes:
If the LDEV is not written with data "0" before performing the function, the LDEV format might fail.
After the format processing, make sure to set SOM 457 to OFF.
By setting this SOM to ON while an external volume is used as an SI/SIz S-VOL, a function to complete de-staging the S-VOL data to the external volume mapped to the S-VOL before the SI/SIz pair status changes to PSUS works.
The pair status changes to PSUS when the de-staging is complete.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
327
�System option modes for VSP 5000 series
Mode
Category
Description
When a split operation is performed for an SI/SIz pair, the pair status changes from PAIR to PSUS(SP) or COPY(SP) (status transition period), and then to PSUS.
The function works during the status transition period.
Mode 459 = ON (default): The pair stays in the status transition period and waits for the de-staging to be complete.
Mode 459 = OFF: Immediately after all differential data is copied to cache, the pair status changes to PSUS. The pair does not stay in the status transition period to wait for the de-staging to be complete.
For details of the function, contact customer support (see SOM459 sheet).
Notes:
1. Apply the mode for users who require that de-staging S-VOL data to an external volume mapped to the SVOL has been completed when the pair status changes to PSUS.
2. The function works for the pairs created while the mode is set to ON and does not work for the pairs created while the mode is set to OFF.
3. Because de-staging takes place after the copy is complete, the time required to change the status from PSUS(SP) or COPY(SP) to PSUS increases.
4. When both of SOM 459 and SOM 1263 are used, the throughput improvement by setting SOM 1263 to ON cannot be expected.
5. At a split operation, the time required to change the status to PSUS when the mode is ON gets longer than that when the mode is set tot OFF.
MCU/RCU
467
ShadowImage For the following features, the current copy processing
-
ShadowImage for Mainframe
slows down when the percentage of "dirty" data is 60% or higher, and it stops when the percentage is 75% or higher. Mode 467 is provided to prevent the percentage from
Compatible
exceeding 60%, so that the host performance is not
FlashCopy® V2 affected.
Compatible FlashCopy® SE
Universal Volume Manager
SI SIz FCv2, FCSE UVM
Volume Migration
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
328
�System option modes for VSP 5000 series
Mode
Category
Volume Migration
471
Thin Image
474
Universal
Replicator
Description
Mode 467 = ON (default): Copy overload prevention. Copy processing stops when the percentage of "dirty" data reaches 60% or higher. When the percentage falls below 60%, copy processing restarts.
Mode 467 = OFF: Normal operation. The copy processing slows down if the dirty percentage is 60% or larger, and it stops if the dirty percentage is 75% or larger.
Caution: This SOM must always be set to ON when using an external volume as the secondary volume of any of the applicable replication products.
Notes:
1. It takes longer to finish the copy processing because it stops for prioritizing the host I/O performance.
2. This SOM supports background copy only. The processing to copy the pre-update data to the S-VOL, which occurs when overwriting data to uncopied slots of P-VOL in Split processing or reading or writing data to uncopied slots of S-VOL, is not supported.
3. Check the write pending rate of each CLPR per MP unit. Even though there is some free cache capacity in the entire system, if the write pending rate of an MP unit to which pairs* belong exceeds the threshold, the copy operation is stopped.
*Applies to pairs of SI, SIz, FCv2, FCSE, and Volume Migration.
MCU/RCU
Since the SIM-RCs generated when the Thin Image pool
-
usage rate exceeds the threshold value can be resolved by
users, these SIM-RCs are not reported to the maintenance
personnel. This SOM is used to report these SIM-RCs to
maintenance personnel.
The SIM-RCs reported by setting this SOM to ON are: 601xxx (Pool utilization threshold exceeded), 603000 (SM space warning).
Mode 471 = ON: These SIMs are reported to maintenance personnel.
Mode 471 = OFF (default): These SIMs are not reported to maintenance personnel.
Note: Set this SOM to ON when it is required to inform maintenance personnel of these SIM-RCs.
UR initial copy performance can be improved by issuing a Both command from CCI/Business Continuity Manager (BCM) to
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
329
�System option modes for VSP 5000 series
Mode
Category
Universal Replicator for Mainframe
Description
execute a dedicated script consisting of UR initial copy (Nocopy), UR suspend, TC Sync initial copy, TC Sync delete, and UR resync.
Mode 474 = ON: For a suspended UR pair, a TC (Sync) pair can be created with the same P-VOL/S-VOL so that UR initial copy time can be reduced by using the dedicated script.
Mode 474 = OFF (default): For a suspended UR pair, a TC (Sync) pair cannot be created with the same P-VOL/S-VOL. For this, the dedicated script cannot be used.
If the P-VOL and S-VOL are both DP-VOLs, initial copy performance might not improve with SOM 474 set to ON. This is because with DP-VOLs, not all areas in a volume are allocated for UR; therefore not all areas in the P-VOL are copied to the S-VOL. With less than the full amount of data in the P-VOL being copied, the initial copy completes in a shorter time, which might not be improved with SOM 474.
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
330
�System option modes for VSP 5000 series
Mode
Category
484
TrueCopy for
Mainframe
ShadowImage for Mainframe
Notes:
Description
MCU/RCU
1. Set this SOM for both primary and secondary storage systems.
2. When this SOM is set to ON:
Execute all pair operations from CCI/BCM.
Use a dedicated script.
Initial copy operation is prioritized over update I/O. Therefore, the processing speed of the update I/O slows down.
3. If this SOM is set to ON, the processing speed of update I/O slows down by about 15 s per command, version downgrade is disabled, and Take Over is not available.
4. If this SOM is not set to ON for both sides, the behavior is as follows:
OFF in primary and secondary storage systems: Normal UR initial copy performance.
ON in the primary storage system/OFF in the secondary storage system: TC Sync pair creation fails.
OFF in the primary storage system/ON in the secondary storage system: The update data is copied to the S-VOL synchronously.
5. While this SOM is set to ON, make sure not to perform microcode downgrade to an unsupported version.
6. While this SOM is set to ON, make sure not to perform the Take Over function.
7. This SOM cannot be applied to a UR pair that is the second mirror in a URxUR multi-target configuration, URxUR cascade configuration, or 3DC multi-target or cascading configuration of three UR sites. If applied, TC pair creation is rejected with SSB=CBED output.
8. Before setting SOM 474 to ON, make sure that SOM 1091 is set to OFF. If SOM 1091 is set to ON, set it to OFF first, and then set SOM 474 to ON.
As the specification of QUERY display using the IBM®compatible PPRC FC path interface (hereinafter called New Spec) is different from the current specification (hereinafter
Both
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
331
�System option modes for VSP 5000 series
Mode
Category
506
Universal
Replicator
Universal Replicator for Mainframe
Description
called Previous Spec), this mode enables to display the PPRC path QUERY with the New Spec or Previous Spec.
Mode 484 = ON: PPRC path QUERY is displayed with the New Spec. The status of path using the Fibre Channel interface is displayed. WWNN is indicated.
Mode 484 = OFF (default): PPRC path QUERY is displayed with the Previous Spec (ESCON® interface). The status of path using an ESCON® interface is displayed. WWNN is invalid.
Notes:
1. Set this SOM to ON when you want to maintain compatibility with the Previous Spec for PPRC path QUERY display under the environment where IBM host function (such as PPRC and GDPS) is used.
2. If the display specification is different between MCU and RCU, it may cause malfunction of host.
3. When IBM® TPC-R or CSM software for disaster recovery is used, set this SOM to ON.
This SOM is used to enable Delta Resync with no host update I/O by copying only differential JNL instead of copying all data.
The UR Delta Resync configuration is required.
Mode 506 = ON (default):
Without update I/O: Delta Resync is enabled.
With update I/O: Delta Resync is enabled.
Mode 506 = OFF:
Without update I/O: Total data copy of Delta Resync is performed.
With update I/O: Delta Resync is enabled.
Note: Even when SOM 506 is set to ON, the Delta Resync may fail and only the total data copy of the Delta Resync function is allowed if the necessary journal data does not exist on the primary storage system used for the Delta Resync operation.
MCU/RCU Both
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
332
�System option modes for VSP 5000 series
Mode
Category
Description
MCU/RCU
531
Common
When PIN data is generated, the SIM currently stored in the Both SVP is reported to the host.
Mode 531 = ON: The SIM for PIN data generation is reported to the host along with being stored in the SVP.
Mode 531 = OFF (default): The SIM for PIN data generation is stored in SVP only, not reported to the host, the same as the current specification.
548
ShadowImage This option prevents pair operations of TCz, URz, or SIz via Both
for Mainframe Command Device used by BCM when Command Device
from BCM
satisfies the following conditions:
TrueCopy for Mainframe from BCM
Universal Replicator for Mainframe from BCM
Mode 548 = ON: Pair operations of TCz, URz, or SIz via online Command Device are not available. SSB=0x64fb is output.
Mode 548 = OFF (default): Pair operations of TCz, URz, or SIz via online Command Device are available. SIM is output.
Notes:
1. When Command Device is used online, if a script containing an operation via Command Device has been executed, the script may stop if this SOM is set to ON. As described in the BCM user's guide, the script must be performed with Command Device offline.
2. This SOM is applied to operations from BCM that is operated on MVS.
556
Open
Prevents an error code from being set in bytes 8 - 11 in the Both standard 16-byte sense byte.
Mode 556 = ON: An error code is not set in bytes 8 - 11 in the standard 16-byte sense byte.
Mode 556 = OFF (default): An error code is set in bytes 8 11 in the standard 16-byte sense byte.
561
ShadowImage Allows Quick Restore for external volumes with different
Both
Universal
Cache Mode settings.
Volume
Mode 561 = ON: Quick Restore for external volumes with
Manager
different Cache Mode settings is prevented.
Mode 561 = OFF (default): Quick Restore for external volumes with different Cache Mode settings is allowed.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
333
�System option modes for VSP 5000 series
Mode
Category
573
TrueCopy for
Mainframe
ShadowImage for Mainframe
589
Universal
Volume
Manager
Description
MCU/RCU
For the CU emulation type 2105/2107, specifying the CASCADE option for the ICKDSF ESTPAIR command is allowed.
Mode 573 = ON: The ESTPAIR CASCADE option is allowed.
Mode 573 = OFF (default): The ESTPAIR CASCADE option is not allowed. (When specified, the option is rejected.)
Notes:
Both
The unit for which TCz and SIz in a cascading configuration use the same volume.
1. When CU emulation type is 2105/2107, this SOM is applied in the case where pair creation in TCz SIz cascading configuration in the ICKDSF environment fails with the following message output:
Message: ICK30111I DEVICE SPECIFIED IS THE SECONDARY OF A DUPLEX OR PPRC PAIR
2. This SOM is applied when building an environment using the Metro Mirror F.O./F.B. function with TPC-R or CSM.
3. The CASCADE option can be specified in the TSO environment also.
4. Although the CASCADE option can be specified for the ESTPAIR command, the PPRC-XD function is not supported.
5. Perform thorough pre-check for any influence on GDPS/PPRC.
6. The SOM must be enabled only when the CASCADE option is specified for the ESTPAIR command for the CU emulation type 2105/2107.
When this SOM is ON, the frequency of progress update of disconnection is changed.
Mode 589 = ON: For each external volume, progress is updated only when the progress rate is 100%.
Mode 589 = OFF (default): Progress is updated when the progress rate exceeds the previous level.
Notes:
1. Set this SOM to ON when disconnecting an external volume while the specific host IO operation is online and its performance requirement is severe.
Both
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
334
�System option modes for VSP 5000 series
Mode
Category
598
Universal
Replicator for
Mainframe
624
Universal
Replicator
Description
2. Whether the disconnecting status for each external volume has progressed cannot be confirmed on Device Manager - Storage Navigator (it indicates "-"until just before the completion and then it changes to 100% at the very end).
MCU/RCU
This SOM is used to report SIMs (RC=DCE0 to DCE3) to a Mainframe host to warn that a URz journal is full.
Mode 598 = ON: SIMs (RC=DCE0 to DEC3) to warn that a JNL is full are reported to SVP and the host.
Mode 598 = OFF (default): SIMs (RC=DCE0 to DEC3) to warn that a JNL is full are reported to SVP only.
Notes:
1. This SOM is applied if SIMs (RC=DCE0 to DCE3) need to be reported to a Mainframe host.
2. The SIMs are not reported to the Open server. 3. SIMs for JNL full (RC=DCE0 and DCE1) on MCU are
reported to the host connected with MCU. 4. SIMs for JNL full (RC=DCE2 and DCE3) on RCU are
reported to the host connected with RCU.
Both
The mode can be set to ON for storage systems in a CCI consistency group.
MCU
Mode 624 = ON: If 5 minutes have passed after time stamp updates from CCI stopped(*), pairs of journal groups on the storage systems with this mode set to ON are suspended due to failure (SIM=DC1XYY).
(*) The reason of the stop is unstable path status between the CCI server and the storage system in the primary site, or a stop of a CCI instance.
Mode 624 = OFF (default): Pairs are not suspended due to failure 5 minutes after time stamp updates from CCI have stopped.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
335
�System option modes for VSP 5000 series
Mode
Category
632
TrueCopy for
Mainframe
640
TrueCopy for
Mainframe
Description
Notes:
1. Apply this SOM if suspending pairs, preventing journals from being accumulated, and notifying the error to users are preferred rather than allowing journal accumulation and eventual failure suspension due to journal full when the communication between CCI and the storage system in the primary site is unavailable in a consistency group configuration.
2. When this SOM is set to ON, set the interval of issuing time stamps from CCI to 4 minutes or less (about 1 second is recommended). If greater than 4 minutes is set, the function may work 5 minutes after a temporary communication error, etc.
3. To stop a CCI instance for 5 minutes or longer for CCI configuration definition file rewriting or server maintenance, set this SOM to OFF.
4. If the DKCMAIN microcode is downgraded to an unsupported version while this SOM is set to ON, and then the microcode is to be upgraded to the supported version, set this SOM to OFF before the microcode upgrade.
MCU/RCU
This SOM is used to correct the reported data of PPRC QUERY when the PPRC ESTPAIR CRIT option is "NO" (fence level = NEVER) and VPD (SOM 36) is set to ON. By setting this SOM to ON/OFF when the PPRC ESTPAIR CRIT option is "NO" and VPD (SOM 36) is ON, Byte1,Bit5 (VPD flag) of PPRC QUERY is changed. PPRC QUERY display is not changed (CRIT (NO)).
Mode 632 = ON: Byte1,Bit5 (VPD flag) = ON
Mode 632 = OFF (default): Byte1,Bit5 (VPD flag) = OFF
For details, contact customer support (see the SOM632 sheet).
Notes:
1. This SOM is applied if reporting Byte1,Bit5 (VPD flag) = ON when the PPRC ESTPAIR CRIT option is "NO" (Fence level = NEVER) and VPD (SOM36) is ON is required.
2. The behavior of CRIT (=fence level) itself does not change and is the same as PPRC ESTPAIR CRIT (NO).
Both
VARY ONLINE can be run from the host for a volume shared by a TCz S-VOL (SwapSuspend or S-VOL write
RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
336
�System option modes for VSP 5000 series
Mode
Category
ShadowImage for Mainframe
665
Common
689
TrueCopy
TrueCopy for Mainframe
Global-active device
Description
access permitted) and an SIz P-VOL. This SOM changes the behavior of the Sense SubSystem command from its current behavior to its previous behavior.
Mode 640 = ON (default): The SIz pair information is returned for the Sense SubSystem command that runs when either a TCz pair is in SSWS status or when write access to the S-VOL is permitted in a configuration where the TCz pair is combined with an SIz pair.
Mode 640 = OFF: . The SIz pair information is not returned (SIMPLEX) for the Sense SubSystem command that runs when either a TCz pair is in SSWS status or when write access to the S-VOL is permitted in a configuration where the TCz pair is combined with an SIz pair.
Notes:
1. This SOM is applied to obtain the SIz pair information by the SenseSubSystem command when a TCz pair is in SSWS status or write access to the S-VOL is permitted in a configuration where the TCz pair is conbined with an SIz pair.
2. When SOM 640 is ON, VARY ONLINE cannot be run for a volume shared by a TCz S-VOL and anSIz PVOL volume.
MCU/RCU
This SOM disables the automatic log dump collection
-
function that works when a hardware failure occurs to
reduce the time to start failure analysis. A failure log created
on a storage system triggers the function to start at a
hardware failure.
Mode 665 = ON (default): The auto dump collection function is disabled.
Mode 665 = OFF: The auto dump collection function is enabled.
Note: This SOM is applied when disabling the automatic log dump collection function is required at a failure.
This SOM is used to slow down the initial copy and resync copy operations when the Write Pending rate on RCU exceeds 60%
Mode 689 = ON: The initial copy and resync copy operations are slowed down when the Write Pending rate on RCU exceeds 60%.
Both
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
337
�System option modes for VSP 5000 series
Mode
Category
690
Universal
Replicator
Universal Replicator for Mainframe
Description
If the CLPR write pending rate where the initial copy target secondary volume belongs to is not over 60% but that of MP PCB where the S-VOL belongs to is over 60%, the initial copy operation is slowed down.
Mode 689 = OFF (default): The initial copy and resync copy operations are not slowed down when the Write Pending rate on RCU exceeds 60% (the same as before).
Notes:
1. This SOM can be set online.
2. The micro-programs on both MCU and RCU must support this SOM.
3. This SOM should be set when requested by the user.
4. Setting this SOM to ON is recommended when GAD is installed, as the performance degradation is more likely to occur due to active-active I/Os.
5. If the Write Pending status remains at 60% or more on the RCU for a long time, it takes extra time for the initial copy and resync copy to be completed due to slowed down copy operations.
6. If the Write Pending rate of CLPR to which the initial copy target S-VOL belongs is not over 60% but that of MP PCB to which the S-VOL belongs is over 60%, the initial copy operation is slowed down.
7. When this SOM is applied while an unsupported model (USP V/VM earlier than V02) is connected as MCU, if the Write Pending rate reaches 60%, pair suspend may occur.
8. As the mode is enabled per storage system, in an environment where TC and GAD are used, the mode is applied to both program products. When GAD is installed in a storage system that already uses TC, TC initial copy may take longer time.
MCU/RCU
This SOM is used to prevent Read JNL or JNL Restore when the Write Pending rate on RCU exceeds 60% as follows:
When CLPR of JNL-Volume exceeds 60%, Read JNL is prevented.
When CLPR of Data (secondary)-Volume exceeds 60%, JNL Restore is prevented.
Mode 690 = ON: Read JNL or JNL Restore is prevented when the Write Pending rate on RCU exceeds 60%.
RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
338
�System option modes for VSP 5000 series
Mode
Category
701
Universal
Volume
Manager
Description
Mode 690 = OFF (default): Read JNL or JNL Restore is not prevented when the Write Pending rate on RCU exceeds 60% (the same as before).
Notes:
1. This SOM can be set online.
2. This SOM should be set per customer's requests.
3. If the Write Pending status long keeps 60% or more on RCU, it takes extra time for the initial copy to be completed by making up for the prevented copy operation.
4. If the Write Pending status long keeps 60% or more on RCU, the pair status may become Suspend due to the JNL-Vol being full.
MCU/RCU
This SOM is used to issue the Read command at the logical unit discovery operation using UVM.
Mode 701 = ON: The Read command is issued at the logical unit discovery operation.
Mode 701 = OFF (default): The Read command is not issued at the logical unit discovery operation.
Notes:
1. When the external storage is TagmaStore USP/NSC and the Open LDEV Guard attribute (VMA) is defined on an external device, set this SOM to ON.
2. When this SOM is set to ON, it takes longer time to complete the LU discovery. The amount of time depends on the external storage system.
3. With this SOM OFF, if searching for external devices with VMA is set, the VMA information cannot be read.
4. When this SOM is set to ON while the following conditions are met, the external volume is blocked:
An external volume to which Nondisruptive migration (NDM) attribute is set exists.
The external volume is reserved by the host
5. As the VMA information is TagmaStore USP/NSCspecific, this SOM does not need to be ON when the external storage is other than TagmaStore USP/NSC.
6. Set this SOM to OFF when an external volume to which nondisruptive migration (NDM) attribute is set exists.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
339
�System option modes for VSP 5000 series
Mode
Category
704
ShadowImage
ShadowImage for Mainframe
Compatible FlashCopy®
Volume Migration
721
Common
Description
MCU/RCU
To reduce the chance of MIH, this SOM can reduce the
-
priority of ShadowImage, Volume Migration, or Resync copy
internal IO requests so that host IO has a higher priority.
This SOM creates new work queues where these jobs can
be assigned with a lower priority.
Mode 704 = ON: Copy processing requested is registered into a newly created queue so that the processing is scheduled with lower priority than host I/O.
Mode 704 = OFF (default): Copy processing requested is not registered into a newly created queue. Only the existing queue is used.
Notes:
1. Apply this SOM when the load of host I/O to an ECC that uses ShadowImage or Volume Migration is high and the host I/O processing is delayed.
2. If the PDEV is highly loaded, the priority of Read/Write processing made by ShadowImage, Volume Migration, or Resync may become lower. As a consequence the copy speed may be slower.
When a parity group is uninstalled or installed, the following operation is performed according to the setting of SOM 721.
Mode 721 = ON: When a parity group is uninstalled or installed, the LED of the drive for uninstallation is not illuminated, and the instruction message for removing the drive does not appear. Also, the windows other than that of parity group, such as DKA or DKU, are unavailable to select.
Mode 721 = OFF (default): When a parity group is uninstalled or installed, the LED of the drive is illuminated, and the drive must be unmounted and remounted.
Notes:
1. When the RAID level or emulation type is changed for the existing parity group, this SOM should be applied only if the drive mounted position remains the same at the time of the parity group uninstallation or installation.
2. After the operation using this SOM is completed, this SOM must be set back to OFF; otherwise, the LED of the drive to be removed will not be illuminated at subsequent parity group uninstalling operations.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
340
�System option modes for VSP 5000 series
Mode
Category
725
Universal
Volume
Manager
729
Dynamic
Provisioning
Data Retention Utility
Description
MCU/RCU
This SOM determines the action that will be taken when the status of an external volume is Not Ready.
Mode 725 = ON: When Not Ready is returned, the external path is blocked and the path status can be automatically recovered (Not Ready blockade). Note that the two behaviors, automatic recovery and block, may be repeated.
When the status of a device is Not Ready blockade, Device Health Check is executed after 30 seconds.
Mode 725 = OFF (default): When Not Ready is returned 3 times in 3 minutes, the path is blocked and the path status cannot be automatically recovered (Response error blockade).
Notes:
1. Applying this SOM is prohibited when USP V/VM is used as external storage system and its external volume is DP-VOL.
2. Applying this SOM is recommended when the above condition (1) is not met and SUN storage is used as an external storage.
3. Applying this SOM is recommended when the above condition (1) is not met and EMC CX series or Fujitsu Fibre CAT CX series is used as an external storage.
4. Applying this SOM is recommended if the above condition (1) is not met and a maintenance operation such as firmware update causing controller reboot is executed on the external storage side while a storage system other than Hitachi product is used as an external storage system.
5. While USP V/VM is used as an external storage system and its volume is DP-VOL, if some Pool-VOLs constituting the DP-VOL are blocked, external path blockade and recovery occurs repeatedly.
6. When a virtual volume mapped by UVM is set to poolVOL and used as DP-VOL in local storage system, this SOM can be applied without problem.
When a DP pool is full, if any write operation is requested to the area where the page allocation is not provided, this SOM can enable the DRU Protect attribute for the target DP-VOL.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
341
�System option modes for VSP 5000 series
Mode
Category
734
Dynamic
Provisioning
Description
Mode 729 = ON: Set the DRU Protect attribute for the target DP-VOL when any write operation is requested to the area where the page allocation is not provided at a time when the DP pool is full. (Not to set in the case of Read request.)
Mode 729 = OFF (default): Do not set the DRU Protect attribute for the target DP-VOL when any write operation is requested to the area where the page allocation is not provided at a time when DP pool is full.
For details, contact customer support (see SOM729 & 803 sheet).
Notes:
1. This SOM is applied when:
The threshold of pool is high (for example, 95%) and the pool may be full.
DP-VOL uses a file system.
Data Retention Utility is installed.
2. Since the Protect attribute is set for V-VOL, the Read operation cannot be allowed as well.
3. When Data Retention Utility is not installed, the desired effect is not achieved.
4. Protect attribute can be released from the Data Retention window of Device Manager - Storage Navigator after releasing the full status of the pool by adding a Pool-VOL.
5. The VVP (Virtual Volume Protection) function can be enabled/disabled for each pool. With SOM 729 disabled, VVP is also disabled by default, but you can enable VVP for each pool as needed. With SOM 729 enabled, VVP is also enabled automatically (by default) when you create a new pool. Caution: A pool is NOT protected by ANY FUNCTION if you deliberately turn VVP for the pool from ON (default) to OFF, even with SOM 729 enabled.
6. When HMO 63 or 73 is set to ON, the setting of the HMO is prioritized over the SOM 729 setting, so that the behavior remains the same as when SOM 729 is OFF even when it is set to ON.
MCU/RCU
When exceeding the pool threshold, the SIM is reported as follows:
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
342
�System option modes for VSP 5000 series
Mode
Category
Dynamic Provisioning for Mainframe
Description
Mode 734 = ON: A SIM is reported at the time when the pool usage rate exceeds the pool threshold (warning, system, or depletion). Once the pool usage rate falls below the pool threshold, and then exceeds again, the SIM is reported again. If the pool usage rate continues to exceed the warning threshold and the depletion threshold, the SIM (SIM-RC625000) is repeatedly reported every 8 hours until the pool usage rate falls below the depletion threshold.
Mode 734 = OFF (default): A SIM is reported at the time when the pool usage rate exceeds the pool threshold (warning, system, or depletion). Once the pool usage rate falls below the pool threshold, and then exceeds again, the SIM is reported again. The SIM is not reported while the pool usage rate continues to exceed the warning threshold and the depletion threshold.
Notes:
1. This SOM is turned ON to prevent the write I/O operation from being unavailable due to pool full.
2. If the pool threshold exceeding SIM occurs frequently, other SIMs may not be reported.
3. Though turning on this SOM can increase the warning effect, if measures such as adding a pool fail to be done in time so that the pool becomes full, SOM 729 can be used to prevent file systems from being destroyed.
4. Turning on SOM 741 can provide the SIM report to both the users and the service personnel.
5. If SIM=62B000 remains uncompleted, the SIM is not reported to SVP.
MCU/RCU
741
Dynamic
This SOM enables to switch over whether to report the
-
Provisioning
following SIM for users to the service personnel:
Dynamic Provisioning for Mainframe
SIM-RC 625000 (DP pool usage rate continues to exceed the threshold)
Mode 741 = ON: SIM is reported to the service personnel.
Mode 741 = OFF (default): SIM is not reported to the service personnel.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
343
�System option modes for VSP 5000 series
Mode
Category
745
Universal
Volume
Manager
Description
Notes:
1. This SOM is set to ON to have SIM for users reported to the service personnel:
For the system where SNMP and E-mail notification are not set.
If Device Manager - Storage Navigator is not periodically activated.
MCU/RCU
2. When SOM 734 is turned OFF, SIM-RC625000 is not reported; accordingly the SIM is not reported to the service personnel even though this SOM is ON.
3.
This SOM enables to change the area where the
-
information is obtained as the Characteristic1 item from
SYMMETRIX.
Mode 745 = ON:
The area where the information is obtained as the Characteristic1 item from SYMMETRIX is changed.
When CheckPaths or Device Health Check (1/hour) is performed, the information of an already-mapped external volume is updated to the one after change.
Mode 745 = OFF (default):
The area where the information is obtained as the Characteristic1 item from SYMMTRIX is set to the default.
When CheckPaths or Device Health Check (1/hour) is performed, the information of an already-mapped external volume is updated to the default.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
344
�System option modes for VSP 5000 series
Mode
Category
Description
Notes:
1. This SOM is applied when the EMC SYMMETRIX is connected using UVM.
2. Enable the setting of EMC SCSI Flag SC3 for the port of the EMC SYMMETRIX storage connected with the storage system and disable the setting of Flag SPC2. If the setting of EMC SCSI Flag SC3 is not enabled or the setting of Flag SPC2 is enabled, the effect of this SOM may not be achieved.
3. If you want to enable this SOM immediately after setting, perform Check Paths on each path one by one for all the external ports connected to the EMC SYMMETRIX storage. But, without doing Check Paths, the display of Characteristic1 can automatically be changed by the Device Health Check to be performed once an hour. If SSB=AD02 occurs and a path is blocked, perform Check Paths on this path again.
4. If the Check Paths is performed while ShadowImage for Mainframe pair and FlashCopy® Mirror pair are defined in the specified volume, the Check Paths operation is rejected with a message, "605 2518". If ShadowImage for Mainframe pair and FlashCopy® Mirror pair are defined in the specified volume, do not perform Check Paths but wait until the display is automatically changed.
MCU/RCU
749
Dynamic
Provisioning
This SOM disables the DP Rebalance function that allows the drives of all ECC Groups in the pool to share the load.
Dynamic Provisioning for Mainframe
Dynamic Tiering
Mode 749 = ON: The DP Rebalance function and the HDT Tier relocation function are disabled.
Mode 749 = OFF (default): The DP Rebalance function and the HDT Tier relocation function are enabled.
Dynamic Tiering for Mainframe
Notes:
1. This SOM is applied when no change in performance characteristic is desired.
2. When a pool is newly installed, the load may be concentrated on the installed pool volumes.
3. When 0 data discarding is executed, load may be unbalanced among pool volumes.
4. Pool VOL deletion while this SOM is set to ON fails. To delete pool VOLs, set this SOM to OFF.
757
Common
Enables/disables output of in-band audit logs.
-
Mode 757 = ON: In-band audit log is not output.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
345
�System option modes for VSP 5000 series
Mode
Category
762
Universal
Replicator for
Mainframe
Description
Mode 757 = OFF (default): In-band audit log is output.
Notes:
1. This SOM applies to the sites where outputting the Inband audit logs is not needed.
2. When this SOM is set to ON:
There is no access to SM for the In-band audit logs, which can avoid the corresponding performance degradation.
SM is not used for the In-band audit logs.
3. If outputting the In-band audit log is desired, set this SOM to OFF.
MCU/RCU
This SOM enables to settle the data to RCU according to the time stamp specified in the command when a Flush suspension for an EXCTG is performed from BCM.
Mode 762 = ON: The data is settled to RCU according to the time stamp specified in the command.
Mode 762 = OFF (default): The data is settled to RCU according to the time stamp that RCU has received.
Notes:
Both
(On RCU side, consideratio n in Takeover is required for setting)
1. This SOM is applied under the following conditions.
Universal Replicator for Mainframe.
EXCTG configuration.
Flush suspension with an EXCTG specified is executed.
BCM is installed on the host where the time stamping function is available.
(In the case of multiple-host configuration, SYSPLEX timer is available on the system)
2. If this SOM is set to ON while the BCM does not exist in the environment where the time stamping function is available (In the case of multiple-host configuration, SYSPLEX timer is available on the system), the pair status may not become Suspend after Flush suspension for an EXCTG.
3. Do not set this SOM to ON if the BCM does not exist in the environment where the time stamping function is available (In the case of multiple-host configuration, SYSPLEX timer is available on the system).
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
346
�System option modes for VSP 5000 series
Mode
Category
769
TrueCopy
TrueCopy for Mainframe
Universal Replicator
Universal Replicator for Mainframe
Description
MCU/RCU
This SOM controls whether the retry operation is executed Both or not when a path creation operation is executed.
(The function applies to both of CU FREE path and CU single path for Open and Mainframe).
Mode 769 = ON: The retry operation is disabled when the path creation operation is executed (retry operation is not executed).
Mode 769 = OFF (default): The retry operation is enabled when the path creation operation is executed (retry operation is executed).
Apply this SOM when the Basic HyperSwap® function of TPC-R or CSM is used. The Basic HyperSwap® function can allow the CESTPATH operation to establish a path to several secondary systems at the same time. Because attributes of a port are switched if the CESTPATH operation is performed with SOM 144 ON, the path status between the primary and secondary systems is changed to linkdown. If the CESTPATH operation is performed to two or more secondary systems at the same time, MIH may be reported to a host as the other CESTPATH operation, which has detected the linkdown path, retries the CESTPATH operation. To disable an MIH report to a host, set this SOM to ON to disable the CESTPATH to retry the operation when a linkdown is detected.
Notes:
1. Apply this SOM when the following three conditions are met:
SOM 114 is set to OFF (operation of automatically switching the port is disabled).
HMO 49 and HMO 50 are set to OFF.
TPC-R or CSM is used (it is not applied in normal operation).
2. When SOM 769 is set to ON, SOM 114, HMO 49, and HMO 50 must be set to OFF.
3. In either of the following cases, the path creation operation might fail after automatic port switching is executed.
SOM 114 is set to ON.
HMO 49 and HMO 50 are set to ON.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
347
�System option modes for VSP 5000 series
Mode
Category
776
TrueCopy for
Mainframe
Business Continuity Manager
784
TrueCopy
TrueCopy for Mainframe
Global-active device
Description
MCU/RCU
This SOM enables/disables to output the F/M = FB message to the host when the status of the P-VOL changes to Suspend during a TCz S-VOL pair suspend or pair delete operation from Business Continuity Manager.
Both
Mode 776 = ON: When the status of P-VOL changes to Suspend during a TCz S-VOL pair suspend or delete operation from BCM, the F/M=FB message is not output to the host.
Mode 776 = OFF (default): When the status of P-VOL changes to Suspend during a TCz S-VOL pair suspend or delete operation from BCM, the F/M=FB message is output to the host.
Notes:
1. Set this SOM to ON in the environment where TCz is used from BCM and the MCU host does not need the F/M=FB message output during an S-VOL pair suspend or pair delete operation from BCM.
2. When this SOM is set to ON, the F/M=FB message is not output to the host when the status of P-VOL changes to Suspend during a TCz S-VOL pair suspend or pair delete operation from BCM.
3. If the PPRC item of CU option is set to NO, the F/ M=FB message is not output to the host regardless of setting of this SOM.
4. If the function switch#07 is set to "enable", the F/M=FB message is not output to the host regardless of setting of this SOM.
This SOM can reduce the MIH watch time of RI/O for a TC, TCz, or GAD pair internally so that update I/Os can continue by using an alternate path without MIH or time-out occurrence in the environment where Mainframe host MIH is set to 15 seconds, or Open host time-out time is short (15 seconds or less). This SOM is effective at initial pair creation or Resync operation for TC, TCz, or GAD. (Not effective by just setting this SOM to ON.)
Both
This SOM is applied to TC, TCz, and GAD. This SOM supports Fibre Channel remote copy paths but not iSCSI.
Mode 784 = ON: The MIH time of RIO is internally reduced so that, even though a path failure occurs between storage systems in the environment where host MIH time is set to 15 seconds, update I/Os can be processed by using an alternate path promptly, lowering the possibility of host MIH occurrence.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
348
�System option modes for VSP 5000 series
Mode
Category
Description
Mode 784 = OFF (default): The operation is processed in accordance with the TC, TCz, or GAD specification.
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
349
�System option modes for VSP 5000 series
Mode
Category
Description
Notes:
1. This SOM is applied to the environment where Mainframe host MIH time is set to 15 seconds.
2. This SOM is applied to the environment where OPEN host time-out time is set to 15 seconds or less.
3. This SOM is applied to reduce RI/O MIH time to 5 seconds.
4. This function is available for all the TC, TCz, and GAD pairs on the storage system, unable to specify the pairs that are using this function or not.
5. To apply this SOM to TCz, MCU and RCU must be USP V/VM or later models and micro-program must be the support version on both sides.
6. For a TC, TCz, or GAD pair with this SOM effective (RI/O MIH time is 5 seconds), the setting of RI/O MIH time made at RCU registration (default is 15 seconds, which can be changed within range from 10 to 100 seconds) is invalid. However, RI/O MIH time displayed on Device Manager - Storage Navigator and CCI is not "5 seconds" but is what set at RI/O registration.
7. If a failure occurs on the switched path between storage systems, Mainframe host MIH or Open server time-out may occur.
8. If an MP to which the path between storage systems belongs is overloaded, switching to an alternate path delays and host MIH or time-out may occur.
9. If an RI/O retry occurs due to other factors than RI/O MIH (5 sec), such as a check condition report issued from RCU to MCU, the RI/O retry is performed on the same path instead of an alternate path. If a response delay to the RI/O occurs constantly on this path due to path failure or link delay, host MIH or time-out may occur due to response time accumulation for each RI/O retried within 5 seconds.
10. Even though this SOM is set to ON, if Mainframe host MIH time or Open host time-out time is set to 10
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
350
�System option modes for VSP 5000 series
Mode
Category
787
Compatible
FlashCopy® V2
789
ShadowImage
Description
seconds or less, host MIH or time-out may occur due to a path failure between storage systems.
11. Operation commands are not available for promptly switching to an alternate path.
12. This SOM works for the pair for which initial pair creation or Resync operation is executed.
13. Micro-program downgrade to an unsupported version cannot be executed unless all the TC, TCz, and GAD pairs are suspended or deleted.
14. For operational specifications in each combination of MCU and RCU of TCz/TC, contact customer support (see SOM784 sheet).
15. For GAD pairs, this SOM is effective if the microcode version supports GAD.
16. This SOM does not support iSCSI paths between storage systems. When iSCSI is used for paths between storage systems, the time to switch to an alternate path cannot be reduced. For this, if a failure occurs on a path between storage systems in an environment where host time-out time is short, a timeout may occur on the host side. A time-out may also occur on the host side when a failure occurs on an iSCSI path between storage systems if storage system paths of Fibre and iSCSI coexist in an environment where host time-out time is short so that the configuration where storage system paths of Fibre and iSCSI coexist is not supported too.
MCU/RCU
This SOM enables the batch prefetch copy.
-
Mode 787 = ON: The batch prefetch copy is executed for an FCv2 pair and a Preserve Mirror pair.
Mode 787 = OFF (default): The batch prefetch copy is not executed.
Notes:
1. When this SOM is set to ON, the performance characteristic regarding sequential I/Os to the FCv2 target VOL changes.
2. This SOM is applied only when SOM 577 is set to OFF.
3. This SOM is applied if response performance for a host I/O issued to the FCv2 target VOL is prioritized.
This SOM enables you to temporarily stop the copy
-
processing caused by the I/O from the host server to the P-
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
351
�System option modes for VSP 5000 series
Mode
Category
790
ShadowImage
Description
VOL when the load on the storage system is high. Degradation of I/O performance on the volumes that belong to the copy target CLPR is suppressed to the minimum.
Mode 789 = ON (default): If the Write Pending rate of the MP unit to which the copy target CLPR belongs is 70% or higher, the copy processing caused by the I/O from the host server to the P-VOL is suppressed.
Mode 789 = OFF: If the Write Pending rate of the MP unit to which the copy target CLPR belongs is in the following status, the copy processing caused by the I/O on the P-VOL is suppressed. Note that, if the Write Pending rate is high, the I/O performance on the volumes that belong to the copy target CLPR might be degraded.
For DKCMAIN 93-05-06 and earlier, 93-06-01 to 93-06-03, 93-06-21 to 93-06-23, and 93-06-41:
When the capacity saving function is enabled on the PVOL or S-VOL, copy processing is suppressed when the Write Pending rate is 75% or more.
When the capacity saving function is not enabled on the P-VOL or S-VOL, copy processing is not suppressed regardless of the Write Pending rate.
For DKCMAIN 93-05-07 and later, 93-06-04 and later, 93-06-24 and later, and 93-06-42 and later:
When the capacity saving function is enabled on the PVOL or S-VOL and any host I/O priority mode 1 to 5 (local replica options) is enabled, copy processing is suppressed when the Write Pending rate is 70% or more.
When the capacity saving function is enabled on the PVOL or S-VOL and none of the host I/O priority modes is enabled, copy processing is suppressed when the Write Pending rate is 75% or more.
When the capacity saving function is disabled on the PVOL and S-VOL, copy processing is suppressed when the Write Pending rate is 90% or more.
MCU/RCU
This SOM enables you to temporarily stop the copy
-
processing caused by the I/O from the host server to the S-
VOL when the load on the storage system is high.
Degradation of I/O performance on the volumes that belong
to the copy target CLPR is suppressed to the minimum.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
352
�System option modes for VSP 5000 series
Mode
Category
803
Dynamic
Provisioning
Data Retention Utility
Description
Mode 790 = ON (default): When the Write Pending rate of the MP unit that the copy target CLPR belongs to is 60% or more, the copy processing caused by the I/O from the host server to the S-VOL is suppressed.
Mode 790 = OFF: When the Write Pending rate of the MP unit that the copy target CLPR belongs to is in the following status, the copy processing caused by the I/O on the S-VOL is suppressed. Note that, if theWrite Pending rate is high, the I/O performance on the volumes that belong to the copy target CLPR might be degraded.
For DKCMAIN 93-05-06 and earlier, 93-06-01 to 93-06-03, 93-06-21 to 93-06-23, and 93-06-41:
When the capacity saving function is enabled on the PVOL or S-VOL, copy processing is suppressed when the Write Pending rate is 75% or more.
When the capacity saving function is not enabled on the P-VOL or S-VOL, copy processing is not suppressed regardless of the Write Pending rate.
For DKCMAIN 93-05-07 and later, 93-06-04 and later, 93-06-24 and later, and 93-06-42 and later:
When the capacity saving function is enabled on the PVOL or S-VOL, copy processing is suppressed when the Write Pending rate is 75% or more.
When the capacity saving function is disabled on the PVOL or S-VOL, copy processing is suppressed when the Write Pending rate is 90% or more.
MCU/RCU
While a DP pool VOL is blocked, if a read or write I/O is
-
issued to the blocked pool VOL, this SOM can enable the
Protect attribute of DRU for the target DP-VOL.
Mode 803 = ON: While a DP pool VOL is blocked, if a read or write I/O is issued to the blocked pool VOL, the DRU attribute is set to Protect.
Mode 803 = OFF (default): While a DP pool VOL is blocked, if a read or write I/O is issued to the blocked pool VOL, the DRU attribute is not set to Protect.
For details, contact customer support (see SOM729 & 803 sheet).
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
353
�System option modes for VSP 5000 series
Mode
Category
855
ShadowImage
ShadowImage for Mainframe
Volume Migration
Description
Notes:
1. This SOM is applied when:
A file system using DP pool VOLs is used.
Data Retention Utility is installed.
2. Because the DRU attribute is set to Protect for the VVOL, read I/Os are also disabled.
3. If Data Retention Utility is not installed, the expected effect cannot be achieved.
4. The Protect attribute of DRU for the DP V-VOL can be released on the Data Retention window of Device Manager - Storage Navigator after recovering the blocked pool VOL.
5. The VVP (Virtual Volume Protection) function when the pool volume is blocked is supported. VVP can be enabled/disabled for each Pool.
With SOM 803 disabled, VVP when the pool volume is blocked is also disabled by default. But you can enable VVP for each pool whenever you want.
With SOM 803 enabled, VVP when the pool volume is blocked is also enabled automatically (by default) when you create a new pool.
Caution: A pool is NOT protected by ANY FUNCTION if you deliberately change VVP for the pool from ON (default) to OFF, even with SOM 803 enabled.
MCU/RCU
By switching this SOM to ON/OFF when ShadowImage is used with SOM 467 set to ON, copy processing is continued or stopped as follows.
Mode 855 = ON: When the amount of dirty data is within the range from 58% to 63%, the next copy processing is continued after the dirty data created in the previous copy is cleared to prevent the amount of dirty data from increasing (copy after destaging). If the amount of dirty data exceeds 63%, the copy processing is stopped.
Mode 855 = OFF (default): The copy processing is stopped when the amount of dirty data is over 60%.
For details, contact customer support (see SOM855 sheet).
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
354
�System option modes for VSP 5000 series
Mode
Category
Description
Notes:
1. This SOM is applied when all the following conditions are met
ShadowImage is used with SOM 467 set to ON.
Write pending rate of an MP unit that has LDEV ownership of the copy target is high
Usage rate of a parity group to which the copy target LDEV belongs is low.
ShadowImage copy progress is delayed.
2. This SOM is available only when SOM 467 is set to ON.
3. If the workload of the copy target parity group is high, the copy processing may not be improved even if this SOM is set to ON.
MCU/RCU
867
Dynamic
All-page reclamation (discarding all mapping information
-
Provisioning
between DP pool and DP volumes) is executed in DP-VOL
Dynamic Tiering
LDEV format. This new method is enabled or disabled by setting this SOM to ON or OFF.
Mode 867 = ON (default): LDEV format of the DP-VOL is performed with page reclamation.
Mode 867 = OFF:LDEV format of the DP-VOL is performed with 0 data writing.
Notes:
1. This SOM is applied from factory shipment.
2. Do not change the setting of this SOM during DP-VOL format.
3. If the setting of this SOM is changed during DP-VOL format, the change is not reflected to the format of the DP-VOL being executed but the format continues in the same method.
895
TrueCopy for
Setting this SOM to ON or OFF, the link type with transfer Both
Mainframe
speed of 8 Gbps/16 Gbps or 4 Gbps is reported
respectively.
Mode 895 = ON (default): When the FICON®/FC link up speed is 8 Gbps/16 Gbps, the link type with transfer speed of 8 Gbps/16 Gbps is reported.
Mode 895 = OFF: The link type with transfer speed of up to 4 Gbps is reported , even when the actual transfer speed is 8 Gbps/16 Gbps.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
355
�System option modes for VSP 5000 series
Mode
Category
Description
Notes:
1. To apply this SOM, the RMF version of mainframe z/OS® to be connected must be 1.12 or higher.
2. If the OS does not use a supported version, the transfer speed cannot be displayed correctly.
3. If all RMF versions of mainframe z/OS connected are 1.12 or higher, set this SOM to ON.
4. If any version of mainframe z/OS connected is lower than 1.12, set this SOM to OFF.
MCU/RCU
896
Dynamic
This SOM enables or disables the background format
-
Provisioning
function performed on an unformatted area of a DP/DT/TI
Dynamic
pool.
Provisioning for For information regarding operating conditions, see the
Mainframe
Provisioning Guide.
Dynamic Tiering
Dynamic Tiering for Mainframe
Thin Image
Mode 896 = ON (default): The background format function is enabled.
Mode 896 = OFF: The background format function is disabled.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
356
�System option modes for VSP 5000 series
Mode
Category
899
Volume
Migration
Notes:
Description
1. This SOM is applied when you need to disable the background format for a DP/DT/TI pool due to a concern of performance degradation of other functions in an environment where a DP-VOL is used by other functions.
2. When the background format function is enabled, because up to 42 MB/s of ECCG performance is used, local copy performance may degrade by about 10%. Therefore, confirm whether the 10% performance degradation is acceptable or not before enabling the function.
3. When a Dynamic Provisioning VOL on an external storage system, which is used as an external VOL, is used as a pool VOL, if the external pool on the external storage side becomes full due to the background format, the external VOL may be blocked.
If the external pool capacity is smaller than the external VOL capacity (Dynamic Provisioning VOL of external storage system), do not enable the background format function.
4. When a Dynamic Provisioning VOL on an external storage system, which is used as an external VOL, is used as a pool VOL, if the external pool on the external storage side becomes full due to the background format, the external VOL may be blocked.
If the external pool capacity is smaller than the external VOL capacity (Dynamic Provisioning VOL of external storage system), do not enable the background format function.
5. If the background format function is disabled by changing this SOM setting, the format progress is initialized and the entire area becomes unformatted.
6. This SOM is set to ON before shipment.
MCU/RCU
In combination with the SOM 900 setting, this SOM
-
determines whether to execute and when to start the I/O
synchronous copy change as follows.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
357
�System option modes for VSP 5000 series
Mode
Category
900
Volume
Migration
Description
Mode 899 = ON (default):
SOM 900 is ON: I/O synchronous copy starts without retrying Volume Migration.
SOM 900 is OFF: I/O synchronous copy starts when the threshold of Volume Migration retry is exceeded. (Recommended)
Mode 899 = OFF:
SOM 900 is ON: I/O synchronous copy starts when the number of retries reaches half of the threshold of Volume Migration retry.
SOM 900 is OFF: Volume Migration is retired and I/O synchronous copy is not executed.
Notes:
1. This SOM is applied when improvement of Volume Migration success rate is desired under the condition that there are many updates to a migration source volume of Volume Migration.
2. During I/O synchronous copy, host I/O performance degrades.
MCU/RCU
In combination with SOM 899 setting, this SOM determines whether to execute and when to start the I/O synchronous copy change as follows.
Mode 900 = ON:
SOM 899 is ON: I/O synchronous copy starts without retrying Volume Migration.
SOM 899 is OFF: I/O synchronous copy starts when the number of retries reaches half of the threshold of Volume Migration retry.
Mode 900 = OFF (default):
SOM 899 is ON: I/O synchronous copy starts when the threshold of Volume Migration retry is exceeded. (Recommended)
SOM 899 is OFF: Volume Migration is retired and I/O synchronous copy is not executed.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
358
�System option modes for VSP 5000 series
Mode
Category
Description
Notes:
1. This SOM is applied when improvement of Volume Migration success rate is desired under the condition that there are many updates to a migration source volume of Volume Migration.
2. During I/O synchronous copy, host I/O performance degrades.
MCU/RCU
901
Dynamic Tiering By setting this SOM to ON or OFF, the page allocation
-
Dynamic Tiering for Mainframe
method of Tier Level ALL when the drive type of tier1 is SSD changes as follows.
Mode 901 = ON: For tier1 (drive type is SSD), pages are
allocated until the capacity reaches the limit. Without
consideration of exceeding performance limitation,
allocation is done from highly loaded pages until reaching
the capacity limit
When the capacity of tier1 reaches the threshold value, the minimum value of the tier range is set to the starting value of the lower IOPH zone, and the maximum value of the lower tier range is set to the boundary value.
Mode 901 = OFF (default): For tier1 (drive type is SSD), page allocation is performed based on performance potential limitation. With consideration of exceeding performance limitation, allocation is done from highly loaded pages but at the point when the performance limitation is reached, pages are not allocated any more even there is free space.
When the capacity of tier1 reaches the threshold value, the minimum value of the tier range is set to the boundary value, and the maximum value of the lower tier range is set to a value of boundary-value × 110% + 5 [IOPH].
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
359
�System option modes for VSP 5000 series
Mode
Category
Description
Notes:
1. This SOM is applied when pages with the maximum capacity need to be allocated to tier1 (drive type is SSD) with Dynamic Tiering or Dynamic Tiering for Mainframe.
2. When Tier1 is SSD while SOM 901 is set to ON, the effect of SOM 897 and 898 to the gray zone of Tier1 and Tier2 is disabled and the SOM 901 setting is enabled instead. In addition, the settings of SOM 897 and 898 are effective for Tier2 and Tier3.
3. The following is recommended when applying SOM 901:
[actual I/O value (total number of I/Os of all tiering policies)] < [performance potential value of Tier1* × 0.6]
* The performance potential value of Tier1 displayed on Monitor information by using Dx-ray. For details, contact customer support (see SOM897_898_901 sheet).
MCU/RCU
For more details about the interactions between SOMs 897, 898, and 901, contact customer support (see SOM897_898_901 sheet).
904
Dynamic Tiering By setting this SOM to ON or OFF, the number of pages to -
Dynamic Tiering be migrated per unit time at tier relocation is changed.
for Mainframe Mode 904 = ON: The number of pages to be migrated at
tier relocation is set to up to one page per second.
Mode 904 = OFF (default):No restriction on the number of pages to be migrated at tier relocation (existing specification).
Notes:
1. This SOM is applied when:
Dynamic Tiering for Mainframe is used (including multi-platform configuration).
The requirement for response time is severe.
2. The number of pages to be migrated per unit time at tier relocation decreases.
908
Universal
Replicator
This SOM can change CM capacity allocated to MPBs with different workloads.
Mode 908 = ON: The difference in CM allocation capacity among MPBs with different workload is large.
Both
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
360
�System option modes for VSP 5000 series
Mode
Category
Universal Replicator for Mainframe
Description
Mode 908 = OFF (default): The difference in CM allocation capacity among MPBs with different workload is small (existing operation) .
Notes:
1. If a CLPR is used by only some MPBs among all the installed MPBs, set this SOM to ON for the CLPR to increase CM capacity allocated to the MPBs that use the CLPR.
Example:
(a) A CLPR only for UR JNLG.
(b) A configuration where MPBs and CLPRs are separately used for Open and Mainframe systems.
MCU/RCU
2. Since CM capacity allocated to MPBs with low load is small, the performance is affected by a sudden increase in load.
3. SOM 908 cannot be used with SOM 933. When SOM 933 is set to ON, the function of SOM 908 is canceled even though SOM 908 is ON.
4. This SOM is effective for a CLPR. Therefore, when setting this SOM to ON/OFF, select target "LPRXX (XX=00 to 31)". For example, even when CLPR0 is defined (any of CLPR1 to 31 are not defined), select "LPR00" first and then set this SOM to ON/OFF.
930
Dynamic
When this SOM is set to ON, all of the zero data page
-
Provisioning
reclamation operations in processing are stopped. (Also the
Dynamic Tiering zero data page reclamation cannot be started.)
ShadowImage
* Zero data page reclamation by WriteSame and UNMAP functions, and IO synchronous page reclamation are not
disabled.
Mode 930 = ON: All of the zero data page reclamation operations in processing are stopped at once. (Also the zero data reclamation cannot be newly started.)
Mode 930 = OFF (default): The zero data page reclamation is performed.
For details about interactions with SOM 755 and SOM 859, contact customer support (see SOM930 sheet).
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
361
�System option modes for VSP 5000 series
Mode
Category
Notes:
Description
1. This SOM is applied when stopping or disabling zero data page reclamation by user request is required.
2. When this SOM is set to ON, the zero data page reclamation does not work at all.
* Zero data page reclamation by WriteSame and UNMAP, IO synchronous page reclamation, program product synchronous page reclamation, and UDSR page reclamation can work.
3. When downgrading micro-program to a version that does not support this SOM while this SOM is set to ON, set this SOM to OFF after the downgrade.
* Because the zero data page reclamation does not work at all while this SOM is set to ON.
4. This SOM is related to SOM 755 and SOM 859. For relationship with SOM755 and SOM859, contact customer support (see SOM930 sheet).
937 1069
Dynamic Provisioning
By setting this SOM to ON, HDT monitoring data is collected even if the pool is a DP pool.
Dynamic Provisioning for Mainframe
Dynamic Tiering
Mode 937 = ON: HDT monitoring data is collected even if the pool is a DP pool.
Only Manual execution mode and Period mode are supported.
Dynamic Tiering Mode 937 = OFF (default): HDT monitoring data is not for Mainframe collected if the pool is a DP pool
MCU/RCU -
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
362
�System option modes for VSP 5000 series
Mode
Category
972
Common
Description
Notes:
1. This SOM is applied when HDT monitoring data collection is required in DP environment.
2. When HDT is already used, do not set this SOM to ON.
3. For HDT monitoring data collection, shared memory for HDT must be installed. For details, contact customer support (see SOM937 sheet).
4. If monitoring data collection is performed without shared memory for HDT installed, an error is reported and the monitoring data collection fails.
5. Before removing the shared memory for HDT, set this SOM to OFF and wait for 30 minutes.
6. Tier relocation with monitoring data collected when this SOM is set to ON is disabled.
7. When DP is converted into HDT (after purchase of software license), the collected monitoring data is discarded.
8. Before downgrading the micro-program to an unsupported version, set SOM 937 to OFF and wait for at least 30 minutes.
MCU/RCU
By setting this SOM, THP Page Size in Inquiry Page E3h is changed. THP Page Size varies depending on the combination of SOM 972 and 973 settings as follows.
Mode 972 = ON: When SOM 972 is ON, the THP page size is 0x200 (256KB) regardless of the SOM 973 setting.
Mode 972 = OFF (default):
When SOM 972 and SOM 973 are both OFF, the THP page size is 0x15000 (42MB).
When SOM 972 is OFF and SOM 973 is ON, the THP page size is 0x10 (8KB).
Notes:
1. This SOM is applied when a delay in host I/O response due to reclamation processing occurs in a customer environment.
2. Reclamation processing is delayed. 3. This SOM is to prioritize host I/O response over
reclamation processing in VxVM environment, so that the time required for reclamation processing may increase when this SOM is set to ON.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
363
�System option modes for VSP 5000 series
Mode
Category
973
Common
1021
Universal Volume Manager
Description
For details about the interaction between this SOM and SOM 1069, contact customer support (see SOM1069 sheet).
MCU/RCU
By setting this SOM, THP Page Size in Inquiry Page E3h is changed. THP Page Size varies depending on the combination of SOM972 and 973 settings as follows.
Mode 973 = ON:
When SOM 973 and SOM 972 are both ON, the THP page size is 0x200 (256KB).
When SOM 973 is ON and SOM 972 is OFF, the THP page size is 0x10 (8KB).
Mode 973 = OFF (default):
When SOM 973 and SOM 972 are both OFF, the THP page size is 0x15000 (42MB).
When SOM 973 is OFF and SOM 972 is ON, the THP page size is 0x200 (256KB).
Notes:
1. This SOM is applied when a delay in host I/O response due to reclamation processing occurs in a customer environment.
2. When this SOM is set to ON, reclamation processing is delayed.
3. This SOM is to prioritize host I/O response over reclamation processing in VxVM environment, so that the time required for reclamation processing may increase when this SOM is set to ON.
For details about the interaction between this SOM and SOM 1069, contact customer support (see SOM1069 sheet).
This SOM can enable or disable the auto-recovery for
-
external volumes of an EMC storage system.
Mode 1021 = ON: An external volume that is blocked due to Not Ready status can be recovered automatically regardless of the type of external storage system.
Mode 1021 = OFF (default): An external volume that is blocked due to Not Ready status might not be recovered automatically depending on the type of external storage system.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
364
�System option modes for VSP 5000 series
Mode
Category
1043
Universal Replicator
Universal Replicator for Mainframe
Description
Notes:
1. This SOM is applied when the auto-recovery of external volumes that are blocked due to Not Ready status is desired in UVM connection using an ECM storage system as an external storage system.
2. When this SOM is set to ON and the connected external storage system is not in stable status (such as failure and recovery from failure), a blockage due to Not Ready status and auto-recovery might occur repeatedly.
MCU/RCU
This SOM disables journal copy.
Both
Mode 1043 = ON: When the following conditions are met at the UR secondary site, the journal copy is disabled.
The following conditions (a) and (b) or (a) and (c) are met:
(a) 4,096 or more journals are accumulated at the secondary site.
(b) The CLPR write pending rate for journal volumes of MP unit for which journal ownership at the RCU is defined is 25% or higher (including the write pending rate for other than journal volumes).
(c) It takes 15 seconds or longer to start restore after journal copy at the RCU.
Note: Even though the above conditions are met, journal copy is not disabled when all time stamps of the journals accumulated are the same in a consistency group containing multiple journals.
Mode 1043 = OFF (default): The journal copy is not disabled.
Notes:
1. This SOM applies when one of the following conditions is met:
a. Multiple journals are registered in a consistency group of CCI.
b. Multiple journals are registered in an extended consistency group.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
365
�System option modes for VSP 5000 series
Mode
Category
Description
c. Journals are accumulated at the secondary site, causing the system performance to decrease.
MCU/RCU
2. If SOM 690 is set to ON and the Write Pending rate is 60% or higher, the journal copy is disabled regardless of the setting of this SOM.
3. When the host write speed is faster than the JNL copy speed, the usage rate of the master journal increases.
4. This SOM is effective within the range of each CLPR. Therefore, an operation target LPRxx (xx= 00 to 31) needs to be selected before setting this SOM to ON/ OFF.
For example, when setting this SOM only to CLPR0 (even though this SOM is not set to CLPR 1 to 31), select "LPR00" and then set this SOM to ON/OFF. If "System" is selected and then this SOM is set to ON, this SOM is not effective for any of the CLPRs.
5. Set SOM 1043 to ON when journals are not accumulated at the RCU. If journals have already been accumulated at the RCU, journal copy does not start until the journal usage rate becomes 0%. (If you need to set SOM 1043 to ON while journals are accumulated, set Purge Suspend, and then perform resync.)
1061
Compatible FlashCopy® V2
Compatible FlashCopy® SE
This SOM is used to enable the copy after write (CAW)
-
function of Compatible FlashCopy®.
By setting this SOM to ON, CAW (While copy processing is withheld, command response is returned first and then the copy is done in asynchronous manner) can work so as to improve random write response performance. (In the case of sequential write, as an improvement to copy data in advance has been implemented, the equal performance can be achieved without CAW.)
Mode 1061 = ON: The CAW function works.
Mode 1061 = OFF (default): The CAW function does not work. (COW works.)
Notes:
1. This SOM is applied when the CAW function is enabled.
2. The cache write pending rate may increase.
1067
Universal Replicator
This SOM is used to enable microcode downgrade to a version that does not support URxUR (including delta).
Both
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
366
�System option modes for VSP 5000 series
Mode
Category
Universal Replicator for Mainframe
1068 Common
Description
Mode 1067 = ON: Even when a UR pair has been registered, downgrading the microcode to a version that does not support URxUR (including delta) is allowed.
Mode 1067 = OFF (default): If any UR pair has been registered, downgrading the microcode to a version that does not support URxUR (including delta) is not allowed.
Notes:
1. This SOM is applied to enable microcode downgrade to a version that does not support URxUR (including delta) if the configuration where any UR pair has been registered is not URxUR (including delta).
2. Setting this SOM to ON allows microcode downgrade at sites where only 1 mirror is used in URxUR multitarget configuration without delta resync and cascade configuration (L or R site in multi-target, and P or R site in cascade), but the following phenomena occur after microcode downgrade. Make sure that the target storage system does not contain pairs of URxUR configuration.
Phenomena:
a. When the microcode is downgraded at S site (local or remote) in multi-target configuration, the pair between P site and the target S site cannot be resynchronized.
b. When the pair between I site and R site in cascade configuration is resynchronized, the pair status cannot change from COPY to PAIR.
c. When the microcode is downgraded at R site in cascade configuration, the pair between I site and R site cannot be resynchronized.
MCU/RCU
This mode can detect and report a minor drive response
-
delay early by severely checking drives.
Mode 1068 = ON (default): Drive response delay is checked and detected with conditions that are more severe than current conditions.
When SOM 144 is set to ON, the drive with response delay is blocked.
Target drive: HDD, FMD, SSD
Mode 1068 = OFF: Drive response delay is checked and detected with current conditions.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
367
�System option modes for VSP 5000 series
Mode
Category
1069 Common
Description
The behavior varies depending on the combinations of SOM settings. For details, contact customer support (see SOM144 sheet).
Notes:
1. Apply this mode to detect a minor delay in drive response.
2. When a delay is suspected, a processing to refer to the statistics data and determine the delay works.
3. If SOM 157 is set to ON, the output prevention status of SSB=A4CE is not cleared in one-day cycle.
4. When applying this SOM only, a SIM for delay detection is reported but the drive is not blocked. To block the drive, SOM 144 also needs to be applied.
MCU/RCU
By setting this SOM, the INQUIRY Page E3h field is
-
changed. The field varies depending on the combination of
SOMs 972, 973, and 1069 as shown in the table below.
The default setting for SOM 1069 is OFF.
Notes:
1. This SOM is applied when the page problem occurs in an environment where Symantec ASL 6.0.5 or higher is used and SOM 972 and/or 973 is set to ON.
2. When this SOM is set to ON, reclamation processing is delayed.
3. The priority of setting when SOMs are set at the same time is SOM 1069, SOM 972, and then SOM 973. The setting of higher priority SOM is enabled.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
368
�Mode
Category
System option modes for VSP 5000 series
Description
MCU/RCU
1070
Global-active device
1080
Global-active device
Universal Volume Manager
This SOM changes the processing for a group operation with GAD consistency group (CTG).
Both
Mode 1070 = ON: The status change of all pairs in a consistency group is performed for 50 msec.
Mode 1070 = OFF (default): The status change of all pairs in a consistency group is performed for 1 msec.
Notes:
1. This SOM is applied when reducing the time to complete status change of all pairs in a consistency group at a group operation (suspension and resync operation) with the GAD CTG function. In a system configuration where host I/O performance is prioritized, do not use this SOM because setting this SOM may affect the host I/O performance.
2. The MP usage rate increases during status change of all pairs in a consistency group. For details about approximate percentage increase in MP usage rate, contact customer support (see SOM1070 sheet).
This SOM is intended for a case that multiple external connection paths are connected to a Target port on an external system with a quorum disk and there is a path whose performance degrades. For such a case, this SOM can eliminate impacts on commands run for other external devices that share the Target port with the quorum disk on
Both
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
369
�System option modes for VSP 5000 series
Mode
Category
1083
Dynamic Provisioning
Universal Volume Manager
Description
the external system by setting the time to run a reset command for the Target port to be the same (15 seconds) as that to run other commands for the other external devices.
Mode 1080 = ON: The time to run the reset command for the quorum disk on the external system is 15 seconds to eliminate the impacts on commands run for the other external devices that share the Target port with the quorum disk on the external system.
If a response to ABTS is delayed for 12 seconds or longer, the quorum disk may be blocked.
Mode 1080 = OFF (default): The time to run a reset command for the quorum disk when performance of a path degrades is 3 seconds so that a retry is performed by an alternate path to avoid quorum disk blockage.
Notes:
1. The mode is applied if avoiding impacts on commands for other external devices that share a Target port on an external system side with a quorum disk is prioritized over preventing quorum disk blockage when a response to ABTS is delayed due to path performance degradation in a configuration where the Target port is shared between external devices and the quorum disk.
2. When connection performance degradation occurs, the quorum disk blockage is more likely to occur.
MCU/RCU
This SOM enables or disables DP-VOL deletion while an
-
external volume associated with the DP-VOL with data
direct mapping attribute is not disconnected.
Mode 1083 = ON: DP-VOL deletion is enabled.
Mode 1083 = OFF (default): DP-VOL deletion is disabled.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
370
�System option modes for VSP 5000 series
Mode
Category
Description
Notes:
1. This SOM is applied when the following conditions are met.
A DP-VOL with data direct mapping attribute is deleted.
The data of external volume with data direct mapping attribute associated with a deletion target DP-VOL with data direct mapping attribute will not be used again.
MCU/RCU
2. When SOM 1083 is set to ON, the data of external volumes cannot be guaranteed.
3. When DP-VOL deletion is performed without disconnecting an external volume, the data of the external volume cannot be guaranteed.
1086
Dynamic Provisioning
Dynamic Provisioning for Mainframe
Universal Volume Manager
This SOM enables or disables the performance
-
improvement for Dynamic Provisioning volumes that are
Universal Volume Manager volumes used as pool volumes.
Mode 1086 = ON (default): The performance improvement is enabled.
Mode 1086 = OFF: The performance improvement is disabled.
Notes:
1. This SOM is applied when the IOPS performance of an external storage system is higher than 80k × the number of installed MPBs, which is the value of IOPS that an entire local storage system sends to an external storage system.
2. When it is required to set this SOM to OFF, if IOPS sent from the local storage system to the external storage system is higher than 80k × the number of installed MPBs, reduce the IOPS to lower than 80k × the number of installed MPBs, and then set this SOM to OFF. (Otherwise CWP increases and cache is overloaded.)
1091
TrueCopy for Mainframe
Universal Replicator for Mainframe
This SOM enables or disables the IBM® zHyperWrite function. When this SOM setting is changed to ON or OFF, SCI is reported to the host and the zHyperWrite function is enabled or disabled.
Mode 1091 = ON: The zHyperWrite function is enabled. (ReadFeatureCode setting for the zHyperWrite function)
Both
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
371
�System option modes for VSP 5000 series
Mode
Category
Compatible FlashCopy® V2
Description
Mode 1091 = OFF (default): The zHyperWrite function is disabled.
Notes:
1. This SOM can be applied when DKCMAIN version that supports the zHyperWrite function is used.
2. To use the zHyperWrite function, a HyperSwap environment is required.
3. To enable the zHyperWrite function, set this SOM to ON on both MCU and RCU of TCz.
4. To downgrade the microcode to a version that does not support the zHyperWrite function, set this SOM to OFF prior to downgrading the microcode.
5. Even when this SOM is set to ON for a storage system in 3DC configuration, the zHyperWrite function does not work for volumes in 3DC configuration.
However, if the mode is set to ON and the zHyperWrite + 3DC multiple-target option is enabled, the zHyperWrite function works in TCz-URz multi-target configurations.
MCU/RCU
6. Do not set this SOM to ON if SOM 474 is set to ON.
7. Do not set this SOM to ON if Preserve Mirror configuration is created.
8. Do not set this SOM to ON if the TCz Function Switch 12 is set to ON.
9. To use the zHyperWrite function, do not select Primary Volume Only as a CFW Data option at TCz pair creation.
1093
Dynamic
This SOM is used to disable background unmap during
-
Provisioning
microcode downgrade from a version that supports pool
Dynamic Tiering
reduction rate correction to a version that does not support the function.
Thin Image
Mode 1093 = ON: Background unmap cannot work.
Mode 1093 = OFF (default): Background unmap can work.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
372
�System option modes for VSP 5000 series
Mode
Category
1096
Universal Replicator
Universal Replicator for Mainframe
Description
Notes:
1. This SOM is applied when downgrading microcode from a version that supports pool reduction rate correction to a version that does not support the function is disabled.
2. When pool capacity shrinking is performed for an FMD parity group while the mode is set to ON, the pool capacity shrinking cannot be completed. Make sure to set the mode to OFF prior to performing pool capacity shrinking for an FMD parity group.
MCU/RCU
When either of the following conditions (1) or (2) is met, a function that reduces the required data size and the processing frequency works for the read-journal processing. This mode is used to disable this function.
Both
1. There are multiple journal groups set for one MPB, and the write pending rate of a CLPR used by the journal groups is 25% or higher.
Purpose: Rebalancing resources (such as cache) used among the journal groups in the same MPB.
Means: Performing read-journal in the manner of round robin among journal groups to reduce the frequency of read-journal.
2. No journal to be transferred to RCU is left on MPU.
Purpose: Controlling the use of unnecessary resources (such as MP) used by the journal groups that leads to low load for the host.
Means: Reducing the required data size and the processing frequency of read-journal.
Mode 1096 = ON: The read-journal frequency reduction does not work.
Mode 1096 = OFF (default): The read-journal frequency reduction works.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
373
�System option modes for VSP 5000 series
Mode
Category
1097 Common
1099
TrueCopy for Mainframe
Description
Notes:
1. This SOM is applied when a significant delay, which is about 200 msec or longer, occurs in the line between MCU and RCU.
2. When this SOM is set to ON while round-trip delay time is small (about less than 20 msec), the usage rate of RCU Initiator increases by 10% x the number of journals.
3. Even though this SOM is supposed to be applied to UR RCU, apply it to both MCU and RCU on the premise of DR operation.
4. This SOM is effective for each CLPR, so that select the operation target LPRxx (xx=00 to 31), and then set this SOM to ON/OFF. For example, when only CLPR0 is defined (CLPR1 to 31 are not defined), select LPR00 and then set this SOM to ON/OFF. This SOM is not effective for any CLPRs if "System" is selected even when this SOM is set to ON.
MCU/RCU
This SOM disables the warning LED to blink when specific SIMs are reported.
Mode 1097 = ON: When SIM=452XXX, 462XXX, 3077XY, 4100XX, or 410100 is reported, the warning LED does not blink.
Mode 1097 = OFF (default): When SIM=452XXX, 462XXX, 3077XY, 4100XX, or 410100 is reported, the warning LED blinks.
Note: This SOM disables the warning LED to blink when specific SIMs are reported.
When PPRC FREEZE using GDPS works, the FREEZE turns to time-out if there are many CUs. This SOM can prevent the time-out.
MCU
Mode 1099 = ON: When FREEZE is received, the completion of path deletion for those other than the last path is not reported but only the completion of path deletion for the last path is reported. If multiple CUs share an RCU path, path deletion does not work at FREEZE per CU, so that the following phenomenon may occur:
After Hyperswap is performed, SSB=8BD8 and 8BD9 are logged for a pair where the Hyperswap is performed.
Mode 1099 = OFF (default): The completion of path deletion for every path is reported.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
374
�System option modes for VSP 5000 series
Mode
Category
Description
Notes:
1. Apply this SOM when a storage system with over 32 CUs is used in a TCz environment in which PPRC FREEZE is available.
2. To use 32 more CUs in GDPS environment, the microcode must be the supported version on both MCU and RCU and this SOM is set to ON.
MCU/RCU
1106
Dynamic Provisioning
Dynamic Provisioning for Mainframe
Dynamic Tiering
Dynamic Tiering for Mainframe
This SOM is used for either of the following:
-
1. To monitor the page usage rate of parity groups defined to a pool, and perform rebalance (the same as the rebalance that works at pool expansion or after 0 data page reclamation) to balance the usage rate if the rate differs significantly among parity groups.
2. To perform rebalance even when the number of reclaimed pages is 0 after 0 data page reclamation.
Mode 1106 = ON: The rebalance (the same as the rebalance that works at pool expansion or after 0 data page reclamation) (*3) works when one of the following conditions is met:
1. The usage rate is checked for parity groups in a pool once a day, and the usage rate is not balanced (*1) among parity groups.
2. After 0 data page reclamation, the number of reclaimed pages is 0 (*2).
Mode 1106 = OFF (default): The rebalance does not work even when the usage rate is not balanced.
*1: How to determine whether usage rate is unbalanced among parity groups
The pool usage rate is determined as unbalanced when there is 25% or more difference between the usage rate of each parity group in the pool and the average.
Note: For HDT pools (including those with active flash attribute), the average of parity group usage rates is calculated per tier.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
375
�System option modes for VSP 5000 series
Mode
Category
Examples:
Description
1. In an HDP pool, if the usage rates of PG1, PG2, and PG3 are 50%, 40%, and 30% respectively, it is not determined as unbalanced.
Because the average parity group usage rate is (50% 40% 30%) / 3 40% and the difference in the rate between each parity group and the average is 10% at the maximum.
2. In an HDP pool, if the usage rates of PG1, PG2, and PG3 are 80%, 40%, and 30% respectively, it is determined as unbalanced.
Because the average parity group usage rate is (80% 40% 30%) / 3 50% and the difference in the rate between each parity group and the average is 30% at the maximum.
3. In an HDT pool, if the usage rates of PG1, PG2, and PG3 are 80% (SSD), 40% (SAS15K) and 30% (SAS15K), it is not determined as unbalanced, because:
The average parity group usage rate of Tier1 is (80%) / 1 80% and the difference in the rate between the parity group and the average is 0%.
The average parity group usage rate of Tier2 is (40% 30%) / 2 35% and the difference in the rate between the parity group and the average is 5% at the maximum.
*2: Condition for rebalance after 0 data page reclamation
When this SOM is set to ON, rebalance works even when reclaimed page is 0 at 0 data page reclamation.
*3: Rebalance (the same as the rebalance that works at pool expansion or after 0 data page reclamation) works according to the SOM1195 setting (default OFF).
Notes:
1. This SOM is applied when balancing the usage rate is required at a customer site where the usage rate is not even.
2. The term "page usage rate" refers to the percentage of the number of assigned pages in each PG compared to the total number of pages in the pool.
For HDT pools, the term "total number of pages" is the number of pages assigned within each specific tier.
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
376
�System option modes for VSP 5000 series
Mode
Category
1113
Dedupe and Compression
1115
Dedupe and Compression
Description
MCU/RCU
This SOM stops processing other than garbage collection and de-staging among asynchronous processing for host I/Os of those related to the capacity saving function
Mode 1113 = ON: The processing other than garbage collection and de-staging among the asynchronous processing for host I/Os of the capacity saving function is stopped.
Mode 1113 = OFF (default): The capacity saving function fully works.
Notes:
1. The mode is applied when a failure occurs due to the asynchronous processing of the capacity saving function so that identifying a failure part, reducing the MP usage rate, and preventing the problem from further expanding are required.
2. When this mode is set to ON, the capacity reduction processing does not work and the capacity saving rate degrades.
3. SOM1113 is related to SOM1112. When both modes are set to ON, the setting of SOM1112 is prioritized over that of SOM1113.
Behavior when SOM1112 is set to ON: All of asynchronous processing for host I/Os among those processing related to the capacity saving function are stopped, which means that the garbage collection and de-staging do not work, so that write I/Os to DP volumes with Compression or Deduplication and Compression set are disabled.
When LDEV format is performed for a virtual volume with capacity saving (Compression, or Deduplication and Compression, the same hereinafter) enabled, data is initialized without using metadata regardless of the mode setting.
Mode 1115 = ON (default): When LDEV format is performed for a virtual volume with capacity saving enabled, the data is initialized without using the metadata.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
377
�System option modes for VSP 5000 series
Mode
Category
Description
Mode 1115 = OFF: When LDEV format is performed for a virtual volume with capacity saving enabled, normal formatting is performed, but if one of the following conditions is met, the data is initialized without using metadata.
There is a pinned slot.
The capacity saving status is "Failed".
The virtual volume is blocked (Normal restore cannot be performed).
The processing time increases with increase in pool capacity. Estimate of processing time:
Processing time (minutes) = (pool capacity (TB)/40) + 5
MCU/RCU
1118 Open
1169
Dedupe and Compression
If the result of dividing the pool capacity by 40 has decimal places, round it up to the next integer.
The processing finishes early if there is less capacity of allocated pages. For example, in the case of a 4-PB pool, normal formatting (SOM 1115 OFF) is faster if the LDEV capacity is 50 GB or less, therefore the performance of LDEV format without using metadata is better.
This SOM is used to disable the ENC reuse function.
-
Mode 1118 = ON: When a failure occurs in the Expander chip mounted on a controller board (CTLS, CTLSE) or an ENC board, the reuse function does not work but SIM=CF12XX is reported and the ENC is blocked.
Mode 1118 = OFF (default): When a failure occurs in the Expander chip mounted on a controller board (CTLS, CTLSE) or an ENC board, the reuse function works.
If the ENC is reusable, SIM=CF12XX and then CF14XX are reported, and the ENC is reused.
If the ENC is not reusable, SIM=CF12XX is reported, and the ENC is blocked.
Note: The ENC reuse function is enabled as default. This SOM is applied when you want to disable the ENC reuse function.
This mode can enable or disable the deduplication
-
processing that works during resync processing from P-VOL
to S-VOL by the copy function for DP-VOLs with capacity
saving in Inline mode enabled.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
378
�System option modes for VSP 5000 series
Mode
Category
1174
Open
Universal Volume Manager
Description
Mode 1169 = ON (default 90-03-01 and later): Deduplication processing is not performed during resync processing.*
Mode 1169 = OFF: Deduplication processing is performed during resync processing.
* To reduce the capacity consumption in the case that the pool capacity is almost depleted for example, the deduplication processing might be performed during the resync processing. In particular, the following cases apply:
The usage rate exceeds the warning threshold.
Free capacity is smaller than about 240 GB.
Notes:
1. When SOM 1280 is ON, deduplication processing is performed even when SOM 1169 is ON.
2. If conditions to disable deduplication processing by SOM 1191 are met, deduplication processing is not performed even when SOM 1169 is OFF. For details about the conditions to disable deduplication processing, contact customer support (see SOM1191 sheet).
3. When SOM 1169 is set to ON, like the post mode, estimating and reserving the capacity of a temporary storing area in the copy target DP volume or pool in advance is necessary.
4. SOM 1169 is not effective for the initial copy at pair creation, but there are some exceptional cases for SI and VM, such as pair creation using a used volume for S-VOL. In this case, deduplication processing is performed or not performed according to the mode setting.
5. SOM 1169 is not related to determining whether to perform deduplication processing in synchronization with initial write. For example, the setting of SOM 1169 does not contribute to a reduction in time to migrate data to a newly defined volume.
MCU/RCU
This SOM is used to disable a path that is logged in from a host or an external storage system (host path and external path) to be used as an external path.
Mode 1174 = ON: A path logged in from a host or an external storage system is excluded from the WWN discovery target.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
379
�System option modes for VSP 5000 series
Mode
Category
1175
Universal Replicator for Mainframe
Description
Mode 1174 = OFF (default):A path logged in from a host or external storage system is included in the WWN discovery target.
Notes:
1. Apply SOM 1174 when discovery is performed while specifying a universal port that is being logged in from a host or an external storage system.
2. If SOM 1174 is set to ON, external volumes cannot be created using the paths being logged in from hosts and external storage systems.
3. When WWN discovery is performed while the mode is set to ON, the storage system being logged in from hosts and external storage systems are displayed as [Unknown] in the discovery result.
Discovery works at the following operations or commands:
HDvM - SN: External volume addition, external path setting change
CCI: raidcom add external_grp, raidcom add path, raidcom discover external_storage, raidcom discover lun
4. By specifying the -safety_check enable option for the above CCI commands, path disconnection can be prevented same as the case of setting the mode to ON. The option is supported with 90-06-01-00/00 and later and CCI 01-61-03/xx and later. For details, see Command Control Interface Command Reference.
MCU/RCU
This SOM enables the CFW data that the P-VOL of a URz pair created fromBCM or CCI to be transferred to the SVOL.
Mode 1175 = ON (default): The CFW data written to the URz P-VOL is transferred to the S-VOL.
Mode 1175 = OFF: The CFW data written to the URz PVOL is not transferred to the S-VOL.
Both
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
380
�System option modes for VSP 5000 series
Mode
Category
1182
Universal Replicator
Global-active device
1191
Dedupe and Compression
Description
Notes:
1. Apply the mode if the CFW data transfer from the URz P-VOL to the S-VOL is required. When a pair is created with the mode set to ON, the CFW data that the P-VOL receives is transferred to the S-VOL. It can apply to pair creation from BCM or CCI only. If a pair is created from Device Manager - Storage Navigator, whether to transfer the CFW data can be selected as usual.
2. To transfer the CFW data to the S-VOL, a journal creation is performed as an extension of CFW write, which causes the CFW write performance to degrade compared to that when the mode is set to ON.
3. The mode setting (ON/OFF) can be changed regardless of the URz pair status, but to transfer the CFW data to the S-VOL, a new pair must be created after setting the mode to ON.
MCU/RCU
This SOM is used to enable replacement of the journal volume on the primary storage system of the UR delta resync pair in a GAD 3DC delta resync (GAD+UR) configuration.
Mode 1182 = ON: If a reserve journal is added to the journal on the primary storage system of the delta resync pair, the status of the journal changes to HLD.
MCU (MCU of delta UR pair, L site in GAD+UR config.)
Mode 1182 = OFF (default):
Deletion of the journal whose status is HOLD, HOLDING, or HLDE is guarded on the primary storage system of the UR delta resync pair.
If a reserve journal volume has already been added, delete the reserve journal volume, and then add a reserve journal volume again while the system option mode 1182 is set to ON.
After the journal volume is replaced, restore the delta resync pair status from Device Manager - Storage Navigator (you cannot perform this operation from CCI).
This SOM is used to prevent MP usage rate from rising due to overhead of deduplication processing.
Mode 1191 = ON: Inline deduplication processing is disabled when the average of MP usages on the entire storage system is 50% or higher, or CPW is 30% or higher.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
381
�System option modes for VSP 5000 series
Mode
Category
Description
Mode 1191 = OFF (default): Inline deduplication processing is not disabled regardless of MP usage and CPW rate.
Notes:
1. This SOM is applied when reducing impact on I/O performance is required at online data migration for a virtual volume with capacity saving enabled and the inline mode set.
2. If this SOM is set to ON, the frequency of the asynchronous deduplication processing increases after storing the data in a temporary area so that the pool capacity decreases due to consumption of the temporary area. To use the mode therefore, decrease in pool capacity must be acceptable. In particular, verify the capacity of the temporary area in the pool by using the following conditional expressions.
<Setting the mode at data migration>
[Pool capacity × depletion threshold (%) / 100] is larger than [current used pool capacity + (amount of data to be migrated × (100 estimated compression ratio (%) (*)) / 100)].
<Setting the mode during normal operation>
[Pool capacity × depletion threshold (%) / 100] is larger than [current used pool capacity + (amount of data to be written to area without having been written × (100 estimated compression ratio (%)(*)) / 100)].
* Estimated compression ratio is the ratio of the estimated compression reduction effect. To convert the compression ratio in N:1 format to percentage, use the formula: compression ratio (%) = (1 1 / N) × 100
3. To set the mode to ON, first estimate temporary area in a pool and then reserve it in advance.
4. By setting the mode to ON, the inline deduplication processing is disabled when the average MP usage is 50% or higher even though SOM 1280 is set to ON.
5. When SOM 1169 is set to ON, the inline deduplication at copy processing is disabled regardless of SOM 1191 setting.
6. For conditions to stop deduplication processing according to the setting combination of SOMs 1191, 1247, and 1248, contact customer support (see the SOM1191 sheet).
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
382
�System option modes for VSP 5000 series
Mode
Category
1198
TrueCopy
Universal Replicator
Global-active device
1199
TrueCopy
Universal Replicator
Global-active device
Description
MCU/RCU
This SOM enables users who do not have SVP to switch the difference management method by setting the mode to ON from CCI.
Both
At TC, UR, or GAD pair creation or resync operation, the difference management method is switched from SM difference management to hierarchy difference management.
* The behavior when the mode is ON or OFF differs from that when user SOM #5 or #6 is set to ON or OFF.
Mode 1198 = ON: The difference management method for volumes of 4 TB or less used in TC, UR, or GAD pairs is changed to hierarchical difference management regardless of SOM 5, SOM 6, and SOM 1199 settings.
Mode 1198 = OFF (default):
When SOM 1198 is OFF and SOM 1199 is ON, the difference management method for volumes of 4 TB or less used in TC, UR, or GAD pairs is changed to SM difference management.
When both SOM 1198 and SOM 1199 are OFF, the difference management method is not changed.
Notes:
1. Changing the difference management method can affect the I/O response performance depending on the I/O pattern.
2. Changing the difference management method can affect the initial copy time depending on the conditions.
This mode is used to enable changing the difference management method from hierarchical difference management back to SM difference management if necessary for some reasons after the method was changed to hierarchical difference management by setting SOM 1198 to ON. The difference management method is changed at the first TC, UR, or GAD pair creation or resync operation after setting this mode.
Both
The behavior of this SOM differs depending on the settings of SOM #5 or #6.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
383
�System option modes for VSP 5000 series
Mode
Category
1201
Global-active device
Description
Mode 1199 = ON:
When both SOM 1199 and SOM 1198 are ON, the difference management method for volumes of 4 TB or less used in TC, UR, or GAD pairs is changed to hierarchical difference management regardless of SOM 5 and 6 settings.
When SOM 1199 is ON and SOM 1198 is OFF, the difference management method for volumes of 4 TB or less used in TC, UR, or GAD pairs is changed to SM difference management regardless of SOM 5 and 6 settings.
Mode 1199 = OFF (default):
When SOM 1199 is OFF and SOM 1198 is ON, the difference management method for volumes of 4 TB or less used in TC, UR, or GAD pairs is changed to hierarchical difference management regardless of SOM 5 and 6 settings.
When both SOM 1199 and SOM 1198 are OFF, the difference management method is not changed.
Notes:
1. The SOM is applied to enable users who use CCI in TC, UR, and GAD operations to switch difference management method from hierarchy difference management to SM difference management for volumes of 4TB or less used in TC/UR/GAD pairs.
2. Changing the difference management method can affect the I/O response performance depending on the I/O pattern.
3. Changing the difference management method can affect the initial copy time depending on the conditions.
MCU/RCU
This SOM is used to change the I/O mode to Local for the volumes in the storage system opposite to the one where a failure occurs.
You need to set this mode on both the primary and secondary storage systems.
Mode 1201 = ON: When a path failure occurs between a quorum disk and a storage system, and then a path failure occurs between storage systems, the I/O mode of volumes of the storage system opposite to the one with path failures changes to Local.
Both
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
384
�System option modes for VSP 5000 series
Mode
Category
1202 Common
1204
Dynamic Provisioning
Description
Mode 1201 = OFF (default): When a path failure occurs between a quorum disk and a storage system, and then a path failure occurs between storage systems, the I/O mode of the P-VOL changes to Local.
Setting this SOM to ON means that the SOM must be ON on both sides. If the SOM is OFF on either side, the behavior is the same as when the mode is set to OFF.
Even when this SOM is set to ON, the I/O mode of a volume of the other storage system does not always change to Local. (This SOM is effective in the case that the I/O mode of the P-VOL is Local while the mode is set to OFF.)
Note: Apply this SOM when keeping the volumes of a storage system with no path failure between a quorum disk and the storage system accessible from hosts is required when a path failure occurs between storage systems after the path failure between a quorum disk and the other storage system.
MCU/RCU
This mode can be used to disable the logic of response
-
performance improvement for host I/O during FMD or SSD
drive firmware replacement.
Mode 1202 = ON:
Synchronous read I/Os are disabled.
Read I/Os other than synchronous read are disabled.
Write I/Os are disabled.
Mode 1202 = OFF (default):
Synchronous read I/Os can be done by collection read.
Read I/Os other than synchronous read are disabled.
Write: I/Os are disabled.
Notes:
1. Apply this mode when changing the behavior back to the previous one is required during FMD and SSD firmware replacement.
2. When this mode is set to ON, the host I/O performance during FMD or SSD drive firmware replacement may be degraded.
This SOM is intended to improve the page migration
-
performance when the MP usage rate is within the range
from 30% to 50%.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
385
�System option modes for VSP 5000 series
Mode
Category
Dynamic Provisioning for Mainframe
Dynamic Tiering
Dynamic Tiering for Mainframe
Thin Image
Description
Mode 1204 = ON: When the MP usage rate is within the range 30 to 50%, the processing interval is shortened to improve the page migration throughput.
Mode 1204 = OFF (default): There is no change for the processing interval.
For details, contact customer support (see SOM1204 sheet).
Notes:
1. Apply this mode when the following conditions are met:
The MP usage rate constantly exceeds 30%.
Prioritizing the page migration processing over the I/O processing is required.
MCU/RCU
2. When SOM 1204 is set to ON, the operation frequency of the relocation processing increases so that the host I/O response performance is degraded.
3. When SOM 904 is set to ON, the SOM 904 setting is prioritized.
4. By setting SOM 1204 to ON, the MP usage rate increases by 3 to 10% due to the asynchronous processing, and the host I/O response may be degraded.
1205
Dynamic
This SOM changes the background unmap processing
-
Provisioning
speed.
Dynamic Tiering Thin Image
Mode 1205 = ON: Background unmap runs at up to 42 MB/s.
Mode 1205 = OFF (default): Background unmap runs at up to 10 GB/s.
Notes:
1. The mode is applied to prevent the host response performance from being degraded due to background unmap.
2. When SOM 1122 is set to ON, the SOM 1122 setting is prioritized.
3. As releasing physical areas runs at the normal speed, the following phenomena may occur, though the
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
386
�System option modes for VSP 5000 series
Mode
Category
1211
Universal Replicator
Universal Replicator for Mainframe
Description
phenomena are solved immediately after the physical area release is complete:
The used pool capacity does not decrease immediately after DP volume deletion.
The saving ratio seems to be lower temporarily.
The used pool capacity may increase due to rebalance.
MCU/RCU
By setting this SOM to ON, the threshold of write pending rate that is a condition to disable journal data copy is changed from 25% to 50%.
Journal data copy is disabled when the following conditions (1) and (2), or (1) and (3) are met:
1. 4096 or more journal data sets are accumulated on RCU.
2. The write pending rate of a journal volume in an MPB that has the ownership of the journal on RCU exceeds the threshold, 25% (mode OFF) or 50% (mode ON). (Including the write pending rate of those other than the journal volume)
3. On RCU, it takes 15 seconds or longer to start a restore operation after the copy processing of journals is complete.
Note: Even when the above conditions are met, if the time stamp of accumulated journal datasets is the same in a configuration where multiple journals are added to a consistency group, journal data copy is not disabled.
Mode 1211 = ON: The threshold for the write pending rate is 50%.
Mode 1211 = OFF (default): The threshold for the write pending rate is 25%.
Notes:
1. Apply this SOM when one of the following conditions are met:
Both
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
387
�System option modes for VSP 5000 series
Mode
Category
Description
a. Disabling journal data copy is enabled in one of the following cases:
- SOM 1043 is set to ON for each CLPR on the secondary site.
- A configuration where multiple journals are added to a CCI consistency group (open and mainframe).
- A configuration where multiple journals are added to an extended consistency group (mainframe).
b. The write pending rate of a CLPR containing a journal on the secondary site exceeds 25%.
2. If the host write I/O speed is faster than the journal data copy speed, the usage of the master journal increases.
3. Though the mode can work on UR/URz RCU, apply it to both MCU and RCU assuming Disaster Recovery operation.
4. This mode is related to SOM 1043.
5. If SOM 690 is set to ON and the write pending rate is 60% or higher, journal data copy is disabled regardless of the setting of this mode.
6. This mode is effective per CLPR. Therefore, select a target LPR xx (xx= 00 to 31), and then set the mode to ON or OFF. For example, when setting the mode to CLPR0 (CLPR 1 to 31 are not defined), select LPR00, and then set the mode to ON or OFF. When setting the mode by selecting System, the mode cannot be enabled for any CLPRs.
MCU/RCU
1222 Dynamic Tiering This SOM changes whether to perform the gray zone
-
Dedupe and
promotion processing on compressed pages.
Compression Mode 1222 = ON: The gray zone promotion processing is
performed on compressed pages.
Mode 1222 = OFF (default): The gray zone promotion processing is not performed on compressed pages.
Notes:
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
388
�System option modes for VSP 5000 series
Mode
Category
1223
Dynamic Provisioning
1224
ShadowImage
ShadowImage for Mainframe
Thin Image
Volume Migration
Universal Replicator
Universal Replicator for Mainframe
Description
1. Apply this SOM to prioritize the performance over reduction ratio.
In an ADR with HDT environment, if the usage rate of the second lowest tier is lower than the upper limit of the setting value, the usage rate can be increased by setting this mode to ON.
2. When this SOM is set to ON, the reduction ratio declines by the gray zone promotion processing, and then the pool usage increases.
MCU/RCU
This SOM is used to disable the mapping consistency check processing that runs when a Write Same command is run.
Mode 1223 = ON: The mapping consistency check processing does not run at Write Same command.
Mode 1223 = OFF (default): The mapping consistency check processing runs at Write Same command.
Note: Apply this SOM when all the following conditions are met:
1. The microcode that supports the mode is applied. (90-04-08 and later in 90-04-0x range, 90-05-03 and later)
2. The response time of Write Same command increase about 0.1 msec.
3. The length of Write Same command is short (less than 256KiB).
The mode can disable or enable ownership migration for an LDEV whose ownership has been migrated to the MPU with P-VOL ownership at pair creation back to the previous MPU at pair deletion.
Both
Mode 1224 = ON: Ownership migration at program product pair deletion is disabled.
Mode 1224 = OFF (default): Ownership migration at program product pair deletion is performed.
* Different from other program products, the ownership in an MPU with the journal group ownership is migrated as follows in a UR/URz configuration.
Ownership migration target: LDEV (journal volume, remote CMDDEV)
Timing when ownership migration takes place: Journal volume deletion, journal group deletion from EXCTG, and mirror allocation release
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
389
�System option modes for VSP 5000 series
Mode
Category
1242
Universal Replicator
Universal Replicator for Mainframe
1254
ShadowImage
ShadowImage for Mainframe
Volume Migration
Compatible FlashCopy®
TrueCopy
TrueCopy for Mainframe
Global-active device
Universal Replicator
Description
Notes:
1. Apply the mode when preventing the MP usage rate increase is required.
2. Ownerships are in a specific MPU so that I/Os may be concentrated on the MPU.
3. Ownership migration does not work at pair deletion.
MCU/RCU
By setting this SOM to ON on a storage system with a pair for delta resync in one of the following configurations, SIM=DCF6XX (XX=JNLG number) is reported as a warning for an omission of remote command device settings for delta resync. The SIM is reported once 24 hours after the pair for delta resync is created in the target journal group.
Both
[Target configuration]
(a) UR or URz
(b) TC/TCz-UR/URz delta resync configuration or a UR/ URz-UR/URz
Mode 1242 = ON: SIM=DCF6XX is reported regularly if a remote command device for delta resync was not added in the target configuration. The SIM is reported for each journal group to which a remote command device for delta resync was not added.
Mode 1242 = OFF (default): SIM=DCF6XX is not reported.
Note: This SOM can be applied when users want to receive a warning report for an omission of remote command device settings for delta resync.
This mode is used to prevent the performance of a host I/O to a virtual volume with capacity saving enabled (DRD-VOL) from being degraded due to the copy processing of a replication program product* that runs in the background.
Both
* Replication program products: ShadowImage (SI), ShadowImage for Mainframe (SIz), Volume Migration (VM), FlashCopy (FC), Thin Image (HTI), TrueCopy (TC), TrueCopy for Mainframe (TCz), global-active device (GAD), Universal Replicator (UR), Universal Replicator for Mainframe (URz).
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
390
�System option modes for VSP 5000 series
Mode
Category
Universal Replicator for Mainframe
Description
Mode 1254 = ON:
SI/SIz, VM, HTI, TC/TCz, GAD, UR/URz: The copy processing running in the background* stops when the WP rate of the copy target CLPR is 35% or higher.
FC: The pace of the copy processing running in the background* is slowed down when the WP rate of the copy target CLPR is 35% or higher.
Mode 1254 = OFF (default):
SI/SIz, VM, FC, TI: As per the SOM 467 setting
TC/TCz, GAD: As per the SOM 689 setting
UR/URz: As per the SOM 690 setting
* The copy processing running in the background refers to the following processing:
SI/SIz: Pair initial copy, pair initial copy (Steady Split), pair initial copy (Quick Split), Steady Split, Quick Split (it does not stop for a pair whose synchronization rate is 100%), Normal Resync (it does not stop for a pair whose synchronization rate is 100%), Reverse Copy (it does not stop for a pair whose synchronization rate is 100%), background copy.
VM: Pair initial copy
FC: Background copy, update co+F96py (Restore), update copy (Reverse Restore), update copy (Fast Reverse Restore)
TI: Copy processing by restore, copy processing by clone
TC/TCz: Copy running in background, initial copy, pair creation, resync, swap resync, horctakeover (swap resync run during horctakeover)
GAD: Initial copy, pair creation, resync, swap resync, horctakeover (swap resync run during horctakeover)
UR: Copy or restore running in background, initial copy, update copy, journal copy (initial and update copy), journal restore, issuing read-journal command to primary storage system, data copy from master journal to restore journal, copying restore journal data for secondary volume, pair creation, resync, swap resync, delta resync, horctakeover (swap resync run during horctakeover)
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
391
�System option modes for VSP 5000 series
Mode
Category
Description
Notes:
1. Apply this mode when all the following conditions are met:
a. Preventing the performance of a host write I/O to a DRD-VOL from being degraded due to overload by the copy processing running in the background is required.
b. It is acceptable that completing the copy processing running in the background for a volume (*1) belonging to a CLPR whose WP rate is 35% or higher takes extra time equal to the time period during which the WP rate of the copy target CLPR is 35% or higher.
c. Setting the mode for all CLPRs on the storage system is required. (For per CLPR setting, use SOM 1260.)
d. A failure suspension of a UR/URz pair is acceptable (*2)(*3). The failure suspension occurs when the mode is set to ON to prioritize the host I/O performance in a UR/URz configuration, if the amount of host I/Os exceeds the amount of journal transfer so that the journal usage increases, and then the journal usage exceeds the threshold.
*1: Note that in CLPRs with the mode set to ON, the copy processing does not make progress for not only a DRD-VOL but also a normal volume and a virtual volume with capacity saving disabled.
*2: Disable Inflow Control for journals. By setting SOM 1254, the copy processing running in the background is stopped, the amount of host I/Os exceeds the amount of journal transfer, and the journal usage increases. If Inflow Control is enabled, failure suspension can be prevented, but Inflow Control works when the journal usage exceeds the threshold (80%), resulting in host write performance degradation.
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
392
�System option modes for VSP 5000 series
Mode
Category
Description
*3: If a failure suspension is not acceptable, use different CLPRs for the UR/URz S-VOL and JNL VOL, and for the DRD-VOL whose performance cannot be degraded on RCU, and then set SOM 1260 to ON only f+F97or the CLPR of the DRD-VOL whose performance cannot be degraded.
2. By setting the mode to ON, the copy processing running in the background is stopped when the WP rate is 35% or higher regardless of the settings of SOM 467, SOM 689, and SOM 690.
3. Completing the copy processing running in the background for a volume (*4) belonging to a CLPR whose WP rate is 35% or higher takes extra time equal to the time period during which the WP rate of the copy target CLPR is 35% or higher. Note that recovering a pair that is suspended due to failure takes longer time too. SOM 1254 cannot be applied if the copy processing, such as the case of data migration or volume migration, must be completed in a certain time period.
*4: Note that in CLPRs with the mode set to ON, the copy processing does not make progress for not only a DRD-VOL but also normal volume and virtual volume with capacity saving disabled.
4. When UR/URz is used, if 35% or higher WP rate continues for a long time on RCU, a journal volume becomes full and may be suspended on MCU.
To disable the copy running in the background of replication program products other than UR/URz, do not set the mode to ON.
Instead of setting the mode to ON, use different CLPRs for the UR/URz S-VOL and the journal volume, and for the DRD-VOL for which preventing performance degradation is required on RCU, and set SOM 1260 to ON for the CLPR of the DRD-VOL only.
5. In a 3DC configuration, if 35% or higher WP rate continues for a long time on the second RCU, a journal volume becomes full and may be suspended on MCU and the first RCU. In this case, even if you perform delta resync, all data copy from P-VOL to S-VOL works same as the case when delta resync fails.
6. In a UR M:N open CTG configuration, even if there is one storage system where the WP rate reaches 35% or higher on RCU, copy processing will be stopped on
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
393
�System option modes for VSP 5000 series
Mode
Category
Description
all storage systems in this configuration, including the storage systems with SOM 1254 disabled.
7. In a URz EXCTG configuration, even if there is one storage system where the WP rate reaches 35% or higher on RCU, copy processing will be stopped on all storage systems in this EXCTG, including the storage systems with SOM 1254 disabled.
8. Apply the same setting of SOM1260 for the CLPR of UR/URz S-VOL and the CLPR of the journal volume.
(Set the mode to ON or OFF for both CLPRs)
9. When UR/URz is used, if operations are switched to RCU, as the previous MCU becomes RCU, meet the following conditions:
a. The SOM setting is same for MCU and RCU.
b. If different CLPRs are used for the UR/URz SVOL and the journal volume, and for a DRD-VOL for which preventing performance degradation is required on RCU, use different CLPRs for the UR/ URz S-VOL and the journal volume, and for a DRD-VOL for which preventing performance degradation is required on MCU too.
10. In a 3DC configuration, because operations on MCU can be switched to the first RCU or the second RCU, make sure the SOM setting is the same on the MCU, the first RCU and the second RCU.
11. When UR/URz is used, disable Inflow Control. If enabled, it may work because the copy is stopped by setting the mode to ON, resulting in degradation of host write I/O performance.
*1: In CLPRs with the mode set to ON, the copy processing does not make progress for not only a DRD-VOL but also a normal volume and a virtual volume with capacity saving disabled.
*2: Disable Inflow Control for journals. By setting SOM 1254, the background copy is stopped, the amount of host I/Os exceeds the amount of journal transfer, and the journal usage increases. If Inflow Control is enabled, failure suspension can be prevented, but Inflow Control works when the journal usage exceeds the threshold (80%), resulting in host write performance degradation.
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
394
�System option modes for VSP 5000 series
Mode
Category
1259 Common
1260
Dedupe and Compression
ShadowImage
ShadowImage for Mainframe
Volume Migration
Compatible FlashCopy®
TrueCopy
TrueCopy for Mainframe
Global-active device
Universal Replicator
Universal Replicator for Mainframe
Description
*3: Note that in CLPRs with the mode set to ON, the copy processing does not make progress for not only a DRDVOL but also normal volume and virtual volume with capacity saving disabled.
MCU/RCU
This SOM is used to enable and disable DIMM hardware diagnosis processing during controller startup.
Both
This mode can be set only on VSP 5200, 5600, 5200H, 5600H models.
Mode 1259 = ON: The DIMM hardware diagnosis processing does not run at controller startup.
Mode 1259 = OFF (default): The DIMM hardware diagnosis processing runs at controller startup.
Notes:
1. Apply this mode to reduce the PS ON time when a quicker startup time is required. The time to complete PS ON and controller maintenance operation becomes 5 minutes shorter.
2. By setting the mode to ON, the time to complete PS ON and controller maintenance operation becomes 5 minutes shorter.
This mode is used to prevent the performance of a host I/O to a virtual volume with capacity saving enabled (DRD-VOL) in the specified CLPR from being degraded due to the copy processing of a replication program product (*) that runs on the background.
Both
*: ShadowImage (SI), ShadowImage for Mainframe (SIz), Volume Migration (VM), Compatible FlashCopy® (FC), Thin
Image (TI), TrueCopy (TC), TrueCopy for Mainframe (TCz),
global-active device (GAD), Universal Replicator (UR),
Universal Replicator for Mainframe (URz).
Mode 1260 = ON:
SI/SIz, VM, TI, TC/TCz, GAD, UR/URz: The copy processing running in the background* stops when the WP rate of the copy target CLPR is 35% or higher.
FC: The pace of the copy processing running in the background* is slowed down when the WP rate of the copy target CLPR is 35% or higher.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
395
�System option modes for VSP 5000 series
Mode
Category
Description
* The copy processing running in the background refers to the following processing:
SI/SIz: Pair initial copy, pair initial copy (Steady Split), pair initial copy (Quick Split), Steady Split, Quick Split (it does not stop for a pair whose synchronization rate is 100%), Normal Resync (it does not stop for a pair whose synchronization rate is 100%), Reverse Copy (it does not stop for a pair whose synchronization rate is 100%), background copy.
VM: Pair initial copy
FC: Background copy, update co+F96py (Restore), update copy (Reverse Restore), update copy (Fast Reverse Restore)
TI: Copy processing by restore, copy processing by clone
TC/TCz: Copy running in background, initial copy, pair creation, resync, swap resync, horctakeover (swap resync run during horctakeover)
GAD: Initial copy, pair creation, resync, swap resync, horctakeover (swap resync run during horctakeover)
UR: Copy or restore running in background, initial copy, update copy, journal copy (initial and update copy), journal restore, issuing read-journal command to primary storage system, data copy from master journal to restore journal, copying restore journal data for secondary volume, pair creation, resync, swap resync, delta resync, horctakeover (swap resync run during horctakeover).
Mode 1260 = OFF (default):
SI/SIz, VM, FC, TI: As per the SOM 467 setting
TC/TCz, GAD: As per the SOM 689 setting
UR/URz: As per the SOM 690 setting
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
396
�System option modes for VSP 5000 series
Mode
Category
Description
Notes:
1. Apply the mode when all the following conditions are met.
Preventing the performance of a host write I/O to a DRD-VOL from being degraded due to overload by the background copy processing is required.
It is acceptable that completing the background copy for a volume (*1) belonging to a CLPR whose WP rate is 35% or higher takes extra time equal to the time period during which the WP rate of the copy target CLPR is 35% or higher.
Setting the mode per CLPR is required. (Setting for all CLPRs, use SOM 1254)
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
397
�System option modes for VSP 5000 series
Mode
Category
Description
The mode setting for a CLPR of UR/URz S/VOL, and that for a CLPR of a journal volume are the same. (The mode is set to ON or OFF for both CLPRs)
*1: Note that in CLPRs with the mode set to ON, the copy processing does not make progress for not only a DRD-VOL but also a normal volume and a virtual volume with capacity saving disabled.
2. By setting the mode to ON, the copy processing running in the background is stopped when the WP rate is 35% or higher regardless of the settings of SOM 467, SOM 689, and SOM 690.
3. Completing the copy processing running in the background for a volume (*2) belonging to a CLPR whose WP rate is 35% or higher takes extra time equal to the time period during which the WP rate of the copy target CLPR is 35%. Note that recovering a pair that is suspended due to failure takes longer time too.
*2: Note that in CLPRs with the mode set to ON, the copy processing does not make progress for not only a DRD-VOL but also normal volume and virtual volume with capacity saving disabled.
4. When UR/URz is used, if 35% or higher WP rate continues for a long time on RCU, a journal volume becomes full and may be suspended on MCU.
To disable the background copy of replication program products other than UR/URz, use different CLPRs for the UR/URz S-VOL and the journal volume, and for a DRD-VOL for which preventing performance degradation is required on RCU, and set the mode to ON for the CLPR of the DRD-VOL only.
5. When UR/URz is used, if operations are switched to RCU, as the previous MCU becomes RCU, meet the following conditions:
The SOM setting is same for MCU and RCU.
If different CLPRs are used for theUR/URz S-VOL and the journal volume, and for a DRD-VOL for which preventing performance degradation is required on RCU, use different CLPRs for the UR/ URz S-VOL and the journal volume, and for a DRDVOL for which preventing performance degradation is required on MCU too.
MCU/RCU
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
398
�System option modes for VSP 5000 series
Mode
Category
1267
Dedupe and Compression
Description
MCU/RCU
When asynchronous processing of capacity saving runs
-
while the drive performance is not sufficient, the
asynchronous processing raises the workload of the drive.
As the drive is overloaded, the drive performance may be
degraded. To address the issue, this mode is available to
slow down the asynchronous processing speed.
Mode 1267 = ON: The asynchronous processing of capacity saving listed below runs at low speed.
Mode 1267 = OFF (default): The asynchronous processing of capacity saving listed below runs at normal speed.
Asynchronous processing that runs at low speed by setting the mode to ON:
Disabling of the capacity saving function
Deletion of LDEVs for which the capacity saving function is enabled
Garbage collection
Asynchronous capacity reduction processing
Compression conversion of compression accelerator
Garbage collection for collecting unnecessary meta data or user data of deduplication system data volume (data store)
Deletion of unnecessary hash data for deduplication
Expansion of meta data area of the capacity saving
Correction of control information when SOM 1208 is set to ON
Health check when SOM 1237 is set to ON
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
399
�System option modes for VSP 5000 series
Mode
Category
1273
Universal Replicator for Mainframe
Notes:
Description
1. Apply this mode in the following cases:
There is a possibility of drive overload by the asynchronous processing (asynchronous capacity reduction, disabling capacity saving, compression conversion of compression accelerator) that works after the data reduction setting (capacity saving, compression accelerator) is changed.
The drive is overloaded by asynchronous processing of capacity saving.
2. By setting the mode to ON, the capacity saving ratio may decrease.
3. When an adaptive data reduction setting change is complete after setting the mode to ON, set the mode to OFF.
MCU/RCU
This SOM is used to prevent recovery point objective (RPO) RCU from increasing due to many format write I/Os in a URz configuration.
Mode 1273 = ON: The number of journal restore operations on RCU is as follows:
Multiplicity per MPU: 256
Multiplicity per 32-cylinder range: 8
Mode 1273 = OFF (default): The number of journal restore operations on RCU is as follows:
Multiplicity per MPU: 256
Multiplicity per 32-cylinder range: 256
Notes:
1. Apply the mode when the following conditions are met.
The amount of journal transfer for each MPU on RCU is 500 MB/s or greater.
The ratio of format write I/Os is 50% or higher.
There is no other bottleneck (MP usage rate, write pending rate, and drive operating rate).
2. When a cylinder range that a new write I/O accesses is narrow and the number of pairs to which I/Os are issued is less than 32, the maximum performance of the journal processing on RCU may be 15 to 25% lower than that when the SOM is not set.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
400
�System option modes for VSP 5000 series
Mode
Category
1293
Global-active device
Description
MCU/RCU
This SOM is used to enable the pair creation, resynchronization, and swap resynchronization operations for GAD pairs when one side of the cache is blocked.
Both
Mode 1293 = ON: This setting allows the pair creation, resynchronization, and swap resynchronization operations for GAD pairs.
Mode 1293 = OFF (default): With this setting, the pair creation, resynchronization, and swap resynchronization operations for GAD pairs are not possible.
Notes:
1. When this mode is ON, if the initial copy of a GAD pair runs while one side of the cache is blocked, the following adverse effects might occur:
The load on the drives increases, which might affect host performance.
The initial copy performance is degraded compared to when the cache is in normal state.
Maintenance of the blocked cache is unavailable during the initial copy.
During the initial copy, if degradation of host performance is unacceptable or if you perform maintenance of the blocked cache, stop the initial copy.
2. This mode is available for DKCMAIN microcode versions 90-08-81 and later.
Appendix A: System option modes (SOMs)
System Administrator Guide for VSP 5000 Series
401
�Appendix B: Device Manager - Storage Navigator user management GUI reference
This section describes the Device Manager - Storage Navigator windows and wizards that you use to manage user security and to set up and manage user accounts on your storage system.
User Groups window
This window lists all user groups created in Device Manager - Storage Navigator.
Summary The following table describes the fields in the summary section in the User Groups window.
Item
Number of User Groups
Description
Number of user groups created in Device Manager - Storage Navigator.
User Groups tab The following table describes the fields in the User Groups tab in the User Groups window.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
402
�Selected User Group Window
Item
Description
User Group Name
Displays user group name.
User Group Type
Displays the user group type. Built-in: Indicates a built-in user group. User-created: Indicates a user group that users created.
Number of Roles
Displays the number of the roles that are assigned to the user group.
Number of Resource Displays the number of the resource groups that are assigned to
Groups
the user group.
Number of Users
Displays the number of users who belong to the user group.
All Resource Groups Assigned
Displays whether all the resource groups are assigned. Yes: All the resource groups are assigned to the user group. No: All the resource groups are not assigned to the user group.
Create User Group Creates a new user group.
Add Users
Adds the created users to the selected user group.
Edit Resource Group Assigns the created resource groups to the selected user groups. Assignment
Edit Role Assignment* Assigns the created roles to the selected user groups.
Delete User Groups* Deletes the selected user groups.
Edit User Group*
Edits the user group name.
Export*
Displays a window for outputting table information.
* Appears when you click More Actions.
Selected User Group Window
The User Group window lists the names of all of the built-in user groups and any user groups that were created in Device Manager - Storage Navigator. To open a window for a specific user group, in the User Groups tab, click the user group name.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
403
�Selected User Group Window
The features of the window that opens when a user group is selected are the same, no matter which user group is selected. The following example uses the Administrator User Group window to show the features in the window.
The window for each selected user group contains a Summary section and three tabs.
Summary section The following table describes the fields and settings in the Summary section of the selected user group window.
Item
Description
Number of Roles
Displays the number of roles that are assigned to the selected user group.
Number of Resource Displays the number of resource groups that are assigned to the
Groups
selected user group.
Number of Users
Displays the number of users who belong to the selected user group.
User Group Type
Displays the user group type. Built-in: Indicates a built-in user group. User-created: Indicates a user group that a user created.
All Resource Groups Displays whether all the resource groups are assigned.
Assigned
Yes: All the resource groups are assigned to the user group.
No: All the resource groups are not assigned to the user group.
Users tab
The following table describes the fields and settings in the Users tab of the selected user group window. It lists the users who belong to the selected user group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
404
�Selected User Group Window
Item User Name Account Status
Lockout1
Authentication
User Type Number of User Groups Account Version
Create User Change Password
Description
Name of user who belongs to the user group.
Account status. The following statuses are available: Enabled: The user can use the account. Disabled: The user cannot use the account or log in to Device Manager - Storage Navigator.
Indicates whether the status is locked. Yes: The user account is locked, so login to Device Manager -
Storage Navigator is not possible. No: The user can use the account.
Authentication method. The following methods are available: Local: Does not use authentication server. Uses a dedicated password for Device Manager - Storage Navigator. External: Uses authentication server.
User type. The following types are available: Built-in or User-created
Displays the number of the user groups where the user belongs.
Displays the version of the account information management method: Ver.1: The version for the SVP with microcode version 90-08-21
or earlier. Ver.2: The version for the SVP with microcode version 90-08-22
or later. - (hyphen): Authentication is External for the user account. Note: The account information management method was changed at SVP firmware version 90-08-22. When a user with account version Ver.1 logs in to the SVP with firmware version 90-08-22 or later, or when the password of this user is changed, the account version for the user is automatically changed from Ver.1 to Ver.2.
Creates a new user account.
Changes your own password if you click this. Changes the password of other users if you select a user and then click this.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
405
�Selected User Group Window
Item
Description
Edit User
Changes the setting for authentication or for the account status.
You can set the password of the selected user if you change Authentication from External to Local.
Add Users2
Adds the created users to the selected user group.
Remove Users2
Removes the selected user from the user group. The user account itself will not be deleted.
Delete Users2
Deletes the selected users.
Export2
Displays a window for outputting table information.
Notes:
1. This content is not displayed by default. To display it, change the settings in the Column Settings window in the table options.
2. Appears when you click More Actions.
Roles tab The following illustration shows the Roles tab of the selected user group window.
The following table describes the fields and settings in the Roles tab of the selected user group window. Role displays the roles assigned to the user group, which determines the operations the user can perform.
Roles
Role
Edit Role Assignment Export
Permitted operations
Displays the roles that are assigned to the user group.
Assigns the created roles to the selected user groups.
Displays a window for outputting table information.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
406
�Selected User Group Window
Resource Groups tab The following illustration shows the Resource Groups tab of the selected user group window.
The following table describes the fields and settings in the Resource Groups tab of the selected user group window. It lists the resource groups that are assigned to the selected user group.
Item
Description
Resource Group Name
Displays the name and ID of the resource group assigned to the user group.
Number of User Groups
Displays the number of user groups that are assigned to the resource group.
Number of Parity Groups
Displays the number of the parity groups that are assigned to the resource group.
Number of LDEVs
Displays the number of the LDEVs that are assigned to the resource group.
Number of Ports
Displays the number of the ports that are assigned to the resource group.
Number of Host Groups
Displays the number of the host groups that are assigned to the resource group.
Number of iSCSI Targets
Displays the number of the iSCSI targets that are assigned to the resource group.
Virtual Storage Machine*
Displays the model type and serial number of the virtual storage machine set for the resource group.
Edit Resource Group Assigns the created resource groups to the user groups. Assignment
Export
Displays a window for outputting table information.
* This content is not displayed by default. To display it, change the settings in the Column Settings window in the table options.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
407
�Create User Group wizard
Create User Group window
Use this window to create a new user group.
Create User Group wizard
Item User Group Name
Check
Description
Enter the name of the user group to be created. You can specify ASCII code characters, spaces, and the following symbols: ! # $ % & ' ( ) + - . = @ [ ] ^ _ ` { } ~
Check whether the entered user group name is registered to the authorization server when you use an authorization server.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
408
�Create User Group confirmation window
Create User Group confirmation window
Create User Group
The following table describes the fields in the Create User Group section of the Create User Group Window.
Item
Description
User Group Name Displays the name of user groups that are created.
Number of Roles
Displays the number of roles that are assigned to the user group created.
Number of Resource Displays the number of resource groups that are assigned to the
Groups
user group created.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
409
�Create User Group confirmation window
Item
Description
Number of Users
Displays the number of users that belong to the user group created.
All Resource Groups Displays whether all resource groups are assigned.
Assigned
Yes: All resource groups are assigned to the user group.
No: All resource groups are not assigned to the user group.
Assigned Roles
The following table describes the fields in the Assigned Roles section of the Create User Group Window.
Role
Item
Description Displays the roles that are assigned to the user group created.
Assigned Resource Groups
The following table describes the fields in the Assigned Resource Group section of the Create User Group Window.
Item Resource Group Name (ID) Number of User Groups Number of Parity Groups Number of LDEVs
Number of Ports
Number of Host Groups Number of iSCSI Targets Detail
Description
Displays the name and ID of the resource group assigned to the user group created.
Displays the number of user groups that are assigned to the resource group.
Displays the number of parity groups that are assigned to the resource group.
Displays the number of LDEVs that are assigned to the resource group.
Displays the number of ports that are assigned to the resource group.
Displays the number of host groups that are assigned to the resource group.
Displays the number of the iSCSI targets that are assigned to the resource group.
Displays details of the selected resource group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
410
�Create User wizard
Selected Users
The following table describes the fields in the Selected Users section of the Create User Group Window. This table displays only when users are added to the user group. This table displays only when users are added to the user group.
Item User Name Account Status
Authentication
Number of User Groups
Description
Displays the name of the users that belong to the user group to be created.
Displays the account status. The following status are available: Enabled: The user can use the account. Disabled: The user cannot use the account or log in to Device Manager - Storage Navigator.
Displays the authentication method. The following methods are available: Local: Does not use authentication server. Uses a dedicated password for Device Manager - Storage Navigator. External: Uses authentication server.
Displays the number of user groups where the user belongs.
Create User wizard
Create User window
Use this window to create a new user account.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
411
�Create User window
The following table describes the fields and settings in the Create User window.
Item User Name Account Status
Authentication
Password Re-enter Password
Description
Enter the user name to be created. The allowable characters and length of user names depend on the application that the user uses.
Account statuses. The following statuses are available: Enable: The user can use the account. Disable: The user cannot use the account or log in to Device Manager - Storage Navigator.
Authentication method. The following methods are available: Local: Does not use authentication server. Uses a dedicated password for Device Manager - Storage Navigator. External: Uses authentication server.
Password that the user enters for login. The allowable characters and length of passwords depend on the application that the user uses.
Password as above.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
412
�Create User confirmation window
Create User confirmation window
Selected Users The following table describes the fields and settings used to create a new user account.
Item User Name Account Status
Authentication
Password User Group Name
Description
User name to be created.
Account statuses. The following statuses are available: Enabled: The user can use the account. Disabled: The user cannot use the account or log in to Device Manager - Storage Navigator.
Authentication methods. The following methods are available: Local: Does not use authentication server. Uses a dedicated password for Device Manager - Storage Navigator. External: Uses authentication server.
Password that the user enters for login.
User group name where the user is added.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
413
�Change Password Wizard
Change Password Wizard
Change Password window
Use this window to change the password for yourself or another user.
The following table describes the fields and settings used to change a password.
Item User Name Current Password
New Password
Re-enter New Password
Description
Selected user name.
Current password of your user account. Required only when you change your own password.
New password that the selected user enters for login. The allowable characters and length of passwords depend on the application that the user uses.
Same password as above.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
414
�Change Password confirmation window
Change Password confirmation window
The following table describes the fields and settings used to change user passwords.
Item User Name Current Password
New Password
Description Selected user name. Current password. A hyphen (-) indicates no current password is specified. New password.
Edit User wizard
Edit User window
Use this window to change the setting for authentication or for the account status.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
415
�Edit User window
The following table describes the fields and settings used to edit user account information.
Item User Name Account Status
Authentication
Password
Re-enter Password
Description
Selected user name.
Account statuses. The following statuses are available: Enabled: The user can use the account. Disabled: The user cannot use the account or log in to Device Manager - Storage Navigator.
Authentication method. The following methods are available: Local: Does not use authentication server. Uses a dedicated password for Device Manager - Storage Navigator. External: Uses authentication server.
Password that the user enters for login. You can specify ASCII code characters and the following symbols: ! # $ % & ' ( ) * + , -. / : ; < = > ? @ [ \ ] ^ _` { | } ~
Password that the user enters for login.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
416
�Edit User confirmation window
Edit User confirmation window
The following table describes the fields and settings in the Edit Users window.
Item User Name Account Status
Authentication
Password
Description
Selected user name.
Account status. The following statuses are available: Enabled: The user can use the account. Disabled: The user cannot use the account or log in to Device Manager - Storage Navigator.
Authentication method. The following methods are available: Local: Does not use authentication server. Uses a dedicated password for Device Manager - Storage Navigator. External: Uses authentication server.
Password that the user enters for login.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
417
�Add User wizard
Add User wizard
Add Users window
Use this window to add the created user accounts to the selected user group.
Available Users The following table lists all the candidate users who do not belong to the selected user group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
418
�Add Users window
Item User Name Account Status
Authentication
Number of User Groups
Description
Selected user name.
Account status. The following statuses are available: Enabled: The user can use the account. Disabled: The user cannot use the account or log in to Device Manager - Storage Navigator.
Authentication method. The following methods are available: Local: Does not use authentication server. Uses a dedicated password for Device Manager - Storage Navigator. External: Uses authentication server.
Displays the number of user groups where the user belongs.
Add button Adds the selected users in the Available Users list to the Selected Users list.
Remove button Removes the selected users from the Selected Users list and relocates the selected users to the Available User list.
Selected Users table
Lists users to be added to the user group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
419
�Add Users confirmation window
Item User Name Account Status
Authentication
Number of User Groups
Description
Selected user name.
Account status. The following statuses are available: Enabled: The user can use the account. Disabled: The user cannot use the account or log in to Device Manager - Storage Navigator.
Authentication method. The following methods are available: Local: Does not use authentication server. Uses a dedicated password for Device Manager - Storage Navigator. External: Uses authentication server.
Displays the number of user groups where the user belongs.
Add Users confirmation window
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
420
�Remove Users window
Selected User Group
Item User Group Name
Description Displays the user group name where the user is added.
Selected Users table
Item User Name Account Status
Authentication
Number of User Groups
Description
Selected user name.
Account status. The following statuses are available: Enabled: The user can use the account. Disabled: The user cannot use the account or log in to Device Manager - Storage Navigator.
Authentication method. The following methods are available: Local: Does not use authentication server. Uses a dedicated password for Device Manager - Storage Navigator. External: Uses authentication server.
Displays the number of user groups where the user belongs.
Remove Users window
The Remove Users window is used to remove users from a particular group. However, the removed users will still remain in the system. To delete users entirely from the system, see Deleting user accounts (on page 164).
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
421
�Remove Users window
Selected User Group table
Item User Group Name
Description Displays the name of the user group where the user is removed.
Selected Users table
Item User Name Account Status
Authentication
Number of User Groups
Description
Selected user name.
Account status. The following statuses are available: Enabled: The user can use the account. Disabled: The user cannot use the account or log in to Device Manager - Storage Navigator.
Authentication method. The following methods are available: Local: Does not use authentication server. Uses a dedicated password for Device Manager - Storage Navigator. External: Uses authentication server.
Displays the number of user groups where the user belongs.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
422
�Delete Users window
Delete Users window
The Delete Users window is used to delete users entirely from the system. If you want to remove users from a particular group without deleting them in the system, see Changing user permissions (on page 163).
Item User Name Account Status
Authentication
Number of User Groups
Description
Selected user name.
Account status. the following statuses are available: Enabled: The user can use the account. Disabled: The user cannot use the account or log in to Device Manager - Storage Navigator.
Authentication method. The following methods are available: Local: Does not use authentication server. Uses a dedicated password for Device Manager - Storage Navigator. External: Uses authentication server.
Displays the number of user groups to which the user belongs.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
423
�Release Lockout window
Release Lockout window
Item User Name
Description Name of the user whose account you want to unlock
Edit User Group wizard
Edit User Group window
Use this window to change the name of a user group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
424
�Edit User Group window
The following table describes the fields and settings used to edit user group information.
Item User Group Name
Check
Description
Enter the new name of the user group. You can use ASCII code characters, spaces, and the following symbols: ! # $ % & ' ( ) + - . = @ [ ] ^ _ ` { } ~
Check whether the entered user group name is registered to the authentication server when you use an authentication server.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
425
�Edit User Group confirmation window
Edit User Group confirmation window
The following table describes the fields and settings used to edit user group information.
Item
Description
User Group Name Displays the new name of the user group.
Number of Roles
Displays the number of roles that are assigned to the user group.
Number of Resource Displays the number of resource groups that are assigned to the
Groups
user group.
Number of Users
Displays the number of users that belong to the user group.
All Resource Groups Displays whether all the resource groups are assigned.
Assigned
Yes: All resource groups are assigned to the user group.
No: All resource groups are not assigned to the user group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
426
�Delete User Groups window
Delete User Groups window
Item
Description
User Group Name Displays the new name of the user group.
Number of Roles
Displays the number of roles that are assigned to the user group.
Number of Resource Displays the number of resource groups that are assigned to the
Groups
user group.
Number of Users
Displays the number of users that belong to the user group.
All Resource Groups Displays whether all resource groups are assigned.
Assigned
Yes: All resource groups are assigned to the user group.
No: All resource groups are not assigned to the user group.
Edit Resource Group Assignment wizard
Edit Resource Group Assignment window
Use this window to assign created resource groups to the user group and to assign created resource groups to the user group in the Create User Group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
427
�Edit Resource Group Assignment window
The following table describes the fields and settings used to assign resource groups with the Create User Group wizard.
Item
Description
All Resource Groups Displays whether all the resource groups are assigned to the user
Assigned
group.
This item is set to Yes when the following roles are assigned in the Assign Roles window.
Security Administrator (View Only)
Security Administrator (View & Modify)
Audit log Administrator (View Only)
Audit log Administrator (View & Modify)
Support Personnel (Vendor Only)
When this item is set to Yes, Unassigned Resource Groups table, Assigned Resource Groups table, Add button, and Remove button are disabled.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
428
�Unassigned Resource Groups table
Edit Resource Group Assignment window
The following table lists the resource groups that are not assigned to the user group.
Item Resource Group Name (ID) Number of User Groups Number of Parity Groups Number of LDEVs
Number of Ports
Description
Displays the name and ID of the resource group that is not assigned to the user group to be created.
Displays the number of user groups that are not assigned to the resource group.
Displays the number of parity groups that are not assigned to the resource group.
Displays the number of LDEVs that are not assigned to the resource group.
Displays the number of ports that are not assigned to the resource group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
429
�Edit Resource Group Assignment window
Item
Number of Host Groups
Number of iSCSI Targets
Detail
Description
Displays the number of host groups that are not assigned to the resource group.
Displays the number of the iSCSI targets that are assigned to the resource group.
Displays the detail of the selected resource group.
Add button Adds the selected resource groups in the Unassigned Resource Groups list to the Assigned Resource Groups list.
Remove button Removes the selected resource groups from the Assigned Resource Groups list and relocates the resource groups to the Unassigned Resource Groups list.
Assigned Resource Groups table
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
430
�Edit Resource Group Assignment window
Lists the resource groups to be assigned to the user group.
Item Resource Group Name (ID) Number of User Groups Number of Parity Groups Number of LDEVs
Number of Ports
Number of Host Groups Number of iSCSI Targets Detail
Description
Displays the name and ID of the resource group assigned to the user group to be created.
Displays the number of user groups that are assigned to the resource group.
Displays the number of parity groups that are assigned to the resource group.
Displays the number of LDEVs that are assigned to the resource group.
Displays the number of ports that are assigned to the resource group.
Displays the number of host groups that are assigned to the resource group.
Displays the number of the iSCSI targets that are assigned to the resource group.
Displays the detail of the selected resource group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
431
�Edit Resource Group Assignment confirmation window
Edit Resource Group Assignment confirmation window
The following tables describe the fields and settings used to assign user group names with the Create User Group wizard.
Item User Group Name
Description Displays the new name of the user group.
Selected Resource Groups as Assigned Table
The following table describes the fields and settings used to assign resource groups with the Create User Group wizard.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
432
�Edit Resource Group Assignment confirmation window
Item Resource Group Name (ID) Number of User Groups Number of Parity Groups Number of LDEVs
Number of Ports
Number of Host Groups Number of iSCSI Targets Detail
Description
Displays the name and ID of the resource group assigned to the user group to be created.
Displays the number of user groups that are assigned to the resource group.
Displays the number of parity groups that are assigned to the resource group.
Displays the number of LDEVs that are assigned to the resource group.
Displays the number of ports that are assigned to the resource group.
Displays the number of host groups that are assigned to the resource group.
Displays the number of the iSCSI targets that are assigned to the resource group.
Displays the detail of the selected resource group.
Selected Resource Groups as Unassigned Table The following table lists the resource groups that are not assigned to the user group.
Item Resource Group Name (ID) Number of User Groups Number of Parity Groups Number of LDEVs
Number of Ports
Number of Host Groups Number of iSCSI Targets
Description
Displays the name and ID of the resource group not assigned to the user group to be created.
Displays the number of user groups that are not assigned to the resource group.
Displays the number of parity groups that are not assigned to the resource group.
Displays the number of LDEVs that are not assigned to the resource group.
Displays the number of ports that are not assigned to the resource group.
Displays the number of host groups that are not assigned to the resource group.
Displays the number of the iSCSI targets that are assigned to the resource group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
433
�Item Detail
Edit Role Assignment wizard
Description Displays the detail of the selected resource group.
Edit Role Assignment wizard
Edit Role Assignment window
Use this window to add roles to the user group and to assign roles to the user group in the Create User Group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
434
�Unassigned Roles
Edit Role Assignment window
Lists roles that are not assigned to the user group.
Role
Item
Displays roles.
Description
Add button Adds the selected roles in the Unassigned Roles list to the Assigned Roles list.
Remove button Removes the selected roles from the Assigned Roles list and relocates the selected roles to the Unassigned Roles list.
Assigned Roles The following window shows the roles that can be assigned to the selected user group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
435
�Edit Role Assignment window
Role
Item
Displays roles.
Description
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
436
�Edit Role Assignment confirmation window
Edit Role Assignment confirmation window
Selected User Group
Item
Description
User Group Name Displays the new name of the user group.
All Resource Groups Displays whether all the resource groups are assigned.
Assigned
Yes: All the resource groups are assigned to the user group.
No: All the resource groups are not assigned to the user group.
Selected Assigned Roles
Role
Item
Description Displays the roles that are assigned to the user group.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
437
�Setup Server wizard
Selected Unassigned Roles
Role
Item
Description Displays the roles that are not assigned to the user group.
Setup Server wizard
Select Authentication Server window
To open this window, select Server Setup from the LDAP, RADIUS, or Kerberos properties window.
The following tables describe the fields and settings used to set up external authentication in the Select Authentication Server window.
Item
External Authentication
Description
Select the type of authentication server.
Disable: Does not use any authentication server. Users are authenticated with user information registered in the SVP.
LDAP: Users are authenticated with user information registered in the LDAP server.
RADIUS: Users are authenticated with user information registered in the RADIUS server.
Kerberos: Users are authenticated with user information registered in the Kerberos server.
When you select Disable, click Finish to open the confirmation window.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
438
�Select Authentication Server confirmation window
Item
Description
When you select LDAP, RADIUS, or Kerberos, click Next to open the Setup Server window.
Select Authentication Server confirmation window
To open this window, select Disable in the Select Authentication Server window.
The following table describes the fields and settings in the Disable authentication server setup window.
Item
External Authentication
Description
Displays the type of the authentication server.
Disable: Does not use any authentication server. Users are authenticated with user information registered in the SVP.
LDAP: Users are authenticated with user information registered in the LDAP server.
RADIUS: Users are authenticated with user information registered in the RADIUS server.
Kerberos: Users are authenticated with user information registered in the Kerberos server.
LDAP Properties window
To open this window, select LDAP in the External Authentication window.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
439
�LDAP Properties window
Item DNS Lookup
Authentication Protocol
Description
Displays whether to search for the LDAP server using the information registered in the SRV records in the DNS server.
Enable: Performs the search using information registered in the SRV records in the DNS server.
Disable: Performs the search using the host name and the port number.
Displays the LDAP protocol to use.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
440
�RADIUS Properties window
Item
Description
External User Group Mapping
Displays whether to connect an authentication server to an authorization server.
Enable: Connects an authentication server to an authorization server.
Disable: Does not connect an authentication server to an authorization server.
Primary Host Name
Displays the host name of the LDAP server.
Primary Port Number
Displays the port number of the LDAP server.
Domain Name
Displays the domain name that the LDAP server manages.
User Name Attribute
Displays the attribute name to identify a user, such as a user ID.
Base DN
Displays the Base DN for searching for users to authenticate.
Search User's DN
Displays the DN of the user for searching.
Password
Displays asterisks (*) to mask the password of the user for searching.
Timeout
Displays the number of seconds before connection to the LDAP server times out.
Retry Interval
Displays the retry interval in seconds when the connection to the LDAP server fails.
Number of Retries
Displays the retry times when the connection to the LDAP server fails.
Secondary Host Name Displays the host name of the secondary LDAP server.
Secondary Port Number Displays the port number of the secondary LDAP server.
Setup Server
Displays the Setup Server window.
RADIUS Properties window
This window opens when you select RADIUS in External Authentication.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
441
�RADIUS Properties window
The following table describes the fields and settings in the RADIUS properties window.
Item Authentication Protocol
Primary Host Name Secret
Description
Displays the RADIUS protocol to use.
PAP: Password authentication protocol that transmits plaintext user ID and password.
CHAP: Challenge-handshake authentication protocol that transmits encrypted password.
Displays the host name, the IPv4 address, or the IPv6 address of the RADIUS server.
Displays asterisks (*) to mask the RADIUS secret key used for the PAP or CHAP authentication.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
442
�RADIUS Properties window
Item
Description
NAS Address
Displays the identifier for the RADIUS server to find SVP.
Primary Port Number
Displays the port number of the RADIUS server.
Timeout
Displays the number of seconds before connection to the RADIUS server times out.
Number of Retries
Displays the retry times when the connection to the RADIUS server fails.
Secondary Host Name
Displays the host name, the IPv4 address, or the IPv6 address of the secondary RADIUS server.
Secondary Port Number Displays the port number of the secondary RADIUS server.
External User Group
Displays the LDAP protocol to use.
Mapping - Authentication
Protocol
External User Group Mapping - DNS Lookup
Displays whether to search for the LDAP server using the information registered in the SRV records in the DNS server.
Enable: Performs the search using information registered in the SRV records in the DNS server.
Disable: Performs the search using the host name and the port number.
External User Group Mapping - Host Name
Displays the host name, the IPv4 address, or the IPv6 address of the LDAP server.
External User Group
Displays the port number of the LDAP server.
Mapping - Port Number
External User Group Mapping - Domain Name
Displays the domain name of the LDAP server.
External User Group Mapping - Base DN
Displays the base DN to search for users to authenticate.
External User Group
Displays the search user's domain name.
Mapping - Search User's
DN
External User Group Mapping - Password
Displays asterisks (*) to mask the password of the user for searching.
External User Group Mapping - Timeout
Displays the number of seconds before connection to the LDAP server times out.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
443
�Kerberos Properties window
Item
Description
External User Group
Displays the retry interval in seconds when the connection to
Mapping - Retry Interval the LDAP server fails.
External User Group Mapping - Number of Retries
Displays the retry times when the connection to the LDAP server fails.
Setup Server
Displays the Setup Server window.
Kerberos Properties window
To open this window, select Kerberos in the External Authentication window.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
444
�Kerberos Properties window
The following table describes the fields and settings used to edit the Kerberos properties.
Item DNS Lookup
Realm Name Primary Host Name
Description
Displays whether to search for the Kerberos server using the information registered in the SRV records in the DNS server. Enable: Performs the search using information registered in
the SRV records in the DNS server. Disable: Performs the search using the host name and the
port number.
Displays the default realm name.
Displays the name of the Kerberos server.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
445
�Kerberos Properties window
Item
Description
Primary Port Number
Displays the port number of the Kerberos server.
Clock Skew
Displays the acceptable range of time difference between the SVP and the Kerberos server.
Timeout
Displays the number of seconds before connection to the Kerberos server times out.
Secondary Host Name Displays the name of the secondary Kerberos server.
Secondary Port Number Displays the port number of the secondary Kerberos server.
External User Group
Displays the LDAP protocol to use.
Mapping - Authentication
Protocol
External User Group Mapping - Primary Port Number
Displays the port number of the LDAP server.
External User Group Mapping - Base DN
Displays the base domain name to search for users to authenticate.
External User Group
Displays the search user's domain name.
Mapping - Search User's
DN
External User Group Mapping - Password
Displays asterisks (*) to mask the password of the user for searching.
External User Group Mapping - Timeout
Displays the number of seconds before connection to the LDAP server times out.
External User Group
Displays the retry interval in seconds when the connection to
Mapping - Retry Interval the LDAP server fails.
External User Group Mapping - Number of Retries
Displays the retry times when the connection to the LDAP server fails.
External User Group Mapping - Secondary Port Number
Displays the port number of the secondary LDAP server.
Setup Server
Displays the Setup Server window.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
446
�Setup Server for LDAP
Setup Server for LDAP
LDAP Setup Server window
To open this window, select LDAP in the Select Authentication Server window.
The following table describes the fields and settings used to edit the server information.
Item Certificate File Name
Description Specify a certificate file. Click Browse to find the file. The specified certificate is also used for the secondary server.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
447
�LDAP Setup Server window
Item DNS Lookup
Authentication Protocol
External User Group Mapping
External User Group Mapping - Host Name
External User Group Mapping - Port Number External User Group Mapping - Domain Name External User Group Mapping - User Name Attribute
Description
Specify whether to search for the LDAP server using the information registered in the SRV records in the DNS server. Enable: Do not select the search using information registered
in the SRV records in the DNS server. Disable: Select the search using the host name and the port
number.
Specify an LDAP protocol to use. Available protocols are as follows. Select LDAP over SSL/TLS Do not select STARTTLS If you select Enable in DNS Lookup, you cannot select LDAP over SSL/TLS.
Specify whether to connect an authentication server to an authorization server. Enable: Connects an authentication server to an
authorization server. Disable: Does not connect an authentication server to an
authorization server.
Specify a host name of the LDAP server. ASCII code characters, hyphens (-), and periods (.) can be specified. If you select Enable in DNS Lookup, this item is disabled.
Specify a port number of the LDAP server. If you select Enable in DNS Lookup, this item is disabled.
Specify a domain name that the LDAP server manages. You can specify ASCII code characters, hyphens (-), and periods (.).
Specify an attribute name to identify a user, such as a user ID. You can specify ASCII code characters and the following symbols:
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
448
�LDAP Setup Server window
Item
Description ! # $ % & ' ( ) * + , -. / : ; < = > ? @[ \ ] ^ _` {| } ~ Hierarchical model
Specify an attribute name where the value that can identify a user is stored. Flat model Specify an attribute name for a user entry's RDN. sAMAccountName is used for Active Directory.
External User Group Mapping - Timeout
Specify the number of seconds before connection to the LDAP server times out.
External User Group
Specify a retry interval in seconds when the connection to the
Mapping - Retry Interval LDAP server fails.
External User Group Mapping - Number of Retries
Specify retry times when the connection to the LDAP server fails.
External User Group Mapping - Base DN
Search for users to authenticate by specifying a base DN.
Available characters: Alphanumeric characters (ASCII characters) and all symbols.
Hierarchical model: Specify a DN of hierarchy that includes all of the targeted users for searching.
Flat model: Specify a DN of hierarchy that is one level above the targeted user for searching.
To use symbols such as + ; , < = and > in the basedn field, type a backslash (\) before each symbol. When using multiple symbols, each symbol must have a backslash (\) before it. For example, to enter abc++, type abc\+\+.
To use backslash (\) , forward slash (/), or quotation mark (") in the basedn field, type a backslash (\) followed by the ASCII code in hex for the symbol:
Type \5c to enter a backslash (\).
Type \2f to enter a forward slash (/).
Type \22 to enter a quotation mark (").
External User Group Mapping - Search User's DN
Search for a user by specifying a DN.
Available characters: Alphanumeric characters (ASCII characters) and all symbols.
If you specify sAMAccountName in External User Group Mapping - User Name Attribute, or if you select Enable in External User Group Mapping, this item must be specified.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
449
�LDAP Setup Server window
Item
Description
To use symbols such as + ; , < = and > in the searchdn field, type a backslash (\) before each symbol. When using multiple symbols, each symbol must have a backslash (\) before it. For example, to enter abc++, type abc\+\+.
To use backslash (\) , forward slash (/), or quotation mark (") in the searchdn field, type a backslash (\) followed by the ASCII code in hex for the symbol:
Type \5c to enter a backslash (\).
Type \2f to enter a forward slash (/).
Type \22 to enter a quotation mark (").
External User Group Mapping - Password
Search for a user by specifying his password.Search for a user by specifying his password. Specify the same password that is registered in the LDAP server.
You can specify ASCII code characters and the following symbols:
! # $ % & ' ( ) * + - . = @ \ ^ _ |
If you specify sAMAccountName in External User Group Mapping - User Name Attribute, or if you select Enable in External User Group Mapping, this item must be specified.
External User Group Mapping - Re-enter Password
Re-enter the password of the user group you are searching for to confirm your entry.
You can specify ASCII code characters and the following symbols:
! # $ % & ' ( ) * + - . = @ \ ^ _ |
If you enter any password in External User Group Mapping Password, you must specify this item.
Secondary Server
Specify whether to use a secondary LDAP server. Enable: Uses a secondary LDAP server. Disable: Does not use a secondary LDAP server. If you select Enable in DNS Lookup, this item is disabled.
Secondary Server - Host Name
Specify a host name of the secondary LDAP server.
You can specify ASCII code characters, hyphens (-), and periods (.).
If you select Disable in Secondary Server, this item is disabled.
Secondary Server -Port Number
Specify a port number of the secondary LDAP server. If you select Disable in Secondary Server, this item is disabled.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
450
�LDAP Setup Server window
Item Test User Name
Password
Server Configuration Test Server Configuration Test - Result
Description
Specify a user name for a server connection test.
You can specify ASCII code characters and the following symbols:
! # $ % & ' * + - . / = ? @ ^ _ ` { | } ~
Specify a password of the user name for a server connection test.
You can specify ASCII code characters and the following symbols:
! # $ % & ' ( ) * + , -. / : ; < = > ? @[ \ ] ^ _` { | } ~
Click Check to conduct a server connection test for the authentication server and the authorization server based on the specified settings.
Displays a result of the server connection test for the authentication server and the authorization server.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
451
�LDAP Setup Server confirmation window
LDAP Setup Server confirmation window
Selected Server
Item External Authentication
Description
Displays the type of the authentication server.
Disable: Does not use any authentication server. Users are authenticated with user information registered in the SVP.
LDAP: Users are authenticated with user information registered in the LDAP server.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
452
�LDAP Setup Server confirmation window
Item
Description
RADIUS: Users are authenticated with user information registered in the RADIUS server.
Kerberos: Users are authenticated with user information registered in the Kerberos server.
Setup Server
Item
Description
Certificate File Name Displays the certificate file.
DNS Lookup
Displays whether to search for the LDAP server using the information registered in the SRV records in the DNS server.
Enable: Performs the search using information registered in the SRV records in the DNS server.
Disable: Performs the search using the host name and the port number.
Authentication Protocol
Displays the LDAP protocol.
External User Group Mapping
Displays whether to connect an authentication server to an authorization server.
Enable: Connects an authentication server to an authorization server.
Disable: Does not connect an authentication server to an authorization server.
Primary Host Name Displays the host name of the LDAP server.
Primary Port Number Displays the port number of the LDAP server.
Domain Name
Displays the domain name that the LDAP server manages.
User Name Attribute Displays the attribute name to identify a user.
Base DN
Displays the base DN for searching for users to authenticate.
Search User's DN Displays the DN of a user for searching.
Password
Displays asterisks (*) to mask the password of the user for searching.
Timeout
Displays the number of seconds before connection to the LDAP server times out.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
453
�Setup Server for RADIUS
Item Retry Interval
Number of Retries
Secondary Host name Secondary Port Number
Description Displays the retry interval in seconds when the connection to the LDAP server fails. Displays the retry times when the connection to the LDAP server fails. Displays the host name of the secondary LDAP server.
Displays the port number of the secondary LDAP server.
Setup Server for RADIUS
RADIUS Set Up Server window
To open this window, select RADIUS in the Select Authentication Server window.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
454
�RADIUS Set Up Server window
The following table describes the fields and settings used to edit server RADIUS information.
Item Authentication Protocol
Host Name
Description
Specify a RADIUS protocol to use. PAP: Password authentication protocol that transmits plaintext
user ID and password. CHAP: Challenge-handshake authentication protocol that
transmits encrypted password.
Specify a name of the RADIUS server. You can specify ASCII code characters, hyphens (-), and periods (.).
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
455
�RADIUS Set Up Server window
Item Secret Re-enter Secret NAS Address
Port Number Timeout Number of Retries Secondary Server
Description
Specify a RADIUS secret key used for the PAP authentication or the CHAP authentication. You can specify ASCII code characters and the following symbols: ! # $ % & ' ( ) * + - . = @ \ ^ _ |
Re-enter the RADIUS secret key to confirm your entry. You can specify ASCII code characters and the following symbols: ! # $ % & ' ( ) * + - . = @ \ ^ _ |
Specify an identifier for the RADIUS server to find SVP. To specify a host name, select Identifier and enter the host
name. You can specify ASCII code characters and the following symbols: ! " # $ % & ' ( ) * + , - . / ; : < > = ? @ [ \ ] ^ _ ( } ~ To specify an IPv4 address, select IPv4 and enter 4 numbers (0-255). For example: XXX.XXX.XXX.XXX (X indicates a digit) Specify only numbers. Do not specify any periods. To specify an IPv6 address, select IPv6 and enter 8 hexadecimal numbers (0-FFFF). For example: YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY (Y indicates a hexadecimal digit) Enter 0 to omit a segment.
Specify a port number of the RADIUS server.
Specify the number of seconds before connection to the RADIUS server times out.
Specify the retry times when the connection to the RADIUS server fails.
Specify whether to use a secondary RADIUS server and a secondary LDAP server. Enable: Uses secondary servers. Disable: Does not use secondary servers.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
456
�RADIUS Set Up Server window
Item
Description
Secondary Server Host Name
Specify a host name of the secondary RADIUS server. You can specify ASCII code characters, hyphens (-), and periods (.). If you select Disable in Secondary Server, this item is disabled.
Secondary Server Port Number
Specify a port number of the secondary RADIUS server. If you select Disable in Secondary Server, this item is disabled.
External User Group Mapping
Specify whether to connect an authentication server to an authorization server.
Enable: Connects an authentication server to an authorization server.
Disable: Does not connect an authentication server to an authorization server.
External User Group Mapping - Certificate File Name
Specify a certificate file. Click Browse to find the file.
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - DNS Lookup
Specify whether to search for the LDAP server using the information registered in the SRV records in the DNS server.
Enable: Do not select the search using information registered in the SRV records in the DNS server.
Disable: Select the search using the host name and the port number.
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping Authentication Protocol
Specify an LDAP protocol to use. Available protocols are as follows.
Select LDAP over SSL/TLS
Do not select STARTTLS
If you select Enable in DNS Lookup, you cannot select LDAP over SSL/TLS.
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - Host Name
Specify a host name of the LDAP server.
You can specify ASCII code characters, hyphens (-), and periods (.).
If you select Enable in DNS Lookup, or if you select Disable in External User Group Mapping, this item is disabled.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
457
�RADIUS Set Up Server window
Item
Description
External User Group Mapping - Port Number
Specify a port number of the LDAP server.
If you select Enable in DNS Lookup, or if you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - Domain Name
Specify a domain name of the LDAP server.
You can specify ASCII code characters, hyphens (-), and periods (.).
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - Base DN
Specify a base DN to search for users to authenticate.
Available characters: Alphanumeric characters (ASCII characters) and all symbols.
Hierarchical model: Specify a DN of hierarchy that includes all the targeted users for searching.
Flat model: Specify a DN of hierarchy that is one level up of the targeted user for searching.
If this field is blank, the value specified for the defaultNamingContext attribute of Active Directory is assumed as the base DN.
If you select Disable in External User Group Mapping, this item is disabled.
To use symbols such as + ; , < = and > in the basedn field, type a backslash (\) before each symbol. When using multiple symbols, each symbol must have a backslash (\) before it. For example, to enter abc++, type abc\+\+.
To use backslash (\) , forward slash (/), or quotation mark (") in the basedn field, type a backslash (\) followed by the ASCII code in hex for the symbol:
Type \5c to enter a backslash (\).
Type \2f to enter a forward slash (/).
Type \22 to enter a quotation mark (").
External User Group Mapping - Search User's DN
Search for a user by specifying a DN
Available characters: Alphanumeric characters (ASCII characters) and all symbols.
If you select Disable in External User Group Mapping, this item is disabled.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
458
�RADIUS Set Up Server window
Item
Description
To use symbols such as + ; , < = and > in the searchdn field, type a backslash (\) before each symbol. When using multiple symbols, each symbol must have a backslash (\) before it. For example, to enter abc++, type abc\+\+.
To use backslash (\) , forward slash (/), or quotation mark (") in the searchdn field, type a backslash (\) followed by the ASCII code in hex for the symbol:
Type \5c to enter a backslash (\).
Type \2f to enter a forward slash (/).
Type \22 to enter a quotation mark (").
External User Group Mapping - Password
Search for a user by specifying his password. Specify the same password that is registered in the LDAP server.
You can specify ASCII code characters and the following symbols:
! # $ % & ' ( ) * + - . = @ \ ^ _ |
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - Re-enter Password
Re-enter the password of the user you are searching for to confirm your entry.
You can specify ASCII code characters and the following symbols:
! # $ % & ' ( ) * + - . = @ \ ^ _ |
If you enter any password in External User Group Mapping Password, you must specify this item.
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - Timeout
Specify the number of seconds before connection to the LDAP server times out.
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - Retry Interval
Specify a retry interval in seconds when the connection to the LDAP server fails.
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - Number of Retries
Specify retry times when the connection to the LDAP server fails.
If you select Disable in External User Group Mapping, this item is disabled.
Test User Name
Specify a user name for a server connection test.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
459
�RADIUS Set Up Server confirmation window
Item
Description You can specify ASCII code characters and the following symbols: ! # $ % & ' * + - . / = ? @ ^ _ ` { | } ~
Password
Specify a password of the user name for a server connection test. You can specify ASCII code characters and the following symbols: ! # $ % & ' ( ) * + , -. / : ; < = > ? @[ \ ] ^ _` { | } ~
Server Configuration Test
Click Check to conduct a server connection test for the authentication server and the authorization server based on the specified settings.
Server Configuration Displays a result of the server connection test for the authentication
Test - Result
server and the authorization server.
RADIUS Set Up Server confirmation window
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
460
�RADIUS Set Up Server confirmation window
Selected Server
The following table describes the fields and settings in the Server section of the confirmation window for (RADIUS Setup Server) window.
Item
External Authentication
Description
Displays the type of the authentication server.
Disable: Does not use any authentication server. Users are authenticated with user information registered in the SVP.
LDAP: Users are authenticated with user information registered in the LDAP server.
RADIUS: Users are authenticated with user information registered in the RADIUS server.
Kerberos: Users are authenticated with user information registered in the Kerberos server.
Setup Server
The following table describes the fields and settings in the Setup Server section of the confirmation window for (RADIUS Setup Server) window.
Item
Description
Authentication Protocol
Displays the RADIUS protocol to use.
PAP: Password authentication protocol that transmits plaintext user ID and password.
CHAP: Challenge-handshake authentication protocol that transmits encrypted password.
Primary Host Name Displays the name of the RADIUS server.
Secret
Displays asterisks (*) to mask the RADIUS secret key used for the PAP authentication or the CHAP authentication.
NAS Address
Displays the identifier for the RADIUS server to find SVP.
Primary Port Number Displays the port number of the RADIUS server.
Timeout
Displays the number of seconds before connection to the RADIUS server times out.
Number of Retries
Displays the retry times when the connection to the RADIUS server fails.
Secondary Host Name
Displays the host name of the secondary RADIUS server.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
461
�RADIUS Set Up Server confirmation window
Item
Description
Secondary Port Number
Displays the port number of the secondary RADIUS server.
External User Group Displays the certificate file. Mapping - Certificate File Name
External User Group Mapping Authentication Protocol
Displays the LDAP protocol to use.
External User Group Mapping - DNS Lookup
Displays whether to search for the LDAP server using the information registered in the SRV records in the DNS server.
Enable: Performs the search using information registered in the SRV records in the DNS server.
Disable: Performs the search using the host name and the port number.
External User Group Mapping - Host Name
Displays the LDAP server host name
External User Group Mapping - Port Number
Displays the LDAP server port number
External User Group Mapping - Domain Name
Displays the LDAP server domain name.
External User Group Displays the base DN to search for users to authenticate. Mapping - Base DN
External User Group Mapping - Search User's DN
Displays the user's DN for searching.
External User Group Displays asterisks (*) to mask the password of the user for Mapping - Password searching.
External User Group Displays the number of seconds before connection to the LDAP Mapping - Timeout server times out.
External User Group Mapping - Retry Interval
Displays the retry interval in seconds when the connection to the LDAP server fails.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
462
�Setup Server for Kerberos
Item
Description
External User Group Displays the retry times when the connection to the LDAP server Mapping - Number of fails. Retries
Setup Server for Kerberos
Kerberos Set Up Server window
To open this window, select Kerberos in the Select Authentication Server window.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
463
�Kerberos Set Up Server window
The following table describes the fields and settings in the Setup Server section of Kerberos window.
Item DNS Lookup
Realm Name Host Name
Port Number Clock Skew Timeout Secondary Server
Secondary Server Host Name
Secondary Server Port Number
Description
Specify whether to search for the Kerberos server using the information registered in the SRV records in the DNS server. Enable: Do not select the search using information registered in
the SRV records in the DNS server. Disable: Select the search using the host name and the port
number.
Specify a default realm name. You can specify ASCII code characters and hyphens (-).
Specify a host name of the Kerberos server. You can specify ASCII code characters, hyphens (-), and periods (.). If you select Enable in DNS Lookup, this item is disabled.
Specify a port number of the Kerberos server. If you select Enable in DNS Lookup, this item is disabled.
Specify an acceptable range of time difference between the SVP and the Kerberos server.
Specify the number of seconds before connection to the Kerberos server times out.
Specify whether to use a secondary Kerberos server. Enable: Uses the secondary server. Disable: Does not use the secondary server. If you specify Enable in DNS Lookup, this item is disabled.
Specify a host name of the secondary Kerberos server. You can specify ASCII code characters, hyphens (-), and periods (.). If you select Enable in DNS Lookup, or if you select Disable in Secondary Server, this item is disabled.
Specify a port number of the secondary Kerberos server. If you select Enable in DNS Lookup, or if you select Disable in Secondary Server, this item is disabled.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
464
�Kerberos Set Up Server window
Item
Description
External User Group Mapping
Specify whether to connect an authentication server to an authorization server.
Enable: Connects an authentication server to an authorization server.
Disable: Does not connect an authentication server to an authorization server.
External User Group Mapping - Certificate File Name
Specify a certificate file. Click Browse to find the file.
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping Authentication Protocol
Specify an LDAP protocol to use. Available protocols are:
Select LDAP over SSL/TLS
Do not select STARTTLS
If you select Enable in DNS Lookup, you cannot select LDAP over SSL/TLS.
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - Primary Port Number
Specify a port number of the LDAP server.
If you select Enable in DNS Lookup, or if you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping Secondary Port Number
Specify a port number of the secondary LDAP server.
If you select Disable in Secondary Server, Enable in DNS Lookup, or External User Group Mapping fields, this item is disabled.
External User Group Mapping - Base DN
Specify a base DN to search for users to authenticate.
Available characters: Alphanumeric characters (ASCII characters) and all symbols.
Hierarchical model: Specify a DN of hierarchy that includes all the targeted users for searching.
Flat model: Specify a DN of hierarchy that is one level up of the targeted user for searching.
If this field is blank, the value specified for the defaultNamingContext attribute of Active Directory is assumed as the base DN.
If you select Disable in External User Group Mapping, this item is disabled.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
465
�Kerberos Set Up Server window
Item
Description
To use symbols such as + ; , < = and > in the basedn field, type a backslash (\) before each symbol. When using multiple symbols, each symbol must have a backslash (\) before it. For example, to enter abc++, type abc\+\+.
To use backslash (\) , forward slash (/), or quotation mark (") in the basedn field, type a backslash (\) followed by the ASCII code in hex for the symbol:
Type \5c to enter a backslash (\).
Type \2f to enter a forward slash (/).
Type \22 to enter a quotation mark (").
External User Group Mapping - Search User's DN
Search for a user by specifying a DN
Available characters: Alphanumeric characters (ASCII characters) and all symbols.
If you select Disable in External User Group Mapping, this item is disabled.
To use symbols such as + ; , < = and > in the searchdn field, type a backslash (\) before each symbol. When using multiple symbols, each symbol must have a backslash (\) before it. For example, to enter abc++, type abc\+\+.
To use backslash (\) , forward slash (/), or quotation mark (") in the searchdn field, type a backslash (\) followed by the ASCII code in hex for the symbol:
Type \5c to enter a backslash (\).
Type \2f to enter a forward slash (/).
Type \22 to enter a quotation mark (").
External User Group Mapping - Password
Search for a user by specifying his password. Specify the same password that is registered in the LDAP server.
You can specify ASCII code characters and the following symbols:
! # $ % & ' ( ) * + - . = @ \ ^ _ |
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - Re-enter Password
Re-enter the password of the user you are searching for to confirm your entry.
You can specify ASCII code characters and the following symbols:
! # $ % & ' ( ) * + - . = @ \ ^ _ |
If you enter any password in External User Group Mapping Password, you must specify this item.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
466
�Kerberos Set Up Server window
Item
Description
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - Timeout
Specify the number of seconds before connection to the LDAP server times out.
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - Retry Interval
Specify a retry interval in seconds when the connection to the LDAP server fails.
If you select Disable in External User Group Mapping, this item is disabled.
External User Group Mapping - Number of Retries
Specify retry times when the connection to the LDAP server fails.
If you select Disable in External User Group Mapping, this item is disabled.
Test User Name
Specify a user name for a server connection test. You can specify ASCII code characters and the following symbols: ! # $ % & ' * + - . / = ? @ ^ _ ` { | } ~
Password
Specify a password of the user name for a server connection test. You can specify ASCII code characters and the following symbols: ! # $ % & ' ( ) * + , -. / : ; < = > ? @[ \ ] ^ _` { | } ~
Server Configuration Test
Click Check to conduct a server connection test for the authentication server and the authorization server based on the specified settings.
Server Configuration Displays a result of the server connection test for the authentication
Test - Result
server and the authorization server.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
467
�Kerberos Set Up Server confirmation window
Kerberos Set Up Server confirmation window
Selected Server
The following table describes the fields and settings in the Server section of the confirmation window for Kerberos Setup Server).
Item
External Authentication
Description
Displays the type of the authentication server.
Disable: Does not use any authentication server. Users are authenticated with user information registered in the SVP.
LDAP: Users are authenticated with user information registered in the LDAP server.
RADIUS: Users are authenticated with user information registered in the RADIUS server.
Kerberos: Users are authenticated with user information registered in the Kerberos server.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
468
�Kerberos Set Up Server confirmation window
Setup Server
The following table describes the fields and settings in the Setup Server section of the confirmation window for Kerberos Setup Server.
Item
Description
DNS Lookup
Displays whether to search for the Kerberos server using the information registered in the SRV records in the DNS server.
Enable: Performs the search using information registered in the SRV records in the DNS server.
Disable: Performs the search using the host name and the port number.
Realm Name
Displayed the default realm name.
Primary Host Name Displays the name of the Kerberos server.
Primary Port Number Displays the port number of the Kerberos server.
Clock Skew
Displays the acceptable range of time difference between the SVP and the Kerberos server.
Timeout
Displays the number of seconds before connection to the Kerberos server times out.
Secondary Host Name
Displays the host name of the secondary Kerberos server.
Secondary Port Number
Displays the port number of the secondary Kerberos server.
External User Group Displays the certificate file. Mapping - Certificate File Name
External User Group Mapping Authentication Protocol
Displays the LDAP protocol to use.
External User Group Mapping - Primary Port Number
Displays the port number of the LDAP server.
External User Group Displays the base DN to search for users to authenticate. Mapping - Base DN
External User Group Mapping - Search User's DN
Displays the search user's domain name.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
469
�Kerberos Set Up Server confirmation window
Item
Description
External User Group Displays asterisks (*) to mask the password of the user for Mapping - Password searching.
External User Group Displays the number of seconds before connection to the LDAP Mapping - Timeout server times out.
External User Group Mapping - Retry Interval
Displays the retry interval in seconds when the connection to the LDAP server fails.
External User Group Displays the retry times when the connection to the LDAP server Mapping - Number of fails. Retries
External User Group Mapping Secondary Port Number
Displays the port number of the secondary LDAP server.
Appendix B: Device Manager - Storage Navigator user management GUI reference
System Administrator Guide for VSP 5000 Series
470
�Appendix C: Device Manager - Storage Navigator licenses GUI reference
This section describes the Device Manager - Storage Navigator windows that you use to view and manage the licenses for the software applications on your storage system.
License Keys window
Use the License Keys window to install and uninstall license keys.
Summary
The following table describes the fields and settings in the Summary section of the License Keys window.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
471
�License Keys window
Item
Description
Mounted capacity
Displays the capacity of internal and external volumes created in the storage system. When you install the software whose license capacity type is Mounted Capacity, install more license capacity than the mounted capacity to keep the software in Installed status. Values are rounded up to the second decimal place.
Number of License Keys Numbers of license keys are displayed for each status.
License Keys
The following table describes the fields and settings in the License Keys section of the License Keys window.
Item Program Product Name Status
Description
Name of the software application
The current status of the software
Installed: The software is available.
Installed (Disabled): Installation is complete, but the license is set to Disabled. This status might appear if an error occurs after you install software. Resolve the error and enable the license. This status also appears when the license key of this software is installed but the license key of the prerequisite software has expired.
Not Installed: The software is not installed.
Not Enough License: Installation is complete, but the license capacity is insufficient. Not Enough License might remain displayed when the licensed capacity exceeds the mounted capacity after you reduce the number of LDEVs, or when the licensed capacity exceeds the used capacity after you delete pairs or pool volumes. In these cases, you can update the license status by selecting Update License Status and then installing the software.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
472
�License Keys window
Item
Key Type Licensed Capacity
Term (days) Install Licenses
Description
Grace Period: The licensed capacity is insufficient because LDEVs are added, or copy pairs are created, or pool volumes are added. The license expires in 30 days. Please purchase the licenses before the license key expires. Grace Period might remain displayed when the licensed capacity exceeds the mounted capacity after you reduce the number of LDEVs, or when the licensed capacity exceeds the used capacity after you delete pairs or pool volumes. In these cases, you can update the license status by selecting Update License Status and then installing the software.
Expired: The term has already expired for the temporary key. When the status is Expired, you cannot re-install the temporary key.
The license key type:
permanent
term
temporary
emergency
This field is blank if no license key is installed.
Permitted (TB): Displays the permitted volume capacity for this software in integers. If no upper limit value is set for the capacity, "Unlimited" displays. This field is blank if no license is installed.
Used (TB): Capacity of the volumes used by the software. Up to the second decimal place is displayed. The third decimal place is rounded up. If the license capacity type is other than Used, a hyphen (-) displays. If no license is installed, a blank displays.
Licensed capacity displayed is found from calculations based on the following:
1k byte = 1,024 bytes, 1M byte = 1,024 kilobytes, 1G byte = 1,024 megabytes, 1T byte = 1,024 gigabytes
The number of days remaining before the expiration of a temporary key, an emergency key, or a term key. After the temporary key has expired, the column shows the number of days that remain before you can reinstall the temporary key. If there is no limit on validity, a hyphen (-) displays. This field is blank if no license is installed.
Opens the Install Licenses window
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
473
�Install Licenses wizard
Item
Description
Uninstall Licenses
Opens the Uninstall Licenses window
Enable
Opens the Enable Licenses window
Disable*
Opens the Disable Licenses window
Update License Status* Opens the Update License Status window
Export*
Displays a window that shows the information in the table
* Appears when you click More Actions.
Install Licenses wizard
This topic describes the Install Licenses wizard.
Install Licenses window
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
474
�Install Licenses window
Item License Key
Add button
Description
Select whether to enter a key code or specify a license key file.
Key Code: Enter a key code to install the software. Use the license key code for the software to be installed.
File: Specify a license key file to install software. Click Browse and specify the license key file.
Adds the specified license key to the Selected License Keys table.
Selected License Keys
Item
Description
Program Product Name Name of the software application
Status
The current status of the software
Installed: The software is available.
Installed (Disabled): Installation is complete, but the license is set to Disabled. This status might appear if an error occurs after you install software. Resolve the error and enable the license. This status also appears when the license key of this software is installed but the license key of the prerequisite software has expired.
Not Installed: The software is not installed.
Not Enough License: Installation is complete, but the license capacity is insufficient. Not Enough License might remain displayed when the licensed capacity exceeds the mounted capacity after you reduce the number of LDEVs, or when the licensed capacity exceeds the used capacity after you delete pairs or pool volumes. In these cases, you can update the license status by selecting Update License Status and then installing the software.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
475
�Install Licenses window
Item
Key Type Licensed Capacity
Term (days) Enable
Description
Grace Period: The licensed capacity is insufficient because LDEVs are added, or copy pairs are created, or pool volumes are added. The license expires in 30 days. Please purchase the licenses before the license key expires. Grace Period might remain displayed when the licensed capacity exceeds the mounted capacity after you reduce the number of LDEVs, or when the licensed capacity exceeds the used capacity after you delete pairs or pool volumes. In these cases, you can update the license status by selecting Update License Status and then installing the software.
Expired: The term has already expired for the temporary key. When the status is Expired, you cannot re-install the temporary key.
The license key type:
permanent
term
temporary
emergency
This field is blank if no license key is installed.
Permitted (TB): The window displays the permitted volume capacity for this software in integers. If no upper limit value is set for the capacity, "Unlimited" displays. This field is blank if no license is installed.
Used (TB): This is the capacity of the volumes used by the software. Up to the second decimal place is displayed. The third decimal place is rounded up. If the license capacity type is other than Used, a hyphen (-) displays. If no license is installed, a blank displays.
Licensed capacity displayed is found from calculations based on the following:
1k byte = 1,024 bytes, 1M byte = 1,024 kilobytes, 1G byte = 1,024 megabytes, 1T byte = 1,024 gigabytes
The number of days remaining before the expiration of a temporary key, an emergency key, or a term key. After the temporary key has expired, the column shows the number of days that remain before you can reinstall the temporary key. If there is no limit on validity, a hyphen (-) displays. This field is blank if no license is installed.
Installs license keys in Enabled status. You can select more than one software product.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
476
�Install Licenses confirmation window
Item Disable
Clear All
Description
Installs license keys in Disabled status. You can select more than one software product.
Deletes all license keys from the Selected License Keys table.
Install Licenses confirmation window
This topic describes the Install Licenses confirmation window.
Item Program Product Name Status
Description
Name of the software application
Displays the software's installation status. See the Status item in the Selected License Keys table in the section Install Licenses window (on page 474).
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
477
�Enable Licenses window
Item Key Type Licensed Capacity
Term (days)
Description
The license key type:
permanent
term
temporary
emergency
This field is blank if no license key is installed.
Permitted (TB): The window displays the permitted volume capacity for this software in integers. If no upper limit value is set for the capacity, "Unlimited" displays. This field is blank if no license is installed.
Used (TB): This is the capacity of the volumes used by the software. Up to the second decimal place is displayed. The third decimal place is rounded up. If the license capacity type is other than Used, a hyphen (-) displays. If no license is installed, a blank displays.
Licensed capacity displayed is found from calculations based on the following:
1k byte = 1,024 bytes, 1M byte = 1,024 kilobytes, 1G byte = 1,024 megabytes, 1T byte = 1,024 gigabytes
The number of days remaining before the expiration of a temporary key, an emergency key, or a term key. After the temporary key has expired, the column shows the number of days that remain before you can reinstall the temporary key. If there is no limit on validity, a hyphen (-) displays. This field is blank if no license is installed.
Enable Licenses window
This section describes the Enable Licenses window.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
478
�Enable Licenses window
The following table describes the fields and settings in the Enable Licenses window.
Item Program Product Name Status
Key Type
Description
Name of the software application
Displays the software's installation status. See the Status item in the Selected License Keys table in the section Install Licenses window (on page 474).
The license key type: Permanent Term Temporary Emergency This field is blank if no license key is installed.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
479
�Disable Licenses window
Item Licensed Capacity (TB)
Term (days)
Description
Permitted: The window displays the permitted volume capacity for this software in integers. If no upper limit value is set for the capacity, "Unlimited" displays. This field is blank if no license is installed.
Used: This is the capacity of the volumes used by the software. Up to the second decimal place is displayed. The third decimal place is rounded up. If the license capacity type is other than Used, a hyphen (-) displays. If no license is installed, a blank displays.
Licensed capacity displayed is found from calculations based on the following:
1 KB= 1,024 bytes, 1 MB = 1,024 KB, 1 GB = 1,024 MB, 1 TB= 1,024 GB
The number of days remaining before the expiration of a temporary key, an emergency key, or a term key. After the temporary key has expired, the column shows the number of days that remain before you can reinstall the temporary key. If there is no limit on validity, a hyphen (-) displays. This field is blank if no license is installed.
Disable Licenses window
This section describes the Disable Licenses window.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
480
�Disable Licenses window
The following table describes the fields and settings in the Disable Licenses window.
Item Program Product Name Status
Key Type
Description
Name of the software application
Displays the software's installation status. See the Status item in the Selected License Keys table in the section Install Licenses window (on page 474).
The license key type: Permanent Term Temporary Emergency This field is blank if no license key is installed.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
481
�Remove Licenses window
Item Licensed Capacity (TB)
Term (days)
Description
Permitted: The window displays the permitted volume capacity for this software in integers. If no upper limit value is set for the capacity, "Unlimited" displays. This field is blank if no license is installed.
Used: This is the capacity of the volumes used by the software. Up to the second decimal place is displayed. The third decimal place is rounded up. If the license capacity type is other than Used, a hyphen (-) displays. If no license is installed, a blank displays.
Licensed capacity displayed is found from calculations based on the following:
1 KB= 1,024 bytes, 1 MB = 1,024 KB, 1 GB = 1,024 MB, 1 TB= 1,024 GB
The number of days remaining before the expiration of a temporary key, an emergency key, or a term key. After the temporary key has expired, the column shows the number of days that remain before you can reinstall the temporary key. If there is no limit on validity, a hyphen (-) displays. This field is blank if no license is installed.
Remove Licenses window
This topic describes the Remove Licenses window.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
482
�Remove Licenses window
Item Program Product Name Status
Key Type
Description
Name of the software application
Displays the software's installation status. See the Status item in the Selected License Keys table in the section Install Licenses window (on page 474).
The license key type: Permanent Term Temporary Emergency This field is blank if no license key is installed.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
483
�Update License Status window
Item Licensed Capacity
Term (days)
Description
Permitted (TB): The window displays the permitted volume capacity for this software in integers. If no upper limit value is set for the capacity, "Unlimited" displays. This field is blank if no license is installed.
Used (TB): This is the capacity of the volumes used by the software. Up to the second decimal place is displayed. The third decimal place is rounded up. If the license capacity type is other than Used, a hyphen (-) displays. If no license is installed, a blank displays.
Licensed capacity displayed is found from calculations based on the following:
1 KB= 1,024 bytes, 1 MB = 1,024 KB, 1 GB = 1,024 MB, 1 TB= 1,024 GB
The number of days remaining before the expiration of a temporary key, an emergency key, or a term key. After the temporary key has expired, the column shows the number of days that remain before you can reinstall the temporary key. A hyphen (-) displays if the If there is no limit on validity, a hyphen (-) displays. This field is blank if no license is installed.
Update License Status window
This topic describes the Update License Status window.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
484
�Update License Status window
The following table describes the fields and settings in the Update License Status window.
Item Program Product Name Status
Key Type
Description
Name of the software application
Displays the software's installation status. See the Status item in the Selected License Keys table in the section Install Licenses window (on page 474).
The license key type: permanent term temporary emergency This field is blank if no license key is installed.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
485
�Update License Status window
Item Licensed Capacity
Term (days)
Description
Permitted (TB): The window displays the permitted volume capacity for this software in integers. If no upper limit value is set for the capacity, "Unlimited" displays. This field is blank if no license is installed.
Used (TB): This is the capacity of the volumes used by the software. Up to the second decimal place is displayed. The third decimal place is rounded up. If the license capacity type is other than Used, a hyphen (-) displays. If no license is installed, a blank displays.
Licensed capacity displayed is found from calculations based on the following:
1k byte = 1,024 bytes, 1M byte = 1,024 kilobytes, 1G byte = 1,024 megabytes, 1T byte = 1,024 gigabytes
The number of days remaining before the expiration of a temporary key, an emergency key, or a term key. After the temporary key has expired, the column shows the number of days that remain before you can reinstall the temporary key. If there is no limit on validity, a hyphen (-) displays. This field is blank if no license is installed.
Appendix C: Device Manager - Storage Navigator licenses GUI reference
System Administrator Guide for VSP 5000 Series
486
�Appendix D: Configuring storage systems GUI reference
This section describes the Device Manager - Storage Navigator windows and wizards that you use to configure storage systems.
Login Message window
The following table describes the fields and settings in the Login Message window.
Item
Description
Login Message Enter a login message. You can use up to 2,048 alphanumeric characters (ASCII codes) and symbols.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
487
�Edit Storage System wizard
Edit Storage System window
Edit Storage System wizard
The following table describes the fields and settings in the Edit Storage System window.
Item Storage System Name Contact
Location
Description Device name of the storage system.
Contact information such as personnel and telephone number where you can inquire about the storage system. Location of the connected storage system.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
488
�Edit Storage System confirmation window
Edit Storage System confirmation window
The following table describes the fields and settings in the Confirm window (Edit Storage System).
Item
Description
Storage
Device name of the storage system.
System Name
Contact
Contact information such as personnel and telephone number where you can inquire about the storage system.
Location
Location of the connected storage system.
Edit Alert Settings wizard
This section describes the Edit Alert Settings wizard.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
489
�Edit Alert Settings window
Edit Alert Settings window
Item Notification Alert
Description
Select the destination of the alert notification. All: Sends alerts of all SIMs. Host Report: Sends alerts only of SIMs that report to hosts. Alert destinations are common to Syslog, SNMP, and Email.
Syslog tab
The following table describes the fields and settings in the Syslog tab.
Item Transfer Protocol
Description Select the protocol for Syslog transfer. New Syslog Protocol (TLS1.2/RFC5424) Old Syslog Protocol (UDP/RFC3164)
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
490
�Edit Alert Settings window
Item Primary Server
Primary Server Server Setting
Primary Server - Port Number Primary Server - Client Certificate File Name Primary Server Password
Primary Server - Root Certificate File Name Secondary Server
Secondary Server Server Setting
Description
Select whether or not to use the Syslog Server.
Enable: Reports SIM to the Syslog Server through Syslog.
Does not report SIM to the Syslog Server through Syslog.
Enter the IPv4 or IPv6 address, or the host name of the server that you want to set as the Syslog Server. You cannot set an address with all 0s.
To specify a host name, select Identifier, and then enter a host name with no more than 255 characters by using alphanumeral characters and symbols: ! $ % - . @ _ ` ~.
Use this field only when you select Enable in Primary Server.
Note: If SIMs are not transferred to the Syslog server, verify the settings in the Syslog tab. If all settings are correct, verify the settings and operating conditions of the Syslog Server itself, and the operating conditions of the Management LAN.
Enter the port number used by the Syslog Server. Use this field only when you selected Enable in Primary Server.
Specify a certificate file. Click Browse and specify the certificate file. Use this field only when you select New Syslog Protocol (TLS1.2/RFC5424) in Transfer Protocol and selected Enable in Primary Server.
Enter a password for the client certificate. You can enter up to 128 alphanumeric characters and the following symbols:
! # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~
Use this field only when you specified Client Certificate File Name.
Specify a certificate file. Click Browse and specify the certificate file.
Use this field only when you select New Syslog Protocol (TLS1.2/RFC5424) in Transfer Protocol and selected Enable in Primary Server.
Select whether or not to use an alternate server for the Syslog Server.
Enable: Reports SIM to the alternate server for the Syslog Server through Syslog.
Disable: Does not report SIM to the alternate server for the Syslog Server through Syslog.
Enter the IPv4 or IPv6 address, or the host name of the server that you want to set as the alternate server for the Syslog Server. You cannot set an address with all 0s.
To specify a host name, select Identifier, and then enter a host name with no more than 255 characters by using alphanumeral characters and symbols: ! $ % - . @ _ ` ~.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
491
�Edit Alert Settings window
Item
Description Use this field only when you select Enable in Secondary Server.
Secondary Server - Port Number
Specify a certificate file. Click Browse and specify the certificate file. Use this field only when you select New Syslog Protocol (TLS1.2/RFC5424) in Transfer Protocol and select Enable in Secondary Server.
Secondary Server Client Certificate File Name
Specify a certificate file. Click Browse and specify the certificate file. Use this field only when you select New Syslog Protocol (TLS1.2/RFC5424) in Transfer Protocol and selected Enable in Secondary Server.
Secondary Server Password
Enter a password for the client certificate. You can enter up to 128 alphanumeric characters and the following symbols:
! # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~
Use this field only when you specify Client Certificate File Name.
Secondary Server - Root Certificate File Name
Specify a certificate file. Click Browse and specify the certificate file.
Use this field only when you select New Syslog Protocol (TLS1.2/RFC5424) in Transfer Protocol and selected Enable in Secondary Server.
Location Identification Name
Enter a name for identification of the storage system for which SIM is transferred to the Syslog Server. You can enter up to 32 alphanumeric characters and the following symbols:
! # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~
Spaces are not allowed.
Timeout
Enter a value as the time before the timeout for connection to the Syslog Server is detected. The default is 10.
Use this field only when you selected New Syslog Protocol (TLS1.2/ RFC5424) in Transfer Protocol.
Retry Interval
Enter a value between 1 and 60 (seconds) as the retry interval when communication with the Syslog Server fails. The default is 1.Use this field only when you selected New Syslog Protocol (TLS1.2/RFC5424) in Transfer Protocol.
Number of Retries
Enter a value between 1 and 50 as the number of retries when communication with the Syslog Server fails. The default is 3.Use this field only when you selected New Syslog Protocol (TLS1.2/RFC5424) in Transfer Protocol.
Send Test Message to Syslog Server
Reports SIM for test with Syslog.
Verify that the log Detailed data: "RefCode: 7FFFFF, This is Test Report." has been transferred to the Syslog server.
Reset settings
Cancels the changes within the tab
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
492
�Edit Alert Settings window SNMP tab (when the SNMP protocol version is SNMP v1 or SNMP v2c)
The following table describes the fields and settings in the SNMP tab when the SNMP protocol version is v1 or v2c.
Item SNMP Agent
SNMP Version
Description
Select whether to use the SNMP agent. Enable: Reports SIM through SNMP trap that permits GET REQUEST,
GETNEXT REQUEST, and GETBULK REQUEST* Disable: Does not report SIM through SNMP or permit GET REQUEST,
GETNEXT REQUEST, or GETBULK REQUEST*
Select the SNMP protocol version.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
493
�Edit Alert Settings window
Item Sending Trap Setting
Request Authentication Setting
System Group Information - Storage System Name
System Group Information - Contact System Group Information - Location
Description
Displays, in the Registered Sending Trap Settings table, the user names and IP addresses for which SNMP trap information is reported.
Community: Displays the community for which SNMP trap information is reported.
Send Trap to: Displays the IP address to which SNMP trap information is reported
Add: Opens the Add Sending Trap Setting window. You can register up to 32 communities.
Change: To change a community, select it, and then click this button to open the Change Sending Trap Setting window.
Delete: To delete a community, select it, and then click this button.
Displays, in the Registered Request Authentication Settings table, the community names and IP addresses that permit GET REQUEST, GETNEXT REQUEST and GETBULK REQUEST*.
Community: Displays the community names that permit GET REQUEST, GETNEXT REQUEST, and GETBULK REQUEST*
Requests Permitted: Displays the IP addresses that permit GET REQUEST, GETNEXT REQUEST, and GETBULK REQUEST*
Add: The Add Request Authentication Setting window opens. You can register up to 32 communities.
Change: To change a community, select it, and then click this button.
Delete: To delete a community, select it, and then click this button
Enter the storage system name. You can enter up to 180 alphanumeric characters and symbols, except for the following:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Caution: Make sure to document the information about the storage system because the settings will be cleared when the SVP is replaced.
Enter the administrator's name or contact information. You can enter up to 180 alphanumeric characters and symbols, except for the following:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Specify a location of the storage system. You can enter up to 180 alphanumeric characters and symbols, except for the following:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
494
�Edit Alert Settings window
Item
Description
SNMP Engine ID
Displays the SNMP engine identifier.
Send Test SNMP Trap
Reports test trap to IP addresses that are already registered in the storage system.
Note: Trap is reported using the content applied previously to the storage system rather than the current settings in the SNMP tab. Before reporting test trap, click Finish to apply the changes to the storage system.
Reset settings
Cancels the changes within the tab.
* Only SNMP v2c supports GETBULK REQUEST.
SNMP tab (when the SNMP protocol version is SNMP v3)
The following table describes the fields and settings in the SNMP tab when the SNMP protocol version is v3.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
495
�Edit Alert Settings window
Item SNMP Agent
SNMP Version Sending Trap Setting
Description
Select whether to use the SNMP agent.
Enable: Reports SIM through SNMP trap that permits GET REQUEST, GETNEXT REQUEST, and GETBULK REQUEST
Disable: Does not report SIM through SNMP or permit GET REQUEST, GETNEXT REQUEST, or GETBULK REQUEST
Select the SNMP protocol version.
Displays, in the Registered Sending Trap Settings table, the community names and IP addresses for which SNMP trap information is reported.
Send Trap to: Displays the IP address to which SNMP trap information is reported
User Name: Displays the user used for reporting SNMP trap information
Authentication - Mode: Displays whether authentication is enabled
Authentication - Protocol: If authentication is enabled, the authentication method is displayed
Encryption - Mode: Displays whether encryption is enabled
Encryption - Protocol: If encryption is enabled, the encryption method is displayed
Add: Opens the Add Sending Trap Setting window. You can register up to eight IP addresses.
Change: To change a destination, select it, and then click this button to open the Change Sending Trap Setting window.
Delete: To delete a destination, select it, and then click this button.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
496
�Edit Alert Settings window
Item Request Authentication Setting
System Group Information - Storage System Name
System Group Information - Contact System Group Information - Location SNMP Engine ID Send Test SNMP Trap
Description
Displays the user name that permit GET REQUEST, GETNEXT REQUEST and GETBULK REQUEST, in the Registered Request Authentication Settings table.
User Name: Displays the user names that permit GET REQUEST, GETNEXT REQUEST, and GETBULK REQUEST
Authentication - Mode: Displays whether authentication is enabled
Authentication - Protocol: If authentication is enabled, the authentication method is displayed
Encryption - Mode: Displays whether encryption is enabled
Encryption - Protocol: If encryption is enabled, the encryption method is displayed
Add: Opens the Add Request Authentication Setting window. You can register up to 8 users.
Change: To change a user, select it, and then click this button to open the Change Request Authentication Setting window.
Delete: To delete a user, select it, and then click this button.
Enter the storage system name. You can enter up to 180 alphanumeric characters and symbols, except for the following:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Caution: Make sure to document the information about the storage system because the settings will be cleared when the SVP is replaced.
Enter the administrator's name or contact information. You can enter up to 180 alphanumeric characters and symbols, except for the following:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Specify a location of the storage system. You can enter up to 180 alphanumeric characters and symbols, except for the following:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Displays the SNMP engine identifier.
Reports test trap to IP addresses that are already registered in the storage system.
Note: Trap is reported using the content applied previously to the storage system rather than the current settings in the SNMP tab. Before reporting test trap, click Finish to apply the changes to the storage system.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
497
�Edit Alert Settings window
Item Reset settings
Description Cancels the changes within the tab.
Email tab
Item Mail Notice
Email Settings
Description Select whether or not to report failure information through email. Enable: Reports SIM through email. Disable: Does not report SIM through email. This field is mandatory when you selected Enable in Mail Notice. Mail Address: The email address displays. Attribute: Adds email addresses. The Add Address window opens. Add: Adds email addresses. The Add Address window opens
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
498
�Edit Alert Settings window
Item
Description
Change: Changes the selected email address and attribute. The opens.
You can select more than one email address. When you select more than one email address, you can change only attributes.
Delete: Deletes the selected email address. You can select more than one email address.
Mail Address (From)
Enter the source address of the email for failure information report. You can enter up to 255 alphanumeric characters and the following symbols: ! # $ % & ` + - * / ' ^ { } _ . = ? @ | ~ This field is mandatory when you selected Enable in Mail Notice.
Mail Address (Reply - To)
Specify the return email address. If you specify this address, return email from the email recipient is transmitted to the address. If you omit this address, return email from the email recipient is transmitted to Mail Address (From).
You can enter up to 255 alphanumeric characters and the following symbols:
! # $ % & ` + - * / ' ^ { } _ . = ? @ | ~
Mail Server Setting Email Server
Enter the Email server information. You cannot set an IP address with all 0s.
Identifier: To specify a host name, select Identifier. You can enter a name of up to 63 characters and the following symbols:
! $ % ( ) ' - _ . @ ~
IPv4: Enter a valid IPv4 address in the format XXX.XXX.XXX.XXX (where XXX is a number from 0 to 255)
IPv6: Enter a valid IPv6 address in the format YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY: (where YYYY is a hexadecimal number from 0 to FFFF). You can also use an IPv6 address in abbreviated format.
This field is mandatory when you select Enable in Mail Notice.
Mail Server Setting SMTP Authentication
Note: If SIMs are not transferred through email, verify the settings in the Email tab. If all settings are correct, verify the settings and operating conditions of the mail server itself, and the operating conditions of the Management LAN.
Select whether or not to perform SMTP authentication.
Enable: Performs SMTP authentication.
Disable: Does not perform SMTP authentication.
When you select Enable, enter values in Account and Password.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
499
�Add Sending Trap Setting window (SNMP v1 or v2c)
Item
Send Test Email Reset settings
Description You can enter up to 255 alphanumeric characters and the following symbols: ! $ % ( ) ' - _ . @ ~ This field is mandatory when you select Enable in Mail Notice.
Sends SIM for testing through email.
Cancels the changes within the tab
Add Sending Trap Setting window (SNMP v1 or v2c)
Use the Add Sending Trap Setting window to set up an alert notification when using SNMP v1 or SNMP v2c.
This window appears when you click Add on the SNMP tab of the Set Up Alert Notifications window if the SNMP protocol version is SNMP v1 or SNMP v2c.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
500
�Add Sending Trap Setting window (SNMP v3)
Item Community
Send Trap to
Description
Specify the community to which SNMP traps are reported.
You can select an existing community from the pull down menu or create a new community. You can enter up to 180 alphanumeric characters excluding the following symbols:
\ , / ; : * ? " < > | & % ^ '
Note: Do not include space characters at the beginning or end.
Specify the IP address to which SNMP traps are reported.
Select an existing IP address from the pull down menu or enter a new address.
IPv4: Enter a valid IPv4 address in the format XXX.XXX.XXX.XXX (where XXX is a number from 0 to 255)
IPv6: Enter a valid IPv6 address in the format YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY: (where YYYY is a hexadecimal number from 0 to FFFF). You can also use an IPv6 address in abbreviated format.
Minus symbol: Removes the IP address in that row.
Add IP Address: Adds an IP address. You can add up to 32 IP addresses.
Add Sending Trap Setting window (SNMP v3)
Use the Add Sending Trap Setting window to set up an alert notification when using SNMP v3.
This window appears when you click Add on the SNMP tab of the Set Up Alert Notifications window if the SNMP protocol version is SNMP v3.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
501
�Add Sending Trap Setting window (SNMP v3)
Item Send Trap to
User Name Authentication
Description
Specify the IP address to which SNMP traps are reported. IPv4: Enter a valid IPv4 address in the format XXX.XXX.XXX.XXX (where XXX is
a number from 0 to 255) IPv6: Enter a valid IPv6 address in the format
YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY: (where YYYY is a hexadecimal number from 0 to FFFF). You can also use an IPv6 address in abbreviated format.
Enter the user name to be used for reporting SNMP traps. You can enter up to 32 alphanumeric characters, excluding the following symbols: \ , / ; : * ? " < > | & % ^ Note: Do not include space characters at the beginning or end.
Select whether to perform authentication. Enable: Authentication is performed. Disable: Authentication is not performed.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
502
�Change Sending Trap Setting window (SNMP v1 or v2c)
Item
Description
Authentication and encryption information is displayed only if authentication is enabled.
Authentication - If authentication is enabled, select either of the following authentication methods:
Protocol
SHA-1 or MD5 (SVP firmware version 90-08-21/xx or later)
SHA or MD5 (SVP firmware version earlier than 90-08-21/xx)
Authentication - If authentication is enabled, enter a password. The password must be 8 to 180
Password
alphanumeric characters and can include the following symbols:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Encryption
Select whether to perform encryption. Enable: Encryption is performed. Disable: Encryption is not performed. Encryption information is displayed only if encryption is enabled.
Encryption Protocol
If encryption is enabled, select either of the following encryption methods: AES-128 or DES (SVP firmware version 90-08-21/xx or later) AES or DES (SVP firmware version earlier than 90-08-21/xx)
Encryption Key
If encryption is enabled, enter a key. The key must be 8 to 180 alphanumeric characters, including the following symbols:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Encryption Re-enter Key
Re-enter the same key.
Change Sending Trap Setting window (SNMP v1 or v2c)
Use the Change Sending Trap Setting window to set up an alert notification when using SNMP v1 or SNMP v2c.
This window appears when you click Change on the SNMP tab of the Set Up Alert Notifications window if the SNMP protocol version is SNMP v1 or SNMP v2c.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
503
�Change Sending Trap Setting window (SNMP v1 or v2c)
Item Community
Send Trap to
Description
Specify the community to which SNMP traps are reported. You can select an existing community from the pull down menu or create a new community. You can enter up to 180 alphanumeric characters excluding the following symbols: \ , / ; : * ? " < > | & % ^ Note: Do not include space characters at the beginning or end.
Specify the IP address to which SNMP traps are reported.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
504
�Change Sending Trap Setting window (SNMP v3)
Item
Description
Select an existing IP address from the pull down menu or enter a new address.
IPv4: Enter a valid IPv4 address in the format XXX.XXX.XXX.XXX (where XXX is a number from 0 to 255)
IPv6: Enter a valid IPv6 address in the format YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY: (where YYYY is a hexadecimal number from 0 to FFFF). You can also use an IPv6 address in abbreviated format.
Minus symbol: Removes the IP address in that row.
Add IP Address: Adds an IP address. You can add up to 32 IP addresses.
Change Sending Trap Setting window (SNMP v3)
Use the Change Sending Trap Setting window to set up an alert notification when using SNMP v3.
This window appears when you click Change on the SNMP tab of the Set Up Alert Notifications window if the SNMP protocol version is SNMP v3.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
505
�Change Sending Trap Setting window (SNMP v3)
Item
Description
Send Trap to
Specify the IP address to which SNMP traps are reported.
IPv4: Enter a valid IPv4 address in the format XXX.XXX.XXX.XXX (where XXX is a number from 0 to 255)
IPv6: Enter a valid IPv6 address in the format YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY: (where YYYY is a hexadecimal number from 0 to FFFF). You can also use an IPv6 address in abbreviated format.
User Name
Enter the user name to be used for reporting SNMP traps. You can enter up to 32 alphanumeric characters, excluding the following symbols: \ , / ; : * ? " < > | & % ^ Note: Do not include space characters at the beginning or end.
Authentication
Select whether to perform the authentication. Enable: Authentication is performed. Disable: Authentication is not performed. Authentication and encryption information is displayed only if authentication is enabled.
Authentication - If authentication is enabled, select either of the following authentication methods:
Protocol
SHA-1 or MD5 (SVP firmware version 90-08-21/xx or later)
SHA or MD5 (SVP firmware version earlier than 90-08-21/xx)
Authentication - If authentication is enabled, enter a password. The password must be 8 to 180
Password
alphanumeric characters and can include the following symbols:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Encryption
Select whether to perform the encryption Enable: Encryption is performed. Disable: Encryption is not performed. Encryption information is displayed only if encryption is enabled.
Encryption Protocol
If encryption is enabled, select either of the following encryption methods: AES-128 or DES (SVP firmware version 90-08-21/xx or later) AES or DES (SVP firmware version earlier than 90-08-21/xx)
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
506
�Add Request Authentication Setting window (SNMP v1 or v2c)
Item Encryption Key
Encryption Re-enter Key
Description
If encryption is enabled, enter a key. The key must be at least 8 alphanumeric characters, including the following symbols: \ , / ; : * ? " < > | & % ^ Note: Do not include space characters at the beginning or end.
Re-enter the same key.
Add Request Authentication Setting window (SNMP v1 or v2c)
Use the Add Request Authentication Setting window to set up an alert notification when using SNMP v1 or SNMP v2c.
This window appears when you click Add on the SNMP tab of the Set Up Alert Notifications window if the SNMP protocol version is SNMP v1 or SNMP v2c.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
507
�Add Request Authentication Setting window (SNMP v3)
Item
Description
Community
Select an existing community, or create one, permitted to execute GET REQUEST, GETNEXT REQUEST, and GETBULK REQUEST*.
You can enter up to 180 alphanumeric characters excluding the following symbols:
\ , / ; : * ? " < > | & % ^ '
Note: Do not include space characters at the beginning or end.
Requests permitted
Specify which users have permission to execute GET REQUEST, GETNEXT REQUEST, and GETBULK REQUEST*.
All: Accepts GET REQUEST, GETNEXT REQUEST, and GETBULK REQUEST from all users.
If All is selected, the IP address information is not displayed.
Specific IP addresses:
Select an existing IP address from the pull down menu or enter a new address.
IPv4: Enter a valid IPv4 address in the format XXX.XXX.XXX.XXX (where XXX is a number from 0 to 255)
IPv6: Enter a valid IPv6 address in the format YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY: (where YYYY is a hexadecimal number from 0 to FFFF). You can also use an IPv6 address in abbreviated format.
Minus symbol: Removes the IP address in that row.
Add IP Address: Adds an IP address. You can add up to 32 IP addresses.
* Only SNMP v2c supports GETBULK REQUEST.
Add Request Authentication Setting window (SNMP v3)
Use the Add Request Authentication Setting window to set up an alert notification when using SNMP v3.
The Add Request Authentication Setting window appears when you click Add on the SNMP tab of the Set Up Alert Notifications window if the SNMP protocol version is SNMP v3.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
508
�Add Request Authentication Setting window (SNMP v3)
Item
Description
User Name
Enter the name of the user permitted to execute GET REQUEST, GETNEXT REQUEST, and GETBULK REQUEST.
You can enter up to 32 alphanumeric characters, excluding the following symbols:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Authentication
Select whether to perform the authentication. Enable: Authentication is performed. Disable: Authentication is not performed. Authentication information is displayed only if authentication is enabled.
Authentication - If authentication is enabled, select either of the following authentication
Protocol
methods:
SHA-1 or MD5 (SVP firmware version 90-08-21/xx or later)
SHA or MD5 (SVP firmware version earlier than 90-08-21/xx)
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
509
�Change Request Authentication Setting window (SNMP v1 or v2c)
Item
Description
Authentication - If authentication is enabled, enter a password. The password must be 8
Password
to 180 alphanumeric characters excluding the following symbols:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Authentication - Re-enter the same password. Re-enter Password
Encryption
Select whether to perform the encryption Enable: Encryption is performed. Disable: Encryption is not performed. Encryption information is displayed only if encryption is enabled.
Encryption Protocol
If encryption is enabled, select either of the following encryption methods: AES-128 or DES (SVP firmware version 90-08-21/xx or later) AES or DES (SVP firmware version earlier than 90-08-21/xx)
Encryption Key
If encryption is enabled, enter a key. The key must be 8 to 180 alphanumeric characters excluding the following symbols:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Encryption Re-enter Key
Re-enter the same key.
Change Request Authentication Setting window (SNMP v1 or v2c)
Use the Change Request Authentication Setting window to set up an alert notification when using SNMP v1 or SNMP v2c.
This window appears when you click Change on the SNMP tab of the Set Up Alert Notifications window if the SNMP protocol version is SNMP v1 or SNMP v2c.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
510
�Change Request Authentication Setting window (SNMP v1 or v2c)
Item Community
Description
Select an existing community, or create one, permitted to execute GET REQUEST, GETNEXT REQUEST, and GETBULK REQUEST*.
You can enter up to 180 alphanumeric characters excluding the following symbols:
\ , / ; : * ? " < > | & % ^ '
Note: Do not include space characters at the beginning or end.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
511
�Change Request Authentication Setting window (SNMP v3)
Item
Description
Requests Permitted
Specify which users have permission to execute GET REQUEST, GETNEXT REQUEST, and GETBULK REQUEST*.
All: Accepts GET REQUEST, GETNEXT REQUEST, and GETBULK REQUEST from all users.
If All is selected, the IP address information is not displayed.
Specific IP addresses:
Select an existing IP address from the pull down menu or enter a new address.
IPv4: Enter a valid IPv4 address in the format XXX.XXX.XXX.XXX (where XXX is a number from 0 to 255)
IPv6: Enter a valid IPv6 address in the format YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY: (where YYYY is a hexadecimal number from 0 to FFFF). You can also use an IPv6 address in abbreviated format.
Minus symbol: Removes the IP address in that row.
Add IP Address: Adds an IP address. You can add up to 32 IP addresses.
* Only SNMP v2c supports GETBULK REQUEST.
Change Request Authentication Setting window (SNMP v3)
Use the Change Request Authentication Setting window to set up an alert notification when using SNMP v3.
This window appears when you click Change on the SNMP tab of the Set Up Alert Notifications window if the SNMP protocol version is SNMP v3.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
512
�Change Request Authentication Setting window (SNMP v3)
Item User Name
Authentication
Description
Enter the name of the user permitted to execute GET REQUEST, GETNEXT REQUEST, and GETBULK REQUEST. You can enter up to 32 alphanumeric characters, excluding the following symbols: \ , / ; : * ? " < > | & % ^ Note: Do not include space characters at the beginning or end.
Select whether to perform authentication. Enable: Authentication is performed. Disable: Authentication is not performed. Authentication and encryption information is displayed only if authentication is enabled.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
513
�Add Address window
Item
Description
Authentication - If authentication is enabled, select either of the following authentication
Protocol
methods:
SHA-1 or MD5 (SVP firmware version 90-08-21/xx or later)
SHA or MD5 (SVP firmware version earlier than 90-08-21/xx)
Authentication - If authentication is enabled, enter a password. The password must be 8
Password
to 180 alphanumeric characters excluding the following symbols:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Authentication - Re-enter the same password. Re-enter Password
Encryption
Select whether to perform encryption. Enable: Encryption is performed. Disable: Encryption is not performed. Encryption information is displayed only if encryption is enabled.
Encryption Protocol
If encryption is enabled, select either of the following encryption methods:
AES-128 or DES (SVP firmware version 90-08-21/xx or later)
AES or DES (SVP firmware version earlier than 90-08-21/xx)
Encryption Key
If encryption is enabled, enter a key. The key must be 8 to 180 alphanumeric characters excluding the following symbols:
\ , / ; : * ? " < > | & % ^
Note: Do not include space characters at the beginning or end.
Encryption Re-enter Key
Re-enter the same key.
Add Address window
Use the add address window to add an email address to the list of addresses to notify of a system error.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
514
�Change Settings window
The following table describes the fields and settings in the Add Address window.
Item Mail Address
Description
Enter an email address and select an attribute (To, Cc, or Bcc). Email addresses can contain up to 255 alphanumeric characters, including the following symbols: ! # $ % & ` + - * / ' ^ { } _ = ? @ | ~.
Change Settings window
Use the change settings window to change an email address.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
515
�Change Settings window
The following table describes the fields and settings in the Change Settings window.
Item Mail Address
Description
Enter an email address after change and select an attribute. You can select more than one email address. When you select more than one email address, you can change only attributes.
Email addresses can contain up to 255 alphanumeric characters, including the following symbols: ! # $ % & ` + - * / ' ^ { } _ = ? @ | ~.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
516
�Edit Alert Settings confirmation window
Edit Alert Settings confirmation window
Note: Only the tables related to the items you edited are displayed in the confirmation window.
The following tables describe the fields and settings in the Edit Alert Settings confirmation window
Item Notification Alert
Description Displays the destination of the alert notification.
This table describes the Syslog Server settings.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
517
�Edit Alert Settings confirmation window
Item
Description
Primary Server - Syslog Displays whether or not to use the Syslog Server Server
Primary Server - Host Name/IP Address
Displays the host name or IP address of the Syslog Server
Primary Server - Port Number
Displays the port number used by the Syslog Server
Primary Server - Client Certificate File Name
Displays the client certificate file name
Primary Server Password
Displays the client certificate password as asterisks
Primary Server - Root Certificate File Name
Displays the root certificate file name
Secondary Server Syslog Server
Displays whether or not to use an alternate server for the Syslog Server
Secondary Server - Host Displays the host name or IP address of the alternate server for the Syslog
Name/IP Address
Server
Secondary Server - Port Displays the port number used by the alternate server for the Syslog Server Number
Secondary Server Client Certificate File Name
Displays the file name of the client certificate
Secondary Server Password
Displays the password of the client certificate as asterisks
Secondary Server - Root Displays the file name of the root certificate Certificate File Name
Location Identification Name
Displays the name for identifying the storage system that transfers SIM to the Syslog Server
Timeout
Displays the time before the timeout for connection to the Syslog Server is detected
Retry Interval
Displays the retry interval when communication with the Syslog Server fails
Number of Retries
Displays the number of retires when communication with the Syslog Server fails
This table describes the SNMP Information settings.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
518
�Edit Alert Settings confirmation window
Item
SNMP Agent
System Group Information - Storage System Name
System Group Information - Contact
System Group Information - Location
SNMP Version
Description Displays whether or not to use the SNMP Agent. Displays the storage system name
Displays the administrator's name or contact information Displays the storage system location Displays the SNMP protocol version.
The following tables describes the Registered Sending Trap Settings for the different SNMP protocol versions.
(when the SNMP protocol version is SNMP v1 or SNMP v2c)
Item Community
Send Trap to
Description
Displays the name of the community for which the SNMP trap information is reported.
Displays the IP address to which SNMP trap information is reported.
(when the SNMP protocol version is SNMP v3)
Item
Description
Send Trap to
Displays the IP address to which SNMP trap information is reported.
User Name
Displays the user name to which SNMP trap information is reported.
Authentication - Mode Displays whether the authentication is enabled or not.
Authentication Protocol Displays the authentication method if the authentication is enabled.
Authentication Password
Displays the authentication password as asterisks.
Encryption - Mode
Displays whether the encryption is enabled.
Encryption Protocol
Displays the encryption method if the encryption is enabled.
Encryption - Key
Displays the encryption key as asterisks.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
519
�Edit Alert Settings confirmation window
The following tables describes the Registered Request Authentication Setting for the different SNMP protocol versions.
(when the SNMP protocol version is SNMP v1 or SNMP v2c)
Item Community
Requests Permitted
Description
Displays the name of community to which GET REQUEST, GETNEXT REQUEST, or GETBULK REQUEST is accepted.
Displays the IP address to which GET REQUEST, GETNEXT REQUEST, or GETBULK REQUEST is accepted.
(when the SNMP protocol version is SNMP v3)
Item
Description
User Name
Displays the user name that accepts GET REQUEST, GETNEXT REQUEST, or GETBULK REQUEST.
Authentication - Mode Displays whether the authentication is enabled or not.
Authentication Protocol Displays the authentication method if the authentication is enabled.
Authentication Password
Displays the authentication password as asterisks.
Encryption - Mode
Displays whether the encryption is enabled.
Encryption Protocol
Displays the encryption method if the encryption is enabled.
Encryption - Key
Displays the encryption key as asterisks.
The following table describes the Email Notification settings. (when the SNMP protocol version is SNMP v3)
Item
Description
Mail Notice
Displays whether or not to use email to notify users of failure information
Mail Address (From)
Displays the source email address for notification of failure information.
Mail Address (Reply - To) Displays the email return address
Server Host Name
Displays the email server host name or IP address
SMTP Authentication
Displays whether or not to perform SMTP authentication.
SMTP Authentication Account
Displays the account used for SMTP authentication.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
520
�Column Settings window
Item
SMTP Authentication Password
Description Displays the SMTP authentication password as asterisks
The following table describes the Email settings. (when the SNMP protocol version is SNMP v3)
Item Mail Address Attribute
Description Displays the email address after the change Displays the attribute of email for SIM notification
Column Settings window
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
521
�Edit Advanced System Settings wizard
Item Restore Default Settings Checkbox
Column Name
Description
Changes the selection of the displayed columns to the factory default settings.
Selects the columns to display. Click the checkbox next to the name of each column that you want to display. After making the selections, click OK. Only the columns whose checkboxes are selected are displayed. Columns whose checkboxes are not selected are not displayed. Note that you cannot select the checkboxes of the columns that must always be displayed because they are deactivated. When you deselect a checkbox, the filter and sort settings of that column are released. If you display the column again, you must set the filter and sort settings again.
Displays the names of the columns in the table. If a column contains two rows, the name of the upper row is shown on the left of the vertical bar (|). The name of the lower row is shown on the right of the vertical bar.
Edit Advanced System Settings wizard
Edit Advanced System Settings wizard contains the following topics: Edit Advanced System Settings window (on page 523) Edit Advanced System Settings confirmation window (on page 528) Column Settings window (on page 521)
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
522
�Edit Advanced System Settings window
Edit Advanced System Settings window
Item
No.
Advanced System Setting
Description
Number of function bits for the advanced system setting
Name of the advanced system setting Hide alert information: The Alert window is not displayed. Refresh forcibly after Apply: The configuration information for
the storage system is forcibly updated after the configuration changes are applied to the storage system. Disable data polling: Polling stops. Disable retry of data updating: Retry does not take place even when you fail to acquire data.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
523
�Item
Edit Advanced System Settings window
Description
Enable Storage Navigator 2 All Function: The restrictions on login from Device Manager - Storage Navigator's login window are cleared, including the restrictions on the users who can log in and on the functions available after login. When enabling or disabling the advanced system setting, log in again.
Switch the control of differential bitmaps of volumes used for TC/TCMF/UR/URMF/GAD pairs whose capacity is 4TB or less (for open volumes)/262,668Cyl or less (for MF volumes) at creation or resynchronization of pairs: For a TC, TCMF, UR, URMF, or GAD pair that uses an open volume (DP-VOL) with user capacity of 4,194,304 MB or less, or a mainframe volume with user capacity of 262,668 Cyl or less, the differential data management for the target volume is enabled by the hierarchical difference at new pair creation or pair resynchronization (hierarchical difference management).
In addition, for a TC, TCMF, UR, URMF, or GAD pair that uses an open volume (DP-VOL) with user capacity exceeding 4,194,304 MB, or a mainframe volume with user capacity exceeding 262,668 Cyl, the differential data management for the target volume is enabled by the hierarchical difference at new pair creation regardless of this setting.
Switch the control of differential bitmaps of volumes used for TC/TCMF/UR/URMF/GAD pairs whose capacity is 4TB or less (for open volumes)/262,668Cyl or less (for MF volumes) at creation of pairs: For a TC, TCMF, UR, URMF, or GAD pair that uses an open volume (DP-VOL) with user capacity of 4,194,304 MB or less, or a mainframe volume with user capacity of 262,668 Cyl or less, the differential data management for the target volume is enabled by the hierarchical difference at new pair creation (hierarchical difference management).
In addition, for a TC, TCMF, UR, URMF, or GAD pair that uses an open volume (DP-VOL) with user capacity exceeding 4,194,304 MB, or a mainframe volume with user capacity exceeding 262,668 Cyl, the differential data management for the target volume is enabled by the hierarchical difference at new pair creation regardless of this setting.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
524
�Item
Edit Advanced System Settings window
Description
External Authentication Compatibility option: When enabled, the authentication method is switched from VSP 5000 series to VSP.
This setting enables the acceleration of external authentication, however only top-level user groups can be searched. Therefore, this setting is not recommended.
VSP authentication method: When external authentication (LDAP) is performed, only top-level user groups are searched. Nested groups are not searchable.
VSP authentication method: When external authentication (LDAP) is performed, nested groups are enabled as well as top-level user groups.
Enable reboot of background service: This option must be enabled only when you are requested to enable it. When this option is enabled, the SVP starts monitoring the background service process. When either of the following values exceeds its threshold, the background service process for managing configuration information is restarted.
The amount of memory used in the background service process
Time elapsed after the background service process is started
Notify an alert when tier relocation is suspended by system: If you enable this option, when tier relocation is suspended by the system, an alert is issued to users. For details about an alert (SIM) to be issued, see the Troubleshooting chapter of the Provisioning Guide for Open Systems or Provisioning Guide for Mainframe Systems.
The consistency time of a URMF pair shows the time stamp of the data that has just been copied to a restored journal volume.
Enabled: The time included in the time stamp of the data that has just been copied to a restored journal volume shows the consistency time.
Disabled: The time included in the time stamp of the data that has just been copied to a secondary volume shows the consistency time.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
525
�Edit Advanced System Settings window
Item Status
Description
After delta resync, the pair status remains COPY during journal data copy.
Enabled: When a delta resync is performed in a 3DC multitarget configuration with TC and UR or TCz and URz, the pair status remains COPY during journal data copy.
Disabled: When a delta resync is performed in a 3DC multitarget configuration with TC and UR or TCz and URz, the pair status changes directly to PAIR.
One minute after remote path failure detection, the mirror is split.
Enabled: When a remote path failure is detected, the mirror is split if the remote path is not restored within one minute after the detection.
Disabled: When a remote path failure is detected, the mirror is split if the remote path is not restored within the path monitoring time set by the mirror option.
This setting is enabled only when After remote path failure detection, the mirror is split is enabled. When After remote path failure detection, the mirror is split is disabled, the mirror is not split even if a remote path failure is detected.
After remote path failure detection, the mirror is split.
Enabled: After a remote path failure is detected, the mirror is split.
Disabled: Even if a remote path failure is detected, the mirror is not split.
Note: See table below for After remote path failure detection settings.
The copy pace for mirror option (Medium) becomes one level faster.
Enabled: The pace for copying data during initial copy becomes one level faster when the copy pace for journal option is Medium. This item can be used to make the initial copy operation in Medium speed mode perform faster.
The copy pace for mirror option (Medium) becomes two levels faster.
Enabled: The pace for copying data during initial copy becomes two levels faster when the copy pace for journal option is Medium. This item can be used to make the initial copy operation in Medium speed mode perform faster.
Displays the statuses of the advanced system settings.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
526
�Edit Advanced System Settings window
Item Enable
Disable
Description
Enables the selected advanced system settings. You can select more than one advanced system setting.
Disables the selected advanced system settings. You can select more than one advanced system setting.
The following tables show how advanced system setting 5 works with advanced system setting 6 and how advanced system setting 15 works with advanced system setting 16.
Table 23 Advanced system settings 5 and 6
Description
No. 5
No. 6
Create operation
Resync operation
Disabled
Disabled
Apply the shared memory (SM) difference management at new pair creation.
Change the management method from hierarchical differences to SM differences.
Enabled
Apply the hierarchical difference management at new pair creation.
The differential data management method is not changed.
Enabled
Disabled
Apply the hierarchical difference management at new pair creation.
Change the management method from SM differences to hierarchical differences.
Note:
If the user capacity of a volume used in a TC, TCMF, UR, URMF, or GAD pair exceeds 4,194,304 MB for an open volume (only DP-VOL) or 262,668 Cyl for a mainframe volume, the differential data management for the target volume is enabled by the hierarchical difference at the new pair creation regardless of the settings of the advanced system settings No. 5 and No. 6.
Make the same settings for advanced system settings No. 5 and No. 6 on both the primary and secondary storage systems.
If system option mode (SOM) 1198 or 1199 is applied, the difference management method with SOM 1198 or 1199 takes precedence. For details, see System option modes for VSP 5000 series (on page 316).
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
527
�No. 15 Disabled Enabled Disabled
Enabled
Edit Advanced System Settings confirmation window
Table 24 Advanced system settings 15 and 16
No. 16 Disabled Disabled Enabled
Enabled
Description
Even if a remote path failure is detected, the mirror is not split.
Even if a remote path failure is detected, the mirror is not split.
After remote path failure detection, the mirror is split if the remote path is not restored within the path monitoring time.
After remote path failure detection, the mirror is split if the remote path is not restored within one minute after the detection.
Edit Advanced System Settings confirmation window
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
528
�Edit Advanced System Settings confirmation window
Item
No.
Advanced System Setting
Status
Description Displays the number of function bits for the advanced system setting. Displays the name of the advanced system setting.
Displays the status of the advanced system setting.
Appendix D: Configuring storage systems GUI reference
System Administrator Guide for VSP 5000 Series
529
�Appendix E: Device Manager - Storage Navigator system GUI reference
This section explains the Device Manager - Storage Navigator windows used to view and manage storage system tasks, reports, and alerts.
Storage Systems window
Hardware summary
Item Edit Storage System Storage System Name Contact
Location
Description Allows editing of the storage system name, contact, and location.
Device name of the storage system.
Contact information such as personnel and telephone number where you can inquire about the storage system. Location of the connected storage system.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
530
�Storage Systems window
Item
Description
Storage System Type
Model type of the storage system.
Serial Number Serial number of the storage system.
IP Address
IP address of the SVP.
Software Version
Version of the following software: Main: Version of the storage system firmware SVP: Version of HDvM - SN installed in the SVP CBA: Version of Captive Bundle Application (used for running HDvM -
SN with Adobe AIR) RMI Server: Version of the RMI server installed in the SVP
Total Cache Size
Total size of the cache memory in the storage system. The capacity used as the shared memory is not included.
Allocation summary
Item Internal / External
Open/ Mainframe
Capacity Unit
Physical Summary
Description
This item switches the displayed items. Total: Displays information on both the internal volumes and the
external volumes. Internal Only: Displays information on only the internal volumes. External Only: Displays information on only the external volumes.
This item switches the displayed capacity units. Total: Displays all the open-systems, mainframe-systems and multi-
platform volumes Open Only: Displays only open-systems volumes Mainframe Only: Displays mainframe-systems and multi-platform
volumes.
This item switches the displayed units of the capacity. Appropriate: Displays the capacity in appropriate unit depending on
the capacity of each item. TB/GB/MB: Displays the capacity of the specified unit.
This item displays the capacity of physical logical devices and the number of devices. The information for open systems and mainframe systems is different. For details about this item, see the Physical Summary table.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
531
�Storage Systems window
Item
Description
Virtual Summary
This item displays capacity of virtual logical devices and the number of devices. The information for open systems and mainframe systems is different. For details about this item, see the table below about virtual summary.
Total Efficiency
This field is blank if the calculation for items below is not complete. A hyphen (-) is displayed if the information is not valid. For details, see the Provisioning Guide.
Total Efficiency: Displays the ratio of the total saving effect achieved by accelerated compression, capacity saving (compression and deduplication), snapshot, and Hitachi Dynamic Provisioning. The ratio of the system data is not included.
Data Reduction: Displays the data reduction ratio before and after performing the accelerated compression function and the capacity saving function (compression and deduplication). The ratio of the system data is not included.
Software Saving: Displays the capacity reduction ratio for data which is before and after performing the capacity saving function. The ratio of the system data is not included.
Compression: Displays the capacity compression ratio for data which is before and after performing the capacity saving function.
Deduplication: Displays the capacity deduplication ratio for data which is before and after performing the capacity saving function.
Pattern Matching: Displays the capacity reduction ratio for data before and after performing pattern matching of the capacity saving function.
FMD Saving: Displays the capacity reduction ratio for data which is before and after performing the accelerated compression function. The ratio of the system data is not included.
Compression: Displays the capacity compression ratio for data which is before and after performing the accelerated compression function.
Pattern Matching: Displays the capacity reduction ratio for data before and after performing pattern matching of the accelerated compression function.
Snapshot: Displays the efficiency ratio achieved by snapshot. The ratio of the system data is not included.
Provisioning: Displays the efficiency ratio achieved by Hitachi Dynamic Provisioning. The ratio of the system data is not included.
Date and time for calculation: The start date and time and the end date and time for the calculation are displayed within the square brackets.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
532
�Storage Systems window
Item
Total Saving (Software Deduplication, Software Compression, FMD Compression)
Total DP Subscription Rate Total Number of LDEVs
Description
Note: The date and time in the square brackets are the system date and time (date, time, and timezone) of the storage system. For Last Updated in HDvM - SN, the date and time based on the system date and time (date, time, and timezone) of the SVP are displayed. Therefore, if the settings of the system date and time for the storage system and the ones for the SVP are different, the date and time in the square brackets in this window and the date and time displayed for Last Updated are also different.
Total Saving: Displays the ratio and capacity reduced by the capacity saving function against all data in a storage system.
When you use the capacity saving function, the saving ratio is calculated against metadata, garbage data, and parity data generated by the storage system in addition to user data. If the amount of used data volume before the capacity saving function is executed is smaller than the used pool capacity, a value which is invalid and smaller than the actually saved capacity might be displayed as the saved capacity.
Software Deduplication: Displays the ratio reduced by the deduplication function against all data in a storage system.
Software Compression: Displays the ratio reduced by the software compression function against all data in a storage system.
FMD Compression: Displays the ratio reduced by the FMD compression function against all data in a storage system.
This item displays the ratio of virtual logical device capacity to physical logical device capacity in the pool volume of Dynamic Provisioning.
For a Dynamic Provisioning pool in which Thin Image pairs are created, the virtual logical device capacity includes the snapshot data capacity.
The number of LDEVs. The information displayed in this field depends on the type of system. See the following table.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
533
�Storage Systems window
Physical summary
Item
Description
Allocated
When Open is selected from Open / Mainframe, this item displays the capacity of path-defined open system volumes (LDEVs) and the number of logical devices that the host can recognize. This capacity does not include the control cylinder.
When Mainframe is selected from Open / Mainframe, this item displays the capacity of path-defined mainframe and multiplatform volumes and the number of logical devices that the host can recognize. The Reserved - Used DP Pool, Reserved - Unused DP Pool, and Reserved - Other volumes are not included. This capacity does not include the control cylinder.
Reserved - Used DP Pool
When Total is selected in Internal / External, this item displays the total capacity of the pages that are actually used in pool of Dynamic Provisioning and the number of logical devices. The total capacity does not include the control cylinder.
For a DP pool in which Thin Image pairs are created, the total page capacity includes the snapshot data capacity.
When an item other than Total is selected in Internal / External, this item displays the number of logical devices that are actually used in the Dynamic Provisioning pool. The capacity does not display in this item, but is counted as part of Reserved - Other.
Reserved Unused DP Pool
When the total is selected in Internal / External, this item displays the capacity remaining after subtracting the Used DP Pool value from the total capacity of pool of Dynamic Provisioning. Control cylinder is not included in the capacity. The number of logical devices does not display.
When an item other than Total is selected in Internal / External, the capacity and the number of logical devices are not displayed in this item, and the capacity is counted as part of Reserved - Other.
Reserved - Other
When Open is selected from Open / Mainframe, this item displays the total capacity and the number of logical devices of the following volumes:
Journal volumes
Thin Image pool volumes
The control cylinder is not included in the capacity.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
534
�Storage Systems window
Item
Description
The total capacity includes:
The capacity of the system pool-VOL management area (approximately 4.1 GB per pool)
When Mainframe is selected from Open / Mainframe, this item displays the total capacity of journal volumes and the number of logical devices of the mainframe and multi-platform volumes.
The control cylinder is not included in the capacity.
The total capacity includes the capacity of the system pool-VOL management area (approximately 3.7 GB per pool).
For both open and mainframe, when an item other than Total is selected in Internal / External, the capacities for Reserved - Used DP Pool and Reserved - Unused DP Pool are also counted as part of this item.
Available Space Unallocated
When Open or Total is selected from Open / Mainframe, this item displays the volume capacity and the number of logical devices from the open volumes that are not defined paths. The Reserved - Used DP Pool, Reserved - Unused DP Pool, and Reserved - Other volumes are not included. The control cylinder is also not included in the capacity.
When Mainframe is selected from Open / Mainframe, the capacity and the number of logical devices do not display.
Available Space Free Space
When Open is selected from Open / Mainframe, this item displays the free space in which users can create Open volumes.
When Mainframe is selected from Open / Mainframe, this item displays the free space in which users can create Mainframe-systems and multi-platform volumes.
In both Open and Mainframe, the control cylinder is not included in the capacity, and the number of logical devices does not display.
Physical Total
This item displays the total capacity of physical logical devices and the number of logical devices. Control cylinder is not included in the capacity.
Virtual summary
Item DP Allocated *
Description
When total is selected in Internal / External, this item displays the capacity of path-defined virtual volumes of Dynamic Provisioning, and the number of logical devices. Virtual volumes for Thin Image are not included. Control cylinder is not included in the capacity.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
535
�Storage Systems window
Item
Description
DP Unallocated*
When total is selected in Internal / External, this item displays the capacity of virtual volumes of Dynamic Provisioning that are not pathdefined, and the number of logical devices. Virtual volumes for Thin Image are not included. Control cylinder is not included in the capacity.
Other*
When total is selected in Internal / External, the item displays the virtual volumes of other than Dynamic Provisioning and the number of logical devices. Control cylinder is not included in the capacity.
Virtual Total
This item displays the total capacity of virtual logical devices and the number of logical devices. Control cylinder is not included in the capacity.
* When an item other than Total is selected in Internal / External, the capacity and the number of logical devices are not displayed.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
536
�Port Condition window
Port Condition window
You can switch between information about DKC-0 and DKC-1 through DKC-5 with a tab. When DKC-2 through DKC-5 are not installed, the target tab is not displayed.
Note: Ports not allocated to the user are indicated with Not Available. Except for the Condition column, there may be a difference between the actual
device configuration and the displayed information depending on the update timing of the storage system.
Refresh: Updates the window display to the latest status.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
537
�Port Condition window
Number of Ports
Item
Available (Connected)
Available (Not Connected)
Not Available
Not Installed
Number of ports in use
Description
Number of ports that are installed but not in use
Total number of ports that are installed but blocked Ports not installed
Port Condition Item
Channel Board Board Type Port ID Attribute
Condition
Speed
Description
Name of the channel board (Channel board is also called a front-end director.)
Type of the channel board
Port identifier, for example: 4HF32R (Fibre), 2HS10S (iSCSI), 4Mx32 (Mfibre)
Port attribute Channel board type is Fibre: Target, Bidirectional, HTP, or FNP When no port is assigned to the user, a hyphen (-) is displayed.
Port Condition icon and port status
Available (Connected): The port is installed and in use.
Available (Not Connected): The port is installed and available Not Installed: The port is either not installed or cannot be used. Not Available: The port is either blocked or not assigned to the
user.
Data transfer speed of the port is displayed in gigabits per second, for example: 10 Gbps, 32 Gbps. If Auto is set for Port Speed in the Edit Ports window, this item is displayed as "Auto" and the port speed, for example: Auto (10 Gbps), Auto (16 Gbps), Auto (32 Gbps). The values in the parentheses are set by the storage system. If linkup is not made, a hyphen (-) is displayed. A hyphen (-) is displayed for the ports not assigned to the user.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
538
�Tasks window
Item
SFP Data Transfer Rate
WWN/iSCSI Name Export Edit Mainframe Fibre Ports
Description For details of the Edit Ports window, see the Provisioning Guide. For information about the availability of the 32 Gbps SFPs, contact customer support.
Displays the maximum transfer rate of SFP that the mounted package supports. If a hyphen (-) is displayed, you can confirm the SFP maximum data transfer rate by checking the channel board type displayed in Board Type: 4Mx16 (Mfibre): 16 Gbps 4Mx32 (Mfibre): 32 Gbps
WWN/iSCSI name of the port
Displays a window for outputting table information
Opens the Edit Ports window used to set FICON® ports.
Tasks window
This window displays a list of tasks performed on the storage system. Up to 384 tasks can display, including 256 that are Completed and/or Failed. Up to 128 tasks whose statuses are In Progress, Waiting, and Suspended can also display.
Summary
Item Completed
Description Number of completed tasks.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
539
�Tasks window
Item In Progress Waiting Suspended Failed
Description Number of tasks in progress. Number of tasks waiting. Number of suspended tasks. Number of tasks in which an error occurred.
Tasks tab Item
Task Name Status
Type User Name Submission Time Start Time End time Auto Delete
Description
Task name specified by a user when the user performed the task. Click to view the detail of the task.
Task status. Click to view more details about status or errors.
Completed or Completed(Request): The task completed normally.
In progress: The task is being processed by the system.
Waiting: The task is not yet started.
Suspended: The task has been suspended.
Failed: The task ended abnormally.
General name of the task.
User name who performed the task.
Date and time when the task was submitted.
Date and time when the task was started. Blank indicates the task has not started yet.
Date and time when the task completed. Blank indicates the task has not completed yet.
Enabled: A task is automatically deleted when the following two events occur: The task is completed The number of tasks in the Task list reaches the maximum
number the window can display (384)
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
540
�Task Properties window
Item
Description
Disabled: Tasks will remain displayed until users delete them. Tasks whose status is Failed are automatically Disabled by the system.
Suspend Tasks button Suspends the selected tasks. They will not be started even if the storage system is ready. Only waiting tasks can be suspended.
Resume Tasks button Resume the selected tasks. The status goes back to waiting.
Delete Tasks button
Deletes the selected tasks from the window.
The waiting or suspended tasks will be cancelled.
The failed or aborted tasks can be deleted from the window.
Tasks in progress cannot be deleted.
If the maximum number of tasks displayed on the window is reached when Auto Delete is enabled, execution of a new task will result in automatic deletion of a task starting with the oldest one.
Disable Auto Delete * When disabled, the selected task remains in the task list after the task is completed.
Enable Auto Delete *
When enabled, the selected task is deleted from the Task list when the following two events occur:
The task is completed
The number of tasks in the Task list reaches the maximum number the window can display (384)
Export *
Displays a window that shows the information in the table
* Appears when you click More Actions.
Task Properties window
This window displays details about a task performed on the storage system. The content of the window depends on the task you executed.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
541
�Suspend Tasks window
Suspend Tasks window
Use this window to suspend waiting tasks.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
542
�Resume Tasks window
Item Task Name Status Type User Name Submission Time
Description Task name specified by a user when the user performed the task. Task status. General name of the task. User name who performed the task. Date and time when the task was submitted.
Resume Tasks window
Use this window to resume suspended tasks.
Item Task Name Status Type User Name Submission Time
Description Task name specified by a user when the user performed the task. Task status. General name of the task. User name who performed the task. Date and time when the task was submitted.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
543
�Delete Tasks window
Delete Tasks window
Use this window to delete tasks. If you delete a waiting task, the task will be cancelled.
Item Task Name Status Type User Name Submission Time
Description Task name specified by a user when the user performed the task. Task status. General name of the task. User name who performed the task. Date and time when the task was submitted.
Disable Auto Delete window
Use this window to prevent a task from being automatically deleted from the task window.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
544
�Enable Auto Delete window
Item Task Name Status Type User Name Submission Time
Description Task name specified by a user when the user performed the task. Task status. General name of the task. User name of the person who performed the task. Date and time when the task was submitted.
Enable Auto Delete window
Use this window to automatically delete completed tasks from the task window when the number of displayed tasks reaches the maximum (384 tasks).
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
545
�Edit Information Display Settings window
Item Task Name Status Type User Name Submission Time
Description Task name specified by a user when the user performed the task. Task status. General name of the task. User name of the person who performed the task. Date and time when the task was submitted.
Edit Information Display Settings window
Use this window to change the display parameters.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
546
�Edit Information Display Settings window
Item Top Status Indicator Refresh Interval (Alerts, Audit log, and Operation Lock) Task Screen Refresh Interval
LUN ID Notation
Secondary windows
Description
Interval for the automatic updates of the icons on the upper-right corner of the Device Manager - Storage Navigator main window.
You can specify 10-3600 seconds. The default value is 60 seconds.
Interval for the automatic updates of the task window.
You can specify 10-3600 seconds, or No Update. The default value is 60 seconds. This setting can be enabled only during logged in.
No Update indicates that the task window will be updated only when a user clicks Refresh or File > Refresh All.
Select whether to display the LUN ID in decimal or hexadecimal notation. The default is decimal. Regardless of the setting, LUN IDs are displayed in decimal format on Device Manager Storage Navigator's secondary window.
Specify whether to enable or disable Device Manager - Storage Navigator's secondary window.
Enable: Enables Device Manager - Storage Navigator's secondary window.
Disable: Disables Device Manager - Storage Navigator's secondary window.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
547
�Reports window
This window lists configuration reports about the storage system.
Reports window
You can create up to 20 reports. Summary
Item Number of Reports
Description Number of created reports.
Reports tab
Item Report Name
User Name Submission Time Create Configuration Report Download Reports Delete Reports Export
Description Task name specified when users created a report. Click to view the report in HTML format. User name of the person who created the report. Date and time when the report was created. Creates a new report.
Downloads the created report in both HTML and CSV format. Deletes the selected report. Displays a window that shows the information in the table Window for outputting table information.
Create Configuration Report window
Use this window to create storage system configuration reports.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
548
�Delete Reports window
Item Report Type Format
Description Type of the report to be created. File format.
Delete Reports window
Use this window to delete configuration reports.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
549
�Alerts window
Item Report Name User Name Submission Time
Description Task name specified when users created a report. User name of the person who created the report. Date and time when the report was created
Alerts window
Displays the list of alerts that occurred in the storage system.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
550
�Alerts window
Summary
Item
Number of Uncompleted Alerts
Description
Displays the number of alerts that are not authenticated yet:
Acute: Displays the total number of Acute-level alerts that are not authenticated yet.
Serious: Displays the total number of Serious-level alerts that are not authenticated yet.
Moderate: Displays the total number of Moderate-level alerts that are not authenticated yet.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
551
�Item
Alerts Item
Error Code
Date Error Level
Status Detail
Alert Properties window
Description Service: Displays the total number of Service-level alerts that are
not authenticated yet. Total: Displays the total number of alerts, including Acute,
Serious, Moderate, and Service.
Description
Displays the service information message (SIM) reference code.
For information about SIM reference codes, see the Hitachi Alert Notification Guide.
For information about error conditions that need to be resolved, see Monitoring SIM alerts in Device Manager - Storage Navigator (on page 290).
Displays the date when the alerts occurred.
Displays the error level of the alerts:
Service: No need to deal with immediately. Errors that are
dealt with during periodical maintenance.
Moderate: No need to deal with immediately. Errors that are
dealt with during periodical maintenance.
Serious: Contact the customer support. Take adequate measures as instructed, and report and solve the problem.
Acute: Contact the customer support. Take adequate
measure as instructed, and report and solve the problem.
If the alert status remains, Uncompleted is displayed. If the alert was removed by SVP, Completed is displayed.
Displays the details of the alert that is selected in the list.
Alert Properties window
This window shows details of an alert (SIM) that has occurred in the storage system.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
552
�Alert Properties window
When you select multiple alerts in the Alert window, click Back and Next to change alert that is displayed.
Item Error Code
Date
Description
Displays the service information message (SIM) reference code.
For information about SIM reference codes, see the Hitachi Alert Notification Guide.
For information about errors that need to be resolved, see Monitoring SIM alerts in Device Manager - Storage Navigator (on page 290).
Displays the date when alerts occurred.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
553
�Item Error Level
Status Error Section Error Detail Location
Operation Lock Properties window
Description
Displays error level of alerts.
Service: No need to deal with immediately. These errors are
dealt with during periodical maintenance.
Moderate: No need to deal with immediately. These errors are
dealt with during periodical maintenance.
Serious: Contact the customer support. Take adequate measures as instructed, report and solve the problem.
Acute: Contact the customer support. Take adequate
measures as instructed, report and solve the problem.
If status alert remains, Uncompleted displays. If alert is removed by SVP, Completed displays.
Displays overview of the error where the alert occurred.
Displays more detail on the error.
Displays where the error occurred. It differs according to the error code.
Operation Lock Properties window
This window displays the lock status of the entire system and the lock status of the resource groups that can be operated.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
554
�Operation Lock Properties window
Operation Lock Properties
Item System Lock - Status
System Lock - Lock User
System lock - Lock Start Time Number of Resource Groups - Locked Number of Resource Groups - Unlocked
Description Displays lock status of the entire system. Locked: System locked user exists. Hyphen (-): System locked user does not exist. Displays the user that locked the entire system. A hyphen (-) indicates that there is no user who locked the entire system. Displays the time when the entire system was locked. A hyphen (-) indicates that the entire system is not locked. Displays the number of locked resource groups.
Displays the number of unlocked resource groups.
Resource Groups
The following table describes the items in the Resource Groups table section of the Operation Lock Properties window.
Item
Description
Resource Group Name Displays the name and ID of the resource group that user can
(ID)
control
Status
Displays the lock status of the resource groups Locked: The resource group is locked Unlocked: The resource group is not locked System Locked: The entire system is locked
Lock User
Displays the user name of the person who locked the resource
Lock Start Time
Displays the time when the lock started
Unlock All
Forcibly unlocks all locked resource groups
Virtual Storage Machine Displays the model type of the virtual storage machine and serial number set for the resource group
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
555
�Temperature Monitor window
Displays the temperature information for DKC and DB.
Temperature Monitor window
DKC Ambient Temperature table
Item
Description
Chassis ID
Displays the chassis ID of the storage system.
Measurement Location Displays the measurement location.
Ambient Temperature (degrees C)
Displays the ambient temperature in degrees Celsius.
A hyphen (-) is displayed if the DKC is turned off, or the temperature information cannot be acquired due to a unit or network failure.
Export button
Displays a window for outputting table information.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
556
�Temperature Monitor window
DB Internal Temperature table
Item
Description
Disk Unit
Displays the disk unit of the storage system.
Drive Box
Displays the drive box.
Measurement Location Displays the measurement location.
Internal Temperature (degrees C)
Displays the internal temperature in degrees Celsius.
Nothing is displayed in the DB internal temperature table when the DKC is turned off. The DB is not displayed in the DB internal temperature table when the temperature information cannot be acquired because the chassis is not installed, the DB is blocked for maintenance, or a unit or network failure occurred.
Export button
Displays a window for outputting table information.
HSNBX Ambient Temperature table
Item
Description
HSN Box
Displays the HSN box of the storage system.
Measurement Location Displays the measurement location.
Ambient Temperature (degrees C)
Displays the ambient temperature in degrees Celsius.
Nothing is displayed in the HSNBX ambient temperature table when the DKC is turned off. The HSNBX is not displayed in the HSNBX ambient temperature table when the temperature information cannot be acquired because the HSNBX is blocked for maintenance, or a unit or network failure occurred.
Export button
Displays a window for outputting table information.
Appendix E: Device Manager - Storage Navigator system GUI reference
System Administrator Guide for VSP 5000 Series
557
�Appendix F: Tool Panel GUI Reference
This section describes the windows and features of the SVP Tool Panel.
Tool Panel
This section describes the Tool Panel window features and controls.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
558
�Tool Panel
Item Control Panel Download Dump Files
Update Certificate Files Set Up HTTP Blocking Release HTTP Blocking Update Certificates Files for SMI-S
Upload Configuration Files for SMI-S SMI-S Artificial Indication
Set or Delete Certificates for HCS
Description
Downloads and restores configuration files.
Download dump files onto a Hitachi Device Manager - Storage Navigator(HDvM - SN) computer.
Updates and uploads the private key and the signed server certificate (Public Key) to the SVP.
Allows you to block access to port 80.
Allows you to unblock access to port 80.
Updates and uploads the private key and the signed server certificate (public key) to the SMI-S provider to update the certificate.
Controls the SMI-S function using the SMI-S provider configuration file that you create.
Send an SMI-S artificial indication to determine whether the communication between the listeners and the SMI-S provider succeeds or fails.
Sets or deletes the HCS public key certificate.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
559
�Item TLS Security Settings Create CSR and Self-Signed Certificate Forcibly Disable SVP Forcibly Fail Over SVP Flash Disable/Enable
CaptiveBundleUpload WSUS Settings
Control Panel
Description
Creates the security settings used for SSL/TLS communications with the SVP.
Creates a CSR (public key), private key, and selfsigned certificate.
Used to manually change the SVP to the standby SVP.
Used to manually change the SVP to the standby SVP.
Disables HDvM - SN to run in the Adobe Flash Player environment. Caution: Adobe Flash Player is no longer supported. Do not enable use of HDvM - SN in the Adobe Flash Player environment.
Enables HDvM - SN to run in the Adobe AIR environment.
Sets up Windows Server Update Services (WSUS).
Control Panel
This section describes the Control Panel windows and controls.
Download File tab of the Control Panel window
This section describes the features and controls of the Download File tab of the Control Panel window.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
560
�Restore File tab of the Control Panel window
Configuration File
Item
Submit Reset
Description
Select the checkbox for the file to be downloaded. Downloadable configuration files differ according to the system configuration.
Downloads the configuration file.
Cancels downloading the configuration file.
Restore File tab of the Control Panel window
This section describes the features and controls of the Restore File tab of the Control Panel window.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
561
�Item Upload File (Archive File)
Next Reset
Download Dump Files window
Description Click Browse... or Select File, and then specify the configuration file you want to restore. The name of the button to click depends on the browser. Displays a window for confirming the configuration file to be restored. Cancels restoring the configuration file.
Download Dump Files window
This section describes the Download Dump Files window features and controls.
Item Existing Dump Files
Normal Dump
Description
Select this when you want to re-download a previously downloaded dump file. This item displays only when one or more compressed dump files exist. If you have not downloaded any dump files, this item does not display even though you have acquired dump files via SVP.
Contains all information about the SVP and minimum information about the storage system. Select Normal Dump when there is no fatal problem such as a problem with the display of Device Manager - Storage Navigator.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
562
�Detail Dump
Item
Detail Dump (for DKC Performance)
Next
Update Certificate Files window
Description
Contains all information about the storage system in addition to the content of Normal Dump. Select this when you cannot start Device Manager Storage Navigator or when you check for problems with the storage system.
Contains information about I/O performance, such as collecting Performance Monitor information in addition to the content of Detail Dump. Select this when you check for problems with the I/O performance.
Displays a dialog box for confirm that the downloading of the dump file can start.
Update Certificate Files window
This section describes the Update Certificate Files window features and controls.
Item Certificate file (.crt file)
Description
Note: Before specifying the file, ensure that a signed public key certificate (.crt) file has been acquired and the file is named server.crt. See Creating a public key using the OpenSSL command (on page 101).
Click Browse... or Select File, and specify the certificate file (server.crt). The name of the button to click depends on the browser.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
563
�Update Certificate Files for the SMI-S window
Item
Description
Key file (.key file)
Note: Before specifying the file, ensure that a private key (.key) file has been created and the file is named server.key. See Creating a private key using the OpenSSL command (on page 100).
Click Browse... or Select File, and specify the key file (server.key). The name of the button to click depends on the browser.
I understood that I canceled HTTP blocking or TLS communication might fail.
Confirm the messages about a possible TLS communication failure and recommendations described in the dialog box, and then select the check box for this item.
Return to the default certificate
Returns the SSL certificate to default.
Upload
Uploads the SSL certificate.
Reset
Cancels the upload of the SSL certificate.
Update Certificate Files for the SMI-S window
This section describes the Update Certificate Files for the SMI-S window features and controls.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
564
�Item Certificate file (.crt file)
Key file (.key file)
Return to the default certificate Upload Reset
Upload Configuration Files for SMI-S window
Description
Note: Before specifying the file, ensure that a signed public key certificate (.crt) file has been acquired and the file is named server.crt. See Creating a public key using the OpenSSL command (on page 101). Click Browse... or Select File, and specify the certificate file (server.crt). The name of the button to click depends on the browser.
Note: Before specifying the file, ensure that a private key (.key) file has been created and the file is named server.key. See Creating a private key using the OpenSSL command (on page 100). Click Browse... or Select File, and specify the key file (server.key). The name of the button to click depends on the browser.
Returns the SSL certificate to default.
Uploads the certificate to the SMI-S provider.
Cancels the upload of the SMI-S provider certificate.
Upload Configuration Files for SMI-S window
This section describes the Upload Configuration Files for SMI-S window features and controls.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
565
�Configuration file
Item
Return to the default configuration
Upload Reset
SMI-S Artificial Indication window
Description Click Browse... or Select File, and specify the configuration file you want to upload. The name of the button to click depends on the browser. Returns the SMI-S provider configuration file to default Uploads the configuration file to SMI-S provider. Cancels the upload of the SMI-S provider configuration file.
SMI-S Artificial Indication window
This section describes the SMI-S Artificial Indication window features and controls.
User ID Password Test Reset
Item
Description Enter user ID. Enter password. Sends the artificial indication. Resets user ID and password.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
566
�Set or Delete Certificate File for HCS window
Set or Delete Certificate File for HCS window
This section describes the Set or Delete Certificate File for HCS window features and controls.
Item Certificate file (.crt file)
Register Delete
Description
Note: Before specifying the file, ensure that a signed public key certificate (.crt) file has been acquired and the file is named server.crt. See Creating a public key using the OpenSSL command (on page 101).
Click Browse... or Select File and specify the certificate file (server.crt). The name of the button to click depends on the browser.
Registers the certificate for HCS.
Deletes the certificate for HCS.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
567
�TLS Security Settings window
TLS Security Settings window
This section describes the TLS Security Settings window features and controls.
Item Protocol
Description
Protocols that is allowed to be used in the communication path. The following protocols are supported: TLS1.2 TLS1.3
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
568
�TLS Security Settings window
Item
Description
Cipher Suites
Cipher Suites that are allowed to be used in the communication path. The following cipher suites are supported: TLS1.2
TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS1.3 TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384
Minimum Key Length Sets the minimum key length allowed for key exchange during the
(Key Exchange)
communications.
The minimum key length supported by the key exchange algorithm set on the TLS Security Setting dialog box in the Tool Panel dialog box is applied when a certificate with RSA public key is set during the communications between the management client and the SVP.
When the following cipher suites are valid, and when a server certificate, root certificate, or client certificate with an RSA public key is uploaded to the SVP, the key length of the RSA public key of the certificate must be longer than the key length selected on the TLS Security Setting dialog box in the Tool Panel dialog box.
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
569
�TLS Security Settings Communication Test window
Item Renegotiation
Description When the SVP communicates with a Syslog server, key management server, external authentication and authorization server, or Hitachi Command Suite server, the key length of the key exchange key set on the server must satisfy the following: RSA: 2048 bits or more DHE: 2048 bits ECDHE: secp256r1, secp384r1, or secp521r1 The supported key exchange algorithms have a minimum key lengths. RSA
2048 bits
3072 bits
4096 bits
DHE 2048 bits
ECDHE 256 bits (secp256r1)
384 bits (secp384r1)
521 bits (secp521r1)
Sets whether to allow (Yes) or disallow (No (Recommended)) renegotiation.
TLS Security Settings Communication Test window
This section describes the TLS Security Settings Communication Test window features and controls.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
570
�TLS Security Settings Communication Test window
Item
Description
Communication Test
Tests whether TLS communication is enabled for the following communication paths:
SVP Syslog Server
SVP Key Management Server
SVP LDAP Server
SVP HCS server
The following icons and status indicate the status of each communication path during the Communication Test:
: Processing : Normal : Skipped
: Error
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
571
�Item
Create CSR and Self-Signed Certificate window
Description If a problem occurs during the Communication Test, an error message appears in the field on the dialog box. : Waiting
Create CSR and Self-Signed Certificate window
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
572
�Create CSR and Self-Signed Certificate window
CSR Settings
Item
Description
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
573
�Create CSR and Self-Signed Certificate window
Country Name
Item
State or Province Name
Locality Name
Organization Name
Organization Unit Name
Common Name E-mail Address Optional Company Name
Private Key settings Key Type
Key Length
Password Re-entry Password Create CSR File and Key File
Create Self-Signed Certificate
Description
Enter the country name in 2 half-width alphabetic letters. (Example: US)
Enter the state or province name. (Example: California)
Enter the city or region name. (Example: San Jose)
Enter the organization name. (Example: Hitachi)
Enter the organization unit name. (Example: ITPro)
Enter the IP address or the host name.
(Optional) Enter your email address.
(Optional) Enter an additional organization name.
Select RSA or ECDSA from the pull-down menu.
Select the key length from the pull-down menu. The key lengths that you can select depend on the key type: RSA: 2048 bits, 3072 bits, 4096 bits ECDSA: 256 bits (secp256r1), 384 bits
(secp384r1), 521 bits (secp521r1)
Enter the password of the private key. No entry is required if you set no password
If you set a password, you must enter it. Reenter the password that you set in Password.
Open File Chooser, and then proceed to Download dialog box . The button is not activated unless you enter or select all required items for CSR settings and private key settings.
To create a self-signed certificate, select the check box. The default is off.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
574
�Create CSR and Self-Signed Certificate window
Profile (.cfg file)
Item
Default
Custom
Create Self-Signed Certificate File
Close
Description
By default, the system will automatically apply the default settings, and then no file selection is required.
Select the profile reference location. Click Browse or Select File to select the profile you want to browse. The name of the button to click depends on the browser. For more information about the Profile (.cfg file) settings, see the table in the following section.
Create a self-signed certificate file. The button is not activated unless you enter or select all of the following required fields:
CSR settings
Private key settings
Profile (Select Default or Custom. For Custom, select a file.)
Close the file setting window.
Profile (.cfg file) Profile (.cfg file) is a file that defines the parameters to be set with the self-signed certificate. The following describes the profile formats, settings, and parameters to be defined. File format
Format: Text Extension: .cfg Character code: ISO-8859-1 Line terminator: CRLF File settings Parameter 1 = Parameter 1 setting value Parameter 2 = Parameter 2 setting value Examples of profile (.cfg) descriptions days=3650 hashAlgorithm=SHA384 (available for SVP with firmware version 90-08-02/09 or earlier) Parameters to be defined by profile
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
575
�Flash Enable/Disable window
days
Item
hashAlgorithm
Description
Specifies the number of days that the certificate is valid from the time of self-signed certificate creation. An integer value from 1 to 3650 can be specified. It is recommended that the effective period be less than 825 days (27 months). If this parameter is not specified, 365 is set.
Specifies the hash algorithm to be used with the self-signed certificate. SHA256 or SHA384 can be specified. If SHA256 is specified, SHA-256 is set as the hash algorithm for the self-signed certificate. If SHA384 is specified, SHA-384 is set as the hash algorithm for the self-signed certificate. If this parameter is not specified, SHA-256 is set as the hash algorithm for the self-signed certificate.
Flash Enable/Disable window
Table 25
Item
Description
Current setting value Setting status of the function of displaying HDvM - SN by using Adobe Flash Player.
Disable
Disables the function of displaying HDvM - SN by using Adobe Flash Player.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
576
�Item Enable
CaptiveBundleUpload window
Description Enables the function of displaying HDvM - SN by using Adobe Flash Player. Caution: Adobe Flash Player is no longer supported. Do not enable use of HDvM - SN in the Adobe Flash Player environment.
CaptiveBundleUpload window
This section describes the CaptiveBundleUpload dialog box features and controls.
Item Specify a file to be uploaded
Upload
Table 26
Description
Selects Captive Bundle Application (CBA) file to be uploaded to the SVP. Click Browse or Select File to open the file selection window. The name of the button to click depends on the browser.
Uploads the selected CBA file to the SVP.
WSUS Settings
This section describes the Windows Server Update Services (WSUS) Settings dialog box features and controls
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
577
�WSUS Settings
Disable Enable Server URL
Item
Active hours
Next Cancel
Description
Disables the WSUS function.
Enables the WSUS function.
Enter the WSUS server URL to download Security Updates.
Example of URL: http://wsus.example.com, http://192.0.2.0
Add http:// or https:// at the beginning of the URL.
The URL can be specified by using a host name or an IP address.
Specify the URL with up to 511 characters using alphanumeric characters and the following symbols: ! $ % - . @ _ ` ~ / :
Specify the start and end time so that the active hours range is set between 6 and 18 hours. The automatic restart of the SVP for applying Security Updates is disabled during the specified active hours.
Opens the dialog box to confirm the WSUS settings updates.
Cancels the WSUS settings updates.
Appendix F: Tool Panel GUI Reference
System Administrator Guide for VSP 5000 Series
578
�Appendix G: SMI-S provider configuration file
To use this SMI-S function you must create a SMI-S provider configuration file. This section describes the SMI-S provider configuration files.
Supported TLS versions
The following table shows the TLS versions supported by the SMI-S function.
DKCMAIN program
version
Earlier than TLS1.2
TLS versions TLS1.2
Earlier than
No
Yes
90-02-00-xx
90-02-00-xx or later No
Yes
TLS1.3 No
Yes
Array-setting-01.properties file
The array-setting-01.properties file is an SMI-S provider user configuration file. This section describes the description format and organization format of SMI-S provider user configuration files and parameters to be defined.
File description format
The format of the array-setting-01.properties file includes the following items: File format: text Character code: ISO 8859-1 Line-end symbol: \n, \r, or \r\n Comment: Line on which # or ! is the first non-space character
File organization format
The organization of the array-setting-01.properties file is shown here: # comment line
Appendix G: SMI-S provider configuration file
System Administrator Guide for VSP 5000 Series
579
�Parameters defined in user configuration files
parameter1= parameter1_setting_value parameter2= parameter2_setting_value # comment line
Parameters defined in user configuration files
The following table describes the parameters can be specified in user configuration files. All parameters are optional. If no value is specified for a parameter, the default value applies. However, if you specify VVolForSnapshot, you must also specify PoolIDForSnapshot. Also note that, If you specify ResourceGroup, VVolForSnapshot and PoolIDForSnapshot ignored.
Parameter name
Description
VVolForSnapshot
Specifies virtual volumes that can be used by the SMI-S provider. For details, see VVolForSnapshot parameter (on page 580).
PoolIDForSnapshot
Specifies pools that can be used by the SMI-S provider. For details, see PoolIDForSnapshot parameter (on page 581).
ResourceGroup
Specifies the resource groups that the SMI-S provider can use. For details, see ResourceGroup parameter (on page 582).
PullOperationMaxTime Specifies the timeout value for Pull Operation.
This parameter is optional. If the timeout value is not specified, the default value applies. For details, see PullOperationMaxTime parameter (on page 583).
VVolForSnapshot parameter
Use the VVolForSnapshot parameter to specify virtual volumes, which are usable as S-VOLs, that the SMI-S provider can use when you operate Thin Image (HTI only) from CreateElementReplica of HITACHI_ReplicationService. All virtual volumes are specified by default.
Setting up the VVolForSnapshot parameter Set up the parameter by using <RangeOfVVol> and <SingleVVol> with a comma (,) as a delimiter: <RangeOfVVol>: Specifies a range of virtual volumes <SingleVVol>: Specifies a single virtual volume
Appendix G: SMI-S provider configuration file
System Administrator Guide for VSP 5000 Series
580
�PoolIDForSnapshot parameter
<RangeOfVVol> format <S2HexLDKC>:<S2HexCU>:<S2HexLDEV>to<E2HexLDKC>:<E2HexCU>:<E2HexLDEV> <S2HexLDKC>: LDKC number (two-digit hexadecimal) of the first virtual volume in the
specified range <S2HexCU>: CU number (two-digit hexadecimal) of the first virtual volume in the specified
range <S2HexLDEV>: LDEV number (two-digit hexadecimal) of the first virtual volume in the
specified range <E2HexLDKC>: LDKC number (two-digit hexadecimal) of the last virtual volume in the
specified range <E2HexCU>: CU number (two-digit hexadecimal) of the last virtual volume in the specified
range <E2HexLDEV>: LDEV number (two-digit hexadecimal) of the last virtual volume in the
specified range
<SingleVVol> format <2HexLDKC>:<2HexCU>:<2HexLDEV> <2HexLDKC>: LDKC number (two-digit hexadecimal) of the single virtual volume to be
specified <2HexCU>: CU number (two-digit hexadecimal) of the single virtual volume to be
specified <2HexLDEV>: LDEV number (two-digit hexadecimal) of the single virtual volume to be
specified
Example VVolForSnapshot=00:00:00to00:00:FF,00:02:00,00:04:00to00:04:FF In this example, a virtual volume having one of the following LDEV IDs is used as the snapshot target: From 00:00:00 (LDKC=0,CU=0,LDEV=0) to 00:00:FF (LDKC=0,CU=0,LDEV=255) 00:02:00 (LDKC=0,CU=2,LDEV=0) From 00:04:00 (LDKC=0,CU=4,LDEV=0) to 00:04:FF (LDKC=0,CU=4,LDEV=255)
PoolIDForSnapshot parameter
Use the PoolIDForSnapshot parameter to specify pools that the SMI-S provider can use when you run Thin Image (HTI only) from CreateElementReplica of HITACHI_ReplicationService. All pools are specified by default.
Appendix G: SMI-S provider configuration file
System Administrator Guide for VSP 5000 Series
581
�ResourceGroup parameter
Setting up the PoolIDForSnapshot parameter Set up the parameter by using <RangeOfPoolID> and <SinglePoolID> with a comma (,) as a delimiter: <RangeOfPoolID>: Specifies a range of pool IDs <SinglePoolID>: Specifies a single pool ID
<RangeOfPoolID> format <Start PoolID>to<End PoolID> <Start PoolID>: ID of the first pool in the specified range <End PoolID>: ID of the last pool in the specified range
<SinglePoolID> format <PoolID> <PoolID>: ID of the pool to be specified
Example PoolIDForSnapshot=1to2,4,6to8 In this example, pools having one of the following pool IDs are used as snapshot pools: 1 to 2 4 6 to 8
ResourceGroup parameter
Use the ResourceGroup parameter to specify resource groups that the SMI-S provider can use. All resource groups are specified by default.
Setting up the ResourceGroup parameter Set up the parameter by using <RangeOfResourceGroupID> and <SingleResourceGroupID> with a comma (,) as a delimiter: <RangeOfResourceGroupID>: Specifies a range of resource group IDs <SingleResourceGroupID>: Specifies a single resource group ID
<RangeOfResourceGroupID> format <Start ResourceGroupID>to<End ResourceGroupID> <Start ResourceGroupID>: ID of the first resource group in the specified range <End ResourceGroupID>: ID of the last resource group in the specified range
Appendix G: SMI-S provider configuration file
System Administrator Guide for VSP 5000 Series
582
�PullOperationMaxTime parameter
<SingleResourceGroupID> format <ResourceGroupID> <ResourceGroupID>: ID of the resource group to be specified
Example ResourceGroup=1to2,4,6to8 In this example, resource groups having one of the following resource group IDs are used: 1, 2, 4, 6, and 8
PullOperationMaxTime parameter
Use the PullOperationMaxTime parameter to specify the timeout value for the Pull Operation.
Setting up the PullOperationMaxTime parameter The setting unit is minute. If this parameter is not specified, the default timeout value is 1440 minutes (24 hours). Specify a number in the range from 0 to 7200. If the timeout value is set to 0, then no timeout is set. If the specified number is outside the available range, the timeout value is set to the
default value (1440 minutes).
Example PullOperationMaxTime=2000 In this example, the timeout value is set to 2000 minutes.
Appendix G: SMI-S provider configuration file
System Administrator Guide for VSP 5000 Series
583
�Hitachi Vantara
Corporate Headquarters 2535 Augustine Drive Santa Clara, CA 95054 USA
HitachiVantara.com/contact
� Antenna House PDF Output Library 6.6.1548 (Windows (x64)) Related Documents
Hitachi Virtual Storage Platform REST API Reference Guide
Hitachi Virtual Storage Platform REST API Reference Guide
Hitachi TrueCopy User Guide: Synchronous Data Replication for VSP Series
Hitachi Virtual Storage Platform G Series and F Series Universal Volume Manager User Guide
Hitachi RAID Manager コマンドリファレンス
Hitachi TrueCopy for Mainframe User Guide
Hitachi Cross-OS File Exchange User Guide
Hitachi Virtual Storage Platform G130, G/F350, G/F370, G/F700, G/F900 Provisioning Guide
