Disabling api authentication on the switch, Removing the current hafm appliance – HP StorageWorks 2.32 Edge Switch User Manual

SANtegrity Security Center

152

•

If you select Radius Only, the HAFM appliance checks to see whether a Radius server is

specified on the Radius Servers tab. If not, the Radius Only and Radius then Local options are

not available from the drop-down menu.

•

If one Radius server is set to Radius Only, the Radius then Local option is available.

•

The HAFM appliance cannot automatically populate API information to the Radius server so a

message displays indicating you have set API Authentication Method to Radius Only and that if

you have not properly defined the software on the Radius server, API authentication will fail and

the connectivity between software and product will be broken.

The ID and secret must be defined for the HAFM appliance so that:

•

After API authentication is enabled, the HAFM appliance is not locked.

•

If mutual authentication is required between software and switch, a software ID is needed. The

HAFM appliance is given a default ID during installation. Accept the default or provide another

ID name. The Software ID name must be unique. If the same ID is used, the latter is rejected and

the name must be changed.

Disabling API authentication on the switch

If API authentication is not enabled on a switch, the HAFM appliance can manage the switch if an

MPI link with the switch is established. If the HAFM appliance is not licensed with SANtegrity

Security Center, launch the Element Manager to add this appliance to the permitted software list for

the switch.

Adding the current HAFM appliance to the Permitted Software list

The Permitted Software list displays software IDs that are allowed to access the switch through API.

1.

To manage the switch, add the current HAFM appliance to the permitted list by selecting the

check box Include Current Server.
If the current appliance does not have a CHAP Secret defined, a message displays indicating

you have not defined a CHAP secret for this appliance yet.
If a CHAP Secret is defined, click OK to add the current HAFM appliance to the Permitted

Software list.

2.

To define a CHAP Secret for the HAFM appliance, click OK to display the Server Properties

dialog box. If you click Cancel, the Software tab displays with the check box not selected. The

HAFM appliance cannot be added without the CHAP Secret defined.

3.

Define the CHAP secret, and click OK on the Server Properties dialog box to return to the

Software tab.

4.

Click Apply or Apply To to populate the CHAP Secret and server ID to the selected switch or

switches. When the current server ID is stored in the switch, the Include current server check box

is disabled, but still selected. The check box can be enabled only if the current HAFM appliance

is removed from the Permitted Software list.

Removing the current HAFM appliance

To remove the current HAFM appliance, you can do one of the following: