Hitachi VSP G200, VSP G400, VSP G600, VSP G800, Virtual Storage Platform F400 System Administrator Manual

...

Hitachi Virtual Storage Platform Gx00 and Fx00

SVOS 7.3.1

System Administrator Guide

This document provides information and instructions to help you use the maintenance utility and some of the functions in Device Manager - Storage Navigator and change settings for VSP Gx00 models or VSP Fx00 models. It explains the GUI features and provides basic navigation information.

as needed to perform system administration tasks

MK-94HM8016-10 December 2017

2014, 2017 Hitachi, Ltd. All rights r

eserved.

No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including copying and recording, or stored in a database or retrieval system for commercial purposes without the express written permission of Hitachi, Ltd., or Hitachi Vantara Corporation (collectively “Hitachi”). Licensee may make copies of the Materials provided that any such copy is: (i) created as an essential step in utilization of the Software as licensed and is used in no other manner; or (ii) used for archival purposes. Licensee may not make any other copies of the Materials. “Materials” mean text, data, photographs, graphics, audio, video and documents.

Hitachi reserves the right to make changes to this Material at any time without notice and assumes no responsibility for its use. The Materials contain the most current information available at the time of publication.

Some of the features described in the Materials might not be currently available. Refer to the most recent product announcement for information about feature and product availability, or contact Hitachi Vantara Corporation at

https://support.hitachivantara.com/en_us/contact-

us.html.

Notice: Hitachi

products and services can be ordered only under the terms and conditions of the applicable Hitachi agreements. The use of

Hitachi products is governed by the terms of your agreements with Hitachi Vantara Corporation.

By using this software, you agree that you are responsible for:

1. Acquiring the relevant consents as may be required under local privacy laws or otherwise from authorized employees and other individuals to access relevant data; and

2. Verifying that data continues to be held, retrieved, deleted, or otherwise processed in accordance with relevant laws.

Notice on Export Controls. The technical data and technology inherent in this Document may be subject to U.S. export control laws, including

the U.S. Export Administration Act and its associated regulations, and may be subject to export or import regulations in other countries. Reader agrees to comply strictly with all such regulations and acknowledges that Reader has the responsibility to obtain licenses to export, re-export, or import the Document and any Compliant Products.

Hitachi is a registered trademark of Hitachi, Ltd., in the United States and other countries.

AIX, AS/400e, DB2, Domino, DS6000, DS8000, Enterprise Storage Server, eServer, FICON, FlashCopy, IBM, Lotus, MVS, OS/390, PowerPC, RS/6000, S/390, System z9, System z10, Tivoli, z/OS, z9, z10, z13, z/VM, and z/VSE are registered trademarks or trademarks of International Business Machines Corporation.

Active Directory, ActiveX, Bing, Excel, Hyper-V, Internet Explorer, the Internet Explorer logo, Microsoft, the Microsoft Corporate Logo, MS-DOS, Outlook, PowerPoint, SharePoint, Silverlight, SmartScreen, SQL Server, Visual Basic, Visual C++, Visual Studio, Windows, the Windows logo, Windows Azure, Windows PowerShell, Windows Server, the Windows start button, and Windows Vista are registered trademarks or trademarks of Microsoft Corporation. Microsoft product screen shots are reprinted with permission from Microsoft Corporation.

All other trademarks, service marks, and company names in this document or website are properties of their respective owners.

Preface................................................................................................... 13

Intended audience............................................................................................. 13

Product version..................................................................................................13

Release notes....................................................................................................13

Changes in this revision.....................................................................................14

Referenced documents......................................................................................14

Document conventions...................................................................................... 14

Conventions for storage capacity values........................................................... 16

Accessing product documentation.....................................................................17

Getting help........................................................................................................17

Comments..........................................................................................................17

Chapter 1: System administration overview...................................... 19

System management architecture..................................................................... 19

Ways to administer the storage system.............................................................20

Overview of Storage Advisor........................................................................20

Unified management of block storage and file storage...........................21

Dashboard...............................................................................................22

Inventory and resource information........................................................ 27

Device Manager - Storage Navigator........................................................... 27

Maintenance utility........................................................................................28

NAS Manager...............................................................................................29

Chapter 2: Preparing your management software.............................31

Configuring Storage Advisor..............................................................................31

Configuring Device Manager - Storage Navigator............................................. 31

Setting up a management client...................................................................31

Contents

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 3

Requirements for management clients................................................... 31

Setting up TCP/IP for a firewall...............................................................35

Configuring the web browser.................................................................. 35

Device Manager - Storage Navigator secondary windows...........................35

Requirements for using HDvM - SN secondary windows....................... 36

Enabling the Device Manager - Storage Navigator secondary

window.................................................................................................... 37

Logging in to Device Manager - Storage Navigator..................................... 37

Initial superuser login.............................................................................. 37

Normal login............................................................................................38

Changing your password........................................................................ 39

Adding your SVP to the trusted sites zone for Windows Server

computers............................................................................................... 39

Accessing the maintenance utility......................................................................40

Starting from Hitachi Command Suite.......................................................... 41

Starting from Hitachi Device Manager - Storage Navigator......................... 41

Accessing a storage system without management software............................. 42

Chapter 3: Configuring the storage system....................................... 45

System administration tasks at a glance........................................................... 45

System administration using the maintenance utility......................................... 48

Changing the date and time......................................................................... 48

Changing the controller clock settings.................................................... 48

Changing the SVP clock settings............................................................48

Enabling IPv6 communication...................................................................... 49

Changing network communication settings............................................ 49

Changing network permissions...............................................................50

Creating a login message.............................................................................50

Forcing the system lock to release...............................................................50

Registering the primary SVP host name...................................................... 51

System administration using Device Manager - Storage Navigator.................. 52

Setting storage system information.............................................................. 52

Contents

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 4

Backing up HDvM - SN configuration files................................................... 52

Restoring HDvM - SN configuration files .....................................................53

Changing the administrator password............................................................... 54

System administration using NAS Manager...................................................... 55

Changing the system date and time of the NAS modules............................55

Miscellaneous system administration considerations........................................ 56

Modifying SVP port numbers........................................................................56

Viewing the port number used in SVP.................................................... 57

Effects of changing SVP port numbers................................................... 58

Changing the SVP port number.............................................................. 59

Initializing the SVP port number..............................................................60

Reassigning an automatically assigned port number............................. 61

Initializing and reassigning an automatically assigned port number ...... 62

Changing the range of an automatically assigned port number..............62

Initializing the range of an automatically assigned port number............. 63

Chapter 4: User administration............................................................65

User administration for maintenance utility........................................................65

Required roles for operating Maintenance Utility......................................... 65

Setting up user accounts..............................................................................66

Disabling user accounts............................................................................... 68

Removing user accounts..............................................................................71

Backing up user accounts............................................................................ 73

Restoring user account information..............................................................74

Managing users, user groups, and accounts.....................................................75

User administration overview....................................................................... 75

Workflow for creating and managing user accounts.....................................76

Administrator tasks..................................................................................76

User tasks............................................................................................... 77

Managing user accounts.............................................................................. 77

Creating user accounts........................................................................... 77

Contents

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 5

Character restrictions for user names and passwords............................78

Changing user passwords...................................................................... 81

Changing user permissions.....................................................................82

Enabling or Disabling user accounts.......................................................83

Deleting user accounts............................................................................83

Releasing a user lockout.........................................................................84

Session timeout.......................................................................................84

Managing user groups..................................................................................84

Roles.......................................................................................................85

Built-in groups, roles, and resource groups............................................ 87

Verifying the roles available to a user group...........................................90

Checking if a role is available to a user group........................................ 90

Creating a new user group......................................................................90

Changing a user group name................................................................. 91

Changing user group permissions.......................................................... 92

Changing assigned resource groups...................................................... 92

Deleting a user group..............................................................................93

Creating resource groups and managing storage system resources...........93

When to use resource groups ................................................................93

System configuration using resource groups..........................................94

Resource group examples...................................................................... 94

Meta_resource........................................................................................ 97

Resource lock......................................................................................... 97

User groups.............................................................................................97

Resource group assignments................................................................. 97

Operations in a resource group for NAS modules.................................. 98

Resource group rules, restrictions, and guidelines................................. 98

Managing resource groups..................................................................... 99

Resource access requirements for Device Manager - Storage

Navigator operations.............................................................................101

Creating configuration files......................................................................... 116

Contents

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 6

Creating an LDAP configuration file...................................................... 116

Creating a RADIUS configuration file....................................................120

Creating a Kerberos configuration file...................................................125

User Administration for NAS Manager.............................................................130

Administrator types and responsibilities..................................................... 130

Adding an SMU user (an administrator)..................................................... 131

Changing user passwords..........................................................................135

Changing your own password...............................................................135

Changing another user's password.......................................................136

Changing an SMU user profile................................................................... 140

Chapter 5: Setting up security...........................................................145

Setting up TCP/IP for a firewall........................................................................145

Working with certificates.................................................................................. 145

Managing HCS certificates.........................................................................145

Registering HCS certificates................................................................. 145

Deleting HCS certificates...................................................................... 146

Managing SSL certificates..........................................................................146

Flow of SSL communication settings.................................................... 147

Creating a keypair.................................................................................147

Obtaining a signed certificate................................................................149

Verifying and releasing an SSL certificate passphrase.........................150

Converting SSL certificates to PKCS#12 format...................................151

Updating a signed certificate.................................................................151

Notes on updating a signed certificate for the service processor......... 152

Returning the certificate to default........................................................ 152

Selecting a cipher suite.........................................................................153

Problems with website security certificates...........................................153

Updating the certificate files....................................................................... 154

Releasing HTTP communication blocking..................................................155

Disabling TLSv1.0 and TLSv1.1 communications......................................156

Contents

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 7

Enabling TLSv1.0 and TLSv1.1 communications.......................................156

Blocking HTTP communication to the SVP ............................................... 156

Setting up authentication and authorization.....................................................157

Authentication server protocols.................................................................. 158

Authorization server requirements............................................................. 158

Connecting two authentication servers...................................................... 159

Connecting authentication and authorization servers................................ 159

Naming a user group in Device Manager - Storage Navigator...................160

SMU user authentication................................................................................. 160

Active Directory user authentication...........................................................161

Using Transport Layer Security (TLS) with Active Directory

authentication............................................................................................. 162

Configuring Active Directory servers.......................................................... 162

Configuring Active Directory groups...........................................................166

User authentication through RADIUS servers (HNAS server only)............171

Displaying list of RADIUS servers.............................................................. 172

Adding a RADIUS server............................................................................172

Displaying details of RADIUS server..........................................................174

Configuring SMU security (NAS module only)........................................... 175

Chapter 6: Alert notifications.............................................................177

Viewing alert notifications................................................................................ 177

Configuring alert notifications.......................................................................... 177

General settings......................................................................................... 178

Email settings............................................................................................. 179

Syslog settings........................................................................................... 179

SNMP settings............................................................................................180

Sending test messages................................................................................... 181

Sending a test email message................................................................... 181

Example of a test email message......................................................... 181

Sending a test Syslog message................................................................. 182

Sending a test SNMP trap..........................................................................182

Contents

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 8

Using the Windows event log.......................................................................... 182

Monitoring failure information in the Windows event log............................ 183

Viewing the Windows event log..................................................................184

Output example of the failure information.................................................. 184

Chapter 7: Managing license keys.................................................... 187

Overview..........................................................................................................187

License key types............................................................................................ 187

Using the permanent key........................................................................... 188

Using the term key......................................................................................188

Using the temporary key.............................................................................188

Using the emergency key...........................................................................189

Cautions on license capacities in license-related windows............................. 189

Estimating licensed capacity............................................................................189

Software and licensed capacity..................................................................190

Calculating licensed capacity for a normal volume.................................... 191

Calculating licensed capacity for an external volume.................................192

Calculating pool capacity............................................................................192

Accelerated compression-enabled parity group capacity...........................193

Managing licenses........................................................................................... 193

Installing block and file licenses using NAS Manager................................ 194

Adding a license key............................................................................. 194

Installing block licenses using maintenance utility..................................... 195

Enabling a license...................................................................................... 196

Disabling a license......................................................................................196

Removing a software license..................................................................... 196

Removing a Data Retention Utility license................................................. 197

Examples of license information.................................................................197

License key expiration..................................................................................... 198

Chapter 8: Configuring audit logs.....................................................199

Audit log settings............................................................................................. 199

Contents

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 9

Setting up a syslog server.......................................................................... 199

Exporting an audit log.................................................................................200

Send test message to syslog server.......................................................... 200

Chapter 9: Managing storage system reports..................................203

About storage system reports..........................................................................203

Viewing configuration reports...........................................................................203

Viewing configuration reports in the Reports window.................................204

Creating configuration reports.................................................................... 204

Deleting configuration reports.................................................................... 204

Collecting dump files using the Dump tool ......................................................205

Appendix A: Examples of storage configuration reports............... 207

Reports in table view........................................................................................207

CHAP Users report.....................................................................................208

Disk Boards report......................................................................................208

Host Groups / iSCSI Targets report............................................................209

Hosts report................................................................................................210

Logical Devices report................................................................................ 211

LUNs report................................................................................................ 213

MP Units report...........................................................................................214

MP Unit Details report................................................................................ 215

Parity Groups report................................................................................... 216

Physical Devices report..............................................................................218

Ports report.................................................................................................219

Power Consumption report.........................................................................222

Spare Drives report.................................................................................... 224

SSD Endurance report............................................................................... 225

Storage System Summary report............................................................... 226

Reports in graphical view.................................................................................231

Cache Memories report..............................................................................231

Channel Boards report............................................................................... 233

Contents

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 10

Physical View report...................................................................................236

CSV files.......................................................................................................... 242

AllConf.csv..................................................................................................242

CacheInfo.csv.............................................................................................243

ChapUserInfo.csv.......................................................................................244

ChaStatus.csv............................................................................................ 244

DeviceEquipInfo.csv...................................................................................245

DkaInfo.csv.................................................................................................245

DkaStatus.csv.............................................................................................246

DkcInfo.csv.................................................................................................246

DkuTempAveInfo.csv..................................................................................247

DkuTempInfo.csv........................................................................................248

DkuTempMaxInfo.csv.................................................................................250

DkuTempMinInfo.csv..................................................................................251

ELunInfo.csv...............................................................................................252

EnvMonInfo.csv..........................................................................................255

FcSpNameInfo.csv..................................................................................... 256

FcSpPortInfo.csv........................................................................................ 257

HduInfo.csv.................................................................................................258

IscsiHostInfo.csv.........................................................................................258

IscsiPortInfo.csv......................................................................................... 259

IscsiTargetInfo.csv......................................................................................261

JnlInfo.csv...................................................................................................262

LdevCapaInfo.csv.......................................................................................262

LdevCountInfo.csv......................................................................................263

LdevInfo.csv............................................................................................... 264

LdevStatus.csv........................................................................................... 267

LPartition.csv..............................................................................................268

LunInfo.csv................................................................................................. 268

LunPortInfo.csv...........................................................................................270

MicroVersion.csv........................................................................................ 272

Contents

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 11

MlcEnduranceInfo.csv................................................................................ 273

ModePerLpr.csv..........................................................................................274

MpPathStatus.csv.......................................................................................274

MpPcbStatus.csv........................................................................................275

PcbRevInfo.csv...........................................................................................276

PdevCapaInfo.csv...................................................................................... 277

PdevInfo.csv...............................................................................................277

PdevStatus.csv...........................................................................................279

PECBInfo.csv............................................................................................. 279

PkInfo.csv...................................................................................................280

PpInfo.csv...................................................................................................282

SMfundat.csv..............................................................................................282

SsdDriveInfo.csv.........................................................................................283

SsidInfo.csv................................................................................................ 284

SysoptInfo.csv............................................................................................ 284

WwnInfo.csv............................................................................................... 285

Appendix B: System option modes...................................................287

System option modes...................................................................................... 287

Glossary........................................................................................... 349

Index................................................................................................. 363

Preface

This document provides information and instructions to help you use the maintenance utility and some of the functions in Device Manager - Storage Navigator as needed to perform system administration tasks and change settings for VSP Gx00 models or VSP Fx00 models. It explains the GUI features and provides basic navigation information.

Please read this document carefully to understand how to use the software described in this manual, and keep a copy for reference.

Intended audience

This document is intended for system administrators, Hitachi Vantara representatives, and authorized service providers who install, congure, and operateVSP Gx00 models or VSP Fx00 models

Readers of this document should be familiar with the following:

■

Data processing and RAID storage systems and their basic functions.

■

Hitachi Virtual Storage Platform G200, G400, G600, G800 or Hitachi Virtual Storage Platform F400, F600, F800 storage systems.

■

The operating system and web browser software on the SVP hosting the Device Manager - Storage Navigator software.

■

The Windows 7 operating system and the management software on the management server.

systems.

Product version

This document revision applies to the following product versions:

■

VSP Gx00 models and VSP Fx00 models: Firmware 83-05-1x or later

■

SVOS 7.3.1 or later

Release notes

Read the release notes before installing and using this product. They may contain requirements or restrictions that are not fully described in this document or updates or corrections to this document. Release notes are available on Hitachi Vantara Support Connect:

https://knowledge.hitachivantara.com/Documents.

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 13

Preface

Changes in this revision

■

Added procedure for enabling and disabling TLSv1.0 and TLSv1.1 communications.

■

Updated the description of system option modes (SOMs) 15 and 1106.

Referenced documents

The following documents are referenced in this guide.

■

Performance Guide, MK-94HM8012

■

Hitachi SNMP Agent User Guide, MK-94HM8015

Document conventions

This document uses the following storage system terminology conventions:

Changes in this revision

Convention Description

VSP Gx00 models Refers to all of the following models, unless otherwise noted.

■

Hitachi Virtual Stor

■

Hitachi Virtual Storage Platform G400

■

Hitachi Virtual Storage Platform G600

■

Hitachi Virtual Storage Platform G800

age Platform G200

VSP Fx00 models Refers to all of the following models, unless otherwise noted.

■

Hitachi Virtual Storage Platform F400

■

Hitachi Virtual Storage Platform F600

■

Hitachi Virtual Storage Platform F800

This document uses the following typographic conventions:

Convention Description

Bold

■

Indicates te

xt in a window, including window titles, menus,

menu options, buttons, elds, and labels. Example:

Click OK.

■

Indicates emphasized wor

ds in list items.

Preface

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 14

Convention Description

Document conventions

Italic

Monospace

< > angle

ackets

[ ] square

ackets

■

Indicates a document title or emphasized wor

■

Indicates a variable, which is a placeholder for actual text

ds in text.

provided by the user or for output by the system. Example:

pairdisplay -g g

roup

(For exceptions to this convention for variables, see the entry for angle brackets.)

Indicates text that is displayed on screen or entered by the user. Example: pairdisplay -g oradb

Indicates variables in the following scenarios:

■

Variables are not clearly separated from the surrounding text or from other variables. Example:

Status-<r

■

Variables in headings.

eport-name><file-version>.csv

Indicates optional values. Example: [ a | b ] indicates that you can choose a, b, or nothing.

{ } braces Indicates required or expected values. Example: { a | b } indicates

that you must choose either a or b.

| vertical bar Indicates that you have a choice between two or more options or

arguments. Examples:

[ a | b ] indicates that you can choose a, b, or nothing.

{ a | b } indicates that you must choose either a or b.

This document uses the following icons to draw attention to information:

Icon Label Description

Note Calls attention to important or additional information.

Tip Provides helpful information, guidelines, or suggestions for

performing tasks mor

e eectively.

Caution Warns the user of adverse conditions and/or consequences

(for example, disruptive operations, data loss, or a system crash).

Preface

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 15

Conventions for storage capacity values

Icon Label Description

WARNING Warns the user of a hazardous situation which, if not

avoided, could r

esult in death or serious injury.

Conventions for storage capacity values

Physical stor

age capacity values (for example, disk drive capacity) are calculated based

on the following values:

Physical capacity unit Value

1 kilobyte (KB) 1,000 (10 3) b

ytes

1 megabyte (MB) 1,000 KB or 1,0002 bytes

1 gigabyte (GB) 1,000 MB or 1,0003 bytes

1 terabyte (TB) 1,000 GB or 1,0004 bytes

1 petabyte (PB) 1,000 TB or 1,0005 bytes

1 exabyte (EB) 1,000 PB or 1,0006 bytes

Logical capacity values (for example, logical device capacity, cache memory capacity) are calculated based on the follo

wing values:

Logical capacity unit Value

1 block 512 bytes

1 cylinder Mainframe: 870 KB

Open-systems:

■

OPEN-V: 960 KB

■

Others: 720 KB

1 KB 1,024 (210) b

ytes

1 MB 1,024 KB or 1,0242 bytes

1 GB 1,024 MB or 1,0243 bytes

1 TB 1,024 GB or 1,0244 bytes

1 PB 1,024 TB or 1,0245 bytes

1 EB 1,024 PB or 1,0246 bytes

Preface

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 16

Accessing product documentation

Product user documentation is available on Hitachi Vantara Support Connect: https://

knowledge.hitachivantara.com/Documents. Check this site for the most curr

documentation, including important updates that may have been made after the release of the product.

Getting help

Accessing product documentation

ent

Hitachi Vantara Support Connect is the destination for technical support of pr

solutions sold by Hitachi Vantara. To contact technical support, log on to Hitachi Vantara Support Connect for contact information:

contact-us.html.

Hitachi Vantara Community is a global online community for

partners, independent software vendors, employees, and prospects. It is the destination to get answers, discover insights, and make connections. Join the conversation today! Go to

Comments

Please send us your comments on this document to

doc.comments@hitachivantara.com. Include the document title and number, including

the r whenever possible. All comments become the property of Hitachi Vantara Corporation.

Thank you!

oducts and

https://support.hitachivantara.com/en_us/

Hitachi Vantara customers,

community.hitachivantara.com, r

evision level (for example, -07), and refer to specic sections and paragraphs

egister, and complete your prole.

Preface

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 17

Chapter 1: System administration overview

This chapter provides a high-level view of system administration tasks for the Hitachi Virtual Storage Platform G200, G400, G600, G800 or Hitachi Virtual Storage Platform F400, F600, F800 storage systems. It describes:

■

Software architecture and access to system administration tools from management software (Hitachi Storage Advisor and Hitachi Command Suite).

■

System administration tasks for the VSP Gx00 models and VSP Fx00 models storage systems, including some with NAS modules installed to provide native le functionality (VSP G400, G600, G800).

System management architecture

The follo architecture. It shows the access points that a system administrator can use to congure and manage the system settings.

wing gure shows a high-level view of the storage system management software

Chapter 1: System administration overview

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 19

Ways to administer the storage system

The system administration tasks described in this guide apply to all VSP Gx00 models and Hitachi Virtual Storage Platform F400, F600, F800 storage systems, including those with NAS modules.

Users with storage systems that do not have NAS modules use Hitachi Storage Advisor (HSA), Device Manager - Storage Navigator, and the maintenance utility to administer block operations. If your storage system includes NAS modules, use NAS Manager to administer settings are synchronized with block operations.

For more information about administration tasks for le operations, see the following documentation:

■

Storage Subsystem Administration Guide (MK-92HNAS012)

■

Storage System User Administration Guide (MK-92HNAS013)

■

File Services Administration Guide (MK-92HNAS006)

■

Server and Cluster Administration Guide (MK-92HNAS010)

■

System Access Guide (MK-92HNAS014)

le operations, and then use the maintenance utility to verify that the

For more information about HSA, see the following documentation:

■

Hitachi Storage Advisor Getting Started Guide (MK-94HSA001)

■

Hitachi Storage Advisor RESTful API Reference Guide (MK-94HSA003)

■

Hitachi Storage Advisor User Guide (MK-94HSA004)

You can also perform some administration tasks from a command line. For information, see Command Control Interface User and Reference Guide (MK-90RD7010) and the Command Control Interface Command Reference (MK-90RD7009), which you can access from the Documentation page of NAS Manager.

Overview of Storage Advisor

Hitachi Storage Advisor is a complexity of managing storage systems by simplifying the setup, management, and maintenance of storage resources.

Storage Advisor reduces infrastructure management complexities and enables a new simplied approach to managing storage infrastructures. It provides intuitive graphical user interfaces and recommended conguration practices to streamline system congurations and storage management operations. You can leverage Storage Advisor to easily provision new storage capacity for business applications without requiring indepth knowledge of the underlying infrastructure resource details. It provides centralized management while reducing the number of steps to congure, optimize, and deploy new infrastructure resources.

unied software management tool that reduces the

Some of the key Storage Advisor capabilities include:

■

Simplied user experience for managing infrastructure resources. Visual aids enable easy viewing and interpretation of key management information, such as used and available capacity, and guide features to help quickly determine appropriate next steps for a given management task.

■

Recommended system congurations to speed initial storage system setup and accelerate new infrastructure resource deployments.

Chapter 1: System administration overview

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 20

Unied management of block storage and le storage

■

ated conguration workows with Hitachi recommended practices to

Integr

eamline storage provisioning and data protection tasks.

str

Common, centralized management for supported storage systems.

A REST-based API to provide full management programmability and control in addition to unied le-based management support.

■

Storage Advisor enables automated SAN zoning during volume attach and detach. Optional auto-zoning eliminates the need for repetitive zoning tasks to be performed on the switch.

Unified management of block storage and file storage

Storage Advisor can be used to onboard and congure both block storage and le storage if NAS modules are included in the chassis of a supported storage system.

Understand block and le storage

■

Block storage:

In block storage, volumes of storage are created. A server-based operating system can connect to each block of storage and control it as an individual hard drive. Each storage block can be individually formatted with the required le system, such as NTFS or VMFS. Block storage systems are typically deployed in a Storage Area Network (SAN) environment.

From the dashboard of Storage Advisor, you can discover, register, and onboard a block storage system.

■

File storage:

Storage Advisor supports unied onboarding and conguration of le storage in the form of NAS modules.

If a supported storage system includes NAS modules, the le storage is automatically added with the block storage. Then le pools and other le resources can be created in the Storage Advisor interface or by using the API.

Adding block and le storage together

Storage Advisor enables you to add block and le storage in a single step. The only requirements are the service processor (SVP) IP address, user name, and password. When the le storage is added, the cluster is automatically registered in Storage Advisor.

Unied conguration

Once a storage system is onboarded, all block and le resources can be congured and managed from a single Storage System page. File pool creation workow incorporates best practices that simplify workow and enhance usability. The le pools are used to easily create virtual le servers, le systems, and shares and exports. File system creation automatically mounts and formats the new le system.

Unied reporting

Capacity is reported for all aggregated storage systems in the dashboard.

Capacity is also displayed for each storage system in the Storage System detail page.

Three views of capacity are available: le only, block only, or a unied view of block and

le.

Chapter 1: System administration overview

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 21

Dashboard

Once a storage system has been onboarded to Storage Advisor, the dashboard displays as soon as you log in. The Storage Advisor dashboard provides the tools to easily congure, manage, and monitor storage systems.

Dashboard

From the Storage Advisor dashboard, you can access managed resources and provision

age in the context of a given storage system or server. The provided templates and

stor congurations make it possible to quickly and easily provision a storage system, without knowing the details of the underlying hardware and software.

The top navigation menu provides access to Jobs and Monitoring pages. Links to the following settings are available, based on the user role:

■

Tier Management

■

Security Settings

■

SNMP Settings

■

Change Local Password

The dashboard has three distinct sections:

■

Resource side panel: The left pane provides quick access to review the conguration of your storage systems, servers, and fabric switches. If the storage system includes NAS modules, virtual le servers can also be accessed.

■

Alert tiles: Four alert tiles represent various aspects of the health of the storage system. When Storage Advisor detects a problem with a storage system environment, a number appears in the tile. The number indicates the number of alerts for that aspect of the storage system. Click the alert tile to go directly to a summary of the problems.

■

Resource summary: The middle area, with the information gauge, provides a summary of the capacity allocated from the registered storage systems.

Resource side panel

The resource side panel enables quick access to storage systems and to servers.

■

Click Storage Systems to view and add storage systems.

Chapter 1: System administration overview

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 22

Dashboard

■

Click Servers to vie

■

Click Fabric Switches to view and add fabric switches.

■

Click Virtual File Servers to view and add virtual le servers. Displays if the storage

w and add servers.

system includes NAS modules.

Alert tiles

oss the top of the dashboard are tiles that display alerts for storage capacity, data

Acr protection, jobs, and hardware.

If a tile includes a circled check mark, there are no alerts for that part of the storage system, and everything is functioning normally. A number in a red circle within a tile indicates one or more problems with that part of the storage system.

You can click a tile for Capacity Alerts, Data Protection Alerts, or Hardware Alerts to view the summary for the category in the Monitoring tab.

The Jobs Alert tile displays the number of jobs in the last 24 hours with a status of Failed or Success with Errors.

Resource summary

The circular information gauge displays capacity metrics for the available storage.

■

If the storage systems include le storage, you can click Block or File next to the information gauge to view a legend and capacity values for either type of storage. Click Unied to view a legend and capacity values for both block and le.

■

For block-only stor

age systems, the numerical data for each capacity parameter in the

ring is displayed to the left of the information gauge.

■

The number in the center of the rings shows the total usable capacity of all storage systems. The total usable capacity is the capacity available from all the parity groups across all storage systems.

If you do not have any parity groups congured on the storage system, this number is

o and all other data points in the capacity visualization are zero.

zer

Note: T

o understand uninitialized raw capacities, review the available

unused disks on the detail page for each storage system.

■

The light gr

ey ring indicates the sum of all pool capacity available across all storage systems. The dark grey indicates the parity group capacity that is not yet allocated to pools.

If you do not have any pools created, the light grey ring indicates zero. As you create pools, this number increases to eventually become equal to the total usable capacity when you have consumed all parity groups for pool creation.

Note: Allocated to Pools plus Unallocated to Pools equals the T

otal Usable

Capacity in the center of information gauge.

■

The light gr

een ring (Thin Used) indicates the storage utilization. As you create volumes on the pools and start consuming capacity, the utilization of thin pools increases and you will notice the value in green starting to increase.

If Thin Used starts to increase and get closer to your total pool capacity, that indicates that the pools may be starting to ll up.

Chapter 1: System administration overview

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 23

Dashboard

Note: The Thin Fr

ee and Thin Used capacities include both Thin and Snap.

Thin Used plus Thin Free equals Allocated to Pools.

■

Physical capacity allocated to le pools is indicated by medium blue in the File view and by light blue in the Unied view.

■

File pool utilization is indicated by light blue in the File view and by medium blue in the Unied view.

■

File over-commit capacity is represented by darkest gray in the outer ring of the File view.

■

The subscribed capacity of all volumes, as a percentage, is represented by white in the outermost ring in the Block and Unied views. If the white ring extends outside the circle, it indicates oversubscription. Capacity subscription beyond the total available capacity should not be an issue if your capacity utilization is well within the total capacity.

■

Physical capacity, or total usable capacity across all parity groups, is represented by dark blue in the outermost ring in the Block and Unied views.

If you notice the total pool capacity (light grey) and Thin used (light green) values getting closer to total capacity, you may be running out of storage on one or more storage systems and may need to add disks to increase storage capacity. Review the information gauge for each storage system to identify which storage system needs additional capacity. In addition, check disks for each storage system to determine if there is unused capacity available for parity group creation.

The right side of the resource summary oers alternate views:

■

Protection: is the breakdown of data protection metrics including a representation of types of protected, unprotected, and secondary capacity and gauge of the total percentage of capacity protected.

■

Tier Breakdown: is a visualization of the amount of each tier that is allocated to pools.

■

Savings: tab displays the following ratios:

●

Data Reduction: : The ratio of logical used capacity to the physical used capacity, for all compression and deduplication technologies. It is calculated as follows:

■

For disk-based compression = Capacity 1 / Capacity 2.

■

For controller-based compression = Capacity 3 / Capacity 4.

■

Data reduction savings = Capacity 1 + Capacity 3 / Capacity 2 + Capacity 4.

■

Capacity 1 = logical used capacity of a parity group.

■

Capacity 2 = physical used capacity of a parity group.

■

Capacity 3 = logical used capacity of a pool.

■

Capacity 4 = physical used capacity of a pool.

●

Capacity Eciency: : The ratio of Thin Free plus Thin Used to the physical used capacity. Capacity eciency is only calculated for volumes on HDP and HDT pools.

■

If disk-based compression is in use, either alone or in combination with controller-based compression, the physical used capacity is that resulting from disk-based compression alone.

■

If only controller-based compression is in use, the physical used capacity is that resulting from controller-based compression.

Chapter 1: System administration overview

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 24

Analyzing data in the dashboard

■

If no compr

ession is in use then physical used capacity is the used capacity of

the pool(s).

Analyzing data in the dashboard

The dashboard is a visual display of the important information needed to analyze the overall capacity utilization and health of your storage system. It provides visual indicators such as total usable capacity, current utilization, data protection summary, and monitoring alerts.

Analyzing data shown in alert tiles

The alert tiles collectively present the health of the storage system environment. In one glance you can verify that the overall health is sound if you see no alerts on the alert tiles. This means that there are no capacity or hardware issues in the environment, no failed jobs in the last 24 hours and that the data protection is working without any issues.

If there are any alerts, you can drill down to the relevant alert page to investigate the cause. Storage Advisor provides alerts for capacity utilization, hardware, data protection, and jobs status.

Analyzing data in the information gauge

The information gauge provides a visual indication of the total capacity of all storage systems managed by Storage Advisor.

The capacity indicated in the center of the ring is the total usable capacity available via the

congured parity groups. After you add a storage system and congure parity groups, the total capacity indicator will show the capacity from the newly added storage system. The Thin Used capacity (light green ring) indicates the total capacity that is currently being used. If the usage is around 70-80% of the total capacity, you may receive capacity alerts based on the thresholds set by your storage administrator. The default thresholds are 70% and 80%, and can be changed during pool creation.

The light grey ring that provides a sum of capacities of all pools in the systems should be closer to 100% capacity. This would mean that you are using your entire parity group capacity by allocating it to pools. If the Thin Used capacity ring (light green) nears the total capacity (light grey ring) then you may run out of pool capacity soon. In such a case, expand the pool to consume more capacity.

If you notice that the total pool capacity (light grey ring) and Thin used (light green ring) values are getting closer to total capacity, you may be running out of disk capacity on one or more storage systems and would need to add disk space to increase storage capacity. Before adding disk space:

Chapter 1: System administration overview

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 25

Analyzing data in the dashboard

■

view the information gauge for each storage system to identify which storage

Re system needs additional capacity.

■

Review unused disks for each storage system to determine if any raw unused capacity is available for parity group creation.

Capacity subscription beyond the total available capacity should not be an issue if your thin capacity utilization is well within the total capacity.

Analyzing tier metrics

As parity groups are created, the various disk types become categorized into tiers. The tiers and corresponding disk types are shown below.

Table 1 Tier denitions

Tier Disk type

Platinum SSD, FMD, and FMD DC2

Gold SAS 15 k

Silver SAS 10 k

Bronze SAS 7.2 k

Note: Adding all tier capacities together equals the T

otal Usable Capacity in

the center of the information gauge.

Analyzing data protection metrics

The balance of your protected primary volumes and secondary volumes depends on the number of copies you have chosen to maintain, and also on the type of the data protection technology being used. If you choose to set aside more volumes for data protection, then the overall usable capacity may be aected. On the other hand, if you have a large amount of unprotected data, you may want to consider data protection options.

Note: These data pr

otection capacity numbers are based on oversubscribed allocations and as a result will correlate with the overall oversubscription percentage, not the usable capacity numbers represented in the rest of the information gauge.

Chapter 1: System administration overview

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 26

Inventory and resource information

The inventory pages display details about the storage system resources in Storage Advisor. These resources include storage systems, servers, ports, and pools, volumes, parity groups, external parity groups (if the storage system has external storage), and replication groups. If the storage system has NAS modules, resources will also include le pools, virtual le servers, performed on the inventory pages, such as the following:

■

You can select one or more resources and delete them.

When you delete a storage system, you disassociate it from Storage Advisor. When you delete a pool or volume, the resource is de-provisioned and removed from the storage system.

■

When a parity group is deleted, it is removed from the storage system and the disks used to create the parity group are no longer in use. You can delete the parity group if you want to recongure the storage system with some other RAID conguration or simply decommission the array. If the parity group is in use by a pool, the parity group deletion will fail.

■

You can select one or more of the same type of resources and update their properties. The properties that can be updated depend on the type of resource.

■

You can click a particular resource to see more details about it on its resource detail page.

●

When you delete a block pool, the parity groups used by the pool will no longer be in In Use status. The pool volumes on these parity groups will be formatted and the parity group will eventually be in Available status.

●

When you delete a volume, the pool subscription will go down. Volume deletion will fail if the volume participates in data protection or is attached to a server.

●

When you delete a le pool, the underlying related block pool is deleted.

●

When you delete a server, the server is disassociated from Storage Advisor. You will no longer be able to provision volumes to the server (or its WWNs). Server deletion will fail if it has volumes attached to it.

le systems, and shares and exports. Common actions can be

Inventory and resource information

Device Manager - Storage Navigator

Device Manager - Storage Navigator (HDvM - SN) is the application used to congure the

age system. It is factory-installed and runs on the service processor (SVP) connected

stor to the storage system.

You can access Device Manager - Storage Navigator from the management software to perform additional system administration tasks on your storage system besides those available in the maintenance utility. In addition, you can easily access advanced storage conguration options while performing management operations with the management software.

In addition to the information in this guide, the HDvM - SN online help has procedures for setting up and managing the storage system.

Chapter 1: System administration overview

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 27

Maintenance utility

The maintenance utility allo or VSP Fx00 models. You can access this tool from either HDvM - SN, SMU, or the management software.

You can use the maintenance utility to congure settings such as licenses, syslog, alerts, and network conguration. As shown in the following gure, these settings are available

om the Administration navigation tree.

ws you to perform administration tasks on VSP Gx00 models

Chapter 1: System administration overview

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 28

NAS Manager

The maintenance utility online help provides procedural information for supported storage system administration tasks. Links to storage system tasks, search functions, and a glossary are included.

NAS Manager

NAS Manager application running on the NAS module.

NAS Manager provides a web-based interface for managing stand-alone or clustered servers and their attached storage systems. This tool allows you to perform most administrative tasks from any client on the network using a network browser. To access NAS Manager, point your browser to the following URL: https://<unified- management-IP-address>:20443. You can also access NAS Manager from a command line interface. For information, see the Command Line Reference, which is accessible through the Documentation page of NAS Manager or the NAS Platform System Access Guide.

Note: Self-service features that are used to install and remove hardware components and to update the rmware are currently available for use only by customer support personnel or by authorized service providers.

is the element manager for NAS modules. It is a factory-installed

Chapter 1: System administration overview

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 29

Chapter 1: System administration overview

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 30

Chapter 2: Preparing your management software

Use the information in this chapter to prepare the management software you want to use to administer your storage system.

Configuring Storage Advisor

Storage Advisor is deployed on a virtual machine and accessed by a client computer.

After installing Storage Advisor on a virtual machine, you must perform the following tasks:

■

Change the root password

■

Log into Storage Advisor

■

Generate and install a signed SSL certicate

For more details about conguring Storage Advisor, see Hitachi Stor Started Guide.

Configuring Device Manager - Storage Navigator

To congure the storage system using Hitachi Device Manager - Storage Navigator, set up a client computer, and then log in to Hitachi Device Manager - Storage Navigator.

Setting up a management client

Before running Device Manager - Storage Navigator on a management client, certain web browser guidelines must be observed. Some guidelines apply to all browsers, while other are specic to Internet Explorer and servers running Windows.

Requirements for management clients

The De management clients.

The administrator's responsibilities include:

■

vice Manager - Storage Navigator administrator is responsible for setting up

Ensuring that Device Manager - Storage Navigator management clients run on supported versions of Windows and UNIX/Linux operating systems.

age Advisor Getting

■

Verifying that management clients can access and use Device Manager - Storage Navigator.

Chapter 2: Preparing your management software

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 31

■

Conguring the server if you use a physical or virtual server running on Windows as a management client.

General requirements

■

An SVP, required for system maintenance, must be connected to the storage system. Device Manager - Storage Navigator connects to the SVP through a TCP/IP network.

■

Several storage systems can be managed by one management client. Device Manager

- Storage Navigator must be set up for each storage system.

■

A maximum of 32 management clients (Device Manager - Storage Navigator) can access the same SVP concurrently.

■

Use thinnet coaxial cable for twisted-pair LAN connections. Maximum cable length is 607 feet (185 meters). For assistance, contact the customer support.

Requirements for Windows-based computers

General requirements

Note: The combinations of oper

ating system, architecture, browser, Java Runtime Environment, and Adobe Flash Player described below are xed requirements. Using other combinations or versions might produce unpredictable results such as the inability to operate program windows. Therefore, contact customer support to use other combinations or versions.

Hardware requirements

Item Requirement

Processor (CPU) Pentium 4 640 3.2 GHz or better

(Recommended: Cor

e2Duo E6540 2.33 GHz or better)

Memory (RAM) 2 GB or more

Recommended: 3 GB

Available storage space 500 MB or more

Monitor True Color 32-bit or better

Resolution: 1280 x 1024 or better

Keyboard and mouse You cannot use the mouse wheel feature.

Ethernet LAN card for TCP/IP network

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 32

100BASE-TX

1000BASE-T

Chapter 2: Preparing your management software

Software requirements

Requirements for Windows-based computers

Operating

system Architecture Browser

Windows 7 SP1 32 bit or 64 bit Internet Explorer

11.0

Windows 8.1 32 bit or 64 bit Internet Explorer

11.0

Google Chrome 48.0 or later

Windows 8.1 64 bit Internet Explorer

11.0

64 bit Internet Explorer

11.0

64 bit Google Chrome JRE 7.0 or later Installed as a plug-

Windows 10 64 bit Internet Explorer

11.0

64 bit Internet Explorer

11.0

Java Runtime

Environment (JRE)

JRE 7.0 Update 67 14.0

JRE 8.0 Update 71 20.0

JRE 7.0 20.0

JRE 7.0 21.0

in of W

JRE 7.0 20.0

JRE 7.0 21.0

Adobe Flash

Player

eb browser

64 bit JRE 7.0 or later Installed as a plug-

in of Web browser

Windows Server 2008 R2 (SP1)

Windows Server 2012 SP1

Windows Server 2012 R2 SP1

Windows Server 2016

64 bit Internet Explorer

11.0

64 bit Internet Explorer

10.0

64 bit Internet Explorer

11.0

64 bit Internet Explorer

11.0

JRE 7.0 Update 67 14.0

JRE 8.0 Update 111 24.0

Notes:

■

If the SVP supports Internet Protocol Version 6 (IPv6), you can specify IPv6 addresses.

■

Use Adobe Flash Player with the same architecture (32 bit or 64 bit) as the browser.

■

Only the latest version of Internet Explorer active on each OS is supported, according to Microsoft support policy.

■

The management client must be restarted after enabling Adobe Flash Player.

Chapter 2: Preparing your management software

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 33

Requirements for UNIX/Linux-based computers

Note: T install Java Runtime Environment (JRE).

o use Device Manager - Storage Navigator secondary windows, rst

Requirements for UNIX/Linux-based computers

Note: The combinations of oper Runtime Environment, and Adobe Flash Player described below are xed requirements. Using other combinations or versions might produce unpredictable results such as the inability to operate program windows. Therefore, contact customer support to use other combinations or versions. To see the latest platform listed in the applicable product documents, visit our web site from the following URL:

Hardware requirements

Item Requirement

Processor (CPU) Pentium 4 640 3.2 GHz or better

(Recommended: Cor

Memory (RAM) 2 GB or more

ating system, architecture, browser, Java

https://knowledge.hds.com/Documents.

e2Duo E6540 2.33 GHz or better)

Recommended: 3 GB

Available storage space 500 MB or more

Monitor Resolution: 1280 x 1024 or better

Keyboard and mouse You cannot use the mouse wheel feature.

Ethernet LAN card for TCP/IP network 100BASE-TX

1000BASE-T

Software requirements

Java Runtime

Operating system Architecture Browser

Solaris 10 32 bit Firefox 3.6.28 JRE 6.0 Update 20 10.3

Firefox 31 JRE 7.0 Update 67 11.2

Red Hat Enterprise Linux AS version 6.2

64 bit Firefox 3.6.28 JRE 6.0 Update 20 10.3

Firefox 35 JRE 7.0 Update 67 11.2

Environment (JRE)

Adobe Flash

Player

Chapter 2: Preparing your management software

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 34

Setting up TCP/IP for a rewall

Operating system Architecture Browser

Java Runtime

Environment (JRE)

Adobe Flash

Player

Notes:

■

IPv6 HT

■

Use Adobe Flash Player with the same architecture (32 bit or 64 bit) as the browser.

■

Device Manager - Storage Navigator supports Firefox 3.6.28, but the maintenance utility does not.

TPS connections from Firefox are not supported.

Note:

o use Device Manager - Storage Navigator secondary windows, rst install

T Java Runtime Environment (JRE).

Setting up TCP/IP for a firewall

o connect the management client and the SVP through a rewall, congure the rewall

T so that the TCP/IP port for the protocol you use becomes available.

When attaching installer must log in to the SVP of each storage system using separate Device Manager Storage Navigator sessions and separate web browser instances.

Device Manager - Storage Navigator to multiple storage systems, the

For details about setting up the SVP, see the Hardware Installation and Reference Guide for your storage system.

Configuring the web browser

To congure the client web browser, note the following:

■

The browser must allow rst-party, third-party, and session cookies.

■

Pop-up blocker and plug-ins must be disabled.

■

The management client must be connected to the network via LAN.

■

The version of Adobe Flash Player specied in the management client requirements must be installed.

Consult your browser's documentation for instructions.

Device Manager - Storage Navigator secondary windows

The Device Manager - Storage Navigator secondary window runs within the Java Runtime Environment (JRE). The secondary window opens when you select a menu on the Device Manager - Storage Navigator main window. The following functions and software applications use secondary windows:

■

Authentication function of LUN Manager

■

Data Retention Utility

■

Server Priority Manager

Chapter 2: Preparing your management software

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 35

Requirements for using HDvM - SN secondary windows

To use the Device Manager - Storage Navigator secondary window, you must enable it in advance. For details about enabling the secondary windo

Manager - Storage Navigator secondary window (on page 37) . By default, this setting is

disabled. When disabled, these functions and softwar menu on the Device Manager - Storage Navigator main window.

Google Chrome shows the message "This type of le can harm your computer. Are you sure you want to download <file name>.jnlp?" when you open the secondary window.

Click Save in the message window and save the object le. Then open the le. Continue the oper

ation though Java security warning is displayed when you open the le.

Note:

SJsvlSNStartServlet (<serial number>).jnlp is saved in the do

wnload folder. This le is duplicated every time you open the second window because this le is not overwritten or deleted automatically. Delete extraneous downloaded SJsvlSNStartServlet (<serial number>).jnlp conrm the download location, follow Chrome Menu > Settings > Show advanced settings

les periodically to prevent shortage of disc capacity. To

> Downloads.

w, see

e applications do not appear in the

Enabling the Device

Note:

Do not click for a while until the error (20020-108000) appears. Click OK to close the error and operate again.

If you don't want to wait for the error to appear, close Chrome and log in to Device Manager - Storage Navigator again.

The error also appears if you do not click Save or do not open the saved le for some time.

Discard in the message window, or you will be unable to operate

Requirements for using HDvM - SN secondary windows

This topic describes the conguration prerequisites for using Device Manager - Storage Navigator secondary windows.

Installing and configuring JRE

JRE must be installed and congured in a Windows or Unix environment. You can download JRE from

Path setting (UNIX)

erify that JRE is installed correctly by opening the ControlPanel.html le. It is located in

the JRE root directory. If the le opens, JRE is installed correctly.

http://www.oracle.com/technetwork/java/index.html.

Conguring JRE

On the JRE of each Device Manager - Storage Navigator management client, Java log le trace and logging must be enabled and caching must be disabled. The Java log le can help you troubleshoot a problem when an application error occurs in the Device Manager - Storage Navigator web client. Disabling the caching feature can help prevent complications when the software is updated. See the http://java.sun.com website for more information on conguring JRE through the Java Control Panel.

Chapter 2: Preparing your management software

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 36

Enabling the Device Manager - Storage Navigator secondary window

The Device Manager - Storage Navigator secondary window must be enabled before it can be used.

Before you begin

■

You must have Storage Administrator (View Only) role to perform this task.

■

Install and congure JRE.

ocedure

1. From the Settings menu, click Environmental Settings > Edit Information Display Settings. The Edit Information Display Settings window opens.

2. In the Secondary window eld, click Enable.

3. Click Apply.

Logging in to Device Manager - Storage Navigator

You can log in to Device Manager - Storage Navigator in dierent ways.

If you are an administrator, you can log in to Device Manager - Storage Navigator with a one-time only initial login.

If you are a super-user, you can log in rst to Device Manager - Storage Navigator to create other user accounts.

If you are a Device Manager - Storage Navigator and storage system user or administrator, you can log in normally.

Initial superuser login

Follow these instructions to log in as a superuser.

When logging on to Device Manager - Storage Navigator for the rst time, you must log on as a superuser to set up additional user accounts.

The superuser account has a built-in ID, which includes all permissions, and a default password.

Procedure

1. Call your local service representative to obtain the superuser ID and default

password.

2. In your web browser, specify the URL for your SVP:

https://I

P-address-or-host-name-of-SVP/sanproject/

To change the port number of the protocol from the initial value (443), specify the following URL:

https://I

3. Log in with the superuser ID and password.

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 37

P-address-or-host-name-of-SVP:port-number-of-the-protocol/

Chapter 2: Preparing your management software

4. T

Normal login

By logging in, you can manage users and licenses, create a login message, or edit advanced system settings.

Procedure

1. In your web browser, specify the following URL:

Normal login

o prevent unauthorized use of the superuser account, change the password immediately after you log in. Click Settings > User Management > Change Password to change your password.

After you log in, the Device Manager - Storage Navigator main window opens. You can navigate using the menu, tree, or General Tasks. Precise instructions for performing an operation can be found in the software user guides. Also, see Appendixes D through G, which describe the screens in the GUI.

https://I

P-address-or-host-name-of-SVP

If you changed the port number of the protocol HTTP from the initial value (443), specify the following URL:

https://I

P-address-or-host-name-of-SVP:port-number-of-the-protocol-

HTTPS/

If the loading window displays in Device Manager - Storage Navigator, wait until the service status changes to Ready (Normal). At that time, the login window displays automatically. The following is an example of the loading window.

2. The follo

wing actions might be required to open the login dialog box, depending on

your environment:

■ If a message indicates that the enhanced security conguration is enabled on the

management client, select In the future, do not show this message and click OK.

■ If the SVP is set to support SSL-encrypted communication and security messages

appear, make sure the certicate is correct and follow the instructions in the dialog box.

■ If a message indicates that certain web sites are blocked, follow instructions in

Adding your SVP to the trusted sites zone for Windows Server computers (on page 39) .

■ If multiple stor

age systems are connected, a window which allows selection of

the storage system is displayed. Select the storage system you want to connect.

Chapter 2: Preparing your management software

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 38

Changing your password

3. When the Stor The Device Manager - Storage Navigator login window appears.

4. Type the user ID and password.

5. Click Login.

6. If the Security Information dialog box appears, click Yes.

7. If a local storage area pop-up dialog box of Adobe Flash Player Setting appears, click Allow to open the Device Manager - Storage Navigator main window. The cache

function of Adobe Flash Player optimizes the process of Device Manager - Storage Navigator. Denial of the request might delay the processing speed of Device Manager - Storage Navigator.

After you log in, the Device Manager - Storage Navigator main window opens. You can navigate using the menu, tr performing an operation can be found in the software user guides. Also, see Appendixes D through G, which describe the screens in the GUI.

age Device List window opens, select the storage system.

ee, or General Tasks. Precise instructions for

Note: If login fails thr Storage Navigator stops responding for one minute. This is for security purposes and is not a system failure. Wait, then try again. The roles and resource groups for each user are set up ahead of time and will be available to you when you log in to Device Manager - Storage Navigator. If the roles or resource allocations for your username are changed after you log in, the changes will not be eective until you log out and log back in again. When you use a web browser for a long period of time, memory is heavily used. We recommend closing or logging out of Device Manager

- Storage Navigator after you are nished using it.

ee times with the same user ID, Device Manager -

Changing your password

After the administr password after you log in.

Procedure

1. Log in to Device Manager - Storage Navigator with the user ID and password given

to you by the administrator.

2. Click Settings > User Management > Change Password to change your password.

ator gives you a user ID and password, you should change the

Adding your SVP to the trusted sites zone for Windows Server computers

If you are using Device Manager - Storage Navigator on a Windows Server computer, the following message may appear during login. If it does, you must add the SVP to the trusted sites zone.

The message below may appear dierently depending on the Windows version you are using.

Chapter 2: Preparing your management software

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 39

Procedure

Accessing the maintenance utility

1. Click Add in the message dialog bo

x. The Trusted Sites dialog box opens.

2. In Add this web site to the zone, enter the URL of the SVP that you want to log in to. For example, if the host name is host01, the URL is http://host01. If the IP address is 127.0.0.1, the URL is http://127.0.0.1.

3. Click Add to add the URL of the SVP to the web sites list.

4. Click Close to close the dialog box.

Accessing the maintenance utility

To congure the storage system using the maintenance utility, start the maintenance utility fr

om Hitachi Device Manager - Storage Navigator or the management software.

Note:

■

Click Maintenance Utility

■

To display the help, the settings for enlarging and reducing the display

in the window to see the help menu for the description of the

might not be reected in the help window, depending on the type or version of your browser.

Chapter 2: Preparing your management software

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 40

Starting from Hitachi Command Suite

ocedure

1. Start Hitachi Command Suite.

2. In the Hitachi Command Suite main window, click the Resources tab, and then click Storage Systems from the tree view.

3. Expand the tree, and then right-click a storage system and click Other Functions.

4. In Hitachi Device Manager - Storage Navigator, click the Maintenance Utility menu, and then click Hardware to start the maintenance utility.

Starting from Hitachi Device Manager - Storage Navigator

Procedure

1. Launch a web browser from the console PC connected to the SVP, and then start

Device Manager - Storage Navigator.

2. Enter the following URL in the address eld of your browser, and then press Enter:

http://[IP address of SVP]/module/sn2/0/index.do

3. In the Stor system.

4. Log in to Device Manager - Storage Navigator.

5. On the Maintenance Utility menu, click Hardware.

age Device List window, click the picture of the registered storage

6. Select the menu for the part that needs to be replaced (see the following table).

Chapter 2: Preparing your management software

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 41

Accessing a storage system without management software

Menu Replace part

Cache Memory replacement/installation

Cache memory installed on controller 1.

for CTL1

Cache Memory replacement/installation

Cache memory installed on controller 2.

for CTL2

Other hardware maintenance Component other than a controller, fan,

and LAN blade.

Accessing a storage system without management software

You can use the administrator account created during the initial setup to use HDvM - SN temporarily to access the storage system. You can then perform critical storage management operations during a planned maintenance activity or an unexpected downtime on the management server.

Before you begin

■

You must have an administrator login account with permissions equal to or higher than Administrator User Group has. For information about creating user accounts, see Creating user accounts (on page 77) in this manual, and the Har Guide for your system model.

■

Adobe Flash Player must be congured on the client to use HDvM - SN.

dware Reference

Note: T

o obtain the administrator login information, contact customer

support.

Procedure

1. Start a web browser.

2. Enter the following URL:

■ For the VSP G200 storage system, enter:

https://IP-address-or-host-name-of-the-SVP/dev/storage/ 8320004XXXXX/emergency.do (where the model number is '8320004' and '4XXXXX'

indicates the system serial number)

■ For VSP G400, G600 and VSP F400, F600 storage systems, enter:

https://IP-address-or-host-name-of-the-SVP/dev/storage/ 8340004XXXXX/emergency.do (where the model number is '8340004' and '4XXXXX'

indicates the system serial number)

■ For VSP G800 and VSP F800 storage systems, enter:

https://IP-address-or-host-name-of-the-SVP/dev/storage/ 8360004XXXXX/emergency.do (where the model number is '8360004' and '4XXXXX'

indicates the system serial number)

3. The following actions might be required to open the login dialog box, depending on your environment:

Chapter 2: Preparing your management software

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 42

Accessing a storage system without management software

■ If a message indicates that the enhanced security conguration is enabled on the

computer, select In the futur

■ If the SVP is set to support SSL-encrypted communication and security messages

e, do not show this message and click OK.

appear, make sure the certicate is correct and follow the instructions in the dialog box.

■ If a messages indicates that certain web sites are blocked, make sure you have

added the SVP to the trusted sites zone.

4. Enter a user ID and password for the account.

5. Click Log In.

6. If the Security Information dialog box appears, click Yes.

7. If an Adobe Flash Player local storage area pop-up dialog box appears, click Allow to

open the Device Manager - Storage Navigator main window. The cache function of Adobe Flash Player optimizes the process of Device Manager -

Storage Navigator. Denial of the request might reduce processing speed.

Note: If the login pr

ocess fails three times with the same user ID, Device Manager - Storage Navigator will stop responding for one minute. This is for security purposes and is not a system failure. Wait, and then try again.

Chapter 2: Preparing your management software

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 43

Chapter 2: Preparing your management software

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 44

Chapter 3: Configuring the storage system

When conguring the storage system, you must set storage system information, set up security

This chapter provides information about conguring the storage system.

System administration tasks at a glance

The following table summarizes key system administration tasks. The tool used to perform these tasks depends on whether the storage system contains NAS modules.

, and register the SVP.

Table 2 System administration tasks at a glance

Task

Block-only storage

systems (no NAS

modules installed)

Block and file storage systems

(NAS modules installed)

Set IPv4 and IPv6 network settings and

TP blocking

set HT

Set system clock (date and time)

Congure audit log settings

Congure alert notications

Maintenance utility

See

Changing network

communication settings (on page 49)

Maintenance utility

See

Changing the date

and time (on page 48)

Maintenance utility

See Audit log settings

(on page 199)

Maintenance utility

See

Alert notications

(on page 177)

IP addresses cannot be added, deleted, or Manager. To change these addresses, use the maintenance utility.

NAS Manager

See Changing the system date and

time of the NAS Modules (on page 55)

NAS Manager

See the File Services Administr

Guide (MK-92HNAS006) and the Server and Cluster Administration Guide (MK-92HNAS010)

NAS Manager

See the Server and Cluster

Administr

(MK-92HNAS010)

modied in the NAS

ation

ation Guide

Changing link aggregation

Chapter 3:

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 45

N/A NAS Manager

See the Network Administration Guide (MK-92HNAS008)

Conguring the storage system

Task

Block-only storage

systems (no NAS

modules installed)

System administration tasks at a glance

Block and file storage systems

(NAS modules installed)

Change administrator passwor

Edit the login message Maintenance utility

Select the SSL cipher suite

Update certicate les Maintenance utility

Force the system lock to release

Maintenance utility

See

Conguring the

storage system (on page 45)

See

Conguring the

storage system (on page 45)

Maintenance utility

See

Conguring the

storage system (on page 45)

See

Conguring the

storage system (on page 45)

Maintenance utility

See

Conguring the

storage system (on page 45)

NAS Manager

See the Network Administr Guide (MK-92HNAS008)

NAS Manager

See the Network Administr Guide (MK-92HNAS008)

NAS Manager

See the Network Administr Guide (MK-92HNAS008)

NAS Manager

See the Network Administr Guide (MK-92HNAS008)

NAS Manager

See the Network Administr

Guide (MK-92HNAS008)

ation

User administration add, manage, and delete storage system users

Manage user groups Device Manager -

Device Manager Storage Navigator

See

Managing users,

user groups, and accounts (on page 75)

age Navigator

Stor

See

Managing users, user groups, and accounts (on page 75)

NAS Manager

See User Administration for NAS

Manager (on page 130)

NAS Manager

See User Administration for NAS

Manager (on page 130)

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 46

Task

Block-only storage

systems (no NAS

modules installed)

System administration tasks at a glance

Block and file storage systems

(NAS modules installed)

Registration Device Manager -

age Navigator to

Stor register the service processor host name.

See

Registering the primary SVP host name (on page 51)

Change storage system information

Manage SSL certicates: create keypairs, obtain, update, and r certicates, verify and release passphrases

Manage HCS certicates Device Manager -

eturn

Device Manager Storage Navigator

See

Setting storage system information (on page 52)

Device Manager Storage Navigator

See

Managing HCS certicates (on page 145)

age Navigator

Stor

NAS Manager to register the service.

See the Server and Cluster

Administr

(MK-92HNAS010)

N/A

ation Guide

Manage HDvM - SN conguration

Manage authorization and authentication servers

Create LDAP, RADIUS, and Kerber

conguration les

les

See

Managing HCS certicates (on page 145)

Device Manager Storage Navigator

See

Backing up HDvM

- SN conguration les (on page 52)

Device Manager Storage Navigator

See

Setting up authentication and authorization (on page 157)

Device Manager Storage Navigator

See

Authentication server protocols (on page 158)

NAS Manager

See the Server and Cluster

Administr

(MK-92HNAS010)

N/A

NAS Manager

See the Server and Cluster

Administr

(MK-92HNAS010)

ation Guide

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 47

Task

System administration using the maintenance utility

Block-only storage

systems (no NAS

modules installed)

Block and file storage systems

(NAS modules installed)

Installing licenses Maintenance utility

See License keys (on

page 187)

Enabling and disabling licenses

Removing licenses Maintenance utility

Maintenance utility

See License keys (on

page 187)

See License keys (on

page 187)

NAS Manager

See License keys (on page 187)

NAS Manager

See License keys (on page 187)

NAS Manager

See License keys (on page 187)

System administration using the maintenance utility

Changing the date and time

To keep the date and time on the storage system controller, the SVP, and NAS modules in sync, you must change the date and time settings on all. This section includes procedures to change all settings.

Changing the controller clock settings

Complete the following steps to change the date and time on the storage system controller.

Before you begin

■

You must have the Storage Administrator (View & Modify) role to perform this task.

Procedure

1. In the maintenance utility Administration tree, select Date & Time.

The current settings are displayed.

2. Click Set Up.

3. Change the settings as needed, and either click Apply to save them, or click Cancel

to close the window without saving the changes.

Changing the SVP clock settings

Complete the following steps to change the Windows 7 date and time on the SVP.

Before you begin

■

The management console is connected to the LAN 2 port on the SVP.

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 48

Enabling IPv6 communication

■

The console has established a r

■

The management utility window is displayed on the console.

On the management console that is connected to the SVP:

Procedure

1. On the Windows 7 desktop, click Start > Control Panel.

2. Click Clock, Language, and Region.

3. Click Date and Time.

4. Click Change date and time. The Date and Time Settings window opens.

5. Set the date and time, then click OK to save the settings and close the window.

Enabling IPv6 communication

You can use IPv6 to set communication between the management client and the SVP.

You should assign the SVP the same type of IP addresses (IPv4 or IPv6) that are used on the storage system. You must also congure the client computers with the same IP version that you assign to the SVP both the management client and the SVP.

If you use IPv6 to display the Device Manager - Storage Navigator main window when both IPv4 and IPv6 are available, IPv6 addresses are displayed in the Device Manager Storage Navigator secondary window but IPv4 communication is actually used.

emote desktop connection with the SVP.

. In addition, use the same communication options for

The following topics provide brief instructions on conguring IPv6 communication.

Note: If the SVP uses IPv6, you must congure management clients to use IPv6 for communication. Consult your oper instructions.

Changing network communication settings

This pr communication with an SVP

Procedure

ocedure explains how to congure a management client to use IPv6 for

1. In the maintenance utility, click Administration to expand the Administration navigation pane.

2. Click Network Settings. The Network Settings window displays the current network settings and

permissions.

3. In the Network Settings window, click Set Up Network Settings. The Network Settings dialog box displays the current settings for the Mac address,

IPv4 and IPv6 settings, and the network connection mode for both controllers 1 and

2. It also displays the current settings for the maintenance port and the storage system internal network.

4. Change the settings as needed and click Apply. The dialog box closes and returns you to the Network Settings window.

ating system's documentation for

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 49

Changing network permissions

This procedure explains how to block or allow HTTP blocking.

Procedure

1. In the maintenance utility, click Administration to expand the Administration

navigation pane.

2. Click Network Settings. The Network Settings window displays the current network settings and permissions.

3. In the Network Settings window, click Set Up Network Permissions.

4. To enable HTTP blocking, click Enable. To disable HTTP blocking, click Disable.

5. Click Apply. The dialog box closes and returns you to the Network Settings

window.

Creating a login message

Before you begin

You must have the Storage Administrator (View & Modify) role to complete this procedure.

Changing network permissions

Procedure

1. In the maintenance utility Menu navigation tree, click System Management.

2. Click Edit Login Message.

3. Enter a message to be displayed at the time of login. The message can contain up to

2,048 char

4. Click Apply to save the message and close the dialog box.

acters. A line break is counted as one character.

Forcing the system lock to release

When a user locks the system, other users cannot log in or access the system. This feature can be used to ensure that no changes to the system can be made while maintenance or upgrade procedures are in process.

Caution: Befor not cause system problems due to processes that are currently running. Releasing the system lock can terminate a process before it completes and possibly leave the system in an unknown state. Check with any users that are

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 50

e using this feature, ensure that releasing the system lock will

Chapter 3: Conguring the storage system

Registering the primary SVP host name

logged on. Wait until their processes are complete before releasing the system lock.

Before you begin

ou must have the Storage Administrator (View & Modify) role to complete this

Y procedure.

Procedure

1. In the maintenance utility Menu navigation tree, click System Management.

2. Click For

ce Release System Lock.

3. A warning message is displayed. Verify that releasing the lock will not cause data

loss or other problems. To release the system lock, click OK. Click Cancel to close the dialog box without releasing the system lock.

Registering the primary SVP host name

ou must register the primary SVP host name before completing any of the following

Y tasks.

■

Specify a host name instead of an IP address when accessing Device Manager Storage Navigator.

■

Obtain the public key certicate for SSL-encrypted communication from the CA (Certicate Authority). You must register the server name as the host name to the

DNS server or the hosts le. The server name is entered in the certicate as a common name.

Chapter 3:

Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 51

System administration using Device Manager - Storage Navigator

Enter the SVP host name and IP address in the DNS server or the hosts le of the management client. Y

ou can register any host name to the DNS server or the hosts

le, but there are restrictions on the letters you can use for the host name.

■

DNS setting: You must register the IP address and host name of the SVP to the DNS server that manages the network to which the SVP is connected.

■

Hosts le setting: You must enter the IP address and host name of the SVP to the hosts le of the management client. The general directory of the hosts le is:

●

Windows 7: C:\Windows\System32\drivers\etc\hosts

●

UNIX: /etc/hosts

System administration using Device Manager - Storage Navigator

Setting storage system information

You can set the name, contact information, and location of the storage system.

Caution: When changing a setting mor

e than once, ensure that the current setting is complete before changing it again. Otherwise, only the new change will be applied, and the result might be dierent from what you expected.

Procedure

1. In the Device Manager - Storage Navigator Storage Systems tree, select the storage

system.

2. From Settings, click Environmental Settings > Edit Storage System.

3. Enter the items that you want to set.

You can enter up to 180 alphanumeric characters (ASCII codes) excluding several symbols (\ , / ; : * ? " < > | & % ^). Do not use a space at the beginning or the end.

4. Click Finish.

5. In the Conrm window, check the settings and enter a task name in Task Name.

6. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Task window opens to show the status of the task.

Backing up HDvM - SN configuration files

Before replacing an SVP, you must make a backup copy of the Device Manager - Storage Navigator conguration les on the SVP. You can then use the backup copy to restore the conguration le if it becomes necessary, or to congure a replacement SVP if one fails.

The following conguration items can be backed up and restored. Before you create the backup, ensure that the settings are correct.

■

Device Manager - Storage Navigator environment parameters

■

Authentication server connection settings

■

Key management server connection settings

■

Password policy when backing up the management client encryption key

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 52

Restoring HDvM - SN conguration les

■

Display settings (table width) for each De

■

Device Manager - Storage Navigator login warning messages

■

Device Manager - Storage Navigator task information

■

SMI-S application settings

■

SSL certication for HTTPS/SMI-S/RMI

e you begin

Befor

■

You must have the Storage Administrator (Initial Conguration) role to perform this

vice Manager - Storage Navigator user

task.

■

You must be logged into the SVP.

Procedure

1. Stop all services running on the storage system.

2. Open a command prompt window with administrator permissions.

3. In the folder where the .bat le is located, execute the following command:

C:\MAPP\wk\Supervisor\MappIniSet>MappBackup.bat absolute-path-ofbackup-file

Note:

■ The backup le must be in .tgz format.

■ A space is r

equired between .bat le and the path to the backup le.

4. A completion message displays. Click any key to continue.

5. Close the command prompt window.

Tip:

■ If you do not specify a folder in which to save the le, the system

automatically cr

eates a default le in the following location:

SVP-root\wk\Supervisor\MappIniset \LogsyyyyMMddHHmmss.tgz

where yyyyMMddHHmmss is the year, month, date, and time that the le was created.

■ The backup le is compressed and uses the .tgz format. Use a tool

that supports tar and gzip to extract the data from the .tgz le.

6. Save the backup le to another computer or external memory device such as a USB ash memory or hard drive.

Restoring HDvM - SN configuration files

You can use a saved copy of a conguration le to restore the active conguration le if it becomes necessary, or to congure a replacement SVP if one fails.

Before you begin

■

The storage systems registered in the SVP you backed up are registered in a new SVP.

■

The services on the storage system are stopped.

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 53

Changing the administrator password

■

The SVP is congured so that the service does not start automatically when starting the system. See the Har

dware Reference Guide for your storage system model for

information about the SVP conguration method.

Procedure

1. Copy the backup le to any folder in the SVP.

2. Open a command prompt window with administrator permissions.

3. In the folder where the .bat le is located, enter

C:\MAPP\wk\Supervisor\MappIniSet>MappRestore.bat absolute-pathof-backup-file

Note:

■ The backup le must be in .tgz format.

■ A space is r

equired between MappRestore.bat and the path to the

backup le.

4. A completion message displays.

ype a key to close the message, and then close the command prompt.

5. T

6. Set the service to run automatically when starting the SVP.

7. Reboot the SVP. It takes about 10 minutes to complete the startup process.

Changing the administrator password

Before you begin

■

Before changing the password of a user account specied by the registered storage system in the Storage Device List window, click Stop Service for the registered storage system. After changing the password of the user account, click Edit and set the new password, then click Start Service for the storage system.

Procedure

1. In the maintenance utility Menu navigation tree, click System Management.

2. Click Change Passwor

3. Enter your current password and a new password. Enter the password again in the Re-enter Password eld.

4. Click Finish.

Chapter 3:

Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 54

System administration using NAS Manager

Changing the system date and time of the NAS modules

When the system date and time are set by NAS Manager, they are also reected in the system date and time of the stor

age system.

Tip: See the Hitachi NAS Platform Server and Cluster Administr more details about changing the system date and time of the NAS modules.

Procedure

1. Log on to NAS Manager.

2. Click Server Settings.

3. In the Server Settings window, click Date and Time.

ation Guide for

4. In the Date and Time window, set the time and date. Setting the date and time with the NTP server:

a. Select a time zone in Time Zone eld. b. Enter the IP address or the name of the NTP server in NTP Server IP/Name

eld, and then click add. When using the Active Dir

NTP server.

When setting without using the NTP server:

a. Enter time in Time eld. b. Enter date in Date eld.

5. Conrm the settings and click apply.

Chapter 3:

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 55

Conguring the storage system

ectory server, enter the IP address or the name of the

Miscellaneous system administration considerations

ou do not have to enter Time and Date because the settings are

Tip: Y acquired from the NTP server.

6. Click OK. The window changes to the Login window a few minutes later.

Miscellaneous system administration considerations

Modifying SVP port numbers

You can change SVP port numbers to any arbitrary number. This is optional. You can also initialize the settings to the original status by initializing the port number.

For SVP rmware 83-03-01-XX/00 or later, some ports are automatically assigned unused port numbers.

You can change the automatically assigned port numbers:

■

To check automatically assigned port numbers, see

SVP (on page 57) .

■

o change an automatically assigned port number, see

assigned port number (on page 61) .

■

o return a port to its automatically assigned port number, see

reassigning an automatically assigned port number (on page 62) .

■

o change the range of port numbers used for automatic assignment, see

the range of an automatically assigned port number (on page 62) .

■

o return the range of port number for automatic assignment to its original range,

T see

Initializing the range of an automatically assigned port number (on page 63) .

Viewing the port number used in

Reassigning an automatically

Initializing and

Changing

Note: Perform this task only if an SVP port number is used b

y another

application.

You need to verify the eects before you modify an SVP port number. See

Eects of

changing service processor port number (on page 58) .

The follo

wing table describes the port number key names and the initial value of the port

number.

Port number key

name Protocol

Initial port

number

Corresponding SVP

software version

MAPPWebServer HTTP 80 83-01-20-XX/00 or later

MAPPWebServerH

HTTPS 443 83-01-20-XX/00 or later

ttps

RMIClassLoader RMI 51099 83-01-20-XX/00 or later

RMIClassLoaderHt

RMI (SSL) 5443 83-01-20-XX/00 or later

tps

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 56

Viewing the port number used in SVP

Port number key

name Protocol

RMIIFRegist RMI 1099 83-01-20-XX/00 or later

PreRMIServer RMI 51100 83-01-20-XX/00 or later

DKCManPrivate RMI 11099 83-01-24-XX/00 or later

SLP SLP 427 83-01-24-XX/00 or later

SMIS_CIMOM SMI-S 5989 83-01-20-XX/00 or later

CommonJettyStart HTTP 8080 83-01-24-XX/00 or later

CommonJettyStop HTTP 8210 83-01-24-XX/00 or later

RestAPIServerStop HTTP 9210 83-01-24-XX/00 or later

DeviceJettyStart HTTP 8081 83-01-24-XX/00 or later

Initial port

number

Automatically assigned

Corresponding SVP

software version

83-03-01-XX/00 or later

DeviceJettyStop HTTP 8211 83-01-24-XX/00 or later

Viewing the port number used in SVP

You can view the port number used in SVP.

Procedure

1. Open the Windows command prompt as administrator on the SVP.

2. In the folder where the .bat le is located, execute the following command:

C:\MAPP\wk\Supervisor\MappIniSet>MappPortRefer.bat serial-number (optional)

Note:

A space is r

equired between .bat le and the serial number.

Automatically assigned

83-03-01-XX/00 or later

If you omitted the serial number, information of every storage system that is registered in the Storage Device List window is displayed.

For the port on which the port number information is not allocated, Not Dened is displayed and a completion message displays.

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 57

ess any key to acknowledge the message and close the message box.

3. Pr

4. Close the Windows command prompt.

Effects of changing SVP port numbers

Set the rewall settings of the management client according to new SVP port numbers.

The following table describes the eects for each port number.

Port number key name Effects

Eects of changing SVP port numbers

User reference guide on

changing the SVP port

number

MAPPWebServer

MAPPW

RMIClassLoader When you execute the

RMIIFRegist When you execute the

ebServerHttps

Changes the method to specify URL for Device Manager - Storage Navigator login

In Hitachi Command Suite:

ou must change the HCS

Y port number to be the same number.

Export Tool command, you must specify a port number. The port number should be the one you have specied for the el.dlport operand of the java command, which was used for downloading the Export Tool.

Export T must specify the IP address and new port number of the SVP for IP-sub- command.

ool command, you

See

Logging in to Device Manager - Storage Navigator (on page 37) .

Hitachi Command Suite Installation and Conguration Guide

Performance Guide

(Performance Monitor, Server Priority Manager)

In Hitachi Command Suite:

You must change the HCS port number to the same number.

PreRMIServer None None

DKCManPrivate None None

Chapter 3:

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 58

Conguring the storage system

Hitachi Command Suite Installation and Conguration Guide

Port number key name Effects

Changing the SVP port number

User reference guide on

changing the SVP port

number

SLP You must change the SMI-S

port number to the same

Hardware Reference Guide

for your stor

number.

SMIS_CIMOM You must change the SMI-S

port number to the same

Hardware Reference Guide

for your stor

number.

If the storage system is 83-03-01-XX/00 or later, check the port number which is used after registering the storage system. For detail, see

Viewing the port number used in SVP (on page 57) .

CommonJettyStart None None

CommonJettyStop None None

RestAPIServerStop None None

DeviceJettyStart None None

age system

DeviceJettyStop None None

Changing the SVP port number

You can change the SVP port number to any arbitrary number. After changing the port number, the SVP will be restarted.

Before you begin

■

Remote desktop connection from the management client to SVP has been performed.

■

The range of the available port number is from 1 to 65535. Make sure the new port number is not duplicated with the number used in another application.

■

You can enter multiple instances of port-number-key-name and port-number. For example:

MappSetPortEdit.bat MAPPWebServer 81 MAPPWebServerHttps 444

■

The management

path-to-tool\

le of the SVP port number is stored in the following location:

mpprt\cnf\mappsetportset.properties

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 59

Initializing the SVP port number

Note:

■

Do not change the management le of the port number.

■

Close the management le of the port number while executing the command for changing or initializing.

■

If the SVP softwar

e version of the registered storage system does not

support changing the port number, update the SVP software.

■

Port numbers 1 to 1023 are reserved for other application programs, so do not use these numbers. If you use these numbers and encounter a problem, change the number to 1024 or higher.

■

The following port numbers cannot be used for MAPPWebServer or MAPPWebServerHttps:

2049, 4045, 6000

Procedure

1. Close all Device Manager - Storage Navigator sessions on the SVP.

2. Open the Windows command prompt as administrator on the SVP.

3. In the folder where the .bat le is located, execute the following command:

C:\MAPP\wk\Supervisor\MappIniSet>MappSetPortEdit.bat p name port-number

Note:

■ A space is r

number-key-name.

■ A space is required between port-number-key-name and port-number.

4. A service r

estart message box displays, followed by a completion message box.

Press any key to acknowledge the message and close the message box.

5. Close the Windows command prompt.

Initializing the SVP port number

You can initialize the SVP port settings and restore to the original status. After initializing the port number, the SVP will be restarted.

To initialize the automatically assigned port number: See

automatically assigned port numbers (on page 62)

Befor

e you begin

Remote desktop connection from the management client to SVP has been performed.

ort-number-key-

equired between MappSetPortEdit.bat and port-

Initializing and reassigning

Procedure

1. Close all Device Manager - Storage Navigator sessions on the SVP.

2. Open the Windows command prompt on the SVP.

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 60

Reassigning an automatically assigned port number

3. In the folder wher

e the .bat le is located, execute the following command:

C:\MAPP\wk\Supervisor\MappIniSet>MappSetPortInit.bat

4. An initialization conrmation message box displays. If you want to continue, enter Y, and then pr

ess the Enter key. If you want to cancel

the task, enter N, and then press the Enter key.

5. A service restart message box displays, followed by a completion message box. Press any key to acknowledge the message and close the message box.

6. Close the Windows command prompt.

Reassigning an automatically assigned port number

You can reassign the port number that is automatically assigned to the storage system.

If the port number assigned to the storage system is used in another application, the port number is reassigned. Also, if you disabled the automatic assign, this deletes the unnecessary port number that is already assigned.

Caution:

■

Stop the stor before reassigning, stop the storage system service in Storage Device List window, then start the service.

■

The port for DeviceJettyStart and DeviceJettyStop that is assigned when starting the storage system service cannot be reassigned.

■

If you disable the function which is using the port, this deletes the port number that is already assigned.

age system service before reassigning. If you did not stop

Procedure

1. Logout from Device Manager - Storage Navigator on the storage system that you

want to reassign.

2. Stop the service of the storage system that you want to reassign.

3. Open the Windows command prompt as administrator on the SVP.

4. In the folder where the .bat le is located, execute the following command:

C:\MAPP\wk\Supervisor\MappIniSet>MappPortManageRenum.bat serial- number (optional)

Note: A space is r

equired between MappPortManageRenum.bat and

serial-number.

If you omitted the serial number, it is executed for the storage system of 83-03-01XX/00 or later that is r

egistered in the Storage Device List window.

5. A conrmation message box displays. If you want to continue, enter Y, and then press the Enter key. If you want to cancel

the task, enter N, and then press the Enter key.

6. Press any key to acknowledge the message and close the message box.

7. Close the Windows command prompt.

8. Start the service of the storage system which is reassigned.

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 61

Initializing and reassigning an automatically assigned port number

You can initialize the port number that is automatically assigned to the storage system.

Caution:

■

Procedure

Stop the service of the stor Storage Device List window before initializing.

If you did not stop before initializing, execute

assigned port number (on page 61) .

age system which has the status Ready in the

Reassigning an automatically

1. Logout fr

om Device Manager - Storage Navigator.

2. Stop the service of all the storage systems which have the status Ready in the Storage Device List window.

3. Open the Windows command prompt as administrator on the SVP.

4. In the folder where the .bat le is located, execute the following command:

C:\MAPP\wk\Supervisor\MappIniSet>MappPortManageInit.bat

5. A conrmation message box displays.

■ If you want to continue, enter Y, and then press the Enter key.

■ If you want to cancel the task, enter N, and then press the Enter key.

6. Press any key to acknowledge the message and close the message box.

7. Reassign the port number.

C:\MAPP\wk\Supervisor\MappIniSet>MappPortManageRenum.bat serial- number (optional)

Note:

A space is required between MappPortManageRenum.bat and serialnumber.

If you omitted the serial number, the batch le is run for the storage system of 83-03-01-XX/00 or later which is registered in Storage Device List window.

8. A conrmation message box displays.

■ If you want to continue, enter Y, and then press the Enter key.

■ If you want to cancel the task, enter N, and then press the Enter key.

9. Press any key to acknowledge the message and close the message box.

10. Reassign the port number for all the registered storage systems by executing Steps

7 through 9.

11. Close the Windows command prompt.

12. Start the service of the storage system.

Changing the range of an automatically assigned port number

You can change the range of the port number that is automatically assigned to the storage system.

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 62

Procedure

Initializing the range of an automatically assigned port number

1. Open the Windo

ws command prompt as administrator on the SVP.

2. In the folder where the .bat le is located, execute the following command:

C:\MAPP\wk\Supervisor\MappIniSet>MappPortRangeSet.bat port-numberkey-name port-number-range

Note:

■ A space is r

equired between MappPortRangeSet.bat and port-

number-key-name.

■ A space is required between port-number-key-name and port-number-

range.

The following table shows the port number key name and initial value of the port number range which can be changed. Port 0 is not assigned.

Port number key name Initial value of port

Remark

number range

PreRMIServer 51100 to 51355 None

SMIS_CIMOM 5989 to 6244 None

DeviceJettyStart 48081 to 48336 None

DeviceJettyStop 48411 to 48666 None

unavailable 1 to 1023 Port number that is not

used in automatic assign

■ The valid r

ange of the port number is between 1 and 65535. Use a port number

that is not used in another service.

■ Port numbers between 1 and 1023 are reserved for the other applications. If you

exclude a number between 1 and 1023 from the setting value of unavailable, the port numbers might not operate normally.

■ The following can be used for the port number range:

Numbers, space, symbols (, -) and rm

■ You can specify multiple port-number-key-name and port-number-range.

For example: MappPortRangeSet.bat PreRMIServer 51200-55000 SMIS_CIMOM 5989-6244,8000

3. Press any key to acknowledge the message and close the message box.

4. Close the Windows command prompt.

Initializing the range of an automatically assigned port number

You can initialize the range of the port number that is automatically assigned to the storage system.

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 63

Procedure

1. Open the Windo

ws command prompt as administrator on the SVP.

2. In the folder where the .bat le is located, execute the following command:

C:\MAPP\wk\Supervisor\MappIniSet>MappPortRangeInit.bat

3. A conrmation message box displays.

■ If you want to continue, enter Y, and then press the Enter key.

■ If you want to cancel the task, enter N, and then press the Enter key.

4. Press any key to acknowledge the message and close the message box.

5. Close the Windows command prompt.

Chapter 3: Conguring the storage system

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 64

Chapter 4: User administration

This chapter describes various user roles, permissions, and groups available to manage your storage system.

User administration for maintenance utility

The maintenance utility allows you to set up and manage user accounts.

Required roles for operating Maintenance Utility

You can control the availability of using each operation window of Maintenance Utility for a user by registering the user in the user group and assigning the user with the appropriate role.

The following table lists the required roles for using specic Maintenance Utility

ation windows.

oper

Maintenance Utility operation window Required role name

Initial Setting Wizard Storage Administrator (Initial

Conguration)

Set Up System Information Storage Administrator (Initial

Conguration)

Firmware Support Personnel or User Maintenance

User Administration Security Administrator (View & Modify)

Alert Notications Storage Administrator (Initial

Conguration)

Set Up Date & Time Storage Administrator (Initial

Conguration)

Set Up Network Settings Storage Administrator (Initial

Conguration)

Licenses Storage Administrator (Initial

Conguration)

Audit Log Settings Audit Log Administrator (View & Modify)

on/o Locate LEDs Support Personnel or User Maintenance

Turn

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 65

Setting up user accounts

Maintenance Utility operation window Required role name

Power on Storage System Support Personnel or User Maintenance

Power

o Storage System Support Personnel or User Maintenance

Edit UPS Mode Support Personnel or User Maintenance

Edit Login Message Storage Administrator (Initial

Conguration)

Select Cipher Suite Security Administrator (View & Modify)

Update Certicate Files Security Administrator (View & Modify)

Force Release System Lock Storage Administrator (Initial

Conguration)

Reboot GUM Support Personnel or User Maintenance

Change Password No role is required.

Boot System Safe Mode Support Personnel

Alert Display Support Personnel or User Maintenance

Alert Display Related to FRU Support Personnel or User Maintenance

Administration Menu N/A

Power Management N/A

System Management N/A

Resetting GUM N/A

Notes:

1. Support Personnel means operations performed by the service personnel. User Maintenance means operations performed by the user

Setting up user accounts

You can create up to 20 users, including the built-in user.

Procedure

1. In the Maintenance Utility window, click Administration > User Administration.

2. In the User Groups tab, click Create User.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 66

Setting up user accounts

eate a new user account. Specify the User Name, Account Status,

3. Cr Authentication, and User Group. Click Finish.

Item Description

User Name

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 67

Disabling user accounts

Account Status The following statuses are available:

Enable: User can use the account.

Disable: User cannot use the account or log in to the stor

age management

software.

Authentication The following methods are available:

Local: Does not use authentication server. Uses a dedicated password for storage management software.

External: Uses an authentication server.

4. Conrm the settings, and then click Apply.

5. When the completion message appears, click Close.

Disabling user accounts

Observe the follo

■

Log into an account that is dierent from the user account that you want to disable (you cannot disable the current login user account).

■

To disable the user account specied by the registered storage system in the Storage Device List window, click Stop Service for the registered storage system. After

disabling the user account, click Edit to enable the user account.

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 68

wing guidelines:

Chapter 4: User administration

Procedure

Disabling user accounts

1. In the Maintenance Utility windo

2. In the User Groups tab, click the user group belonging to the user.

w, click Administration > User Administration.

3. Click the Users

4. Click Edit.

5. For Account Status, click Disable, and then click Finish.

tab, and then select the user account to disable.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 69

Disabling user accounts

6. Conrm the settings, and then click Apply.

7. When a completion message appears, click Close.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 70

Removing user accounts

Security administr Built-in user accounts cannot be deleted. If deleting the current login user account, you can continue the storage management software operation until you log out.

Note: T in the Storage Device List window, click Stop Service of the registered storage system. After deletion, click Edit to enable the user account.

Procedure

1. In the Maintenance Utility window, click Administration > User Administration.

2. In the User Groups tab, select the user group belonging to the user.

ators can remove a user account when the account is no longer in use.

o delete the user account specied by the registered storage system

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 71

Removing user accounts

3. Click the Users

4. Click Remo

The Conrm window opens.

5. In the Conrm window, conrm the settings, and then click Apply.

tab, and then select the user to remove.

ve.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 72

Backing up user accounts

6. At the completion message, click Close.

Backing up user accounts

ocedure

1. Click User Account Information > Backup.

2. Specify a storage destination and a le name in the displayed window and

wnload the le.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 73

Restoring user account information

3. When the follo

wing message appears, click Close.

Restoring user account information

ocedure

1. Click User Account Information > Restore

The Restore User Account window opens.

2. Specify le names to be restored, and then click Apply.

3. When a completion message appears, click Close.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 74

Managing users, user groups, and accounts

ou can use the Device Manager - Storage Navigator to create, modify, or delete users,

user groups, and accounts.

This chapter describes how to dene the users and user groups that will manage your

age system.

stor

User administration overview

Read and understand the following information before managing users or user groups.

■

When a user is assigned to multiple user groups, the user has the permissions of all the roles in each user group that are enabled on the resource groups assigned to each user group.

■

If this is an issue, the recommended solution is to register two user accounts in the storage system and use the two accounts for dierent purposes.

●

A security administr Yes.

●

A storage administrator user account that has only some of the resource groups assigned.

ator user account that has All Resource Groups Assigned set to

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 75

Workow for creating and managing user accounts

■

For user gr

oups whose roles are other than Storage Administrator, All Resource Groups Assigned is automatically set to Yes. If you delete all the roles except Storage Administrator, reassign resource groups to the user group because All Resource Groups Assigned is automatically set to No.

Workflow for creating and managing user accounts

Administrators use Device Manager - Storage Navigator to create accounts for all users. The following steps show a basic workow:

■

If an authentication server is used, connect the management clients to it. An authentication server allows users to log in to Device Manager - Storage Navigator with the same password as the one used for other applications in a system.

■

If an authentication server is not used, use a password dedicated to Device Manager Storage Navigator to log in. Whether to use the authentication server can be specied for each user.

■

view

Re and instructions.

■

Re you can assign new or existing users.

■

Create user accounts and assign permissions. See

page 77) .

■

Change, disable, or delete user passwor

passwords (on page 81) .

Setting up authentication and authorization (on page 157) for information

view

Managing user groups (on page 84) to understand the user gr

Creating user accounts (on

ds and permissions. See

oups and roles

Changing user

Administrator tasks

o authenticate a user using an authentication server, specify settings for connecting to

T the server.

Note: When an administr she must notify the user. Otherwise, the user will not be able to log in.

Procedure

1. Log in to Device Manager - Storage Navigator as a built-in user.

Use maintenance as the user name, and raid-maintenance as the password. The built-in user has all permissions.

2. Click Settings > User Management > Change Password to change the password of the built-in user account.

3. Create a user group. Some user groups, such as built-in groups, are available by default.

4. Create a user.

5. If necessary, change the environment parameter.

6. Save the user account information and environment parameter le.

7. Notify the user of the ne

ator changes a support person's user account, he or

w user name and the password.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 76

User tasks

Procedure

1. Use the user name and password provided by the administrator to log in to Device

Manager - Storage Navigator.

2. Click Settings > User Management > Change Password to change the password to your own password.

Managing user accounts

You will need to use the local administrator account created during the initial setup step, or create administrator accounts using the procedures described in this chapter as needed to access the storage system temporarily when the management software is not available.

It is prudent to create more than one user account in case the system administrator is not available when the management software becomes unavailable, or when someone else needs to access the system. This is also helpful if multiple users need to access Device Manager - Storage Navigator to use storage features that are not available in the management software.

User tasks

Creating user accounts

You must create a user account and register the account to a user group with appropriate permissions.

Before you begin

■

You must have the Security Administrator (View & Modify) role to perform this task.

■

You or an authorized technical support representative can log in to Device Manager Storage Navigator and CCI with user accounts that are created in Device Manager Storage Navigator.

■

Support representatives must have the Support Personnel (Vendor Only) role to log in.

■

The system can support a maximum of 20 user accounts, including the built-in user accounts.

Table 3 User name and password for Device Manager - Storage Navigator

Item

User name 1-256

Length in

characters Characters that can be used

■

Alphanumeric char

■

The following symbols:

acters

# $ % & ' * + - . / = ? @ ^ _ ` { | } ~

Password 6-256

■

Alphanumeric characters

■

All symbols

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 77

Item

Character restrictions for user names and passwords

Table 4 User name and password for logging in to CCI

Length in

characters Characters that can be used

User name 1-63

■

Alphanumeric char

■

The following symbols:

acters

- . @ _

Password 6-63

■

Alphanumeric characters

■

The following symbols:

, - . @ _

Note:

1. When you use a Windo

ws computer, you can also specify a backslash (\). When

you use a UNIX computer, you can also specify a slash (/).

Procedure

1. In the

Device Manager - Storage Navigator Administration tree, select User

Groups.

2. On the User Groups tab, select a user group to which to add a user. This is

dependent on which permissions you want to give to the user. The user logging in to NAS Manager must belong to the built-in Administrator

group.

3. On the Roles tab, conrm that the displayed permissions are appropriate for the user.

4. On the Users tab, click Create User.

5. Enter a name.

6. Select Activate or Lock for the account. If you select Lock, the user of this account

is disabled and cannot log in to Device Manager - Storage Navigator and NAS Manager.

7. To use an authentication server, select External. To authenticate users with only Device Manager - Storage Navigator, or to log in to NAS Manager, select Local.

8. If you select Local, enter the password for this user account in two places. For a password, all alphanumeric characters and symbols can be used. The length

must be between 6 and 256.

9. Click Finish.

10. In the Conrm window, check the settings.

11. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Task window opens to display the status of the task.

Character restrictions for user names and passwords

Note the following restrictions for user names and passwords.

A user account created by using Device Manager - Storage Navigator can be used for maintenance utility, CCI, and NAS Manager. It can also be used by maintenance personnel for logins (the Support Personnel role is required).

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 78

Character restrictions for user names and passwords

The number of characters and types of characters that can be used vary between Device Manager - Stor

age Navigator, CCI, and NAS Manager. If a user uses all three programs,

specify a user name and a password that satisfy the following conditions.

Characters that can be

Item Length in characters

used

User name 1-20

■

Alphanumeric (ASCII code) char

■

The following symbols

acters

- . _

Password 6-63

■

Alphanumeric (ASCII code) characters

■

The following symbols

- , . : @ _

Note:

1. If the host on which

CCI is installed is running on UNIX, a slash (/) can be specied.

2. If the host on which CCI is installed is running on Windows, a back slash (\) can be

specied.

3. Do not specify a user name consisting of periods (.) (..) only, or specify a user name beginning with a hyphen (-). If you specify such names, you cannot log in to NAS Manager.

Note: T

o use NAS Manager after installing NAS modules, users created with DKCMAIN rmware 83-03-2x or earlier, must change the password. If you do not change the password, you cannot log in to NAS Manager. Also, if a user name contains more than 20 characters, the user cannot log in to NAS Manager.

User name and password for Device Manager - Storage Navigator

Length in

Item

User name 1-256

characters Characters that can be used

■

Alphanumeric (ASCII code) char

■

The following symbols:

acters

# $ % & ' * + - . / = ? @ ^ _ ` { | } ~

You cannot use the # symbol when you enter a user name in a screen from the Tool Panel dialog box.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 79

Item

Character restrictions for user names and passwords

Length in

characters Characters that can be used

Password 6-256

■

Alphanumeric (ASCII code) char

■

All symbols

You cannot use the quotation mark (") or backslash (\) symbols when you enter a password in a screen from the Tool Panel dialog box.

Note: If you cannot log in on a T

ool Panel dialog box screen, check to see if

you have used a number sign (#) in the user name, or used a quotation mark (") or a backslash (\) in the password.

User name and password for logging in to SVP

Length in

Item

User name 1-128

characters Characters that can be used

■

Alphanumeric (ASCII code) char

■

The following symbols:

! # $ % & ' - . @ ^ _ ` { } ~

acters

Password 6- 127

■

Alphanumeric (ASCII code) characters

■

All symbols

User name and password for logging in to CCI

Length in

Item

User name 1-63

characters Characters that can be used

■

Alphanumeric (ASCII code) char

■

The following symbols*:

acters

- . @ _

Password 6- 63

■

Alphanumeric (ASCII code) characters

■

The following symbols*:

- , . @ _

*When you use a Windows computer for CCI, you can also specify a backslash (\). When you use a UNIX computer for

CCI, you can also specify a slash (/).

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 80

User name and password for logging in to NAS Manager

Item Length in

Changing user passwords

Characters that can be

used

User name 1-20

Password 6-256

* Do not specify a user name consisting of periods (.) (..) only, or specify a user name beginning with a hyphen (-). If you specify such names, you cannot log in to Manager.

Changing user passwords

You can change or reissue passwords for other users by using Device Manager - Storage Navigator.

Caution: When using information, such as passwords, registered in Hitachi Command Suite. For details, see the section describing how to change storage system settings in the Hitachi Command Suite User Guide.

■

Alphanumeric (ASCII code) char

■

The following symbols*:

- . _

■

Alphanumeric (ASCII code) characters

■

All symbols:

- . _

Hitachi Command Suite, you need to change

acters

NAS

Caution: Do not select any user account used to connect to a stor

age system that is registered in the Storage Device List window. For details, see

Changing the administrator password (on page 54) .

Before you begin

■

Security administr

ators with View & Modify roles can change user passwords on

Device Manager - Storage Navigator.

■

If the target user has a local user account for Device Manager - Storage Navigator, the security administrator can use Device Manager - Storage Navigator to change the target user's password.

■

If the target user has a local user account for the authentication server, the security administrator can use the authentication server to change the target user's password. After the password is changed, the target user can use the new password on both the authentication server and Device Manager - Storage Navigator.

Procedure

1. In the Device Manager - Storage Navigator Administration tree, select User Groups.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 81

Changing user permissions

2. On the User Gr

oups tab, select the user group to which the user belongs.

3. On the User tab, select the user whose password you want to change.

4. In the User tab, click Change Password.

5. In the Change Password dialog box, specify a new password for the user in the two

password elds.

6. Click Finish.

7. In the Conrm window, check the settings and enter a task name in Task Name.

8. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Task window opens to show the status of the task.

Changing user permissions

You can change user permissions by changing membership in the user group. A user can belong to multiple user groups.

For example, if you want to change the role of the user who manages security to the performance management role, add this user to the Storage Administrator (Performance Management) role group and then remove the user from the Security Administrator (View & Modify) role group.

Before you begin

■

You must have the Security Administrator (View & Modify) role to perform this task.

■

The user whose permissions you want to change must belong to at least one user group.

■

A user account can belong to up to 8 user groups.

■

A user group can contain a maximum of 20 user accounts, including the built-in user accounts.

Adding a user

Procedure

1. In the Device Manager - Storage Navigator Administration tree, select User Groups.

2. On the User Groups tab, select the user group that has the role you want the user

to have, and then add or remove users. To add users to the selected groups:

a. Click Add Users. b. In the Add Users window, select a user and click Add.

To remove users from the selected groups:

a. In the Remove Users window, select one or more users. b. Click More Actions > Remove Users.

3. Click Finish.

4. In the Conrm window, check the settings. If the Task Name eld is empty, enter a

task name.

5. Click Apply. The task is now registered. If you selected the Go to tasks window for status check box, the Task window opens to show the status of the task.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 82

Enabling or Disabling user accounts

To allow or prevent a user from logging in to Device Manager - Storage Navigator and NAS Manager, follow the steps below.

Enabling or Disabling user accounts

Caution: Do not select any user account used to connect to a stor

age system that is registered in the Storage Device List window. For details, see the Hardware Reference Guide for your storage system.

Before you begin

■

Log into an account that is dierent from the user whose account that you want to enable or disable.

■

You must have the Security Administrator (View & Modify) role to perform this task.

Procedure

1. In the Device Manager - Storage Navigator Administration tree, click User Groups.

2. On the User Group tab, select the user group.

3. On the Users tab, select a user.

4. Click Edit User.

5. Click the Account Status check box.

■ To allow the user to log in to Device Manager - Storage Navigator and NAS

Manager, click Enable.

■ To prevent the user from logging in to Device Manager - Storage Navigator and

NAS Manager, click Disable.

6. Click Finish.

7. In the Conrm window, check the settings.

8. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Task window opens to show the status of the task.

Deleting user accounts

Security Administrators can delete a user account when the account is no longer in use. Built-in user accounts cannot be deleted.

Caution: Do not select any user account used to connect to a stor that is registered in the Storage Device List window. For details, see the Hardware Reference Guide for your storage system.

Before you begin

You must have the Security Administrator (View & Modify) role to perform this task.

Procedure

1. In the Device Manager - Storage Navigator Administration tree, select User Groups.

2. On the User Groups tab, click a user group to which a user belongs.

3. On the Users tab, select the user whose account you want to delete.

4. Click More Actions > Delete Users.

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 83

age system

Chapter 4: User administration

Releasing a user lockout

5. In the Delete Users windo

6. In the Conrm window, check the settings.

7. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Task window opens to show the status of the task.

Releasing a user lockout

If a user attempting to log in to Device Manager - Storage Navigator or Command Control Interface enters an incorrect username or password three times, the system sets the login status to locked, preventing further login attempts for 60 seconds. If necessary, you can release the locked status before the lock times out.

Before you begin

You must have the Security Administrator (View & Modify) role to perform this task.

Procedure

1. In the Administration tree, select User Groups.

2. On the User Groups tab, click a user group to which the locked-out user belongs.

3. On the User tab, select the user you want to unlock.

4. On the User tab, click More Actions > Release Lockout. The Release Lockout window opens.

5. Specify a task name, and then click Apply.

w, select the user to be deleted, then click Finish.

Session timeout

A session timeout occurs if the system receives no user operation for one minute due to a network error.

Managing user groups

You can use the Device Manager - Storage Navigator to view existing user groups, and to create, modify, or delete them.

Before creating or manipulating user groups, read and understand the following precautions.

■

When a user is assigned to multiple user groups, the user has the permissions of all the roles in each user group that are enabled on the resource groups assigned to each user group.

■

If a user has All Resource Groups Assigned set to Yes, the user can access all the resources in the storage system. For example, if a user is a security administrator and a storage administrator taking care of some resources, have all resource groups assigned, and has roles of Security Administrator (View & Modify) and Storage Administrator (View & Modify), the user can edit the storage for all the resources.

If this is a problem, the recommended solution is to register the following two user accounts in the storage system and use these dierent accounts for dierent purposes:

●

A security administr Yes.

●

A storage administrator user account that does not have all resource groups assigned and has only some of the resource groups assigned.

ator user account that has All Resource Groups Assigned set to

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 84

Roles

■

For the user gr

oups whose roles are other than the Storage Administrator, All Resource Groups Assigned is automatically set to Yes. If you delete all the roles except the Storage Administrator, reassign resource groups to the user group because All Resource Groups Assigned is automatically set to No. To assign resource groups to the user group, see

■

Security settings that aect

■

Resource group 10 is congured by user A.

■

Resource group 20 is congured by user B.

Changing assigned resource groups (on page 92) .

the entire system is congured by the administrator.

To implement the above conguration, assign the users to the user groups as shown below.

Resource group to be

User group to be

User

Adminis

ator

registered

user group 1 Security Administrator (View &

User A user group 10 Storage Administrator

User B user group 20 Storage Administrator

Roles to be assigned to the

user group

Modify)

assigned to user

group

All Resource Groups Assigned

Resource group 10

Resource group 20

Notes:

1. For the user group that is assigned the Security Administrator role, All Resource

Groups Assigned is automatically set to Yes.

2. There are a few types of storage administrators. For more information, see

(on page 85) .

Roles

The following table shows all the roles that are available for use and the permissions that each role provides to the users. You cannot create a custom role.

Role Capabilities

Security Administrator

w Only)

(Vie

■

Vie

wing information about user accounts and encryption settings

■

Viewing information about the encryption key in the key SVP

Roles

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 85

Role Capabilities

Security Administrator

w & Modify)

(Vie

■

Conguring user accounts

■

Creating encryption keys and conguring encryption settings

■

Viewing and switching where encryption keys are generated

■

Backing up and restoring encryption keys

■

Deleting encryption keys backed up in the key SVP

■

Viewing and changing the password policy for backing up encryption keys on the management client

■

Connection to the external server

■

Backing up and restoring connection conguration to the external server

■

Conguring the certicate used for the SSL communication

■

Conguring the bre channel authentication (FC-SP)

■

Conguring resource groups

■

Editing virtual management settings

■

Setting reserved attributes for global-active device

Roles

Audit Log Administrator (View Only)

Audit Log Administrator

w & Modify)

(Vie

Storage Administrator (View Only)

Storage Administrator (Initial Conguration)

Storage Administrator (System Resource Management)

■

Vie

wing audit log information and downloading audit logs

■

Conguring audit log settings and downloading audit logs

■

Vie

wing storage system information

■

Conguring settings for storage systems

■

Conguring settings for SNMP

■

Conguring settings for e-mail notication

■

Conguring settings for license keys

■

wing, deleting, and downloading storage conguration reports

Vie

■

Acquiring all the information about the storage system and updating Device Manager - Storage Navigator window by clicking Refresh All

■

Conguring settings for CLPR

■

Conguring settings for MP unit

■

Deleting tasks and releasing exclusive locks of resources

■

Conguring LUN security

■

Conguring Server Priority Manager

■

Conguring tiering policies

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 86

Role Capabilities

Storage Administrator

ovisioning)

(Pr

Built-in groups, roles, and resource groups

■

Conguring caches

■

Conguring volumes, pools, and virtual volumes

■

Formatting and shredding volumes

■

Conguring external volumes

■

Conguring Dynamic Provisioning

■

Conguring host groups, paths, and WWN

■

Conguring Volume Migration except splitting Volume Migration pairs when using CCI

■

Conguring access attributes for volumes

■

Conguring LUN security

■

Creating and deleting quorum disk used with global-active device

■

Creating and deleting global-active device pairs

Storage Administrator (Performance Management)

Storage Administrator (Local Copy)

Storage Administrator (Remote Copy)

Support Personnel

endor Only)

Support Personnel (User)

■

Conguring monitoring

■

Starting and stopping monitoring

■

Performing pair oper

■

Conguring environmental settings for local copy

■

Splitting

■

Remote cop

■

Operating global-active device pairs (except for creation and deletion)

Volume Migration pairs when using CCI

y operations in general

ations for local copy

Conguring the SVP

■

Normally, this role is for service representatives.

■

Vie

wing storage system status

■

Installing OS security patches

■

Updating operating systems

■

Performing basic maintenance

Built-in groups, roles, and resource groups

You can assign users to one or more built-in user groups and custom user groups. You cannot change roles or resource groups set to the built-in groups, but you can create custom user groups according to the needs of your storage environment.

For more information about resource groups, see the Provisioning Guide.

The following table shows all the built-in groups, and their built-in roles and resource groups.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 87

Built-in groups, roles, and resource groups

Built-in group Role

Resource

group

Administrator

System

■

Security Administr

ator (View &

Modify)

■

Audit Log Administrator (View & Modify)

■

Storage administrator (Initial

Conguration)

■

Storage Administrator (System Resource Management)

■

Storage Administrator (Provisioning)

■

Storage Administrator (Performance Management)

■

Storage Administrator (Local Copy)

■

Storage Administrator (Remote Copy)

■

Security Administr

ator (View &

Modify)

■

Audit Log Administrator (View & Modify)

■

Storage Administrator (Initial

Conguration)

■

Storage Administrator (System Resource Management)

■

Storage Administrator (Provisioning)

■

Storage Administrator (Performance Management)

■

Storage Administrator (Local Copy)

■

Storage Administrator (Remote Copy)

All Resource

oups

Gr Assigned

All Resource

oups

Gr Assigned

Security Administrator (View Only)

■

Security Administr

■

Audit Log Administrator (View Only)

■

Storage Administrator (View Only)

ator (View Only)

All Resource

oups

Gr Assigned

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 88

Built-in groups, roles, and resource groups

Built-in group Role

Resource

group

Security Administrator (View & Modify)

Audit Log Administrator (View Only)

Audit Log Administrator (View & Modify)

Storage Administrator (View Only)

Storage Administrator (View & Modify)

■

Security Administr

ator (View &

Modify)

■

Audit Log Administrator (View & Modify)

■

Storage Administrator (View Only)

■

Audit Log Administr

■

Storage Administrator (View Only)

■

Audit Log Administr

ator (View Only)

ator (View &

Modify)

■

Storage Administrator (View Only)

■

Stor

age Administrator (View Only) meta_resourc

■

Storage Administrator (Initial

Conguration)

■

Storage Administrator (System Resource Management)

■

Storage Administrator (Provisioning)

■

Storage Administrator (Performance Management)

■

Storage Administrator (Local Copy)

■

Storage Administrator (Remote Copy)

All Resource

oups

Gr Assigned

All Resource

oups

Gr Assigned

All Resource

oups

Gr Assigned

meta_resourc e

Support Personnel

■

Storage Administrator (Initial

Conguration)

■

Storage Administrator (System

All Resource

oups

Gr Assigned

Resource Management)

■

Storage Administrator (Provisioning)

■

Storage Administrator (Performance Management)

■

Storage Administrator (Local Copy)

■

Storage Administrator (Remote Copy)

■

Support Personnel

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 89

Verifying the roles available to a user group

You can use Device Manager - Storage Navigator to verify the roles that are available to use with any user group.

Before you begin

You must have the Security Administrator (View Only) role to perform this task.

Procedure

1. In the Device Manager - Storage Navigator tree, click User Administration.

2. On the User Groups tab, click the name (not the checkbox) of a user group whose

roles you want to check.

3. In the User Administration window, click the Roles tab. The list of roles applied to the selected user group is displayed.

4. To return to the User Administration window, click User Administration.

Checking if a role is available to a user group

You can use Device Manager - Storage Navigator to verify the roles that are available to use with any user group.

Verifying the roles available to a user group

Before you begin

You must have the Security Administrator (View Only) role to perform this task.

Procedure

1. In the Device Manager - Storage Navigator Administration tree, click User Administration.

2. On the User Groups tab, click the name (not the checkbox) of a user group whose

roles you want to check.

3. In the User Administration window, click the Roles tab. The list of roles applied to the selected user group is displayed.

4. To return to the User Administration window, click User Administration.

Creating a new user group

You can customize a user group, as long as it supports your storage system.

This section explains how administrators can create a user group.

A user group name consists of 1 to 64 characters including alphanumeric characters, spaces, and the following symbols:

! # $ % & ' ( ) + - . = @ [ ] ^ _ ` { } ~

The system can support a maximum of 32 user groups, including the nine built-in user groups.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 90

Changing a user group name

Before you begin

■

ou must have the Security Administrator (View & Modify) role to perform this task.

Procedure

1. In the Administration tree, select User Groups.

2. In the User Groups tab, click Create User Groups to open the Create User Group

window.

3. Enter a user group name.

4. If you use an authorization server, click Check and verify that the entered user

group name is registered in the authorization server.

5. Click Next to open the Assign Roles window.

6. Select the roles to assign to the user group, and click Add.

7. Click Next to open the Assign Resource Groups window.

8. Select the resource groups to assign to the user group, and click Add. If you select a

role other than the storage administrator in the Assign Roles window, you do not need to select resource groups because all the resource groups are assigned automatically.

9. Click Finish to nish and conrm settings. Click Next to add another user.

10. Check the settings and enter a task name in Task Name.

11. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Task window opens to show the status of the task.

Changing a user group name

You can change the name of a user group by using Hitachi Device Manager - Storage Navigator.

Before you begin

■

You must have the Security Administrator (View & Modify) role to perform this task.

■

The names of built-in groups cannot be changed.

■

A user group name consists of 1 to 64 characters including alphanumeric characters (ASCII), spaces and the following symbols:

# $ % & ' ( ) + - . = @ [ ] ^ _ ` { } ~

Procedure

1. In the Administration tree, select User Groups.

2. In the User Groups tab, select the user group.

3. Click More Actions > Edit User Group.

4. In the Edit User Group window, enter a new user group name.

5. If you use an authorization server, click Check and verify that the entered user

group name is registered in the authorization server.

6. Click Finish.

7. In the Conrm window, check the settings and enter a task name in Task Name.

8. Click Apply. The task is now registered. If the Go to tasks window for status check

box is checked, the Task window opens to display the status of the task.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 91

Changing user group permissions

You can change the permissions that are assigned to user groups by using Hitachi Device Manager - Storage Navigator.

Before you begin

■

You must have the Security Administrator (View & Modify) role to perform this task.

■

The permissions of a built-in group cannot be changed.

Procedure

1. In the Device Manager - Storage Navigator Administration tree, select User Groups.

2. In the User Groups tab, select the user group whose permission you want to

change.

3. Click the Roles tab.

4. Click Edit Role Assignment.

5. In the Edit Role Assignment window, change roles to be assigned to the user

group.

■ Select roles to add, and then click Add.

Changing user group permissions

■ Select a role to remove, and then click Remove.

6. Click Finish.

7. In the Conrm window, check the settings and enter a task name in T

8. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Task window opens.

Changing assigned resource groups

You can change the resource groups that are assigned to user groups by using Hitachi Device Manager - Storage Navigator.

Before you begin

■

You must have the Security Administrator (View & Modify) role to perform this task.

■

Create a resource group to be assigned to the user group in advance.

■

You cannot change the resource groups of a user group that has All Resource Groups Assigned set to Yes

■

You cannot change resource groups of a built-in group.

Procedure

1. In the Device Manager - Storage Navigator Administration tree, select User Groups.

2. On the User Groups tab, select a user group to change the resource group.

3. Select the Resource Groups tab.

4. Click Edit Resource Group Assignment to open the Edit Resource Group Assignment window.

5. In the Edit Resource Group Assignment window, change resource groups to be

assigned to the user group.

ask Name.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 92

Deleting a user group

■ Select the r

■ Select the resource group to remove, and click Remove.

6. Click Finish.

7. In the Conrm window, check the settings and enter a task name in T

8. Click Apply. The task is now registered. If the Go to tasks window for status check box is checked, the Task window opens to display the status of the task.

Deleting a user group

You do not have to retain a user group for the life of the project. You can delete it at any time by using Hitachi Device Manager - Storage Navigator.

Before you begin

■

You must have the Security Administrator (View & Modify) role to perform this task.

■

You cannot delete a built-in user group.

■

You cannot delete a user group if the users in it belong to only the user group to be deleted.

Procedure

1. In the Device Manager - Storage Navigator Administration tree, select User Groups.

2. In the User Groups tab, select the user-created user groups that you want to delete.

3. Click More Actions > Delete User Groups.

4. Check the settings, then click Apply.

esource group to add, and click Add.

ask Name.

Creating resource groups and managing storage system resources

You can divide a provisioned storage system into resource groups that allow you to manage the storage system as multiple virtual private storage systems. Conguring resource groups involves creating resource groups, moving storage system resources into the r

When to use resource groups

A storage system can connect to multiple hosts and be shared by multiple divisions in a company or by multiple companies. Many storage administrators from dierent organizations can access the storage system. Managing the entire storage system can become complex and dicult. Potential problems are that private data might be accessed by other users, or a volume in one organization might be accidentally destroyed by a storage administrator in another organization.

To avoid such problems, use Hitachi Resource Partition Manager software to set up resource groups that allow you to manage one storage system as multiple virtual private storage systems. The storage administrator in each resource group can access only their assigned resources. Resource groups prevent the risk of data leakage or data destruction by another storage administrator in another resource group.

Resources such as LDEVs, parity groups, iSCSI targets, external volumes, ports, and host groups can be assigned to a resource group. These resources can be combined to exibly compose a virtual private storage system. You should plan and create resource groups before creating volumes.

esource groups, and assigning resource groups to user groups.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 93

System configuration using resource groups

Conguring resource groups prevents the risk of data leakage or data destruction by another Stor considers and plans which resource should be managed by which user, and then the Security Administrator creates resource groups and assigns each resource to the resource groups.

A resource group is assigned one or more storage system resources. The following resources can be assigned to resource groups.

■

LDEV IDs

■

Parity groups

■

External volumes

■

Ports

■

Host group IDs

■

iSCSI target IDs

age Administrator in another resource group. The Storage Administrator

Note:

e you create LDEVs, you can reserve the desired number of LDEV IDs

Befor and assign them to a resource group for future use. You can also reserve and assign host group IDs and iSCSI target IDs in advance because the number of host groups or iSCSI targets per port is limited.

System conguration using resource groups

meta_resource

The meta_resource group is the resource group consisting of the resources that exist on the storage system (other than external volumes) before Resource Partition Manager is installed. By default, all existing resources initially belong to the meta_resource group to ensure compatibility with older software when a system is upgraded to include Resource Partition Manager.

Resource lock

When a task is being processed on a resource, all of the resource groups assigned to the logged-on user are locked for exclusive access. When a resource is locked, a status indicator appears on the Device Manager - Storage Navigator status bar. To view information about the locked resource, click Resource Locked.

Note: Opening a (such as Basic Information Display) or performing an operation from the service processor (SVP) locks all of the resource groups in the storage system.

Resource group examples

The follo stor

■

wing examples illustrate how you can congure resource groups on your

age system.

Example of resource groups sharing a port (on page 95)

Example of resource groups not sharing ports (on page 96)

Device Manager - Storage Navigator secondary window

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 94

Example of resource groups sharing a port

If you have a limited number of ports, you can still operate a storage system eectively by sharing ports using resource groups.

The following example shows the system conguration of an in-house division providing virtual private storage system for two divisions. Divisions A and B each use their own assigned parity group, but share a port between the two divisions. The shared port is managed by the system division.

Example of resource groups sharing a port

The Security Administrator in the system division creates resource groups for each division in the stor Administrator in Division A can manage the resource groups for Division A but cannot access the resource groups for Division B. In the same manner, the Storage Administrator in Division B can manage the resource groups for Division B but cannot access the resource groups for Division A.

The Security Administrator creates a resource group for managing the common resources, and the Storage Administrator in the system division manages the port that is shared between Divisions A and B. The Storage Administrators in Divisions A and B cannot manage the shared port belonging to the resource group for common resources management.

Conguration

1. The system division forms a plan about the resource group creation and

assignment of the resources.

2. The Security Administrator creates the resource groups.

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 95

age system and assigns them to the respective divisions. The Storage

workow for resource groups sharing a port

Chapter 4: User administration

Example of resource groups not sharing ports

3. The Security Administr

4. The Security Administrator assigns the resource groups to the user groups.

5. The Storage Administrator in the system division sets a port.

6. The Security Administrator assigns resources to the resource groups.

7. The Security Administrator assigns the Storage Administrators to the appropriate

user groups.

After the above procedures, the Storage Administrators in Divisions A and B can manage the resource groups assigned to their own division.

ator creates the user groups.

Example of resource groups not sharing ports

If you assign ports to each resource group without sharing, performance can be maintained on a dierent port even if the bulk of I/O is issued from one side port.

The following shows a system conguration example of an in-house system division providing the virtual private storage system for two divisions. Divisions A and B each use individual assigned ports and parity groups. In this example, they do not share a port.

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 96

age system and assigns them to the respective divisions. The Storage

Chapter 4: User administration

Meta_resource

Conguration

1. The system division forms a plan about creating resource groups and the assigning

resources to the groups.

2. The Security Administrator creates the resource groups.

3. The Security Administrator creates the user groups.

4. The Security Administrator assigns the resource groups to user groups.

5. The Storage Administrator in the system division sets ports.

6. The Security Administrator assigns resources to the resource groups.

7. The Security Administrator assigns each Storage Administrator to each user group.

After the above procedures, the Storage Administrators in Divisions A and B can access the resource groups allocated to their own division.

Meta_resource

The meta_resource is a resource group comprised of additional resources (other than external volumes) and the resources that exist on the storage system before the Resource Partition Manager is installed. By default, existing resources initially belong to the meta_resource group to ensure compatibility with older software when a system is upgraded to include Resource Partition Manager.

Resource lock

workow for resource groups not sharing a port

While processing a task on a resource, all of the resource groups assigned to the loggedon user are locked for exclusive access.

A secondary window (such as the Basic Information Display) or an operation from the service processor (SVP) locks all of the resource groups in the storage system.

When a resource is locked, a status indicator appears on the Device Manager - Storage Navigator status bar. Click the Resource Locked button to view information about the locked resource.

User groups

User gr Navigator. A user belongs to one or mor user are determined by the user group or groups to which the user belongs.

The Security Administrator assigns resource groups to user groups. A user group might already be congured, or a new user group might be required for certain resources.

oups and associated built-in roles are dened in Device Manager - Storage

Resource group assignments

All resource groups are normally assigned to the Security Administrator and the Audit Log Administrator.

Each resource group has a designated Storage Administrator who can access only their assigned resources and cannot access other resources.

e user groups. Privileges allowed to a particular

All resource groups to which all resources in the storage system belong can be assigned to a user group. Congure this in Device Manager - Storage Navigator by setting All Resource Groups Assigned to Yes.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 97

Operations in a resource group for NAS modules

A user who has All Resource Groups Assigned set to Yes can access all resources in the

age system. For example, if a user is a Security Administrator (with View & Modify

stor privileges) and a Storage Administrator (with View and Modify privileges) and All Resource Groups Assigned is Yes on that user account, the user can edit the storage for all the resources.

If allowing this access becomes a problem with security on the storage system, then register the following two user accounts and use these dierent accounts for dierent purposes.

■

A user account for a Security Administrator where All Resource Groups Assigned is set to Yes.

■

A user account for a Storage Administrator who does not have all resource groups assigned and has only some of the resource groups assigned.

Operations in a resource group for NAS modules

In the storage system in which the NAS module is installed, a resource group for NAS is created with the name NAS_Platform_System_RSG. Resources in NAS_Platform_System_RSG, such as LDEV format or delete, cannot be operated. Therefore, move resources in NAS_Platform_System_RSG to a dierent resource group before operating. For about operations for NAS_Platform_System_RSG, contact customer support.

Resource group rules, restrictions, and guidelines

Rules

■

The maximum number of resource groups that can be created on a storage system is

1023. However, if the NAS module is installed in the storage system, the maximum number of resource groups that can be created on the storage system is 1022.

■

A Storage Administrator with the Security Administrator (View & Modify) role can create resource groups and assign resources to resource groups.

■

Resources removed from a resource group are returned to meta_resource.

■

Only a Security Administrator (View & Modify) can manage the resources in assigned resource groups.

Restrictions

■

No new resources can be added to meta_resource and NAS_Platform_System_RSG.

■

Resources cannot be deleted from meta_resource and NAS_Platform_System_RSG.

■

LDEVs with the same pool IDs or journal IDs cannot be added to multiple resource groups.

In the case of adding LDEVs that are used as pool volumes or journal volumes, add all the LDEVs that have the same pool IDs or journal IDs by using a function such as sort.

Guidelines

■

If you are providing a virtual private storage system to dierent companies, you should not share parity groups, external volumes, or pools if you want to limit the capacity that can be used by each user. When parity groups, external volumes, or pools are shared between multiple users, and if one user uses too much capacity of the shared resource, the other users might not be able to create an LDEV.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 98

Managing resource groups

Managing resource groups includes creating, editing, and deleting resource groups.

Creating resource groups

When you create a resource group, you enter a name and assign the desired resources (parity groups, LDEVs, ports, host groups, and iSCSI targets) to the new group. You can create more than one resource group at a time.

Note the following restrictions for creating a resource group:

■

The maximum number of resource groups that can be created on a storage system is

1023. If the NAS module is installed in the storage system, the maximum number of resource groups that can be created on the storage system is 1022.

■

A resource group name can use alphanumeric characters, spaces, and the following symbols: ! # $ % & ' ( ) + - . = @ [ ] ^ _ ` { } ~

■

The characters in a resource group name are case-sensitive.

■

Duplicate occurrences of the same name are not allowed.

■

You cannot use the following names: meta_resource, NAS_Platform_System_RSG

Managing resource groups

Before you begin

You must have Security Administrator (View & Modify) role to perform this task.

Procedure

1. In the Explorer pane, expand the Storage Systems tree, click the Administration tab, and then select Resource Groups.

2. Click Create Resource Groups.

3. In the Create Resource Groups window, enter the name for the new group, select

the desired resources for the new group, and click Add to add the new group to list of resource groups to be added.

4. Repeat the previous step for each new resource group to be added. If you need to remove a group from the list of resource groups to be added, select the group, and click Remove.

5. When you are nished conguring new resource groups in the Cr Groups window, click Next.

6. Enter a task name or accept the default, and then click Submit. If you select View task status, the Tasks & Alerts tab opens.

Editing resource groups

You can add resources to, remove resources from, and rename existing resource groups.

eate Resource

Note the following restrictions for editing resource groups:

■

Only resources allocated to meta_resource can be added to resource groups.

■

Resources removed from a resource group are returned to meta_resource.

■

No resource can be added to or removed from meta_resource.

■

The name of the meta_resource group cannot be changed or used for any resource group other than the meta_resource group.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 99

Deleting resource groups

■

Duplicate occurr

■

Resource group names can include alphanumeric characters, spaces, and the

ences of the same name are not allowed.

following symbols: ! # $ % & ' ( ) + - . = @ [ ] ^ _ ` { } ~

■

Resource group names are case-sensitive.

■

LDEVs with the same pool ID or journal ID cannot be added to multiple resource groups or partially removed from a resource group. For example, if two LDEVs belong to the same pool, you must allocate both to the same resource group. You cannot allocate them separately.

You cannot partially remove LDEVs with the same pool ID or journal ID from a resource group. If LDEV1 and LDEV2 belong to the same pool, you cannot remove LDEV1 leave only LDEV2 in the resource group.

Use the sort function to sort the LDEVs by pool ID or journal ID. Then select the IDs and add or remove them all at once.

■

Host groups that belong to the initiator port cannot be added to a resource group.

■

To add or delete DP pool volumes, you must rst add or delete DP pools.

e you begin

Befor

You must have Security Administrator (View & Modify) role to perform this task.

Procedure

1. In the Explorer pane, click the Administration tab, and then select Resource Groups.

2. Select the desired resource group (check the box next to the name of the resource

group) to display the resource information for the resource group.

■ To change the name of the selected resource group, click Edit Resource Group,

and enter the new name.

■ To add resources to the selected resource group, select the Parity Groups,

LDEVs, Ports, or Host Groups / iSCSI Targets tab, click Add Resources, and follow the instructions on the Add Resources window.

■ To remove resources from the selected resource group, select the Parity

Groups, LDEVs, Ports, or Host Groups / iSCSI Targets tab, select the resources to be removed, and then click Remove Resources.

3. Enter a task name or accept the default, and then click Submit. If you select View task status, the Tasks & Alerts tab opens.

Deleting resource groups

You can delete a resource group only when the resource group does not contain any resources and is not assigned to any user groups.

The following resource groups cannot be deleted:

■

meta_resource, NAS_Platform_System_RSG

■

A resource group that is assigned to a user group

■

A resource group that has resources assigned to it

■

Resource groups included in dierent resource groups cannot be removed at the same time.

Chapter 4: User administration

System Administrator Guide for VSP Gx00 models and VSP Fx00 models 100

Hitachi VSP G200, VSP G400, VSP G600, VSP G800, Virtual Storage Platform F400 System Administrator Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

Preface

Intended audience

Product version

Release notes

Changes in this revision

Referenced documents

Document conventions

Conventions for storage capacity values

Accessing product documentation

Getting help

Comments

System management architecture

Ways to administer the storage system

Overview of Storage Advisor

Unified management of block storage and file storage

Dashboard

Analyzing data in the dashboard

Inventory and resource information

Device Manager - Storage Navigator

Maintenance utility

NAS Manager

Configuring Storage Advisor

Configuring Device Manager - Storage Navigator

Setting up a management client

Requirements for management clients

General requirements

Requirements for Windows-based computers

Requirements for UNIX/Linux-based computers

Setting up TCP/IP for a firewall

Configuring the web browser

Device Manager - Storage Navigator secondary windows

Requirements for using HDvM - SN secondary windows

Installing and configuring JRE

Path setting (UNIX)

Enabling the Device Manager - Storage Navigator secondary window

Logging in to Device Manager - Storage Navigator

Initial superuser login

Normal login

Changing your password

Adding your SVP to the trusted sites zone for Windows Server computers

Accessing the maintenance utility

Starting from Hitachi Command Suite

Starting from Hitachi Device Manager - Storage Navigator

Accessing a storage system without management software

System administration tasks at a glance

System administration using the maintenance utility

Changing the date and time

Changing the controller clock settings

Changing the SVP clock settings

Enabling IPv6 communication

Changing network communication settings

Changing network permissions

Creating a login message

Forcing the system lock to release

Registering the primary SVP host name

System administration using Device Manager - Storage Navigator

Setting storage system information

Backing up HDvM - SN configuration files

Restoring HDvM - SN configuration files

Changing the administrator password

System administration using NAS Manager

Changing the system date and time of the NAS modules

Miscellaneous system administration considerations

Modifying SVP port numbers

Viewing the port number used in SVP

Effects of changing SVP port numbers

Changing the SVP port number

Initializing the SVP port number

Reassigning an automatically assigned port number

Initializing and reassigning an automatically assigned port number

Changing the range of an automatically assigned port number

Initializing the range of an automatically assigned port number

User administration for maintenance utility

Required roles for operating Maintenance Utility

User Administration Security Administrator (View & Modify)