Disabling api authentication on the switch – HP StorageWorks 2.140 Director Switch User Manual
Page 176
SANtegrity Security Center
174
•
If you select Radius Only, the HAFM appliance checks to see whether a RADIUS server is
specified on the Radius Servers tab. If not, the Radius Only and Radius then Local options are
not available from the drop-down menu.
•
If one RADIUS server is set to Radius Only, then the Radius then Local option is available.
•
The HAFM appliance cannot automatically populate API information to the RADIUS server. A
message is displayed, indicating that you have set API Authentication Method to Radius Only. If
you have not properly defined the software on the RADIUS server, API authentication will fail
and the connectivity between software and product will be broken.
The ID and CHAP Secret must be defined for the HAFM appliance so that:
•
After you enable API authentication, then the HAFM appliance is not locked.
•
If mutual authentication is required between software and switch, a software ID is required. The
HAFM appliance is given a default ID during installation. Accept the default or provide another
ID name. The software ID must be unique. If the same ID is used, the new ID is rejected and the
name must be changed.
Disabling API authentication on the switch
If API authentication is not enabled on a switch, the HAFM appliance can manage the switch if an
MPI link with the switch is established. If the HAFM appliance is not licensed with SANtegrity
Security Center, launch the Element Manager to add this appliance to the Permitted Software list for
the switch.
Adding the current HAFM appliance to the Permitted Software List
The Permitted Software List displays software IDs that are allowed to access the switch through API.
1.
To manage the switch, add the current HAFM appliance to the Permitted Software list by
selecting the Include Current Server check box.
If the current appliance does not have a CHAP Secret defined, a message is displayed,
indicating that you have not defined a CHAP Secret for this appliance.
If a CHAP Secret is defined, click OK to add the current HAFM appliance to the Permitted
Software List.
2.
To define a CHAP Secret for the HAFM appliance, click OK to display the Server Properties
dialog box. If you click Cancel, the Software tab is displayed with the check box not selected.
The HAFM appliance cannot be added without the CHAP Secret defined.
3.
Define the CHAP Secret, and then click OK on the Server Properties dialog box to return to the
Software tab.
4.
Click Apply or Apply To to populate the CHAP Secret and server ID to the selected switch or
switches. When the current server ID is stored in the switch, the Include Current Server check box
is disabled but still selected. The check box can be enabled only if the current HAFM appliance
is removed from the Permitted Software List.