Skip to main content
SANtricity commands

Enable volume group security

Contributors netapp-driley

The enable volumeGroup security command converts a non-secure volume group to a secure volume group.

Supported Arrays

This command applies to any individual storage array, including the E4000, E2700, E5600, E2800, E5700, EF600 and EF300 arrays, as long as all SMcli packages are installed.

Roles

To execute this command on an E4000, E2800, E5700, EF600, or EF300 storage array, you must have the Storage Admin role.

Syntax

enable volumeGroup [volumeGroupName] security

Parameter

Parameter Description

volumeGroup

The name of the volume group that you want to place in the Security Enabled state. Enclose the volume group name in square brackets ([ ]).

Notes

These conditions must be met to successfully run this command.

  • All drives in the volume group must be full disk encryption drives.

  • The Drive Security feature must be enabled.

  • The storage array security key has to be set.

  • The volume group is Optimal, and it does not have repository volumes.

The controller firmware creates a lock that restricts access to the FDE drives. FDE drives have a state called Security Capable. When you create a security key, the state is set to Security Enabled, which restricts access to all FDE drives that exist within the storage array.

Minimum firmware level

7.40