registerFunction("getEKMPartitions"); session_start(); $user = $_SESSION['user']; $in_xAjax = false; $xAjax_objResponse; include('IOB_inc.htm'); include('common_admin_inc.htm'); class EKMdata { var $primaryIP; var $primaryPort; // default is 3801 (decimal) var $secondaryIP; var $secondaryPort; // default is 3801 (decimal) var $useSSL; function EKMdata( $primaryIP, $primaryPort, $secondaryIP, $secondaryPort, $ssl ) { $this->primaryIP = $primaryIP; $this->primaryPort = $primaryPort; $this->secondaryIP = $secondaryIP; $this->secondaryPort = $secondaryPort; $this->useSSL = $ssl; } }; class Encryption { var $libGuid; var $method; var $policy; var $density; var $key_path; var $method_not_used; var $policy_not_used; function Encryption( $libGuid, $method, $policy, $density, $key_path, $method_not_used, $policy_not_used) { $this->libGuid = $libGuid; $this->method = $method; $this->policy = $policy; $this->density = $density; $this->key_path = $key_path; $this->method_not_used = $method_not_used; $this->policy_not_used = $policy_not_used; } }; // The php function that is called from JavaScript tough xAjax when the user selects a Blade. function getEKMPartitions($aBladeID) { global $in_xAjax; $user = $_SESSION['user']; $xAjax_objResponse = new xajaxResponse(); /// $in_xAjax = true; return $xAjax_objResponse; } $xajax->processRequest(); /*******************************************************************************************/ // Post needs this data also $libs = get_logical_libraries($user, $sortCriteria); //error_log("get_logical_libraries = ". print_r($libs,true) ); $lib_count = count($libs); // Handle the progress screen if opened and set the NEW data if ($_SERVER[REQUEST_METHOD] == "POST") { $operationInProgress = true; $status = new ReturnStatus(); error_log("POST = ". print_r($_POST, true) ); foreach( $libs as $lib ) { // Contruct the _POST variables to look for. $theMeth = "selMethod".$lib->name; $thePol = "selPolicy".$lib->name; // Did the setting for this LL change? if( $_POST[$theMeth] != $_POST[$lib->name] ) { if( isset( $_POST[$theMeth] ) ) { $method = $_POST[$theMeth]; if( isset( $_POST[$thePol] ) ) $policy = $_POST[$thePol]; else $policy = 0; // REQ-Change - undo anything done above with policy if( $method == 4 ) // Library Managed $policy = 2; else $policy = 0; error_log( "Setting encryption for library ". $lib->name. " | Method = ". $method ." | Policy = ". $policy ); $encypt = new Encryption( $lib->guid, (int)$method, (int)$policy, -1, -1, -1, -1); set_partition_enryption( $user, $encypt ); } } else error_log("Encryption Method for ".$lib->name." did not change!"); if( $Brand == 'dell' ) { // See if we need to save the overrides if( $_POST['ekmOverrides'] == 'ENABLED' && $_POST[$theMeth] == 4 ) // Library Managed { error_log("Overrides are Enabled!"); // Create some varliables so the code is easier to read. $thePaddr = $_POST["paddr_".$lib->name]; $thePport = (int)$_POST["pport_".$lib->name]; $theSaddr = $_POST["saddr_".$lib->name]; $theSport = (int)$_POST["sport_".$lib->name]; $theSSL = isset($_POST["ssl_".$lib->name]); $ekmPaddr = $_POST["ekmPHost".$lib->name]; $ekmPport = (int)$_POST["ekmPPort".$lib->name]; $ekmSaddr = $_POST["ekmSHost".$lib->name]; $ekmSport = (int)$_POST["ekmSPort".$lib->name]; $ekmSSL = $_POST["ekmSSL".$lib->name]; // error_log( "\n". $thePaddr ." - ". $ekmPaddr ." | ". $thePport ." - ". $ekmPport ."\n". $theSaddr ." - ". $ekmSaddr ." | ". $theSport ." - ". $ekmSport ."\n" ); if( $thePaddr != $ekmPaddr || $thePport != $ekmPport || $theSaddr != $ekmSaddr || $theSport != $ekmSport || $theSSL != $ekmSSL ) { error_log("There was a change in the Overrides for ".$lib->name."!"); $ekmData = new EKMdata($thePaddr, $thePport, $theSaddr, $theSport, $theSSL); error_log("Setting library ". $lib->guid ." to \n". print_r($ekmData, true) ); set_ekm_by_library($user, $lib->guid, $ekmData); } else error_log("There was NO changes in the Overrides for ".$lib->name."!"); } }// if DELL } print $status->out(); return; } $ekm_data = get_ekm( $user ); $ekmMax = get_ekm_drive_cnt($user); ?> printJavascript(); ?> Setup Library Managed Encryption"; } else { echo "Setup Quantum Encryption Key Manager"; } ?>
Setup - Partition Encryption
Set up the Encryption for library partitions.

"; } else { echo "Quantum Encryption Key Manager must be licensed to configure or use it.
"; } ?> Please click here to add a license key.

Only LTO-4 media and IBM tape drives, except for IBM LTO-4 SCSI drives, support encryption. ". "For more information refer to the online help or user’s guide.
"; echo "Select "Allow Application Managed" as the encryption method to disable library managed encryption. ". "The "Allow Application Managed" encryption selection allows your backup application to control when encryption is used. ". "If your backup application is not configured to control encryption, data will not be encrypted."; } else { echo "Note:
Not all tape drives and media support encryption. See the online help or user's guide for more information.
". "The "Library Managed" encryption method allows the library to manage encryption. ". "The "Application Managed"
encryption method allows your backup application to control when encryption is used. ". "
If you want to disable encryption, select "None".

Changes made to Library Managed ".EKM_TEXT." Server Overrides are not ". "reflected as changes to the global ".EKM_TEXT." Server Settings found in Setup - ".EKM_TEXT." Server Access."; } ?>

 
Library Managed Encryption Server Overrides
 
Partition: Failed Over: Primary Host : Port Secondary Host : Port SSL Encryption Method:
'Allow Application Managed', 4=>'Enable Library Managed' ); } else { $Methods = array( 1=>'None', 3=>'Application Managed', 4=>'Library Managed' ); } $Policies = array( 2=>'Encrypt All (default)', 6=>'Selective Encryption (internal label)', 7=>'Encrypt All(Internal Label)' ); $EKMLicensesUsed = 0; $aDriveLoaded = false; foreach($libs as $lib) { $libDriveLoaded = false; // First see if this LL even has a drive that supports Encryption. $theMethod = 255; // N/A $thePolicy = 255; // N/A $encryption = get_partition_enryption( $user, $lib->guid ); error_log("Stored encryption values: ".print_r($encryption, true)); $drives = get_all_drives_by_library($user, $lib->guid, $sortCriteria, (int)0,(int)MEDIA_TYPE_ANY); error_log( "Drives = ". print_r($drives, true) ); $ekm_data_lib = get_ekm_by_library( $user, $lib->guid ); error_log( "\n\n\nekm_data_lib = ". print_r($ekm_data_lib, true) ); $disableIt = false; $lib->EncryptCnt = 0; // Create the new attribute $contains_SCSI_LTO4 = false; $contains_non_SCSI_LTO4 = false; foreach($drives as $drive ) { // If any Drive is loaded with a tape we need to disable the changing of the paritions encryption. if(($drive->driveType == 'LTO-4') && ($drive->vendor == "IBM") && ($drive->name == $lib->name)) { // It's an LTO4 drive that is capable of encryption error_log("+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ". $drive->location . "= \n". print_r($drive,true) ); if($drive->active || $drive->barcode != "") { $disableIt = true; $aDriveLoaded = true; $libDriveLoaded = true; } $theMethod = $encryption->method; if( $theMethod == 255 || $theMethod == 0 ) $theMethod = 3; // Convert to Application managed. $thePolicy = $encryption->policy; if($drive->interfaceType == "SCSI") $contains_SCSI_LTO4 = true; else { $lib->EncryptCnt++; $contains_non_SCSI_LTO4 = true; } } else error_log("D R I V E ". $drive->location ." is NOT encryption capable.\n"); } if($contains_SCSI_LTO4 == true && $contains_non_SCSI_LTO4 == false) { $disableIt = true; $theMethod = 255; } ?> name."' name='ekmPHost".$lib->name."' value='".$ekm_data_lib->primaryIP."'>"; echo ""; echo ""; echo ""; echo ""; } // if DELL else echo""; ?>
name."' name='" .$lib->name."' value='".$theMethod."'>"; echo ""; if( $libDriveLoaded ) { echo "".$lib->name.""; if( $Brand != 'dell' ) echo'
(Cannot edit when a drive is loaded)
'; } else echo $lib->name; //////////////////////////////////////////////////////////////////////////////////////////////// Ovwerride START if( $Brand == 'dell' ) { // Code to gray out edit fields if not LME if( $theMethod != 4 ) $disableIt = true; // Only allow edits when the partition's encryption type is Library managed. if( $theMethod == 4 ) // They have the partition set to LME count it's LTO4 IBM Drives. $EKMLicensesUsed += $lib->EncryptCnt; ?>
isFailedOver ) echo "Yes"; else echo "No"; ?> > : > > : > useSSL==true?"CHECKED":""?> > "; if( $aDriveLoaded ) echo ""; ?>
   
 
Click here to run Path Diagnostics