registerFunction("getEKMPartitions"); session_start(); $user = $_SESSION['user']; $in_xAjax = false; $xAjax_objResponse; include('IOB_inc.htm'); include('common_admin_inc.htm'); class EKMdata { var $primaryIP; var $primaryPort; // default is 3801 (decimal) var $secondaryIP; var $secondaryPort; // default is 3801 (decimal) var $useSSL; function EKMdata( $primaryIP, $primaryPort, $secondaryIP, $secondaryPort, $ssl ) { $this->primaryIP = $primaryIP; $this->primaryPort = $primaryPort; $this->secondaryIP = $secondaryIP; $this->secondaryPort = $secondaryPort; $this->useSSL = $ssl; } }; class Encryption { var $libGuid; var $method; var $policy; var $density; var $key_path; var $method_not_used; var $policy_not_used; function Encryption( $libGuid, $method, $policy, $density, $key_path, $method_not_used, $policy_not_used) { $this->libGuid = $libGuid; $this->method = $method; $this->policy = $policy; $this->density = $density; $this->key_path = $key_path; $this->method_not_used = $method_not_used; $this->policy_not_used = $policy_not_used; } }; // The php function that is called from JavaScript tough xAjax when the user selects a I/O Blade. function getEKMPartitions($aBladeID) { global $in_xAjax; $user = $_SESSION['user']; $xAjax_objResponse = new xajaxResponse(); /// $in_xAjax = true; return $xAjax_objResponse; } $xajax->processRequest(); /*******************************************************************************************/ // Post needs this data also $libs = get_logical_libraries($user, $sortCriteria); //error_log("get_logical_libraries = ". print_r($libs,true) ); $lib_count = count($libs); // Handle the progress screen if opened and set the NEW data if ($_SERVER[REQUEST_METHOD] == "POST") { $operationInProgress = true; $status = new ReturnStatus(); error_log("POST = ". print_r($_POST, true) ); foreach( $libs as $lib ) { // Contruct the _POST variables to look for. $theMeth = "selMethod".$lib->name; $thePol = "selPolicy".$lib->name; // Did the setting for this LL change? if( $_POST[$theMeth] != $_POST[$lib->name] ) { if( isset( $_POST[$theMeth] ) ) { $method = $_POST[$theMeth]; if( isset( $_POST[$thePol] ) ) $policy = $_POST[$thePol]; else $policy = 0xff; // REQ-Change - undo anything done above with policy if( $method == 4 ) // Library Managed $policy = 2; else $policy = 0xff; error_log( "Setting encryption for library ". $lib->name. " | Method = ". $method ." | Policy = ". $policy ); $encypt = new Encryption( $lib->guid, (int)$method, (int)$policy, -1, -1, -1, -1); set_partition_enryption( $user, $encypt ); } } else error_log("Encryption Method for ".$lib->name." did not change!"); // See if we need to save the overrides if( $_POST['ekmOverrides'] == 'ENABLED' && $_POST[$theMeth] == 4 ) // Library Managed { error_log("Overrides are Enabled!"); // Create some varliables so the code is easier to read. $thePaddr = $_POST["paddr_".$lib->name]; $thePport = (int)$_POST["pport_".$lib->name]; $theSaddr = $_POST["saddr_".$lib->name]; $theSport = (int)$_POST["sport_".$lib->name]; $theSSL = isset($_POST["ssl_".$lib->name]); $ekmPaddr = $_POST["ekmPHost".$lib->name]; $ekmPport = (int)$_POST["ekmPPort".$lib->name]; $ekmSaddr = $_POST["ekmSHost".$lib->name]; $ekmSport = (int)$_POST["ekmSPort".$lib->name]; $ekmSSL = $_POST["ekmSSL".$lib->name]; // error_log( "\n". $thePaddr ." - ". $ekmPaddr ." | ". $thePport ." - ". $ekmPport ."\n". $theSaddr ." - ". $ekmSaddr ." | ". $theSport ." - ". $ekmSport ."\n" ); if( $thePaddr != $ekmPaddr || $thePport != $ekmPport || $theSaddr != $ekmSaddr || $theSport != $ekmSport || $theSSL != $ekmSSL ) { error_log("There was a change in the Overrides for ".$lib->name."!"); $ekmData = new EKMdata($thePaddr, $thePport, $theSaddr, $theSport, $theSSL); error_log("Setting library ". $lib->guid ." to \n". print_r($ekmData, true) ); set_ekm_by_library($user, $lib->guid, $ekmData); } else error_log("There was NO changes in the Overrides for ".$lib->name."!"); } } print $status->out(); return; } $ekm_data = get_ekm( $user ); $ekmMax = get_ekm_drive_cnt($user); ?> printJavascript(); ?> Setup Library Managed Encryption
Setup - Partition Encryption
Set up the Encryption for library partitions.

Library Managed Encryption must be licensed to configure or use it.
Please click here to add a license key.

Not all tape drives and media support encryption. See the online help or user's guide for more information.
". "The "Library Managed" encryption method allows the library to manage encryption. ". "The "Application Managed"
encryption method allows your backup application to control when encryption is used. ". "
If you want to disable encryption, select "None".

Changes made to Library Managed EKM Server Overrides are not ". "reflected as changes to the global EKM Server Settings found in Setup - EKM Server Access."; ?>

 
Library Managed Encryption Server Overrides
 
Partition: Failed Over: Primary Host : Port Secondary Host : Port SSL Encryption Method:
'None', 3=>'Application Managed', 4=>'Library Managed' ); $Policies = array( 2=>'Encrypt All (default)', 6=>'Selective Encryption (internal label)', 7=>'Encrypt All(Internal Label)' ); $EKMLicensesUsed = 0; $aDriveLoaded = false; foreach($libs as $lib) { $libDriveLoaded = false; // First see if this LL even has a drive that supports Encryption. $theMethod = 255; // N/A $thePolicy = 255; // N/A $encryption = get_partition_enryption( $user, $lib->guid ); error_log("Stored encryption values: ".print_r($encryption, true)); $drives = get_all_drives_by_library($user, $lib->guid, $sortCriteria, (int)0,(int)MEDIA_TYPE_ANY); error_log( "Drives = ". print_r($drives, true) ); $ekm_data_lib = get_ekm_by_library( $user, $lib->guid ); error_log( "\n\n\nekm_data_lib = ". print_r($ekm_data_lib, true) ); $disableIt = false; $lib->EncryptCnt = 0; // Create the new attribute $contains_SCSI_LTO4 = false; $contains_non_SCSI_LTO4 = false; foreach($drives as $drive ) { // If any Drive is loaded with a tape we need to disable the changing of the paritions encryption. if(($drive->driveType == 'LTO-4') && ($drive->name == $lib->name)) { // It's an LTO4 drive that is capable of encryption error_log("+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ". $drive->location . "= \n". print_r($drive,true) ); if($drive->active || $drive->mediaPresent == "1") { $disableIt = true; $aDriveLoaded = true; $libDriveLoaded = true; } $theMethod = $encryption->method; if( $theMethod == 255 || $theMethod == 0 ) $theMethod = 3; // Convert to Application managed. $thePolicy = $encryption->policy; if($drive->interfaceType == "SCSI") $contains_SCSI_LTO4 = true; else { $lib->EncryptCnt++; $contains_non_SCSI_LTO4 = true; } } else error_log("D R I V E ". $drive->location ." is NOT encryption capable.\n"); } if($contains_SCSI_LTO4 == true && $contains_non_SCSI_LTO4 == false) { $disableIt = true; $theMethod = 255; } ?> name."' name='ekmPHost".$lib->name."' value='".$ekm_data_lib->primaryIP."'>"; echo ""; echo ""; echo ""; echo ""; ?>
name."' name='" .$lib->name."' value='".$theMethod."'>"; echo ""; if( $libDriveLoaded ) { echo "".$lib->name.""; } else echo $lib->name; // Code to gray out edit fields if not LME if( $theMethod != 4 ) $disableIt = true; // Only allow edits when the partition's encryption type is Library managed. if( $theMethod == 4 ) // They have the partition set to LME count it's LTO4 IBM Drives. $EKMLicensesUsed += $lib->EncryptCnt; ?> isFailedOver ) echo "Yes"; else echo "No"; ?> > : > > : > useSSL==true?"CHECKED":""?> > "; if( $aDriveLoaded ) echo ""; ?>
   
 
Click here to run EKM Path Diagnostics