Windows PowerShell command on Get-command itadm

Manual Pages for UNIX Operating System command usage for man itadm

System Administration Commands itadm(1M)

NAME

itadm - administer iSCSI targets

SYNOPSIS

itadm create-target [-a,--auth-method radius | chap | none | default]

[-s,--chap-secret] [-S,--chap-secret-file path]

[-u,--chap-user chap-user-name] [-n,--node-name target_node_name]

[-l,--alias alias] [-t,--tpg tpg-name[,tpg-name]]

itadm modify-target [-a,--auth-method radius | chap | none | default]

[-s,--chap-secret] [-S,--chap-secret-file path]

[-u,--chap-user chap-user-name] [-n,--node-name new_target_node_name]

[-l,--alias alias] [-t,--tpg tpg-name[,tpg-name]] target_node_name

itadm delete-target [-f,--force] target_node_name

itadm list-target [-v,--verbose] [target_node_name]

itadm create-tpg tpg_name IP-address[:port] [IP-address[:port]]...

itadm list-tpg [-v,--verbose] [tpg_name]

itadm delete-tpg [-f,--force] tpg_name

itadm create-initiator [-s,--chap-secret] [-S,--chap-secret-file path]

[-u,--chap-user chap-user-name] initiator_node_name

itadm modify-initiator [-s,--chap-secret] [-S,--chap-secret-file path]

[-u,--chap-user chap-user-name] initiator_node_name

itadm list-initiator [-v,--verbose] initiator_node_name

itadm delete-initiator initiator_node_name

itadm modify-defaults [-a,--auth-method radius | chap | none]

[-r,--radius-server IP-address[:port]] [-d,--radius-secret]

[-D,--radius-secret-file path][-i,--isns enable | disable]

[-I,--isns-server IP-address[:port][,IP-address[:port]]]

SunOS 5.11 Last change: 4 Aug 2009 1

System Administration Commands itadm(1M)

itadm list-defaults

DESCRIPTION

The itadm command manages Internet SCSI (iSCSI) target nodes

within the SCSI Target Mode Framework described in

stmfadm(1M) and libstmf(3LIB). This allows the iSCSI ini-

tiators to access STMF logical units using the iSCSI proto-

col. In addition to iSCSI target nodes, itadm manages two

other classes of managed objects: iSCSI Target Portal Groups, and iSCSI Initiator Node Contexts.

itadm is implemented as a set of subcommands with options

and operands for each subcommand. These subcommands are described in their own section, below. In addition to its

subcommands, itadm has a help command, which displays the

utility's usage information. The help command is invoked

with the -? option.

iSCSI Target Portal Groups An iSCSI Target Network Portal is an IP address and TCP port that can be used by an initiator node to connect to an iSCSI target. A collection of these portals is called a Target Portal Group (TPG). You can use a TPG to limit access to an

iSCSI target. Use the itadm modify -t command to bind a

specific iSCSI target to the TPG. An iSCSI listener is created on each IP address that belongs to the TPG, and listens for connections to the iSCSI target. A TPG is identified by a unique name provided when the TPG is created. A numerical "Target Portal Group Tag" from the

range 2-65535 is automatically generated when the TPG is

created. The Target Portal Group Tag 1 is reserved for the "default" target portal group that is used when no explicit Target Portal Groups are set on the target. The portal for the default TPG matches requests from all network interfaces on port 3260. iSCSI Initiator Node Contexts

Certain operations such as authentication by means of Chal-

lenge Handshake Authentication Protocol (CHAP) require parameters associated with a remote iSCSI Initiator Node. These parameters are associated with an iSCSI Initiator Node Context. An iSCSI Initiator Node Context is identified by

its Initiator Node Name, formatted in either IQN or EUI for-

mat (see RFC 3720). For example:

iqn.1986-03.com.sun:01:e00000000000.47d55444

eui.02004567A425678D

SunOS 5.11 Last change: 4 Aug 2009 2

System Administration Commands itadm(1M)

Specifying IP Addresses

A number of itadm subcommands require that you specify one

or more IP addresses with optional port numbers. For IPv4, use standard dotted decimal notation. For IPv6, enclose addresses in square brackets. The following are example specifications. IPv4: 10.2.4.1 10.2.4.1:3260 IPv6: [1080:0:0:0:8:800:200C:417A] [1080:0:0:0:8:800:200C:417A]:3260

SUB-COMMANDS

The following are the itadm subcommands with their options.

itadm create-target

itadm create-target [-a,--auth-method radius | chap | none | default]

[-s,--chap-secret]

[-S,--chap-secret-file path] [-u,--chap-user chap-user-name]

[-n,--node-name target_node_name] [-l,--alias alias]

[-t,--tpg tpg-name[,tpg-name,...]]

Create a iSCSI target with the specified options. Options are as follows.

-a,--auth-method radius | chap | none | default

Specifies the authentication method to use for the tar-

get. Valid values are radius, chap, and none. chap indi-

cates that initiators connecting to this target must be

authenticated using the Challenge Handshake Authentica-

tion Protocol (CHAP). radius indicates initiators should also be authenticated by means of CHAP but the required authentication parameters should be obtained from a

central RADIUS server (see the radius-server and

radius-secret options). none means that no authentica-

tion is required to connect to the target. default means the target will use the global setting of this property.

(See the modify-defaults subcommand.)

-s,--chap-secret

The CHAP secret to send during mutual CHAP authentica-

tion. There is no default for this property. Maximum length is 255 characters; minimum required length is 12 characters.

SunOS 5.11 Last change: 4 Aug 2009 3

System Administration Commands itadm(1M)

-S,--chap-secret-file path

Path to a temporary file containing the CHAP secret as

described in the -s option.

-u,--chap-user chap-user-name

Specifies the CHAP username for a target for use in mutual CHAP authentication. This value is allowed only for targets, cannot be set globally, and is used only when the initiator node is configured to use mutual CHAP authentication. If no value is specified then the target node name is used as the username. See iscsiadm(1M).

-n,--node-name target_node_name

An iSCSI Target Node is identified by its Target Node Name, formatted in either IQN or EUI format (see RFC 3720). This option establishes that name.

-l,--alias alias

An alternate identifier associated with a target node. The identifier does not need to be unique.

-t,--tpg tpg-name[,tpg-name,...]

A list of Target Portal Group (TPG) identifiers that specifies the TPGs that an initiator can use to access a specific target or the keyword default. If default is specified, the target will use the default portal,

INADDR_ANY:3260.

itadm modify-target

itadm modify-target [-a,--auth-method radius | chap | none | default]

[-s,--chap-secret] [-S,--chap-secret-file path]

[-u,--chap-user chap-user-name] [-n,--node-name new_tgt_node_name]

[-l,--alias alias] [-t,--tpg tpg-name[,tpg-name]] target_node_name

Modify an iSCSI target according to the specified options. Options are as follows.

-a,--auth-method radius | chap | none | default

SunOS 5.11 Last change: 4 Aug 2009 4

System Administration Commands itadm(1M)

As described under the create-target subcommand, above.

-s,--chap-secret

As described under the create-target subcommand, above.

-S,--chap-secret-file path

As described under the create-target subcommand, above.

-u,--chap-user chap-user-name

As described under the create-target subcommand, above.

To remove an explicitly set CHAP username use -u none.

-n,--node-name target_node_name

Renames the target. See also the description of -n under

the create-target subcommand, above.

-l,--alias alias

As described under the create-target subcommand, above.

To remove an explicitly set alias use -l none.

-t,--tpg tpg-name[,tpg-name,...]

As described under the create-target subcommand, above.

itadm list-target

itadm list-target [-v,--verbose] [target_node_name]

List information about the configured targets. If

target_node_name is specified, list only the information for

that target. Option is as follows.

-v,--verbose

Verbose mode.

SunOS 5.11 Last change: 4 Aug 2009 5

System Administration Commands itadm(1M)

itadm delete-target

itadm delete-target [-f,--force] target_node_name

Delete the target specified by target_node_name. The target

must be offline before it can be deleted. Option is as fol-

lows.

-f,--force

If the target persists in an online state, this option attempts to offline the target before deleting it.

itadm create-tpg

itadm create-tpg tpg_name IP-address[:port]...

Create an iSCSI target portal group made up of the specified

portals and assign it the identifier tpg_name. Each portal

is an IP address and port pair. IPv4 portals are specified in dotted address notation, for example, 172.31.255.255. IPv6 portal addresses must be enclosed in square brackets. This subcommand has no options.

itadm list-tpg

itadm list-tpg [-v,--verbose] [tpg_name]

List information about the configured target portal group.

If tpg_name is specified then list only the information

about the target portal group associated with that tpg_name.

Option is as follows.

-v,--verbose

Verbose mode.

itadm delete-tpg

itadm delete-tpg [-f,--force] tpg_name

SunOS 5.11 Last change: 4 Aug 2009 6

System Administration Commands itadm(1M)

Delete the target portal group associated with tpg_name.

Option is as follows.

-f,--force

If the TPG is associated with any targets, the request

to delete will be denied unless this option is speci-

fied.

itadm create-initiator

itadm create-initiator [-s,--chap-secret] [-S,--chap-secret-file path]

[-u,--chap-user chap-user-name] initiator_node_name

Configure parameters associated with the remote initiator

named initiator_node_name. Options are as follows.

-s,--chap-secret

As described under the create-target subcommand, above.

-S,--chap-secret-file path

As described under the create-target subcommand, above.

-u,--chap-user chap-user-name

Specifies the CHAP username for an initiator, for use in CHAP authentication. If no value is specified then the initiator node name is used as the username.

itadm modify-initiator

itadm modify-initiator [-s,--chap-secret] [-S,--chap-secret-file path]

[-u,--chap-user chap-user-name] initiator_node_name

Modify parameters associated with the remote initiator named

initiator_node_name. Options are as follows.

-s,--chap-secret

As described under the create-target subcommand, above.

SunOS 5.11 Last change: 4 Aug 2009 7

System Administration Commands itadm(1M)

-S,--chap-secret-file path

As described under the create-target subcommand, above.

-u,--chap-user chap-user-name

Specifies the CHAP username for an initiator, for use in CHAP authentication. If no value is specified then the initiator node name is used as the username.

itadm delete-initiator

itadm delete-initiator initiator_node_name

Delete parameters associated with the remote initiator named

initiator_node_name. This subcommand has no options.

itadm list-initiator

itadm list-initiator [-v,--verbose] initiator_node_name

List parameters associated with the initiator named

initiator_node_name. Option is as follows.

-v,--verbose

Verbose mode.

itadm modify-defaults

itadm modify-defaults [-a,--auth-method radius | chap | none]

[-r,--radius-server IP-address[:port]] [-d,--radius-secret]

[-D,--radius-secret-file path][-i,--isns enable | disable]

[-I,--isns-server IP-address[:port][,IP-address[:port]]]

Modify default parameters. Options are as follows.

-a,--auth-method radius | chap | none

Specifies the default authentication method to use for all targets. Valid values are radius, chap, and none. chap indicates that initiators connecting to this target must be authenticated using Challenge Handshake

SunOS 5.11 Last change: 4 Aug 2009 8

System Administration Commands itadm(1M)

Authentication Protocol (CHAP). radius indicates initia-

tors should also be authenticated by means of CHAP, but the required authentication parameters should be

obtained from a central RADIUS server. (See --radius-

server and --radius-secret options.) none means that no

authentication is required to connect to the target. Individual targets can override this global setting

using the -a option of the create-target and modify-

target subcommands.

-d,--radius-secret

RADIUS Shared Secret for centralized CHAP authentica-

tion.

-D,--radius-secret-file path

Path to a temporary file containing the CHAP secret as

described in the -d option.

-i,--sns enable | disable

Specifies whether targets should be registered with the set of defined iSCSI Name Service (iSNS) servers.

-I,--isns-server IP-address[:port][,IP-address[:port],...]

Defines a list of iSNS servers with which iSCSI target nodes will be registered when the isns option associated with the respective target is set. Up to eight iSNS servers can be specified. To remove all iSNS servers,

use -I none.

-r,--radius-server IP-address[:port]

Specify the IP address of the RADIUS server used for centralized CHAP authentication.

itadm list-defaults

List information about the default properties. This subcom-

mand has no options.

SunOS 5.11 Last change: 4 Aug 2009 9

System Administration Commands itadm(1M)

EXAMPLES

Example 1 Creating a Target The following command creates a target.

# itadm create-target

Target iqn.1986-03.com.sun:02:72e1b181-7bce-c0e6-851e-ec0d8cf14b7a

successfully created Example 2 Creating a Target with a Specific Name The following command creates a target with a specific IQN.

# itadm create-target -n eui.20387ab8943ef7548

or:

# itadm create-target \

-n iqn.1986-03.com.sun:02:a9a366f8-cc2b-f291-840948c7f29e

Example 3 Changing a Name The following command changes an IQN for an existing target.

# itadm modify-target -n eui.20387ab8943ef7548 \

iqn.1986-03.com.sun:02:a9a366f8-909b-cc2b-f291-840948c7f29e

Example 4 Setting up CHAP Authentication

The following command sets up CHAP authentication for a tar-

get using the default CHAP username.

# itadm modify-initiator -s iqn.1986-03.com.sun:01:e00000000000.47d55444

Enter CHAP secret: *********

Re-enter secret: *********

# itadm modify-target -a chap eui.20387ab8943ef7548

SunOS 5.11 Last change: 4 Aug 2009 10

System Administration Commands itadm(1M)

Example 5 Creating Target Portal Groups The following command creates two target portal groups, A and B, using port 8000 for the addresses in TPG 2.

# itadm create-tpg A 192.168.0.1 192.168.0.2

# itadm create-tpg B 192.168.0.2:8000 192.168.0.2:8000

Example 6 Configuring a Target to Use TPGs The following command configures a target to use TPGs A and B.

# itadm modify-target -t A,B eui.20387ab8943ef7548

Example 7 Setting up RADIUS Authentication for Specific Tar-

get The following command sets up RADIUS authentication for a specific target.

# itadm modify-defaults -r 192.168.10.1 -d

Enter RADIUS secret: *********

Re-enter secret: *********

# itadm modify-target -a radius eui.20387ab8943ef7548

Example 8 Setting up RADIUS Authentication for All Targets The following command sets up RADIUS authentication for all targets.

# itadm modify-defaults -d -r 192.168.10.1 -a radius

Enter RADIUS secret: *********

Re-enter secret: *********

SunOS 5.11 Last change: 4 Aug 2009 11

System Administration Commands itadm(1M)

The preceding command assumes all targets were created with

-a default.

Example 9 Listing Default Properties The following command lists default properties.

# itadm list-defaults

iSCSI Target Default Properties: alias: none auth: none radiusserver: none radiussecret: unset isns: disabled isnsserver: 2.3.4.5,4.5.6.7 Example 10 Listing Targets The following command lists targets.

# itadm list-target

TARGET NAME STATE SESSIONS

iqn.1986-03.com.sun:02:72e1b181-7bce-c0e6-851e-ec0d8cf14b7a online 0

iqn.1986-03.com.sun:02:2cb0c526-c05a-e279-e396-a367006f4227 online 0

iqn.1986-03.com.sun:02:d14125bb-1c9d-c28d-97b0-f89259b642f3 online 0

iqn.1986-03.com.sun:02:03ff9fc5-794a-e9b4-a081-bb82917c292a online 0

Example 11 Listing Targets (Verbose) The following command lists targets with the verbose option.

# itadm list-target -v

TARGET NAME STATE SESSIONS

iqn.1986-03.com.sun:02:d23e68d8-2d79-c988-98e7-a6361689d33c online 0

alias: -

auth: none (defaults)

targetchapuser: -

targetchapsecret: unset

tpg-tags: default

iqn.1986-03.com.sun:02:94ec46d4-c8e1-6993-ef03-ffc1dcd66606 online 1

SunOS 5.11 Last change: 4 Aug 2009 12

System Administration Commands itadm(1M)

alias: -

auth: chap

targetchapuser: -

targetchapsecret: unset

tpg-tags: nge1_ipv4 = 3

Example 12 Listing a Specific Target The following command lists targets with the verbose option.

# itadm list-target -v \

iqn.1986-03.com.sun:02:2cb0c526-c05a-e279-e396-a367006f4227

TARGET NAME STATE SESSIONS

iqn.1986-03.com.sun:02:2cb0c526-c05a-e279-e396-a367006f4227 online 1

alias: -

auth: chap

targetchapuser: -

targetchapsecret: unset

tpg-tags: nge1_ipv4 = 3

ATTRIBUTES

See attributes(5) for descriptions of the following attri-

butes:

____________________________________________________________

| ATTRIBUTE TYPE | ATTRIBUTE VALUE |

|_____________________________|_____________________________|

| Availability | network/iscsi/target |

|_____________________________|_____________________________|

| Interface Stability | Committed |

|_____________________________|_____________________________|