'\" t .\" The contents of this file are subject to the terms of the .\" Common Development and Distribution License (the "License"). .\" You may not use this file except in compliance with the License. .\" .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE .\" or http://www.opensolaris.org/os/licensing. .\" See the License for the specific language governing permissions .\" and limitations under the License. .\" .\" When distributing Covered Code, include this CDDL HEADER in each .\" file and include the License file at usr/src/OPENSOLARIS.LICENSE. .\" If applicable, add the following below this CDDL HEADER, with the .\" fields enclosed by brackets "[]" replaced with your own identifying .\" information: Portions Copyright [yyyy] [name of copyright owner] .\" .\" .\" Copyright (c) 2008, Sun Microsystems, Inc. All Rights Reserved .\" Copyright 2014 Nexenta Systems, Inc. All rights reserved. .\" .TH ITADM 1M "Mar 27, 2014" .SH NAME itadm \- administer iSCSI targets .SH SYNOPSIS .LP .nf \fBitadm\fR create-target [\fB-a\fR,\fB--auth-method\fR radius | chap | none | default] [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR] [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] [\fB-n\fR,\fB--node-name\fR \fItarget_node_name\fR] [\fB-l\fR,\fB--alias\fR \fIalias\fR] [\fB-t\fR,\fB--tpg\fR \fItpg-name\fR[,\fItpg-name\fR]] .fi .LP .nf \fBitadm\fR modify-target [\fB-a\fR,\fB--auth-method\fR radius | chap | none | default] [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR] [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] [\fB-n\fR,\fB--node-name\fR \fInew_target_node_name\fR] [\fB-l\fR,\fB--alias\fR \fIalias\fR] [\fB-t\fR,\fB--tpg\fR \fItpg-name\fR[,\fItpg-name\fR]] \fItarget_node_name\fR .fi .LP .nf \fBitadm\fR delete-target [\fB-f\fR,\fB--force\fR] \fItarget_node_name\fR .fi .LP .nf \fBitadm\fR list-target [\fB-p\fR,\fB--parsable\fR] [\fB-v\fR,\fB--verbose\fR] [\fItarget_node_name\fR] .fi .LP .nf \fBitadm\fR create-tpg \fItpg_name\fR \fIIP-address\fR[:\fIport\fR] [\fIIP-address\fR[:\fIport\fR]]... .fi .LP .nf \fBitadm\fR list-tpg [\fB-p\fR,\fB--parsable\fR] [\fB-v\fR,\fB--verbose\fR] [\fItpg_name\fR] .fi .LP .nf \fBitadm\fR delete-tpg [\fB-f\fR,\fB--force\fR] \fItpg_name\fR .fi .LP .nf \fBitadm\fR create-initiator [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR] [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] \fIinitiator_node_name\fR .fi .LP .nf \fBitadm\fR modify-initiator [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR] [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] \fIinitiator_node_name\fR .fi .LP .nf \fBitadm\fR list-initiator [\fB-p\fR,\fB--parsable\fR] [\fB-v\fR,\fB--verbose\fR] \fIinitiator_node_name\fR .fi .LP .nf \fBitadm\fR delete-initiator \fIinitiator_node_name\fR .fi .LP .nf \fBitadm\fR modify-defaults [\fB-a\fR,\fB--auth-method\fR radius | chap | none] [\fB-r\fR,\fB--radius-server\fR \fIIP-address\fR[:\fIport\fR]] [\fB-d\fR,\fB--radius-secret\fR] [\fB-D\fR,\fB--radius-secret-file\fR \fIpath\fR][\fB-i\fR,\fB--isns\fR enable | disable] [\fB-I\fR,\fB--isns-server\fR \fIIP-address\fR[:\fIport\fR][,\fIIP-address\fR[:\fIport\fR]]] .fi .LP .nf \fBitadm\fR list-defaults [\fB-p\fR,\fB--parsable\fR] .fi .SH DESCRIPTION .LP The \fBitadm\fR command manages Internet SCSI (iSCSI) target nodes within the SCSI Target Mode Framework described in \fBstmfadm\fR(1M) and \fBlibstmf\fR(3LIB). This allows the iSCSI initiators to access STMF logical units using the iSCSI protocol. In addition to iSCSI target nodes, \fBitadm\fR manages two other classes of managed objects: iSCSI Target Portal Groups, and iSCSI Initiator Node Contexts. .sp .LP \fBitadm\fR is implemented as a set of subcommands with options and operands for each subcommand. These subcommands are described in their own section, below. In addition to its subcommands, \fBitadm\fR has a help command, which displays the utility's usage information. The help command is invoked with the \fB-?\fR option. .SS "iSCSI Target Portal Groups" .LP An iSCSI Target Network Portal is an IP address and TCP port that can be used by an initiator node to connect to an iSCSI target. A collection of these portals is called a Target Portal Group (TPG). You can use a TPG to limit access to an iSCSI target. Use the \fBitadm modify\fR \fB-t\fR command to bind a specific iSCSI target to the TPG. An iSCSI listener is created on each IP address that belongs to the TPG, and listens for connections to the iSCSI target. .sp .LP A TPG is identified by a unique name provided when the TPG is created. A numerical "Target Portal Group Tag" from the range 2-65535 is automatically generated when the TPG is created. The Target Portal Group Tag 1 is reserved for the "default" target portal group that is used when no explicit Target Portal Groups are set on the target. The portal for the default TPG matches requests from all network interfaces on port 3260. .SS "iSCSI Initiator Node Contexts" .LP Certain operations such as authentication by means of Challenge Handshake Authentication Protocol (CHAP) require parameters associated with a remote iSCSI Initiator Node. These parameters are associated with an iSCSI Initiator Node Context. An iSCSI Initiator Node Context is identified by its Initiator Node Name, formatted in either IQN or EUI format (see RFC 3720). For example: .sp .in +2 .nf iqn.1986-03.com.sun:01:e00000000000.47d55444 eui.02004567A425678D .fi .in -2 .sp .SS "Specifying IP Addresses" .LP A number of \fBitadm\fR subcommands require that you specify one or more IP addresses with optional port numbers. For IPv4, use standard dotted decimal notation. For IPv6, enclose addresses in square brackets. The following are example specifications. .sp .in +2 .nf \fBIPv4\fR: 10.2.4.1 10.2.4.1:3260 \fBIPv6\fR: [1080:0:0:0:8:800:200C:417A] [1080:0:0:0:8:800:200C:417A]:3260 .fi .in -2 .sp .SH SUB-COMMANDS .LP The following are the \fBitadm\fR subcommands with their options. .SS "\fBitadm create-target\fR" .in +2 .nf itadm create-target [-a,--auth-method radius | chap | none | default] [-s,--chap-secret] [-S,--chap-secret-file \fIpath\fR] [-u,--chap-user \fIchap-user-name\fR] [-n,--node-name \fItarget_node_name\fR] [-l,--alias \fIalias\fR] [-t,--tpg \fItpg-name\fR[,\fItpg-name\fR,...]] .fi .in -2 .sp .sp .LP Create a iSCSI target with the specified options. Options are as follows. .sp .ne 2 .na \fB\fB-a\fR,\fB--auth-method\fR \fBradius | chap | none | default\fR\fR .ad .sp .6 .RS 4n Specifies the authentication method to use for the target. Valid values are \fBradius\fR, \fBchap\fR, and \fBnone\fR. \fBchap\fR indicates that initiators connecting to this target must be authenticated using the Challenge Handshake Authentication Protocol (CHAP). \fBradius\fR indicates initiators should also be authenticated by means of CHAP but the required authentication parameters should be obtained from a central RADIUS server (see the \fBradius-server\fR and \fBradius-secret\fR options). \fBnone\fR means that no authentication is required to connect to the target. \fBdefault\fR means the target will use the global setting of this property. (See the \fBmodify-defaults\fR subcommand.) .RE .sp .ne 2 .na \fB\fB-s\fR,\fB--chap-secret\fR\fR .ad .sp .6 .RS 4n The CHAP secret to send during mutual CHAP authentication. There is no default for this property. Maximum length is 255 characters; minimum required length is 12 characters. .RE .sp .ne 2 .na \fB\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR\fR .ad .sp .6 .RS 4n Path to a temporary file containing the CHAP secret as described in the \fB-s\fR option. .RE .sp .ne 2 .na \fB\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR\fR .ad .sp .6 .RS 4n Specifies the CHAP username for a target for use in mutual CHAP authentication. This value is allowed only for targets, cannot be set globally, and is used only when the initiator node is configured to use mutual CHAP authentication. If no value is specified then the target node name is used as the username. See \fBiscsiadm\fR(1M). .RE .sp .ne 2 .na \fB\fB-n\fR,\fB--node-name\fR \fItarget_node_name\fR\fR .ad .sp .6 .RS 4n An iSCSI Target Node is identified by its Target Node Name, formatted in either IQN or EUI format (see RFC 3720). This option establishes that name. .RE .sp .ne 2 .na \fB\fB-l\fR,\fB--alias\fR \fIalias\fR\fR .ad .sp .6 .RS 4n An alternate identifier associated with a target node. The identifier does not need to be unique. .RE .sp .ne 2 .na \fB\fB-t\fR,\fB--tpg\fR \fItpg-name\fR[,\fItpg-name\fR,...]\fR .ad .sp .6 .RS 4n A list of Target Portal Group (TPG) identifiers that specifies the TPGs that an initiator can use to access a specific target or the keyword \fBdefault\fR. If \fBdefault\fR is specified, the target will use the default portal, \fBINADDR_ANY:3260\fR. .RE .SS "\fBitadm modify-target\fR" .in +2 .nf itadm modify-target [\fB-a\fR,\fB--auth-method\fR radius | chap | none | default] [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR] [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] [\fB-n\fR,\fB--node-name\fR \fInew_tgt_node_name\fR] [\fB-l\fR,\fB--alias\fR \fIalias\fR] [\fB-t\fR,\fB--tpg\fR \fItpg-name\fR[,\fItpg-name\fR]] \fItarget_node_name\fR .fi .in -2 .sp .sp .LP Modify an iSCSI target according to the specified options. Options are as follows. .sp .ne 2 .na \fB\fB-a\fR,\fB--auth-method\fR \fBradius | chap | none | default\fR\fR .ad .sp .6 .RS 4n As described under the \fBcreate-target\fR subcommand, above. .RE .sp .ne 2 .na \fB\fB-s\fR,\fB--chap-secret\fR\fR .ad .sp .6 .RS 4n As described under the \fBcreate-target\fR subcommand, above. .RE .sp .ne 2 .na \fB\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR\fR .ad .sp .6 .RS 4n As described under the \fBcreate-target\fR subcommand, above. .RE .sp .ne 2 .na \fB\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR\fR .ad .sp .6 .RS 4n As described under the \fBcreate-target\fR subcommand, above. To remove an explicitly set CHAP username use \fB-u\fR \fBnone\fR. .RE .sp .ne 2 .na \fB\fB-n\fR,\fB--node-name\fR \fItarget_node_name\fR\fR .ad .sp .6 .RS 4n Renames the target. See also the description of \fB-n\fR under the \fBcreate-target\fR subcommand, above. .RE .sp .ne 2 .na \fB\fB-l\fR,\fB--alias\fR \fIalias\fR\fR .ad .sp .6 .RS 4n As described under the \fBcreate-target\fR subcommand, above. To remove an explicitly set alias use \fB-l\fR \fBnone\fR. .RE .sp .ne 2 .na \fB\fB-t\fR,\fB--tpg\fR \fItpg-name\fR[,\fItpg-name\fR,...]\fR .ad .sp .6 .RS 4n As described under the \fBcreate-target\fR subcommand, above. .RE .SS "\fBitadm list-target\fR" .in +2 .nf itadm list-target [\fB-p\fR,\fB--parsable\fR] [\fB-v\fR,\fB--verbose\fR] [\fItarget_node_name\fR] .fi .in -2 .sp .sp .LP List information about the configured targets. If \fItarget_node_name\fR is specified, list only the information for that target. Options are as follows. .sp .ne 2 .na \fB\fB-p\fR,\fB--parsable\fR\fR .ad .sp .6 .RS 4n Used for scripting mode. Do not print headers and separate fields by a single tab instead of arbitrary white space. .RE .sp .ne 2 .na \fB\fB-v\fR,\fB--verbose\fR\fR .ad .sp .6 .RS 4n Verbose mode. .RE .SS "\fBitadm delete-target\fR" .in +2 .nf itadm delete-target [\fB-f\fR,\fB--force\fR] \fItarget_node_name\fR .fi .in -2 .sp .sp .LP Delete the target specified by \fItarget_node_name\fR. The target must be \fBoffline\fR before it can be deleted. Option is as follows. .sp .ne 2 .na \fB\fB-f\fR,\fB--force\fR\fR .ad .sp .6 .RS 4n If the target persists in an online state, this option attempts to offline the target before deleting it. .RE .SS "\fBitadm create-tpg\fR" .in +2 .nf itadm create-tpg \fItpg_name\fR \fIIP-address\fR[:\fIport\fR]... .fi .in -2 .sp .sp .LP Create an iSCSI target portal group made up of the specified portals and assign it the identifier \fItpg_name\fR. Each portal is an IP address and port pair. IPv4 portals are specified in dotted address notation, for example, \fB172.31.255.255\fR. IPv6 portal addresses must be enclosed in square brackets. .sp .LP This subcommand has no options. .SS "\fBitadm list-tpg\fR" .in +2 .nf itadm list-tpg [\fB-p\fR,\fB--parsable\fR] [\fB-v\fR,\fB--verbose\fR] [\fItpg_name\fR] .fi .in -2 .sp .sp .LP List information about the configured target portal group. If \fItpg_name\fR is specified then list only the information about the target portal group associated with that \fItpg_name\fR. Options are as follows. .sp .ne 2 .na \fB\fB-p\fR,\fB--parsable\fR\fR .ad .sp .6 .RS 4n Used for scripting mode. Do not print headers and separate fields by a single tab instead of arbitrary white space. .RE .sp .ne 2 .na \fB\fB-v\fR,\fB--verbose\fR\fR .ad .sp .6 .RS 4n Verbose mode. .RE .SS "\fBitadm delete-tpg\fR" .in +2 .nf itadm delete-tpg [\fB-f\fR,\fB--force\fR] \fItpg_name\fR .fi .in -2 .sp .sp .LP Delete the target portal group associated with \fItpg_name\fR. Option is as follows. .sp .ne 2 .na \fB\fB-f\fR,\fB--force\fR\fR .ad .sp .6 .RS 4n If the TPG is associated with any targets, the request to delete will be denied unless this option is specified. .RE .SS "\fBitadm create-initiator\fR" .in +2 .nf itadm create-initiator [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR] [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] \fIinitiator_node_name\fR .fi .in -2 .sp .sp .LP Configure parameters associated with the remote initiator named \fIinitiator_node_name\fR. Options are as follows. .sp .ne 2 .na \fB\fB-s\fR,\fB--chap-secret\fR\fR .ad .sp .6 .RS 4n As described under the \fBcreate-target\fR subcommand, above. .RE .sp .ne 2 .na \fB\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR\fR .ad .sp .6 .RS 4n As described under the \fBcreate-target\fR subcommand, above. .RE .sp .ne 2 .na \fB\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR\fR .ad .sp .6 .RS 4n Specifies the CHAP username for an initiator, for use in CHAP authentication. If no value is specified then the initiator node name is used as the username. .RE .SS "\fBitadm modify-initiator\fR" .in +2 .nf itadm modify-initiator [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR] [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] \fIinitiator_node_name\fR .fi .in -2 .sp .sp .LP Modify parameters associated with the remote initiator named \fIinitiator_node_name\fR. Options are as follows. .sp .ne 2 .na \fB\fB-s\fR,\fB--chap-secret\fR\fR .ad .sp .6 .RS 4n As described under the \fBcreate-target\fR subcommand, above. .RE .sp .ne 2 .na \fB\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR\fR .ad .sp .6 .RS 4n As described under the \fBcreate-target\fR subcommand, above. .RE .sp .ne 2 .na \fB\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR\fR .ad .sp .6 .RS 4n Specifies the CHAP username for an initiator, for use in CHAP authentication. If no value is specified then the initiator node name is used as the username. .RE .SS "\fBitadm delete-initiator\fR" .in +2 .nf itadm delete-initiator \fIinitiator_node_name\fR .fi .in -2 .sp .sp .LP Delete parameters associated with the remote initiator named \fIinitiator_node_name\fR. This subcommand has no options. .SS "\fBitadm list-initiator\fR" .in +2 .nf \fBitadm\fR list-initiator [\fB-p\fR,\fB--parsable\fR] [\fB-v\fR,\fB--verbose\fR] \fIinitiator_node_name\fR .fi .in -2 .sp .sp .LP List parameters associated with the initiator named \fIinitiator_node_name\fR. Options are as follows. .sp .ne 2 .na \fB\fB-p\fR,\fB--parsable\fR\fR .ad .sp .6 .RS 4n Used for scripting mode. Do not print headers and separate fields by a single tab instead of arbitrary white space. .RE .sp .ne 2 .na \fB\fB-v\fR,\fB--verbose\fR\fR .ad .sp .6 .RS 4n Verbose mode. .RE .SS "\fBitadm modify-defaults\fR" .in +2 .nf itadm modify-defaults [\fB-a\fR,\fB--auth-method\fR radius | chap | none] [\fB-r\fR,\fB--radius-server\fR \fIIP-address\fR[:\fIport\fR]] [\fB-d\fR,\fB--radius-secret\fR] [\fB-D\fR,\fB--radius-secret-file\fR \fIpath\fR][\fB-i\fR,\fB--isns\fR enable | disable] [\fB-I\fR,\fB--isns-server\fR \fIIP-address\fR[:\fIport\fR][,\fIIP-address\fR[:\fIport\fR]]] .fi .in -2 .sp .sp .LP Modify default parameters. Options are as follows. .sp .ne 2 .na \fB\fB-a\fR,\fB--auth-method\fR \fBradius | chap | none\fR\fR .ad .sp .6 .RS 4n Specifies the default authentication method to use for all targets. Valid values are \fBradius\fR, \fBchap\fR, and \fBnone\fR. \fBchap\fR indicates that initiators connecting to this target must be authenticated using Challenge Handshake Authentication Protocol (CHAP). \fBradius\fR indicates initiators should also be authenticated by means of CHAP, but the required authentication parameters should be obtained from a central RADIUS server. (See \fB--radius-server\fR and \fB--radius-secret\fR options.) \fBnone\fR means that no authentication is required to connect to the target. Individual targets can override this global setting using the \fB-a\fR option of the \fBcreate-target\fR and \fBmodify-target\fR subcommands. .RE .sp .ne 2 .na \fB\fB-d\fR,\fB--radius-secret\fR\fR .ad .sp .6 .RS 4n RADIUS Shared Secret for centralized CHAP authentication. .RE .sp .ne 2 .na \fB\fB-D\fR,\fB--radius-secret-file\fR \fIpath\fR\fR .ad .sp .6 .RS 4n Path to a temporary file containing the CHAP secret as described in the \fB-d\fR option. .RE .sp .ne 2 .na \fB\fB-i\fR,\fB--sns\fR \fBenable | disable\fR\fR .ad .sp .6 .RS 4n Specifies whether targets should be registered with the set of defined iSCSI Name Service (iSNS) servers. .RE .sp .ne 2 .na \fB\fB-I\fR,\fB--isns-server\fR \fIIP-address\fR[:\fIport\fR][,\fIIP-address\fR[:\fIport\fR],...]\fR .ad .sp .6 .RS 4n Defines a list of iSNS servers with which iSCSI target nodes will be registered when the \fBisns\fR option associated with the respective target is set. Up to eight iSNS servers can be specified. To remove all iSNS servers, use \fB-I\fR \fBnone\fR. .RE .sp .ne 2 .na \fB\fB-r\fR,\fB--radius-server\fR \fIIP-address\fR[:\fIport\fR]\fR .ad .sp .6 .RS 4n Specify the IP address of the RADIUS server used for centralized CHAP authentication. .RE .SS "\fBitadm list-defaults\fR" .in +2 .nf itadm list-defaults [\fB-p\fR,\fB--parsable\fR] .fi .in -2 .sp .sp .LP List information about the default properties. Option is as follows. .sp .ne 2 .na \fB\fB-p\fR,\fB--parsable\fR\fR .ad .sp .6 .RS 4n Used for scripting mode. Do not print headers and separate fields by a single tab instead of arbitrary white space. .RE .SH EXAMPLES .LP \fBExample 1 \fRCreating a Target .sp .LP The following command creates a target. .sp .in +2 .nf # \fBitadm create-target\fR Target iqn.1986-03.com.sun:02:72e1b181-7bce-c0e6-851e-ec0d8cf14b7a successfully created .fi .in -2 .sp .LP \fBExample 2 \fRCreating a Target with a Specific Name .sp .LP The following command creates a target with a specific IQN. .sp .in +2 .nf # \fBitadm create-target -n eui.20387ab8943ef7548\fR or: # \fBitadm create-target \e -n iqn.1986-03.com.sun:02:a9a366f8-cc2b-f291-840948c7f29e\fR .fi .in -2 .sp .LP \fBExample 3 \fRChanging a Name .sp .LP The following command changes an IQN for an existing target. .sp .in +2 .nf # \fBitadm modify-target -n eui.20387ab8943ef7548 \e iqn.1986-03.com.sun:02:a9a366f8-909b-cc2b-f291-840948c7f29e\fR .fi .in -2 .sp .LP \fBExample 4 \fRSetting up CHAP Authentication .sp .LP The following command sets up CHAP authentication for a target using the default CHAP username. .sp .in +2 .nf # \fBitadm modify-initiator -s iqn.1986-03.com.sun:01:e00000000000.47d55444\fR \fBEnter CHAP secret:\fR ********* \fBRe-enter secret:\fR ********* # \fBitadm modify-target -a chap eui.20387ab8943ef7548\fR .fi .in -2 .sp .LP \fBExample 5 \fRCreating Target Portal Groups .sp .LP The following command creates two target portal groups, \fBA\fR and \fBB\fR, using port 8000 for the addresses in TPG 2. .sp .in +2 .nf # \fBitadm create-tpg A 192.168.0.1 192.168.0.2\fR # \fBitadm create-tpg B 192.168.0.2:8000 192.168.0.2:8000\fR .fi .in -2 .sp .LP \fBExample 6 \fRConfiguring a Target to Use TPGs .sp .LP The following command configures a target to use TPGs A and B. .sp .in +2 .nf # \fBitadm modify-target -t A,B eui.20387ab8943ef7548\fR .fi .in -2 .sp .LP \fBExample 7 \fRSetting up RADIUS Authentication for Specific Target .sp .LP The following command sets up RADIUS authentication for a specific target. .sp .in +2 .nf # \fBitadm modify-defaults -r 192.168.10.1 -d\fR \fBEnter RADIUS secret:\fR ********* \fBRe-enter secret:\fR ********* # \fBitadm modify-target -a radius eui.20387ab8943ef7548\fR .fi .in -2 .sp .LP \fBExample 8 \fRSetting up RADIUS Authentication for All Targets .sp .LP The following command sets up RADIUS authentication for all targets. .sp .in +2 .nf # \fBitadm modify-defaults -d -r 192.168.10.1 -a radius\fR \fBEnter RADIUS secret:\fR ********* \fBRe-enter secret:\fR ********* .fi .in -2 .sp .sp .LP The preceding command assumes all targets were created with \fB-a\fR \fBdefault\fR. .LP \fBExample 9 \fRListing Default Properties .sp .LP The following command lists default properties. .sp .in +2 .nf # \fBitadm list-defaults\fR iSCSI Target Default Properties: alias: \fInone\fR auth: \fInone\fR radiusserver: \fInone\fR radiussecret: unset isns: disabled isnsserver: 2.3.4.5,4.5.6.7 .fi .in -2 .sp .LP \fBExample 10 \fRListing Targets .sp .LP The following command lists targets. .sp .in +2 .nf # \fBitadm list-target\fR TARGET NAME STATE SESSIONS iqn.1986-03.com.sun:02:72e1b181-7bce-c0e6-851e-ec0d8cf14b7a online 0 iqn.1986-03.com.sun:02:2cb0c526-c05a-e279-e396-a367006f4227 online 0 iqn.1986-03.com.sun:02:d14125bb-1c9d-c28d-97b0-f89259b642f3 online 0 iqn.1986-03.com.sun:02:03ff9fc5-794a-e9b4-a081-bb82917c292a online 0 .fi .in -2 .sp .LP \fBExample 11 \fRListing Targets (Verbose) .sp .LP The following command lists targets with the verbose option. .sp .in +2 .nf # \fBitadm list-target -v\fR TARGET NAME STATE SESSIONS iqn.1986-03.com.sun:02:d23e68d8-2d79-c988-98e7-a6361689d33c online 0 alias: - auth: none (defaults) targetchapuser: - targetchapsecret: unset tpg-tags: default iqn.1986-03.com.sun:02:94ec46d4-c8e1-6993-ef03-ffc1dcd66606 online 1 alias: - auth: chap targetchapuser: - targetchapsecret: unset tpg-tags: nge1_ipv4 = 3 .fi .in -2 .sp .LP \fBExample 12 \fRListing a Specific Target .sp .LP The following command lists targets with the verbose option. .sp .in +2 .nf # \fBitadm list-target -v \e iqn.1986-03.com.sun:02:2cb0c526-c05a-e279-e396-a367006f4227\fR TARGET NAME STATE SESSIONS iqn.1986-03.com.sun:02:2cb0c526-c05a-e279-e396-a367006f4227 online 1 alias: - auth: chap targetchapuser: - targetchapsecret: unset tpg-tags: nge1_ipv4 = 3 .fi .in -2 .sp .SH ATTRIBUTES .LP See \fBattributes\fR(5) for descriptions of the following attributes: .sp .sp .TS box; c | c l | l . ATTRIBUTE TYPE ATTRIBUTE VALUE _ Interface Stability Committed .TE .SH SEE ALSO .LP \fBiscsiadm\fR(1M), \fBstmfadm\fR(1M), \fBlibstmf\fR(3LIB), \fBattributes\fR(5)