'\" t
.\" The contents of this file are subject to the terms of the
.\" Common Development and Distribution License (the "License").
.\" You may not use this file except in compliance with the License.
.\"
.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
.\" or http://www.opensolaris.org/os/licensing.
.\" See the License for the specific language governing permissions
.\" and limitations under the License.
.\"
.\" When distributing Covered Code, include this CDDL HEADER in each
.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
.\" If applicable, add the following below this CDDL HEADER, with the
.\" fields enclosed by brackets "[]" replaced with your own identifying
.\" information: Portions Copyright [yyyy] [name of copyright owner]
.\"
.\"
.\" Copyright (c) 2008, Sun Microsystems, Inc. All Rights Reserved
.\" Copyright 2014 Nexenta Systems, Inc.  All rights reserved.
.\"
.TH ITADM 1M "Mar 27, 2014"
.SH NAME
itadm \- administer iSCSI targets
.SH SYNOPSIS
.LP
.nf
\fBitadm\fR create-target [\fB-a\fR,\fB--auth-method\fR radius | chap | none | default]
     [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR]
     [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] [\fB-n\fR,\fB--node-name\fR \fItarget_node_name\fR]
     [\fB-l\fR,\fB--alias\fR \fIalias\fR] [\fB-t\fR,\fB--tpg\fR \fItpg-name\fR[,\fItpg-name\fR]]
.fi

.LP
.nf
\fBitadm\fR modify-target [\fB-a\fR,\fB--auth-method\fR radius | chap | none | default]
     [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR]
     [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] [\fB-n\fR,\fB--node-name\fR \fInew_target_node_name\fR]
     [\fB-l\fR,\fB--alias\fR \fIalias\fR] [\fB-t\fR,\fB--tpg\fR \fItpg-name\fR[,\fItpg-name\fR]] \fItarget_node_name\fR
.fi

.LP
.nf
\fBitadm\fR delete-target [\fB-f\fR,\fB--force\fR] \fItarget_node_name\fR
.fi

.LP
.nf
\fBitadm\fR list-target [\fB-p\fR,\fB--parsable\fR] [\fB-v\fR,\fB--verbose\fR] [\fItarget_node_name\fR]
.fi

.LP
.nf
\fBitadm\fR create-tpg \fItpg_name\fR \fIIP-address\fR[:\fIport\fR] [\fIIP-address\fR[:\fIport\fR]]...
.fi

.LP
.nf
\fBitadm\fR list-tpg [\fB-p\fR,\fB--parsable\fR] [\fB-v\fR,\fB--verbose\fR] [\fItpg_name\fR]
.fi

.LP
.nf
\fBitadm\fR delete-tpg  [\fB-f\fR,\fB--force\fR] \fItpg_name\fR
.fi

.LP
.nf
\fBitadm\fR create-initiator [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR]
     [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] \fIinitiator_node_name\fR
.fi

.LP
.nf
\fBitadm\fR modify-initiator [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR]
     [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] \fIinitiator_node_name\fR
.fi

.LP
.nf
\fBitadm\fR list-initiator [\fB-p\fR,\fB--parsable\fR] [\fB-v\fR,\fB--verbose\fR] \fIinitiator_node_name\fR
.fi

.LP
.nf
\fBitadm\fR delete-initiator \fIinitiator_node_name\fR
.fi

.LP
.nf
\fBitadm\fR modify-defaults [\fB-a\fR,\fB--auth-method\fR radius | chap | none]
     [\fB-r\fR,\fB--radius-server\fR \fIIP-address\fR[:\fIport\fR]] [\fB-d\fR,\fB--radius-secret\fR]
     [\fB-D\fR,\fB--radius-secret-file\fR \fIpath\fR][\fB-i\fR,\fB--isns\fR enable | disable]
     [\fB-I\fR,\fB--isns-server\fR \fIIP-address\fR[:\fIport\fR][,\fIIP-address\fR[:\fIport\fR]]]
.fi

.LP
.nf
\fBitadm\fR list-defaults [\fB-p\fR,\fB--parsable\fR]
.fi

.SH DESCRIPTION
.LP
The \fBitadm\fR command manages Internet SCSI (iSCSI) target nodes within the
SCSI Target Mode Framework described in \fBstmfadm\fR(1M) and
\fBlibstmf\fR(3LIB).  This allows the iSCSI initiators to access STMF logical
units using the iSCSI protocol. In addition to iSCSI target nodes, \fBitadm\fR
manages two other classes of managed objects: iSCSI Target Portal Groups, and
iSCSI Initiator Node Contexts.
.sp
.LP
\fBitadm\fR is implemented as a set of subcommands with options and operands
for each subcommand. These subcommands are described in their own section,
below. In addition to its subcommands, \fBitadm\fR has a help command, which
displays the utility's usage information. The help command is invoked with the
\fB-?\fR option.
.SS "iSCSI Target Portal Groups"
.LP
An iSCSI Target Network Portal is an IP address and TCP port that can be used
by an initiator node to connect to an iSCSI target. A collection of  these
portals is called a Target Portal Group (TPG). You can use a TPG  to limit
access to an iSCSI target. Use the \fBitadm modify\fR \fB-t\fR command to  bind
a specific iSCSI target to the TPG. An iSCSI listener is created on  each IP
address that belongs to the TPG, and listens for connections to  the iSCSI
target.
.sp
.LP
A TPG is identified by a unique name provided when the TPG is created. A
numerical "Target Portal Group Tag" from the range 2-65535 is automatically
generated when the TPG is created. The Target Portal Group Tag 1 is reserved
for the "default" target portal group that is used when no explicit Target
Portal Groups are set on the target. The portal for the default TPG matches
requests from all network interfaces on port  3260.
.SS "iSCSI Initiator Node Contexts"
.LP
Certain operations such as authentication by means of Challenge Handshake
Authentication Protocol (CHAP) require parameters associated with a remote
iSCSI Initiator Node. These parameters are associated with an iSCSI Initiator
Node Context. An iSCSI Initiator Node Context is identified by its Initiator
Node Name, formatted in either IQN or EUI format (see RFC 3720). For example:
.sp
.in +2
.nf
iqn.1986-03.com.sun:01:e00000000000.47d55444
eui.02004567A425678D
.fi
.in -2
.sp

.SS "Specifying IP Addresses"
.LP
A number of \fBitadm\fR subcommands require that you specify one or more IP
addresses with optional port numbers. For IPv4, use standard dotted decimal
notation. For IPv6, enclose addresses in square brackets. The following are
example specifications.
.sp
.in +2
.nf
\fBIPv4\fR:  10.2.4.1
       10.2.4.1:3260
\fBIPv6\fR:  [1080:0:0:0:8:800:200C:417A]
       [1080:0:0:0:8:800:200C:417A]:3260
.fi
.in -2
.sp

.SH SUB-COMMANDS
.LP
The following are the \fBitadm\fR subcommands with their options.
.SS "\fBitadm create-target\fR"
.in +2
.nf
itadm create-target [-a,--auth-method radius | chap | none | default]
     [-s,--chap-secret]
     [-S,--chap-secret-file \fIpath\fR] [-u,--chap-user \fIchap-user-name\fR]
     [-n,--node-name \fItarget_node_name\fR] [-l,--alias \fIalias\fR]
     [-t,--tpg \fItpg-name\fR[,\fItpg-name\fR,...]]
.fi
.in -2
.sp

.sp
.LP
Create a iSCSI target with the specified options. Options are as follows.
.sp
.ne 2
.na
\fB\fB-a\fR,\fB--auth-method\fR \fBradius | chap | none | default\fR\fR
.ad
.sp .6
.RS 4n
Specifies the authentication method to use for the target. Valid values are
\fBradius\fR, \fBchap\fR, and \fBnone\fR. \fBchap\fR indicates that initiators
connecting to this target must be authenticated using the Challenge Handshake
Authentication Protocol (CHAP). \fBradius\fR indicates initiators should also
be authenticated by means of CHAP but the required authentication parameters
should  be obtained from a central RADIUS server (see the \fBradius-server\fR
and \fBradius-secret\fR options). \fBnone\fR means that no authentication is
required to connect to the target. \fBdefault\fR means the target will use the
global setting of this property.  (See the \fBmodify-defaults\fR subcommand.)
.RE

.sp
.ne 2
.na
\fB\fB-s\fR,\fB--chap-secret\fR\fR
.ad
.sp .6
.RS 4n
The CHAP secret to send during mutual CHAP authentication. There is no default
for this property. Maximum length is 255 characters; minimum required length is
12 characters.
.RE

.sp
.ne 2
.na
\fB\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR\fR
.ad
.sp .6
.RS 4n
Path to a temporary file containing the CHAP secret as described in the
\fB-s\fR option.
.RE

.sp
.ne 2
.na
\fB\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR\fR
.ad
.sp .6
.RS 4n
Specifies the CHAP username for a target for use in mutual CHAP authentication.
This value is allowed only for targets, cannot be set globally, and is used
only when the initiator node is configured to use mutual CHAP authentication.
If no value is specified then the target node name is used as the username. See
\fBiscsiadm\fR(1M).
.RE

.sp
.ne 2
.na
\fB\fB-n\fR,\fB--node-name\fR \fItarget_node_name\fR\fR
.ad
.sp .6
.RS 4n
An iSCSI Target Node is identified by its Target Node Name, formatted in either
IQN or EUI format (see RFC 3720). This option establishes that name.
.RE

.sp
.ne 2
.na
\fB\fB-l\fR,\fB--alias\fR \fIalias\fR\fR
.ad
.sp .6
.RS 4n
An alternate identifier associated with a target node. The identifier does not
need to be unique.
.RE

.sp
.ne 2
.na
\fB\fB-t\fR,\fB--tpg\fR \fItpg-name\fR[,\fItpg-name\fR,...]\fR
.ad
.sp .6
.RS 4n
A list of Target Portal Group (TPG) identifiers that specifies the TPGs that an
initiator can use to access a specific target or the keyword \fBdefault\fR.  If
\fBdefault\fR is specified, the target will use the default portal,
\fBINADDR_ANY:3260\fR.
.RE

.SS "\fBitadm modify-target\fR"
.in +2
.nf
itadm modify-target [\fB-a\fR,\fB--auth-method\fR radius | chap | none | default]
     [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR]
     [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] [\fB-n\fR,\fB--node-name\fR \fInew_tgt_node_name\fR]
     [\fB-l\fR,\fB--alias\fR \fIalias\fR] [\fB-t\fR,\fB--tpg\fR \fItpg-name\fR[,\fItpg-name\fR]] \fItarget_node_name\fR
.fi
.in -2
.sp

.sp
.LP
Modify an iSCSI target according to the specified options. Options are as
follows.
.sp
.ne 2
.na
\fB\fB-a\fR,\fB--auth-method\fR \fBradius | chap | none | default\fR\fR
.ad
.sp .6
.RS 4n
As described under the \fBcreate-target\fR subcommand, above.
.RE

.sp
.ne 2
.na
\fB\fB-s\fR,\fB--chap-secret\fR\fR
.ad
.sp .6
.RS 4n
As described under the \fBcreate-target\fR subcommand, above.
.RE

.sp
.ne 2
.na
\fB\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR\fR
.ad
.sp .6
.RS 4n
As described under the \fBcreate-target\fR subcommand, above.
.RE

.sp
.ne 2
.na
\fB\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR\fR
.ad
.sp .6
.RS 4n
As described under the \fBcreate-target\fR subcommand, above. To remove an
explicitly set CHAP username use \fB-u\fR \fBnone\fR.
.RE

.sp
.ne 2
.na
\fB\fB-n\fR,\fB--node-name\fR \fItarget_node_name\fR\fR
.ad
.sp .6
.RS 4n
Renames the target. See also the description of \fB-n\fR under the
\fBcreate-target\fR subcommand, above.
.RE

.sp
.ne 2
.na
\fB\fB-l\fR,\fB--alias\fR \fIalias\fR\fR
.ad
.sp .6
.RS 4n
As described under the \fBcreate-target\fR subcommand, above. To remove an
explicitly set alias use \fB-l\fR \fBnone\fR.
.RE

.sp
.ne 2
.na
\fB\fB-t\fR,\fB--tpg\fR \fItpg-name\fR[,\fItpg-name\fR,...]\fR
.ad
.sp .6
.RS 4n
As described under the \fBcreate-target\fR subcommand, above.
.RE

.SS "\fBitadm list-target\fR"
.in +2
.nf
itadm list-target [\fB-p\fR,\fB--parsable\fR] [\fB-v\fR,\fB--verbose\fR] [\fItarget_node_name\fR]
.fi
.in -2
.sp

.sp
.LP
List information about the configured targets. If \fItarget_node_name\fR is
specified, list only the information for that target. Options are as follows.

.sp
.ne 2
.na
\fB\fB-p\fR,\fB--parsable\fR\fR
.ad
.sp .6
.RS 4n
Used for scripting mode. Do not print headers and separate fields by a single
tab instead of arbitrary white space.
.RE

.sp
.ne 2
.na
\fB\fB-v\fR,\fB--verbose\fR\fR
.ad
.sp .6
.RS 4n
Verbose mode.
.RE

.SS "\fBitadm delete-target\fR"
.in +2
.nf
itadm delete-target [\fB-f\fR,\fB--force\fR] \fItarget_node_name\fR
.fi
.in -2
.sp

.sp
.LP
Delete the target specified by \fItarget_node_name\fR. The target must be
\fBoffline\fR before it can be deleted. Option is as follows.
.sp
.ne 2
.na
\fB\fB-f\fR,\fB--force\fR\fR
.ad
.sp .6
.RS 4n
If the target persists in an online state, this option attempts to offline the
target before deleting it.
.RE

.SS "\fBitadm create-tpg\fR"
.in +2
.nf
itadm create-tpg \fItpg_name\fR \fIIP-address\fR[:\fIport\fR]...
.fi
.in -2
.sp

.sp
.LP
Create an iSCSI target portal group made up of the specified portals and assign
it the identifier \fItpg_name\fR. Each portal is an IP address and port pair.
IPv4 portals are specified in dotted address notation, for example,
\fB172.31.255.255\fR. IPv6 portal addresses must be enclosed in square
brackets.
.sp
.LP
This subcommand has no options.
.SS "\fBitadm list-tpg\fR"
.in +2
.nf
itadm list-tpg [\fB-p\fR,\fB--parsable\fR] [\fB-v\fR,\fB--verbose\fR] [\fItpg_name\fR]
.fi
.in -2
.sp

.sp
.LP
List information about the configured target portal group. If \fItpg_name\fR is
specified then list only the information about the target portal group
associated with that \fItpg_name\fR. Options are as follows.

.sp
.ne 2
.na
\fB\fB-p\fR,\fB--parsable\fR\fR
.ad
.sp .6
.RS 4n
Used for scripting mode. Do not print headers and separate fields by a single
tab instead of arbitrary white space.
.RE

.sp
.ne 2
.na
\fB\fB-v\fR,\fB--verbose\fR\fR
.ad
.sp .6
.RS 4n
Verbose mode.
.RE

.SS "\fBitadm delete-tpg\fR"
.in +2
.nf
itadm delete-tpg  [\fB-f\fR,\fB--force\fR] \fItpg_name\fR
.fi
.in -2
.sp

.sp
.LP
Delete the target portal group associated with \fItpg_name\fR. Option is as
follows.
.sp
.ne 2
.na
\fB\fB-f\fR,\fB--force\fR\fR
.ad
.sp .6
.RS 4n
If the TPG is associated with any targets, the request to delete will be denied
unless this option is specified.
.RE

.SS "\fBitadm create-initiator\fR"
.in +2
.nf
itadm create-initiator [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR]
     [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] \fIinitiator_node_name\fR
.fi
.in -2
.sp

.sp
.LP
Configure parameters associated with the remote initiator named
\fIinitiator_node_name\fR. Options are as follows.
.sp
.ne 2
.na
\fB\fB-s\fR,\fB--chap-secret\fR\fR
.ad
.sp .6
.RS 4n
As described under the \fBcreate-target\fR subcommand, above.
.RE

.sp
.ne 2
.na
\fB\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR\fR
.ad
.sp .6
.RS 4n
As described under the \fBcreate-target\fR subcommand, above.
.RE

.sp
.ne 2
.na
\fB\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR\fR
.ad
.sp .6
.RS 4n
Specifies the CHAP username for an initiator, for use in CHAP authentication.
If no value is specified then the initiator node name is used as the username.
.RE

.SS "\fBitadm modify-initiator\fR"
.in +2
.nf
itadm modify-initiator [\fB-s\fR,\fB--chap-secret\fR] [\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR]
     [\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR] \fIinitiator_node_name\fR
.fi
.in -2
.sp

.sp
.LP
Modify parameters associated with the remote initiator named
\fIinitiator_node_name\fR. Options are as follows.
.sp
.ne 2
.na
\fB\fB-s\fR,\fB--chap-secret\fR\fR
.ad
.sp .6
.RS 4n
As described under the \fBcreate-target\fR subcommand, above.
.RE

.sp
.ne 2
.na
\fB\fB-S\fR,\fB--chap-secret-file\fR \fIpath\fR\fR
.ad
.sp .6
.RS 4n
As described under the \fBcreate-target\fR subcommand, above.
.RE

.sp
.ne 2
.na
\fB\fB-u\fR,\fB--chap-user\fR \fIchap-user-name\fR\fR
.ad
.sp .6
.RS 4n
Specifies the CHAP username for an initiator, for use in CHAP authentication.
If no value is specified then the initiator node name is used as the username.
.RE

.SS "\fBitadm delete-initiator\fR"
.in +2
.nf
itadm delete-initiator \fIinitiator_node_name\fR
.fi
.in -2
.sp

.sp
.LP
Delete parameters associated with the remote initiator named
\fIinitiator_node_name\fR. This subcommand has no options.
.SS "\fBitadm list-initiator\fR"
.in +2
.nf
\fBitadm\fR list-initiator [\fB-p\fR,\fB--parsable\fR] [\fB-v\fR,\fB--verbose\fR] \fIinitiator_node_name\fR
.fi
.in -2
.sp

.sp
.LP
List parameters associated with the initiator named \fIinitiator_node_name\fR.
Options are as follows.

.sp
.ne 2
.na
\fB\fB-p\fR,\fB--parsable\fR\fR
.ad
.sp .6
.RS 4n
Used for scripting mode. Do not print headers and separate fields by a single
tab instead of arbitrary white space.
.RE

.sp
.ne 2
.na
\fB\fB-v\fR,\fB--verbose\fR\fR
.ad
.sp .6
.RS 4n
Verbose mode.
.RE

.SS "\fBitadm modify-defaults\fR"
.in +2
.nf
itadm modify-defaults [\fB-a\fR,\fB--auth-method\fR radius | chap | none]
     [\fB-r\fR,\fB--radius-server\fR \fIIP-address\fR[:\fIport\fR]] [\fB-d\fR,\fB--radius-secret\fR]
     [\fB-D\fR,\fB--radius-secret-file\fR \fIpath\fR][\fB-i\fR,\fB--isns\fR enable | disable]
     [\fB-I\fR,\fB--isns-server\fR \fIIP-address\fR[:\fIport\fR][,\fIIP-address\fR[:\fIport\fR]]]
.fi
.in -2
.sp

.sp
.LP
Modify default parameters. Options are as follows.
.sp
.ne 2
.na
\fB\fB-a\fR,\fB--auth-method\fR \fBradius | chap | none\fR\fR
.ad
.sp .6
.RS 4n
Specifies the default authentication method to use for all targets. Valid
values are \fBradius\fR, \fBchap\fR, and \fBnone\fR. \fBchap\fR indicates that
initiators connecting to this target must be authenticated using Challenge
Handshake Authentication Protocol (CHAP). \fBradius\fR indicates initiators
should also be authenticated by means of CHAP, but the required authentication
parameters should be obtained from a central RADIUS server. (See
\fB--radius-server\fR and \fB--radius-secret\fR options.) \fBnone\fR means that
no authentication is required to connect to the target. Individual targets can
override this global setting using the \fB-a\fR option of the
\fBcreate-target\fR and \fBmodify-target\fR subcommands.
.RE

.sp
.ne 2
.na
\fB\fB-d\fR,\fB--radius-secret\fR\fR
.ad
.sp .6
.RS 4n
RADIUS Shared Secret for centralized CHAP authentication.
.RE

.sp
.ne 2
.na
\fB\fB-D\fR,\fB--radius-secret-file\fR \fIpath\fR\fR
.ad
.sp .6
.RS 4n
Path to a temporary file containing the CHAP secret as described in the
\fB-d\fR option.
.RE

.sp
.ne 2
.na
\fB\fB-i\fR,\fB--sns\fR \fBenable | disable\fR\fR
.ad
.sp .6
.RS 4n
Specifies whether targets should be registered with the set of defined iSCSI
Name Service (iSNS) servers.
.RE

.sp
.ne 2
.na
\fB\fB-I\fR,\fB--isns-server\fR
\fIIP-address\fR[:\fIport\fR][,\fIIP-address\fR[:\fIport\fR],...]\fR
.ad
.sp .6
.RS 4n
Defines a list of iSNS servers with which iSCSI target nodes will be registered
when the \fBisns\fR option associated with the respective target is set. Up to
eight iSNS servers can be specified. To remove all iSNS servers, use \fB-I\fR
\fBnone\fR.
.RE

.sp
.ne 2
.na
\fB\fB-r\fR,\fB--radius-server\fR \fIIP-address\fR[:\fIport\fR]\fR
.ad
.sp .6
.RS 4n
Specify the IP address of the RADIUS server used for centralized CHAP
authentication.
.RE

.SS "\fBitadm list-defaults\fR"
.in +2
.nf
itadm list-defaults [\fB-p\fR,\fB--parsable\fR]
.fi
.in -2
.sp

.sp
.LP
List information about the default properties. Option is as follows.

.sp
.ne 2
.na
\fB\fB-p\fR,\fB--parsable\fR\fR
.ad
.sp .6
.RS 4n
Used for scripting mode. Do not print headers and separate fields by a single
tab instead of arbitrary white space.
.RE

.SH EXAMPLES
.LP
\fBExample 1 \fRCreating a Target
.sp
.LP
The following command creates a target.

.sp
.in +2
.nf
# \fBitadm create-target\fR
Target iqn.1986-03.com.sun:02:72e1b181-7bce-c0e6-851e-ec0d8cf14b7a
successfully created
.fi
.in -2
.sp

.LP
\fBExample 2 \fRCreating a Target with a Specific Name
.sp
.LP
The following command creates a target with a specific IQN.

.sp
.in +2
.nf
# \fBitadm create-target -n eui.20387ab8943ef7548\fR
or:
# \fBitadm create-target \e
-n iqn.1986-03.com.sun:02:a9a366f8-cc2b-f291-840948c7f29e\fR
.fi
.in -2
.sp

.LP
\fBExample 3 \fRChanging a Name
.sp
.LP
The following command changes an IQN for an existing target.

.sp
.in +2
.nf
# \fBitadm modify-target -n eui.20387ab8943ef7548 \e
iqn.1986-03.com.sun:02:a9a366f8-909b-cc2b-f291-840948c7f29e\fR
.fi
.in -2
.sp

.LP
\fBExample 4 \fRSetting up CHAP Authentication
.sp
.LP
The following command sets up CHAP authentication for a target using the
default CHAP username.

.sp
.in +2
.nf
# \fBitadm modify-initiator -s iqn.1986-03.com.sun:01:e00000000000.47d55444\fR
\fBEnter CHAP secret:\fR *********
\fBRe-enter secret:\fR *********

# \fBitadm modify-target -a chap eui.20387ab8943ef7548\fR
.fi
.in -2
.sp

.LP
\fBExample 5 \fRCreating Target Portal Groups
.sp
.LP
The following command creates two target portal groups, \fBA\fR and \fBB\fR,
using port 8000 for the addresses in TPG 2.

.sp
.in +2
.nf
# \fBitadm create-tpg A 192.168.0.1 192.168.0.2\fR
# \fBitadm create-tpg B 192.168.0.2:8000 192.168.0.2:8000\fR
.fi
.in -2
.sp

.LP
\fBExample 6 \fRConfiguring a Target to Use TPGs
.sp
.LP
The following command configures a target to use TPGs A and B.

.sp
.in +2
.nf
# \fBitadm modify-target -t A,B eui.20387ab8943ef7548\fR
.fi
.in -2
.sp

.LP
\fBExample 7 \fRSetting up RADIUS Authentication for Specific Target
.sp
.LP
The following command sets up RADIUS authentication for a specific target.

.sp
.in +2
.nf
# \fBitadm modify-defaults -r 192.168.10.1 -d\fR
\fBEnter RADIUS secret:\fR *********
\fBRe-enter secret:\fR *********

# \fBitadm modify-target -a radius eui.20387ab8943ef7548\fR
.fi
.in -2
.sp

.LP
\fBExample 8 \fRSetting up RADIUS Authentication for All Targets
.sp
.LP
The following command sets up RADIUS authentication for all targets.

.sp
.in +2
.nf
# \fBitadm modify-defaults -d -r 192.168.10.1 -a radius\fR
\fBEnter RADIUS secret:\fR *********
\fBRe-enter secret:\fR *********
.fi
.in -2
.sp

.sp
.LP
The preceding command assumes all targets were created with \fB-a\fR
\fBdefault\fR.

.LP
\fBExample 9 \fRListing Default Properties
.sp
.LP
The following command lists default properties.

.sp
.in +2
.nf
# \fBitadm list-defaults\fR
iSCSI Target Default Properties:

alias:          \fInone\fR
auth:           \fInone\fR
radiusserver:   \fInone\fR
radiussecret:   unset
isns:           disabled
isnsserver:     2.3.4.5,4.5.6.7
.fi
.in -2
.sp

.LP
\fBExample 10 \fRListing Targets
.sp
.LP
The following command lists targets.

.sp
.in +2
.nf
# \fBitadm list-target\fR
TARGET NAME                                           STATE    SESSIONS
iqn.1986-03.com.sun:02:72e1b181-7bce-c0e6-851e-ec0d8cf14b7a  online   0
iqn.1986-03.com.sun:02:2cb0c526-c05a-e279-e396-a367006f4227  online   0
iqn.1986-03.com.sun:02:d14125bb-1c9d-c28d-97b0-f89259b642f3  online   0
iqn.1986-03.com.sun:02:03ff9fc5-794a-e9b4-a081-bb82917c292a  online   0
.fi
.in -2
.sp

.LP
\fBExample 11 \fRListing Targets (Verbose)
.sp
.LP
The following command lists targets with the verbose option.

.sp
.in +2
.nf
# \fBitadm list-target -v\fR
TARGET NAME                                           STATE    SESSIONS
iqn.1986-03.com.sun:02:d23e68d8-2d79-c988-98e7-a6361689d33c  online   0
       alias:                  -
       auth:                   none (defaults)
       targetchapuser:         -
       targetchapsecret:       unset
       tpg-tags:               default
iqn.1986-03.com.sun:02:94ec46d4-c8e1-6993-ef03-ffc1dcd66606  online   1
       alias:                  -
       auth:                   chap
       targetchapuser:         -
       targetchapsecret:       unset
       tpg-tags:               nge1_ipv4 = 3
.fi
.in -2
.sp

.LP
\fBExample 12 \fRListing a Specific Target
.sp
.LP
The following command lists targets with the verbose option.

.sp
.in +2
.nf
# \fBitadm list-target -v \e
iqn.1986-03.com.sun:02:2cb0c526-c05a-e279-e396-a367006f4227\fR
TARGET NAME                                           STATE    SESSIONS
iqn.1986-03.com.sun:02:2cb0c526-c05a-e279-e396-a367006f4227  online   1
        alias:                  -
        auth:                   chap
        targetchapuser:         -
        targetchapsecret:       unset
        tpg-tags:               nge1_ipv4 = 3
.fi
.in -2
.sp

.SH ATTRIBUTES
.LP
See \fBattributes\fR(5) for descriptions of the following attributes:
.sp

.sp
.TS
box;
c | c
l | l .
ATTRIBUTE TYPE	ATTRIBUTE VALUE
_
Interface Stability	Committed
.TE

.SH SEE ALSO
.LP
\fBiscsiadm\fR(1M), \fBstmfadm\fR(1M), \fBlibstmf\fR(3LIB), \fBattributes\fR(5)