- Notes, cautions, and warnings
- Using the CLI
- Categorical list of commands
- Alphabetical list of commands
- abort copy
- abort replication
- abort scrub
- activate certificate
- activate firmware
- add disk-group
- add host-group-members
- add host-members
- add ipv6-address
- add spares
- add storage
- add volume-group-members
- check firmware-upgrade-health
- check support-assist-connection
- check support-assist-updates
- clear alerts
- clear cache
- clear disk-metadata
- clear dns-parameters
- clear events
- clear expander-status
- clear fde-keys
- clear replication-queue
- copy volume
- create certificate
- create certificate-signing-request
- create chap-record
- create host
- create host-group
- create peer-connection
- create remote-system
- create replication-set
- create schedule
- create snapshots
- create task
- create user
- create user-group
- create volume
- create volume-group
- create volume-set
- delete all-snapshots
- delete chap-records
- delete host-groups
- delete hosts
- delete initiator-nickname
- delete peer-connection
- delete pools
- delete remote-system
- delete replication-set
- delete schedule
- delete snapshot
- delete task
- delete user
- delete user-group
- delete volume-groups
- delete volumes
- dequarantine
- erase disk
- exit
- expand disk-group
- expand volume
- help
- map volume
- meta
- ping
- query metrics
- query peer-connection
- recover replication-set
- release volume
- remote
- remove certificate
- remove disk-groups
- remove host-group-members
- remove host-members
- remove ipv6-address
- remove spares
- remove volume-group-members
- replicate
- rescan
- reset all-statistics
- reset ciphers
- reset controller-statistics
- reset disk-error-statistics
- reset disk-group-statistics
- reset disk-statistics
- reset dns-management-hostname
- reset host-link
- reset host-port-statistics
- reset pool-statistics
- reset snapshot
- reset volume-statistics
- restart mc
- restart sc
- restore defaults
- resume replication-set
- rollback volume
- scrub disk-groups
- scrub volume
- send support-assist-logs
- set advanced-settings
- set alert
- set chap-record
- set ciphers
- set cli-parameters
- set controller-date
- set disk
- set disk-group
- set disk-parameters
- set dns-management-hostname
- set dns-parameters
- set email-parameters
- set enclosure
- set fde-import-key
- set fde-lock-key
- set fde-state
- set host
- set host-group
- set host-parameters
- set initiator
- set ipv6-network-parameters
- set iscsi-parameters
- set ldap-parameters
- set led
- set network-parameters
- set ntp-parameters
- set password
- set peer-connection
- set pool
- set prompt
- set protocols
- set remote-system
- set replication-set
- set schedule
- set snapshot-space
- set snmp-parameters
- set support-assist
- set support-assist-authentication
- set support-assist-connection
- set support-assist-contact
- set support-assist-proxy
- set syslog-parameters
- set system
- set task
- set user
- set user-group
- set volume
- set volume-cache-parameters
- set volume-group
- show advanced-settings
- show alert-condition-history
- show alerts
- show audit-log
- show cache-parameters
- show certificate
- show certificates
- show chap-records
- show ciphers
- show cli-parameters
- show configuration
- show controller-date
- show controller-statistics
- show controllers
- show disk-group-statistics
- show disk-groups
- show disk-parameters
- show disk-statistics
- show disks
- show dns-management-hostname
- show dns-parameters
- show email-parameters
- show enclosures
- show events
- show expander-status
- show fan-modules
- show fans
- show fde-state
- show firmware-bundles
- show firmware-update-status
- show frus
- show host-groups
- show host-phy-statistics
- show host-port statistics
- show initiators
- show inquiry
- show ipv6-addresses
- show ipv6-network-parameters
- show iscsi-parameters
- show ldap-parameters
- show license
- show maps
- show metrics-list
- show network-parameters
- show ntp-status
- show peer-connections
- show pools
- show pool-statistics
- show ports
- show power-supplies
- show protocols
- show provisioning
- show redundancy-mode
- show remote-systems
- show replication-sets
- show replication-snapshot-history
- show sas-link-health
- show schedules
- show sensor-status
- show service-tag-info
- show sessions
- show shutdown-status
- show snapshots
- show snapshot-space
- show snmp-parameters
- show support-assist
- show support-assist-contact
- show support-assist-telemetry-status
- show syslog-parameters
- show system
- show system-parameters
- show tasks
- show tiers
- show tier-statistics
- show unwritable-cache
- show user-groups
- show users
- show versions
- show volume-copies
- show volume-groups
- show volume-names
- show volume-reservations
- show volume-statistics
- show volumes
- show workload
- shutdown
- start metrics
- stop metrics
- suspend replication-set
- test
- unmap volume
- whoami
- API basetype properties
- adapt-expand-preview
- advanced-settings-table
- alerts
- audit-log
- cache-parameter
- cache-settings
- certificate-status
- certificates
- ch-contact-info-primary
- ch-contact-info-secondary
- ch-contact-status
- ch-firmware-updates
- chap-records
- ciphers
- cli-parameters
- code-load-readiness
- code-load-readiness-reasons
- communication-ports
- conditions
- controller-cache-parameters
- controller-statistics
- controllers
- copy-volumes
- cs-replicate-tasks
- cs-replication
- cs-replication-set
- current-replication-snapshots
- disk-groups
- disk-groups-preview
- disk-group-statistics
- disk-group-statistics-paged
- disk-hist-statistics
- disk-statistics
- disk-update
- dns-parameters
- drive-parameters
- drive-summary
- drives
- email-parameters
- enclosure-fru
- enclosure-list
- enclosures
- endpoints-status
- events
- eventsLogs
- expander-ports
- expander-versions
- expanders
- fan
- fan-module-versions
- fan-modules
- fc-port
- fde-state
- firmware-bundles
- firmware-versions
- fru-versions
- gateway-endpoints
- health-conditions
- heatmaps
- host
- host-group
- host-group-view
- host-port-statistics
- host-view-mappings
- initiator
- initiator-view
- inquiry
- io-modules
- ipv6-addresses
- ipv6-network-parameters
- iscsi-parameters
- iscsi-port
- ldap-parameters
- license
- local-ports
- local-ports-detail
- log-header-table
- logon-user-detail
- metrics-list
- mgmt-hostnames
- midplane-versions
- network-parameters
- ntp-status
- peer-connection-info
- peer-connections
- peer-controllers
- peer-ports
- pool-hist-statistics
- pools
- pool-statistics
- pool-summary
- port
- power-supplies
- product-info
- provisioning
- proxy-information
- psu-versions
- readcache-hist-statistics
- redundancy
- remote-ports
- remote-ports-detail
- remote-system
- replication-snapshot-history
- reset-snapshot-tasks
- resettable-statistics
- sas-host-phy-statistics
- sas-port
- sas-status-controller-a
- schedules
- security-communications-protocols
- sensors
- service-tag-info
- sessions
- show-other-MC-status
- shutdown-status
- sideplanes
- snapshots
- snapshot-with-retention-tasks
- snap-space
- snap-tasks
- snmp-parameters
- spares-preview
- status
- storage-preview
- support-assist
- support-assist-conn
- support-assist-telemetry
- syslog-parameters
- system
- system-parameters-table
- tasks
- tier-hist-statistics
- tiers
- tier-statistics
- tier-summary
- time-settings-table
- unhealthy-component
- unused-disks-preview
- unwritable-cache
- update-status-process-step
- update-status-summary
- usergroups
- users
- versions
- volume-groups
- volume-names
- volume-reservations
- volume-statistics
- volume-view
- volume-view-mappings
- volumes
- workload
- Settings changed by restore defaults
Dell PowerVault ME5 Series Storage System CLI Reference Guide
create chap-record
| Description |
Creates a CHAP record to authenticate iSCSI login requests. When CHAP is enabled, the record enables authentication between the originator (initiator) and recipient (target) of a login request. This command is permitted whether or not CHAP is enabled. NOTE:For information about setting up CHAP for use in a peer connection, see the topic about creating a peer connection in the Administrator's Guide.
The CHAP record can specify one name-secret pair to authenticate the originator only (one-way CHAP) or two pairs to authenticate both the originator and the recipient (mutual CHAP). For a login request from an initiator to a storage system, the initiator is the originator and the storage system is the recipient. Because CHAP works during login, to make CHAP changes take effect you must reset any active iSCSI host links. In a peer connection, a storage system can act as the originator or recipient of a login request. As the originator, with a valid CHAP record it can authenticate CHAP even if CHAP is disabled. This is possible because the system will supply the CHAP secret requested by its peer and the connection will be allowed. |
| Minimum role | standard |
| Syntax |
create chap-record name <originator-name> secret <originator-secret> [mutual-name <recipient-name> mutual-secret <recipient-secret>] |
| Parameters | name <originator-name>
The originator name, typically in IQN format. The name is case sensitive and can have a maximum of 223 bytes, including 0–9, lowercase a–z, hyphen, colon, and period secret <originator-secret>The secret that the recipient uses to authenticate the originator. The secret is case sensitive and can include 12–16 bytes. The value can include spaces and printable UTF-8 characters except: " < mutual-name <recipient-name>Optional; for mutual CHAP only. The recipient name, typically in IQN format. The name is case sensitive and can have a maximum of 223 bytes, including 0–9, lowercase a–z, hyphen, colon, and period. To determine the IQN of a storage system, use the show ports command to view the Target ID value for an iSCSI port. This parameter and mutual-secret must be set together. mutual-secret <recipient-secret>Optional; for mutual CHAP only. The secret that the originator uses to authenticate the recipient. The secret is case sensitive, can include 12–16 bytes, and must differ from the originator secret. The value can include spaces and printable UTF-8 characters except: " < A storage system secret is shared by both controllers. This parameter and mutual-name must be set together. |
| Examples | Create a one-way CHAP record to enable a storage system to authenticate a host initiator.
# create chap-record name iqn.1991-05.com.microsoft:myhost.domain secret 123456abcDEF |
| See also |
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\