SANtricity 11.8 Commands ( CA08871-194 ~ 196 )

Start FDE secure drive erase

The start secureErase drive command erases all of the data from one or more full disk encryption (FDE) drives so that they can be reused as FDE drives.

Supported Series

This command applies to any individual storage system, including the HB2100/HB2200/HB2300, HB5100/HB5200, AB6100 and AB3100 series, as long as all SMcli packages are installed.

Roles

To execute this command on an HB2100/HB2200/HB2300, HB5100/HB5200, AB6100, or AB3100 storage system, you must have the Security Admin role.

Context

Run this command only when the FDE drives are no longer part of a secure volume group or disk pool, or when the security key is unknown.

To erase a FIPS drive when the drive is locked and the security key to unlock it is unavailable, use the set drive securityID command.

Syntax

[start secureErase (drive [trayID,[drawerID,]slotID] | drives [trayID1,[drawerID1,]slotID1 ... trayIDn,[drawerIDn,]slotIDn])

Parameters

Parameter Description

drive or drives

For high-capacity drive trays, specify the tray ID value, the drawer ID value, and the slot ID value for the drive. For low-capacity drive trays, specify the tray ID value and the slot ID value for the drive. Tray ID values are 0 to 99. Drawer ID values are 1 to 5.

All slot ID maximums are 24. Slot ID values either begin at 0 or 1, depending on the tray model. Drive trays compatible with HB2100/HB2200/HB2300 and HB5100/HB5200 controllers have slot ID numbers starting at 0.

Enclose the tray ID value, the drawer ID value, and the slot ID value in square brackets ([ ]).

The drives list cannot contain all of the drives in the storage system, or the command will be rejected. To secure erase all drives, run this command twice, specifying the drive list in two separate groups.

Notes

The controller firmware creates a lock that restricts access to the FDE drives. FDE drives have a state called Security Capable. When you create a security key, the state is set to Security Enabled, which restricts access to all FDE drives that exist within the storage system.

Top of Page