Show the Table of Contents

You are here: Reference Manual > Client-side Commands (VTL) > vtl haAdmin subCommands > vtl haAdmin deleteGroup Client Command

Client-Computer HAadmin Commands (vtl)

vtl haAdmin deleteGroup Client Command

NAME

 vtl haAdmin -deleteGroup  - delete an HA group.

SYNOPSIS

vtl haAdmin -deleteGroup -group <groupNumber> -password <password>

DESCRIPTION

Delete the specified HA group. After a group is deleted, it will no longer appear in the slot list in PKCS#11 applications.

During the delete, the application attempts to login to each partition and remove the HA key from it. If the NTLA is not correctly set up or if the user no longer has access to one or more of the partitions in the group, a warning message indicates that the HA key was not successfully removed.

CAUTION! Do not use this command when an HA group is shared among multiple clients, because the -deleteGroup command deletes the HA Key material, which is still required by the other clients. The other clients would find that their HA group had been destroyed.  

If you wish to remove a client from an HA group where other clients continue to share the HA group, then edit the Chrystoki.conf or crystoki.ini file on that client and remove the “VirtualToken” section.
[NEVER insert TAB characters into the chrystoki.ini (Windows) or crystoki.conf (UNIX) file.] 

At that point, you still have an NTL connection which no longer sees the HA virtual Partition, but now sees the individual HSM Partitions on the Luna HSM.

You MUST NOT use the individual Partitions (from the HA virtual Partition), or the other clients will find their HA out-of-sync.

What you can do is login to the Luna HSM and de-register that client from those Partitions. You may then register other, non-HA partitions to that client without disturbing any remaining clients of the HA virtual partition.

OPTIONS

-group <groupNumber>  [mandatory] The HA group's designating number. Group numbers can be found using the vtl haAdmin -listGroups command.

-password <password>  [mandatory] The text password for the partitions. (All share the same password.)

SAMPLE OUTPUT

vtl haAdmin -deleteGroup -group 165010001 -password testpassword
HA key removed from HA group member with serial number 65010001.
The HA group 165010001 was successfully deleted.
vtl haAdmin -deleteGroup -group 165010001 -password testpassword
Warning:  This host is not assigned to a Luna SA partition with
the serial number 65010001, the HA key was not removed
from this group member.

The HA group 165010001 was successfully deleted.

See Also


 

 

Show the Table of Contents