|
Home > |
|---|
Change HSM Admin-modifiable elements from the HSM partition policy. This command toggles or alters a policy of the specified HSM partition. Only certain portions of the policy set are HSM Admin-modifiable. These policies and their current values can be determined using the partition showpolicies command. After a successful policy change, the command displays the new policy value.
This command must be executed by the SafeNet appliance “admin” logged in to the HSM as HSM Admin. If the HSM Admin is not authenticated, a “user not logged in” error message is returned.
This command can set a policy on or off, or set it to a certain value if it is a numerical policy. Policies can be set only to more restrictive values than the associated capability. You cannot relax a policy to a less-restrictive setting than the associated capability value. See the Capabilities and Policies section of this Reference Help, for a list of all partition capabilities/policies and their meanings.
partition changePolicy -partition <name> -policy <policynumber> -value <numvalue> [-force]
| Option | Shortcut | Parameter | Description |
|---|---|---|---|
| -partition | -pa | <partition name> | Specifies the name of the HSM Partition on which to alter policies. HSM Partition names are obtained with the partition -list command. |
| -policy | -po | <policy number> | Specifies the policy code of the policy to alter. Policy descriptions and codes are obtained with the partition showpolicies command. |
| -value | -v | <policy value> | Specifies the value that should be assigned to the specified policy. When specifying values for an on/off type policy, use '1' for on and '0' for off. |
| -force | -f | . | Force the option. Useful for scripting. |
lunash:> partition changePolicy -partition c1 -policy 22 -value 0
'partition changePolicy' successful.
Policy “Allow activation” is now set to: 0