Home >

LunaSH Command Reference Guide > LunaSH Commands > partition > partition setlegacydomain

partition setlegacydomain

Set the legacy cloning domain on a partition.

The legacy cloning domain for password-authenticated HSM partitions is the text string that was used as a cloning domain on the legacy token HSM whose contents are to be migrated to the SafeNet Network HSM partition.

The legacy cloning domain for PED-authenticated HSM partitions is the cloning domain secret on the red PED key for the legacy PED authenticated token HSM whose contents are to be migrated to the SafeNet Network HSM partition.

Your target HSM partition has, and retains, whatever modern partition cloning domain was imprinted (on a red PED Key) when the partition was created. This command takes the domain value from your legacy HSM's red PED Key and associates that with the modern-format domain of the partition, to allow the partition to be the cloning (restore...) recipient of objects from the legacy (token) HSM.

As well, you cannot migrate objects from a password-authenticated token/HSM to a PED-authenticated HSM partition, and you cannot migrate objects from a PED authenticated token/HSM to a password-authenticated HSM partition. Again, this is a security provision.

See Legacy Domains and Migration in the Administration Guide for a description and summary of the possible combinations of source (legacy) tokens/HSMs and target (modern) HSM partitions and the disposition of token objects from one to the other.

Note:  You can use this command repeatedly to associate different legacy domains to the current partition's cloning domain. This allows you to consolidate content from multiple legacy HSMs onto a single partition of a modern HSM.

Syntax

partition setLegacyDomain -partition <name> [-password <password>] [-domain <domain>]

Parameter Shortcut Description
-domain -d Specifies the legacy cloning domain name. This parameter is required on password-authenticated HSMs. It is ignored on PED-authenticated HSMs.
-partition -par Specifies the partition name.
-password -pas Specifies the partition password. This parameter is required on password-authenticated HSMs. It is ignored on PED-authenticated HSMs.

Example

lunash:> partition setLegacyDomain -partition <name>
 
The PED prompts for the legacy red domain PED Key (notice mention of "raw data" in the PED message).
Command result: Success!

SafeNet Network HSM 6.3 Product Documentation
007-011136-015 Rev. A 14 July 2017 Copyright 2001-2017 Gemalto All rights reserved.