role init

Initializes (creates) the named role on the current partition / slot, if applicable.

Use lunacm:> role list to see which roles are available on the current partition/slot.

Syntax

role init -name <role> [-password <password>]

Argument(s) Shortcut Description

Argument(s)	Shortcut	Description
-name <role>	-n	Name of role to be initialized. You can type the entire string, or use the shortcut shown in parentheses (not case-sensitive). Valid roles: Crypto Officer (CO). The PO initializes the CO. Limited Crypto Officer (LCO). The CO initializes the LCO. Crypto User (CU). The CO initializes the CU.
-password <password>	-p	The initial password for role, valid for the initial login only. In LunaCM, passwords and activation challenge secrets must be 8-255 characters in length. The following characters are allowed: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 !@#$%^&()-_=+[]{}\\|/;:',.<>?`~ Double quotation marks (`"`) are problematic and should not be used within passwords. Spaces are allowed; to specify a password with spaces using the -password* or -newpw option of a command, enclose the password in double quotation marks. NOTE The role must change the initial password using the command role changepw during the initial login session, or when they attempt a subsequent login.

-name <role>

-n

Name of role to be initialized. You can type the entire string, or use the shortcut shown in parentheses (not case-sensitive).

Valid roles:

Crypto Officer (CO). The PO initializes the CO.

Limited Crypto Officer (LCO). The CO initializes the LCO.

Crypto User (CU). The CO initializes the CU.

-password <password>

-p

The initial password for role, valid for the initial login only.

In LunaCM, passwords and activation challenge secrets must be 8-255 characters in length. The following characters are allowed:

abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 !@#$%^&*()-_=+[]{}\|/;:',.<>?`~

Double quotation marks (") are problematic and should not be used within passwords.

Spaces are allowed; to specify a password with spaces using the -password or -newpw option of a command, enclose the password in double quotation marks.

NOTE The role must change the initial password using the command role changepw during the initial login session, or when they attempt a subsequent login.

Example

Initializing the Crypto Officer role

lunacm:>role init -name co

        Please attend to the PED.

Command Result : No Error



	SUPPORT	LEGAL
Luna USB HSM 7 Documentation © Copyright 2001-2024, Thales Group Last Updated: 2024-10-22 10:41:19 GMT-04:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information