Managing Devices in Oracle^® Solaris 11.3

How to Restrict Logical Unit Access to Selected Systems

Use this procedure to restrict LU access to selected hosts on a storage network. If you are using Fibre Channel ports, first identify the World Wide Names (WWN). Then, selectively map a logical unit number (LUN) to the ports on host-a, for example. A target group (targets-0) is also defined for a given set of target ports that export the same set of LUs to the same host group.

For information about configuring a target group, see stmfadm(1M).

1. Become an administrator.

   For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.3.

2. Identify the Fibre Channel (FC) port on the initiator.

   initiator# fcinfo hba-port
   HBA Port WWN: 210000e08b195dae
   Port Mode: Initiator
   Port ID: 0
   OS Device Name: /dev/cfg/c8
   Manufacturer: QLogic Corp.
   Model: 375-3108-xx
   Firmware Version: 03.03.28
   FCode/BIOS Version:  fcode: 1.13;
   Serial Number: not available
   Driver Name: qlc
   Driver Version: 20100408-3.01
   Type: unknown
   State: offline
   Supported Speeds: 1Gb 2Gb
   Current Speed: not established
   Node WWN: 200000e08b195dae
   NPIV Not Supported
   .
   .
   .

3. Create a host group.

   target# stmfadm create-hg host-a

4. Add the WWNs identified in the preceding output as members of the host group.

   target# stmfadm add-hg-member -g host-a  210000e08b195dae 210100e08b395dae

5. Create a target group.

   target# stmfadm create-tg targets-0

6. Specify the target group members by adding the target names.

   Each SCSI target can be a member of only one target group.

   target# stmfadm add-tg-member -g targets-0 wwn.guid-number

7. Identify the GUID number for the LU.

   target# stmfadm list-lu -v

8. Make the LU available by adding a view entry, specifying the host group name and the LU GUID number.

   target# stmfadm add-view -h host-a -t targets-0 -n 1 guid-number