Configuring a LAU key to secure RM data

For more information about LAU keys, see Configuring LAU keys.

To configure a LAU key to secure relationship management data while it is being exported or imported:

  1. Ensure that you have the system configuration administrator (DniSA) role in SYSOU or equivalent rights.
  2. Open the CLI with the following parameters: 
    dnicli -i instance -ou SYSOU -s DNI_SYSADM
  3. Create a CO of type DnfLAUKeyRM and use it to specify each half of the LAU key by issuing the following commands: 
    add -ou ou -ct DnfLAUKeyRM -co laukey -attr hk1         -secval hk1
add -ou ou -ct DnfLAUKeyRM -co laukey -attr hk2         -secval hk2
add -ou ou -ct DnfLAUKeyRM -co laukey -attr LastChanged -val    date
    where:
    ou
    The OU to which the LAU key applies. If the import command is to be issued for DNFSYSOU (this causes the relationship management data to be imported for all business OUs), a CO of type DnfLAUKeyRM must be configured for DNFSYSOU.
    laukey
    Name of the LAU key.
    hk1 and hk2
    First and second half keys of the LAU key. Each half key used to secure RM data must have a length of 16 characters and must contain only characters that correspond to hex digits (0123456789ABCDEF).
    date
    Date when the LAU key was last changed. It must have the format yyyy-mm-dd, for example, 2009-02-15 for 15 February 2009. This date can be used to determine if the configured LAU key has expired and therefore needs to be updated.
  4. Commit, approve, and deploy the changes: 
    com -ou ou
app -ou ou
dep -ou ou

    If dual authorization is enabled, another user with the appropriate access rights must approve the changes before they can be deployed. If dual authorization is disabled, you can skip approving the changes and immediately deploy them.