To configure the cluster in secure mode

1. Choose whether to configure VCS to use Symantec Product Authentication Service.

   Would you like to configure VCS to use Symantec Security 
   Services? [y,n,q] (n) y

   • If you want to configure the cluster in secure mode, make sure you meet the prerequisites and enter y.

   • If you do not want to configure the cluster in secure mode, enter n.

     You must add VCS users when the configuration program prompts.

2. Select one of the options to enable security.

   Before you choose any of the options, make sure that all the nodes in the cluster can successfully ping the root broker system.

   Select the Security option you would like to perform [1-3,b,q,?] (1)

   Security Menu
        1)  Configure security completely automatically
        2)  Provide AB credentials using BLOBs
        3)  Provide AB credentials without using BLOBs
        b)  Back to previous menu

   Review the following configuration modes. Based on the configuration that you want to use, enter one of the following values:

   Option 1. Automatic configuration	Based on the root broker you want to use, do one of the following: To use an external root broker: Enter the name of the root broker system when prompted. Requires remote access to the root broker. Make sure that all the nodes in the cluster can successfully ping the root broker system. Review the output as the installer verifies communication with the root broker system, checks vxatd process and version, and checks security domain. To configure one of the nodes as root broker: Press Enter at the following installer prompt: If you already have an external RB(Root Broker) installed and configured, enter the RB name, or press Enter to skip: [b] Choose the node that the installer must configure as root and authentication broker. The installer configures the other nodes as authentication brokers. At the installer prompt, you can choose the first node in the cluster to configure as RAB, or you can enter n to configure another node as RAB. For example: Do you want to configure <galaxy> as RAB, and other nodes as AB? [y,n,q,b] (y) n Enter the node name which you want to configure as RAB: nebula
   Option 2 . Semiautomatic configuration	Enter the path of the encrypted file (BLOB file) for each node when prompted.
   Option 3. Manual configuration	Enter the following Root Broker information as the installer prompts you: Enter root broker name: [b] east.symantecexample.com Enter root broker FQDN: [b] (symantecexample.com) symantecexample.com Enter the root broker domain name for the Authentication Broker's identity: [b] root@east.symantecexample.com Enter root broker port: [b] 2821 Enter path to the locally accessible root hash [b] (/var/tmp/installvcs-200910221810ROA/root_hash) /var/tmp/installvcs-200910221810ROA/root_hash Enter the following Authentication Broker information as the installer prompts you for each node: Enter Authentication broker's identity on galaxy [b] (galaxy.symantecexample.com) galaxy.symantecexample.com Enter the password for the Authentication broker's identity on galaxy: Enter Authentication broker's identity on nebula [b] (nebula.symantecexample.com) nebula.symantecexample.com Enter the password for the Authentication broker's identity on nebula:

3. After you provide the required information to configure the cluster in secure mode, the program prompts you to configure SMTP email notification.

   Note that the installer does not prompt you to add VCS users if you configured the cluster in secure mode. However, you must add VCS users later.

   See the Veritas Cluster Server Administrator's Guide for more information.