 | ||
| Creating authentication broker accounts on root broker system | ||
|---|---|---|
| Prev | Preparing to configure the clusters in secure mode | Next |
| ||
| Creating authentication broker accounts on root broker system | ||
|---|---|---|
| Prev | Preparing to configure the clusters in secure mode | Next |
On the root broker system, the administrator must create an authentication broker (AB) account for each node in the cluster.
To create authentication broker accounts on root broker system
Determine the root broker domain name. Enter the following command on the root broker system:
venus> # vssat showalltrustedcreds
For example, the domain name resembles "Domain Name: root@venus.symantecexample.com" in the output.
For each node in the cluster, verify whether an account exists on the root broker system.
For example, to verify that an account exists for node galaxy:
venus> # vssat showprpl --pdrtype root \ --domain root@venus.symantecexample.com --prplname galaxy
If the output displays the principal account on root broker for the authentication broker on the node, then delete the existing principal accounts. For example:
venus> # vssat deleteprpl --pdrtype root \ --domain root@venus.symantecexample.com \ --prplname galaxy --silent
If the output displays the following error, then the account for the given authentication broker is not created on this root broker:
"Failed To Get Attributes For Principal"
Proceed to step 3.
Create a principal account for each authentication broker in the cluster. For example:
venus> # vssat addprpl --pdrtype root --domain \ root@venus.symantecexample.com --prplname galaxy \ --password password --prpltype service
You must use this password that you create in the input file for the encrypted file.