< Previous  | TOC | Index | Next  >

Setting up a trust relationship between two
authentication brokers

This procedure is a general prerequisite to add secure direct connection clusters to a management server or a peer management server.

 To set up the trust relationship

1. Identify which two systems with authentication brokers are to participate in the trust relationship.

   To set up a peer management server, these systems are:

   • The local management server host
   • The remote management server host

     For adding secure direct connection clusters, these systems are:

   • The system that hosts the authentication broker used by the cluster (can be a cluster node in the cluster)
   • The local management server host
2. On one of the two systems, run the following command (the dashes preceding the command options are double dashes):

   # vssat setuptrust --broker systemname:2821 --securitylevel low

   Where systemname is the DNS server name or the IP address of the second (other) system.

3. On the second (other) system, obtain a command prompt and run the following command:

   vssat setuptrust --broker systemname:2821 --securitylevel low

Where systemname is the DNS server name or the IP address of the 
first system.
 
  If you are adding secure direct connection clusters, you are finished with this procedure.

  If you are adding a peer management server, you must continue with the following steps:

4. On both systems, obtain a command prompt and run the following command (the dashes in steps 4-6 are single dashes):

   # gaserver -list

   This command returns the ID, system name, and address of the system that runs the command. Record these data for both systems.

5. On the first system, run the following command:

   # gaserver -add ID systemname address [port]

   Where ID, systemname, and address are the ID, system name, and IP address of the second (other) system, and port is the default Cluster Management Console port, 14145.

6. On the second (other) system, obtain a command prompt and run the following command:

   # gaserver -add ID systemname address [port]

   Where ID, systemname, and address are the ID, system name, and IP address of the first system, and port is the default Cluster Management Console port, 14145.

7. To verify the peer management server, run the gaserver -list command on each management server host. If both command runs return data for both systems, the peer management server is configured successfully.