Filter
Top Products
6.3.16. Enable DB2 Backup
Set up the DB2 backup process for HPSS metadata. Ensure that an initial backup of all HPSS
databases are available at this point. Perform this step on each root and non-root subsystem.
6.3.17. Perform the DCE Export: hpss_dce_export
This step applies to upgrades for both HPSS 4.5 and 5.1. The program that exports principal and
group information from DCE is called hpss_dce_export. The program sends its output to ASCII text
files located in the output directory designated as an option. Create a subdirectory called
/var/hpss/convert/6.2, if one doesn’t already exist. Using the new subdirectory, invoke the DCE
export program as follows:
Usage: hpss_dce_export <output dir>
% hpss_dce_export /var/hpss/convert/6.2
The program will start by looking for the existence of a file, called skipFile, in the path provided (e.g.
/var/hpss/convert/6.2). This file contains information on principals and groups in DCE that should or
should not be exported from DCE. If the file doesn’t exist, the first execution of this program will
create a default skipFile.
•
If the skipFile does not exist during the first execution, the hpss_dce_export script will
need to be re-executed in order to export data from DCE.
•
Each site is highly recommended to use the default skipFile only after close analysis.
Many principals and groups in DCE are not necessary for HPSS 6.2 to run properly;
therefore, accepting the default values in the skipFile will probably result in the addition
of many unnecessary principal and group entries to the LDAP or Unix registry
When the skipFile exists or when the program is executed the second time, the program will export
principal, group, and cell information from DCE into the output directory provided. These files will
be read as input to the import program corresponding to the authorization mechanism each site will
utilize.
6.3.18. Perform the Unix, LDAP or Kerberos Import
This step applies to conversions for both HPSS 4.5 and 5.1. See the following sections on
information on how to import the DCE authorization information into Unix, LDAP or Kerberos.
The necessary steps to be performed depend on the authorization mechanism selected by the site.
Note that the hpss_ldap_admin utility must be run after the hpss_ldap_import utility.
Import DCE Authorization Information into Unix for HPSS Servers
The conversion program that imports HPSS server information into the Unix environment is called
hpss_unix_servers. The hpss_unix_servers program supports Unix authorization by gathering
information for each HPSS server from DCE and importing it into the Unix or HPSS password, group
and shadow files. The hpss_unix_servers program also creates a Unix keytab file (usually in
/var/hpss/etc/hpss.mm.keytab) and adds the HPSS server principals to the keytab file for initial
startup. Passwords for HPSS servers in the keytab file are set initially to default values then
encrypted.
There are no command line options for the hpss_unix_servers program. Before running the program,
ensure that the environment variables for HPSS server principals (e.g. HPSS_PRINCIPAL_CORE)
are set to proper HPSS 6.2 values. If non-default server principal values were used in HPSS 4.5 or
HPSS Installation Guide July 2008
Release 6.2 (Revision 2.0) 215