Filter
Top Products
48 IBM Certification Study Guide AIX HACMP
2.7 User ID Planning
The following sections describe various aspects of User ID Planning.
2.7.1 Cluster User and Group IDs
One of the basic tasks any system administrator must perform is setting up
user accounts and groups. All users require accounts to gain access to the
system. Every user account must belong to a group. Groups provide an
additional level of security and allow system administrators to manipulate a
group of users as a single entity.
For users of an HACMP for AIX cluster, system administrators must create
duplicate accounts on each cluster node. The user account information
stored in the /etc/passwd file, and in other files stored in the /etc/security
directory, should be consistent on all cluster nodes. For example, if a cluster
node fails, users should be able to log on to the surviving nodes without
experiencing problems caused by mismatches in the user or group IDs.
System administrators typically keep user accounts synchronized across
cluster nodes by copying the key system account and security files to all
cluster nodes whenever a new account is created or an existing account is
changed.Typically
rdist or rcp is used, for that. On RS/6000 SP systems pcp
or
supper are widely used. For C-SPOC clusters, the C-SPOC utility simplifies
the cluster-wide synchronization of user accounts by propagating the new
account or changes to an existing account across all cluster nodes
automatically.
The following are some common user and group management tasks, and are
briefly explained in 8.8, “User Management” on page 178:
• Listing all user accounts on all cluster nodes
• Adding users to all cluster nodes
• Changing characteristics of a user account on all cluster nodes
• Removing a user account from all cluster nodes.
• Listing all groups on all cluster nodes
• Adding groups to all cluster nodes
• Changing characteristics of a group on all cluster nodes
• Removing a group from all cluster nodes