Veritas-bu
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Veritas-bu] Highly available Symantec Authentication/Authorization in VCS

2007-09-28 10:11:40
Subject: [Veritas-bu] Highly available Symantec Authentication/Authorization in VCS
From: Rongsheng Fang <unixlifebox AT gmail DOT com>
To: veritas-ha AT mailman.eng.auburn DOT edu
Date: Fri, 28 Sep 2007 09:53:07 -0400 
Hi,

Has anybody had any experience with setting up Symantec Authentication 
(VRTSat) and Authorization (VRTSaz) in a highly available mode using 
VCS? Currently we have VCS 5.0 running on a two node Sun Solaris 10 
cluster, and VRTSat 4.3.22.1 and VRTSaz 4.2.2.16. I would like to set up 
VRTSat and VRTSaz in the VCS so they can be highly available. However 
the configuration scripts installat, installaz or installics don't 
really play well with VCS 5.0. It looks like the installation script 
will set up VRTSat in VCS as follows:

1) installat will create two VCS service groups: VxSS and vxssclusterpdr.
2) VxSS basically starts vxatd and vxssclusterpdr include resources such 
as the VIP/NIC for at, Mount point for /var/VRTSat etc.
3) vxssclusterpdr will depend on VxSS with "online local firm".
4) VxSS will be set up to run on both cluster nodes in Parallel mode.

What has been confusing me here is:

1. Why would VxSS be set up to run in Parallel mode? If it has to, then 
does /var/VRTSat needs to be on CFS/CVM?

2. If /var/VRTSat has to be on CFS/CVM, then why would the installation 
script installat/installics still configures a separate resource vxatMNT 
in vxssclusterpdr?

3. Why would vxssclusterpdr which includes the resources for VIP, Mount 
for /var/VRTSat depend VxSS which simply starts up vxatd, not the other 
way around? Doesn't vsatd need /var/VRTSat to be available first before 
it can start?

I have been reading through all kind of Veritas documents such as "A 
step by step example of installing the VERITAS Security Services (VxSS)
and configuring VERITAS NetBackup (tm) Access Control (NBAC) on a
UNIX Master/Media Server", "Symantec Authentication Service Installation 
Guide - 4.3", and "Symantec Authentication and Authorization Yellow 
Book", but none of these has a detailed installation procedure for 
setting up VRTSat/VRTSaz in highly available mode.

If somebody could kindly explain to me or point me to the right 
direction, I would really appreciate it!

Thanks, and have a nice weekend!

Rongsheng
_______________________________________________
Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Veritas-bu] Highly available Symantec Authentication/Authorization in VCS, Rongsheng Fang <=
Previous by Date:  Re: [Veritas-bu] Backup exit notify, Tim Hoke
Next by Date:  Re: [Veritas-bu] delete files after backups, Justin Piszcz
Previous by Thread:  [Veritas-bu] delete files after backups, Yusuf Gedikoglu
Next by Thread:  [Veritas-bu] How to rename a robot?, Schneider, Matthew J.
Indexes:  [Date] [Thread] [Top] [All Lists]