Previous  |  Next  >  
Product: Cluster Server Guides   
Manual: Cluster Server 4.1 User's Guide   

Using the Single Sign-On Feature in Secure Clusters

To enable the single sign-on mechanism, you must create a proxy user on an authentication broker and configure the proxy user in the Web console.

Prerequisites

    Checkmark  All authentication brokers in the cluster must point to a single root broker.

    Checkmark  If the root broker is not part of the cluster, all authentication brokers must have a trust relationship between them.

Creating a Proxy User

Run the following command on an authentication broker node to create a proxy user:


vssat addprpl --pdrtype ab --domain HA_SERVICES --prplname    
  proxyusername --password <password> --prpltype service  
  --can_proxy

  • <proxyusername>---The name of the user.
  • <password>---The password associated with the proxy user.
  • The --can_proxy option specifies that the user can act as a proxy for another user.

Configuring the Proxy Users in the Web Console

  1. Access the Web Console.
  2. Click the cluster in which you want to configure the proxy user.
  3. Enter the VCS user name, password, and domain.
  4. Click Login.
  5. In the left pane, click User Management.
  6. In the VCS Users page, click Proxy User Details.
  7. In the Proxy User Details dialog box, specify the details of the proxy user created in Creating a Proxy User.
    1. Enter the name of the proxy user.
    2. Enter the password for the proxy user.
    3. Enter the fully qualified host name of the authentication broker node on which you created the proxy user.
    4. Enter the IP address for the authentication broker node.
    5. Enter the port number used to connect to the authentication broker node. Default is 2821.
    6. Click OK.
  8. Click Close Window.

Additional Considerations for Configuring Proxy Users

  • If the ClusterService service group fails over, you must configure the proxy user on the new node. The proxy user must be configured once on each node in the cluster.
  • You need not reconfigure the proxy user if the node hosting the ClusterService group is restarted.

Using Help

The Web Console provides context-sensitive online help in a separate browser for the various views in the console. Use the Contents, Index, and Search features in the help system to locate the information you need.

  To access online help

Click Help in the top right corner of any view.

To avoid launching extraneous browser windows, do not close the online help until the content is fully loaded into the help browser.

 ^ Return to Top Previous  |  Next  >  
Product: Cluster Server Guides  
Manual: Cluster Server 4.1 User's Guide  
VERITAS Software Corporation
www.veritas.com