Using non-root user to configure VOM Central Management server
|Article:HOWTO38266|||||Created: 2011-01-03|||||Updated: 2011-03-28|||||Article URL http://www.symantec.com/docs/HOWTO38266|
Normally, after loading the VOM packages on the Central Management Server (CMS or CS), at the Unix command line (currently 64 bit Solaris, Linux and Windows), the administrator would use a web browser to connect to the administration port, login as root and configure the VOM server.
The standard method of configuring VOM security groups for allowing non-root logins while flexible, must be configured in the VOM Graphical User Interface (GUI) after the VOM CS has been configured (see Related Articles below). In order to configure a non-root user that can be used to login to a web browser and configure the CS, it must be configured prior to the web login and through the CLI interface in Unix.
This can be done by configuring the non-root user to be a member of the Unix group root.
- Edit /etc/group and add a non-root user as a member of the Unix group root
- Edit /etc/group and add a non-root user as a member of the Unix group root.
(user 'mha' used in this example)
o Edit /etc/group adding the non-root user.
# grep "^root" /etc/group
o Use 'su -' or telnet to log into the server as the non-root user to verify that the login completes successfully
# su - mha
o Using the Unix 'groups' command; validate that list of group names displayed include 'root'.
o Any error in the above 2 items should be resolved before continuing to the VOM installation and configuration.
Here's an example that requires resolving group membership
[root@mtv2850-04 logs]# su - mha$ groupsid: cannot find name for group ID 500500$
- Load packages on the Central Server.
(shown for context)
[root@mtv2850-04 vom]# ./Veritas_Operations_Manager_CMS_3.1_Linux.bin
Initializing installation. Please wait....
Installing Veritas Operations Manager 3.1....
Installation is complete. You will need to configure Veritas Operations Manager.
Please open your browser and type the following URL to configure:
- Browse to the Unix server and connect to the administration port (5634)
- Enter credentials for non-root user.
- Continue through the configuration pages and complete the configuration of the Central Server
(shown for context).
- The result is the ability to login to the VOM console (port 14161) using a non-root user.
(shown for context)
- At this point, the build of the VOM Central Server is complete using a non-root login to accomplish the Central Server configuration.
It is suggested to create VOM Security Groups (see Related Articles below) for operational non-root logins. After configuring Security Group(s) and validating the login of the new members, please remove the non-root login used in the VOM installation and configuration from the root group in /etc/group.
Article URL http://www.symantec.com/docs/HOWTO38266