Using non-root user to configure VOM Central Management server

Article:HOWTO38266  |  Created: 2011-01-02  |  Updated: 2011-03-28  |  Article URL http://www.symantec.com/docs/HOWTO38266
Article Type
How To



Subject


BACKGROUND

 

Normally, after loading the VOM packages on the Central Management Server (CMS or CS), at the Unix command line (currently 64 bit Solaris, Linux and Windows), the administrator would use a web browser to connect to the administration port, login as root and configure the VOM server. 

 

The standard method of configuring VOM security groups for allowing non-root logins while flexible, must be configured in the VOM Graphical User Interface (GUI) after the VOM CS has been configured (see Related Articles below).  In order to configure a non-root user that can be used to login to a web browser and configure the CS, it must be configured prior to the web login and through the CLI interface in Unix.

 

This can be done by configuring the non-root user to be a member of the Unix group root.

 

SUMMARY PROCEDURE

 

  • Edit /etc/group and add a non-root user as a member of the Unix group root

 

DETAILED PROCEDURE

 

  1. Edit /etc/group and add a non-root user as a member of the Unix group root.
    (user 'mha' used in this example)

    o  Edit /etc/group adding the non-root user.

    # grep "^root" /etc/group
    root:x:0:root,mha

    o  Use 'su -' or telnet to log into the server as the non-root user to verify that the login completes successfully

    # su - mha
    $

    o  Using the Unix 'groups' command; validate that list of group names displayed include 'root'.

    $ groups
    other root

    o  Any error in the above 2 items should be resolved before continuing to the VOM installation and configuration.

    Here's an example that requires resolving group membership

    [root@mtv2850-04 logs]# su - mha
    $ groups
    id: cannot find name for group ID 500
    500

     
  2. Load packages on the Central Server.
    (shown for context)

    [root@mtv2850-04 vom]# ./Veritas_Operations_Manager_CMS_3.1_Linux.bin
    Initializing installation. Please wait....
    Extracting packages........................[OK]
    Verifying  packages........................[OK]
    Installing Veritas Operations Manager 3.1....

    Installing VRTSsfmh........................[OK]
    Installing VRTSsfmcs.......................[OK]
    Installation is complete. You will need to configure Veritas Operations Manager.

    Please open your browser and type the following URL to configure:
    https://mtv2850-04.mvw.spt.symantec.com:5634/

    [root@mtv2850-04 vom]#
     
  3. Browse to the Unix server and connect to the administration port (5634)




     
  4. Enter credentials for non-root user.


     
  5. Continue through the configuration pages and complete the configuration of the Central Server
    (shown for context).








     
  6. The result is the ability to login to the VOM console (port 14161) using a non-root user.
    (shown for context)




     
  7. At this point, the build of the VOM Central Server is complete using a non-root login to accomplish the Central Server configuration.  

 

It is suggested to create VOM Security Groups (see Related Articles below) for operational non-root logins.  After configuring Security Group(s) and validating the login of the new members, please remove the non-root login used in the VOM installation and configuration from the root group in /etc/group.
 

 

 




Article URL http://www.symantec.com/docs/HOWTO38266


Terms of use for this information are found in Legal Notices