Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Reset Password of VCS User in Secure Cluster.

Created: 23 Dec 2012 • Updated: 25 Dec 2012 | 5 comments
This issue has been solved. See solution.

Dear All,

Greetings!

Recently i have added a VCS user in one of our VCS Cluster which in running in secure mode to access the Java Console.

However i did not find any option to set a password for the same. After going thru some article i tried to #hauser -update <user name> however this option is not available for hauser command.

I need your support to resolve the issue.

VCS Version : 6.1

OS : RHEL 5.8 x86_64

I have followed below steps as of now.

#haconf -makerw

#hauser -add Admin -priv Administrator

#hauser -update Admin

]# hauser -update Admin
VCS WARNING V-16-1-10603 Unknown option: -update
VCS INFO V-16-1-10601 Usage:
    hauser -add <name> [-priv <Administrator|Operator|Guest> [-group <group(s)>]]
    hauser -addpriv <name> <Administrator|Operator|Guest> [-group <group(s)>]
    hauser -delpriv <name> <Administrator|Operator|Guest> [-group <group(s)>]
    hauser -addpriv <name> <AdministratorGroup|OperatorGroup> [-group <group(s)>]
    hauser -delpriv <name> <AdministratorGroup|OperatorGroup> [-group <group(s)>]
    hauser -delete <name>
    hauser -display [<name>]
    hauser -list
    hauser -help
 

Thanks.

Comments 5 CommentsJump to latest comment

mikebounds's picture

In secure mode, VCS users are O/S users, so the user must be an existing O/S user and you set password through normal O/S tools.  If you don't want to use O/S users, then you need to change to a non-secure cluster.

Mike

UK Symantec Consultant in VCS, GCO, SF, VVR, VxAT on Solaris, AIX, HP-ux, Linux & Windows

If this post has answered your question then please click on "Mark as solution" link below

Wadisail's picture

Hi Mike,

I have added the same user " Admin " in OS and reseted the password for the same. and even i tried to login using the root user with his passoword.but one thing i have noticed that in main.cf i can see the user name Admin however i unable to see the corresponding password.

I belive somewhere i have to mention the passowrd without editing the main.cf file ?

Thanks.

mikebounds's picture

When you use secure mode, VCS does not store any passwords as authentication is handled by the O/S, not VCS - this is why it is secure as storing passwords encypted in a text file (main.cf) is not that secure.

The admin user in main.cf will need to be in the format admin@domain, so ideally the domain should be a central domain like LDAP.  You can use unixpwd authentication and then the domain is the name of the host.

This is how secure clusters worked in 5.0 and 5.1 - I have not used secure cluster in 6.x, but I know 6.x uses embedded authentication as oppose to a more central model in 5.x, but I don't know if anything else has changed.

If you are still having issues, please post the initial section of you main.cf showing cluster and system definitions and also post the user, domain, broker and domain type you are using in java GUI and also the output of the following if it works "vssat showallbrokerdomains" (this command may not work in 6.x)

Mike

UK Symantec Consultant in VCS, GCO, SF, VVR, VxAT on Solaris, AIX, HP-ux, Linux & Windows

If this post has answered your question then please click on "Mark as solution" link below

Wadisail's picture

Hi Mike,

Kindly find the following info.

more /etc/VRTSvcs/conf/config/main.cf
include "OracleASMTypes.cf"
include "types.cf"
include "Db2udbTypes.cf"
include "EVACATypes.cf"
include "OracleTypes.cf"
include "SybaseTypes.cf"

cluster db (
    UserNames = { admin = 0 }
    Administrators = { admin }
    SecureClus = 1
    )

system db01 (
    )

system db02 (
    )

in Java Console i am using the user name admin and the passsword is also same.

in domain i left the default since it was a local user.

I did not find the vss showallbrokerdomains command.

Thanks.

Wadisail's picture

Dear Mike,

It is woring now. What i did was as you said i have entered the user name as admin@hostname.

in the host name i have provided the my Cluster name.

Thanks.

SOLUTION