The Runtime Admin name and Runtime Admin password are stored in the CASA store, which is later used by the DNS Server for eDirectory authentication. The Runtime Admin credentials are stored with root (install user) and named user permissions. There can only be one Runtime User credential for DNS stored in CASA.
NOTE:In cluster setup, Runtime Credentials must be set on all the nodes in the DNS cluster.
To set the runtime credentials, execute the following commands:
KEYVALUE=<DN of runtime admin> CASAcli -s -n dns-ldap -k CN
KEYVALUE=<password of runtime admin> CASAcli -s -n dns-ldap -k Password
For example, to set the credentials of the runtime admin dnsadmin, execute the following commands:
KEYVALUE=cn=dnsadmin,o=novell CASAcli -s -n dns-ldap -k CN
KEYVALUE=<password> CASAcli -s -n dns-ldap -k Password
If you want to run novell-named as any non-root user other than named, you need to set the credentials of Runtime Admin for that non-root user because CASA store allows you to read the credentials only as the user who stored it (the non-root user must be an eDirectory user and a member of the dhcp Group object) by executing the following commands:
su <non-root user>
KEYVALUE=<DN of runtime admin user> CASAcli -s -n dns-ldap -k CN
KEYVALUE=<password of runtime admin user> CASAcli -s -n dns-ldap -k Password
This sets the user name and password in CASA store for DNS Server.
Copy the /etc/opt/novell/named/.named.cred to same directory under the chroot -t dir and change the user and group ownership from named:named to the -u user and its group.