If resources or peers don’t appear in other clusters in your BCC, it is possible that either a cluster or user synchronization driver is not security equivalent to a user with administrative rights to the cluster.
NOTE:Rather than using the eDirectory Admin user to administer your BCC, you should consider creating another user with sufficient rights to the appropriate contexts in your eDirectory tree to manage your BCC.
The IDM Driver object must have sufficient rights to create, modify, and delete objects and attributes in the following containers:
The Identity Manager driver set container.
The container where the Cluster object resides.
The container where the Server objects reside.
If server objects reside in multiple containers, this must be a container high enough in the tree to be above all containers that contain server objects.
Best practice is to have all server objects in one container.
The container where the cluster pool and volume objects are placed when they are synchronized to this cluster. This container is sometimes referred to as the landing zone. The NCP™ server objects for the virtual server of a business-continuity-enabled resource are also placed in the landing zone.
To make the Cluster Resource Synchronization driver or User Object Synchronization driver security equivalent to a user with administrative rights:
Start your Internet browser and enter the URL for iManager.
The URL is http://server_ip_address/nps/iManager.html. Replace server_ip_address with the IP address or DNS name of the server that has iManager and the Identity Manager preconfigured templates for iManager installed.
Specify your username and password, specify the tree where you want to log in, then click
.In the left column, click
, then click the link.DirXML is called Identity Manager in the latest releases.
Choose
, then click .Select the driver you want to check by clicking the red
icon or the blue icon.Click the red or blue icon again, then click the
tab if it is not already selected.Click
, and view or add a security equivalent user as needed.Repeat Step 5 through Step 7 for the other drivers in your BCC.
You must also ensure that the BCC Administrator user has Read, Write, Create, Erase, Modify, and File Scan access rights to the sys:/tmp directory on every node in your NetWare clusters.
For Linux, ensure that the BCC Administrator user is a LUM-enabled user. To LUM-enable a user, see Managing User and Group Objects in eDirectory
in the Novell Linux User Management Technology Guide.
NOTE:For NetWare, if you are concerned about denial of service attacks with the BCC Administrator user, you can set a quota of 5 MB for that user. This can prevent the BCC Administrator user from filling the sys: volume by copying an excessive number of files to the sys:/tmp directory