that each caller of the interface is given.

Run the hpss_init_server_acls program as follows:

% /opt/hpss/bin/convert62/hpss_init_server_acls

Error in stat of Keytab File, /var/hpss/etc/mm.keytab, 2

Note: The error is expected and does not indicate that the hpss_init_server_acls program did not complete successfully. In the above example, the error is displayed because the system did not have a mm lib or DB2 username and password setup for this system.

We recommend checking each server's ACLs at this time and ensuring that you fully understand the reasons for granting any group ACLs on any server. See Section 2.1: HPSS Server Security ACLs of the HPSS Management Guide for further information.

The hpss_init_server_acls program will destroy any existing entries in the AUTHZACL table. Therefore, this step should be executed before manually adding SSM users to the AUTHACL table, which is explained in section 6.3.19.8: Create SSM User Ids.

6.3.19.8. Create SSM User Ids

Create new SSM user Ids. There is no utility provided to convert the SSM user Ids from HPSS 4.5 or 5.1. Perform this step on the root subsystem only.

SSM User Ids under HPSS 4.5:

As of HPSS 5.1, SSM only supports the “admin” and “operator” security levels. If a 4.5 SSM ID is assigned an obsolete security level (“user” or “privileged”), then it must be changed to either “admin” or “operator”. See /var/hpss_45/ssm/hpssadm.config and /opt/hpss_45/sammi/hpss_ssm/user_authorization.dat files for a list of valid 4.5 SSM users.

SSM User Ids under HPSS 5.1:

See /var/hpss_51/ssm/ssmuser.config for a list of valid HPSS 5.1 SSM users.

Run hpssuser Utility

For each user, client platform, and security mechanism combination, run hpssuser utility and provide the necessary information. For an example on adding SSM user ‘fred’, see below:

%/opt/hpss/bin/hpssuser -add fred -ssm [ adding ssm user ]

1) admin

2) operator

Choose SSM security level

(type a number or RETURN to cancel): > 1

[ ssm user added : admin ]

Once ssm users are created, a ssm client package can be created. For example:

%/opt/hpss/bin/hpssuser -ssmclientpkg /tmp/ssmclientpkg.tar [ packaging ssm client ]

[ creating /tmp/ssmclientpkg.tar ] ssm.conf

HPSS Installation Guide

July 2008

Release 6.2 (Revision 2.0)

219

Page 218 Page 220
Page 219
Image 219
IBM HPSS manual Create SSM User Ids, SSM User Ids under Hpss, Run hpssuser Utility
Page 218 Page 220
Top Page Image Contents