2.7 User ID Planning
The following sections describe various aspects of User ID Planning.
2.7.1 Cluster User and Group IDs
One of the basic tasks any system administrator must perform is setting up user accounts and groups. All users require accounts to gain access to the system. Every user account must belong to a group. Groups provide an additional level of security and allow system administrators to manipulate a group of users as a single entity.
For users of an HACMP for AIX cluster, system administrators must create duplicate accounts on each cluster node. The user account information stored in the /etc/passwd file, and in other files stored in the /etc/security directory, should be consistent on all cluster nodes. For example, if a cluster node fails, users should be able to log on to the surviving nodes without experiencing problems caused by mismatches in the user or group IDs.
System administrators typically keep user accounts synchronized across cluster nodes by copying the key system account and security files to all cluster nodes whenever a new account is created or an existing account is changed.Typically rdist or rcp is used, for that. On RS/6000 SP systems pcp or supper are widely used. For
The following are some common user and group management tasks, and are briefly explained in 8.8, “User Management” on page 178:
•Listing all user accounts on all cluster nodes
•Adding users to all cluster nodes
•Changing characteristics of a user account on all cluster nodes
•Removing a user account from all cluster nodes.
•Listing all groups on all cluster nodes
•Adding groups to all cluster nodes
•Changing characteristics of a group on all cluster nodes
•Removing a group from all cluster nodes
