How to configure Veritas Storage Foundation High Availability cluster to use local credentials instead of Single Sign-On provided by VCS Authentication Service

  • Article ID:100017968
  • Modified Date:
  • Product(s):

Problem

How to configure Veritas Storage Foundation High Availability cluster to use local credentials instead of the Single Sign-On (SSO), provided by VCS Authentication Service.

A command line error may be seen when trying to run cluster commands on server where SSO is corrupted.

Error Message

V-16-1-53007 Error returned from engine: HAD on this node not accepting clients
OR
V-16-1-53006 "Unable to connect to VCS engine securely"
 

Solution

This procedure configures the use of VCS (Veritas Cluster Server) User Privileges and disables the use of Single Sign-on security.

1. Save the cluster configuration. This can be done by typing the following command through the Command Line Interface (CLI):
# haconf -dump -makero

2. Stop the "Veritas High Availability Engine" ( had.exe) service on all nodes.  This can be done by stopping the service in from Windows Services Manager, or by typing the following command through the CLI:
Note: This will stop VCS services, but leaves the application(s) online.
# hastop -all -force

3. Stop the "Veritas Command Server" (CmdServer) service on all nodes.  This can be done by stopping the service in from Windows Services Manager, or by typing the following command on each server:
# net stop cmdserver

4. From each node in the cluster, remove the '.secure' file from the %VCS_HOME%\conf\config directory
Note: %VCS_HOME% represents the SFW-HA installation directory.  By default, this is C:\Program Files\VERITAS\Cluster Server.

5. Restart the "Veritas Command Server" (CmdServer) service on all nodes.  This can be done by starting the service in from Windows Services Manager, or by typing the following command on each server:
# net start cmdserver

6. Open the main.cf file in a text editor such as Notepad.  This file is located under the %VCS_HOME%\conf\config directory.

7. In the main.cf file, set the SecureClus attribute to 0.

For example:
cluster VCSCluster9495 (
SecureClus = 0
)

8. Save the cluster configuration changes.  This can be done from Notepad by clicking on File > Save.

9. Copy the modified main.cf file to each server in the cluster.  The default file location is in the %VCS_HOME%\conf\config directory on each server.

10. Restart the "Veritas High Availability Engine" on all nodes.  This can be done from Windows Services Manager, or by typing the following command:
# hastart -all

11. Make the cluster configuration writeable. This can be done by typing the following command:
# haconf -makerw

12. Add a login for the cluster. This can be done by typing the following command:
# hauser -add admin -priv Administrator

Note: "admin" can be substituted with another name.

13. Save and close the cluster configuration. This can be done by typing the following command:
# haconf -dump -makero

Login to the cluster using the username/password created in Step 12.

Related Articles

V-16-13-1018 "CmdServer service not running on system: %SERVERNAME%" appears when starting a wizard in Veritas Storage Foundation HA for Windows

Was this content helpful?

Get Support