Manualshelf

Planning and Configuring HP-UX DCE 1.9

ManualsBrandsHP ManualsSoftwareHP-UX DCE Software
31323334353637383940
Chapter 4
Before Installing HP-UX DCE Version 1.9
Pre installation Planning
36
Security Services
Security server software is contained in the DCE-SEC-Server product. The system(s) running the security
server should be reliably accessible and physically secure. They should also have enough disk space to hold a
registry database that could expand significantly over time as the number of users increases. HP has found
the following guidelines to be sufficient:
More information about DCE Security Services may be found in the
OSF DCE Administration Guide -
Core Services
.
Cell Directory Service Configuration
In configuring CDS servers and clients, pay careful attention to the HP-UX DCE 1.9 hardware requirements
for the DCE product. (See “System Requirements” on page 33.) Appropriate kernel configuration, memory,
disk, and especially swap space are essential to the proper functioning of the CDS subsystem.
Tape backups of the CDS server database are extremely important for recovery from catastrophic problems.
HP strongly recommends regular tape back ups of all CDS server databases, especially those containing any
master replicas. Tape backups and restorations require the CDS server in question to be temporarily shut
down.
Most CDS problems, however, do not require resorting to tape backup. Directory replication provides
continuous online backup for most failures, with faster recovery and less stale data. This makes directory
replication highly desirable for all DCE cells. Every cell should configure at least two CDS servers, and
read-only replicas of all directories should be created on the backup server. In this configuration, backup is
continuous, and recovery only involves switching the role of the servers.
Multiple CDS servers can be configured for specific purposes in the cell. Multiple CDS servers with read-only
replicas of all directories in the name space should always be present for backup and recovery purposes.
Performance considerations may also make the configuration of other CDS servers desirable. For instance,
administrators of very busy cells or cells with large numbers of nodes should consider adding additional CDS
servers to share the name space processing load. Similarly, administrators of cells with groups of nodes
separated by WAN links should consider providing a local CDS server for each group to enhance performance.
Administrators with very large cells may want to partition the name space among several CDS servers,
replicating only the locally used directories, to distribute the storage overhead of the name space.
Each of these CDS configuration strategies is documented in the
OSF DCE Administration Guide - Core
Services
.
Time Services
A minimum of three DTS servers is recommended for any cell with three or more member systems. If you use
an external time provider, you can have only one of these running in a cell.
If you are running AFS, be sure to run the AFS daemon (afsd) with the -nosettime option. Otherwise, afsd
periodically resets the system's time. Also be sure that no other software that sets the time (like ntp or timed)
is running on the systems in the cell.
For each principal: 1440 bytes of physical
memory, 330 bytes of disk
space
For each account: 1580 bytes of physical
memory, 240 bytes of disk
space