User Guide

ManualsBrandsMacromedia ManualsOtherCOLDFUSION 5-ADVANCED ADMINISTRATION

311

312

313

314

315

316

317

318

319

320

302 Chapter 12 Configuring ColdFusion Clusters

Administrating Security

When you enable ClusterCATS administration security for a specific cluster, only

authorized users are able to access and administer that cluster using their

ClusterCATS Explorer (Windows) or the ClusterCATS Web Explorer (UNIX).

ClusterCATS provides three administration security settings for securing your server

cluster environment:

• Disabled Authentication

This is the default setting. It provides no security challenge, and therefore anyone

can access the server cluster with a ClusterCATS administration tool or even a

Web browser and modify your cluster environment.

• Local User Authentication

This is the recommended security setting for most clusters residing in small to

mid-sized organizations that have only a few administrators. This setting

provides a security challenge for anyone accessing the server. The authentication

is based on administrative privileges that you define for specific users on each

server in the cluster.

• Windows NT Domain Authentication (Windows NT Only)

You may want to use this security setting if your organization is fairly large and

contains many distributed administrator groups that need to access your server

clusters. To use this setting, you must define your global administrators’ group in

the form “

BT_clustername”, where clustername is the exact name of the cluster

you created with the ClusterCATS Explorer. The global administrators group must

exist within the same domain as the clustered servers.

This section describes the following:

• “Configuring authentication on Windows” on page 302

• “Configuring authentication on UNIX” on page 306

Configuring authentication on Windows

The following sections describe how to enable the type of authentication most

appropriate for your environment.

• “Configuring local-user authentication” on page 302

• “Configuring Windows NT domain authentication” on page 304

Configuring local-user authentication

Local-user authentication lets ClusterCATS authenticate specific users on a

per-server basis. Local users of a server must have an account on the server where

the Web server resides.

For example, if a cluster includes several Web servers and you only have an account

on one, then you can only administer that server.