1. Manuals
  2. Brands
  3. F5 Manuals
  4. Switch
  5. ARX-VE
  6. Planning manual

Emc Best Practices: Creating The Proxy-User Account - F5 ARX-VE Planning Manual

Adaptive resource switch
Hide thumbs
Table of Contents

Advertisement

Chapter 1
Site Planning

EMC Best Practices: Creating the Proxy-User Account

rh1:/# ssh nasadmin@192.168.25.51
nasadmin@192.168.25.51's password: password
Last login: Thu Mar 22 09:37:42 2007 from juser.wwmed.com
EMC Celerra Control Station Linux Mon Nov 20 12:42:47 EST 2006
1 - 34
If the proxy-username has spaces or a pound-sign (#) character in it, you
must enclose it in quotation marks. Enclose only the username, not the
entire DOMAIN\proxy-username string. For example:
MYDOMAIN\"random user" == root # correct
is correct, but
"MYDOMAIN\random user" == root # incorrect
is incorrect.
As the final example, this line maps a Windows user, MEDARCH\jqpublic,
to root:
MEDARCH\jqpublic == root
EMC Celerra servers require a new, unused account for a proxy-user,
immediately mapped to root on the UNIX side. If a client has already
authenticated with a particular username and password, it would be
prohibitively difficult to re-map the username to root on an EMC. EMC
Release 5.5.24.2 introduces a command to resolve this problem; these
instructions apply to prior releases.
Start by creating a new Windows account for the proxy user. Remember to
add it to the Backup Operator's or Administrator's group on the EMC, or
give it equivalent privileges. Then map the above user to root on the UNIX
side, as described below.
From the EMC CLI, use the following command to get a copy of the UNIX
"passwd" file:
server_file data-mover ‐get passwd passwd.new
where data-mover identifies the data mover behind the ARX.
This places copy of the passwd file in a local file, "passwd.new." Edit this
file and add the following line to the bottom:
username::0:0:anything:home‐dir:path‐to‐shell
where username is the name for the proxy-user account that you created
from Windows. The two zeros in the third and fourth fields are the
required UID and GID for root. The values for the remaining fields are
outside the scope of this document; you can use man 5 passwd from
the EMC CLI to access the EMC documentation.
Then use the following command to install the passwd.new file and put it
into service:
server_file data-mover ‐put passwd.new passwd
For example, the following command sequence accesses the CLI of an EMC
Celerra and maps the "jqpublic" user to root. (The name of the data mover is
"server_2" in this example.)

Advertisement

Table of Contents
loading

Related Manuals for F5 ARX-VE

Related Products for F5 ARX-VE

This manual is also suitable for:

Arx-500Arx-4000Arx-1500Arx-2000Arx-2500

Table of Contents