Manualshelf

DCE Installation, Configuration, and Management Guide

ManualsBrandsHP ManualsServerHP NonStop G-Series
61626364656667686970
HP NonStop DCE Installation, Configuration, and Management Guide429552-005
7-1
7 Managing a DCE Cell
This section describes DCE cell management and provides general troubleshooting
suggestions.
General Maintenance
Encourage users to remove their credentials by using the kdestroy utility before
logging off.
A user's DCE credential files are not automatically purged by exiting an OSS shell,
logoff, or expiration. The use of kdestroy avoids unnecessary disk usage and
decreases the opportunity for malicious users to gain access to credentials. The
kdestroy utility should not be used for processes with credentials that are
intentionally running in the background.
For general cell maintenance, perform the following procedure periodically.
1. Back up the security database for each virtual host:
a. Place the security server in maintenance mode by executing the following
command:
sec_admin state -maintenance
b. Back up the files in
/opt/dcelocal.hostname/var/security/rgy_data/*.
c. Reset the server state by issuing the following command:
sec_admin state -service
2. If a CDS server is configured:
a. Protect the NonStop SQL/MP database by periodically generating TMF online
dumps.
b. Verify that the TMF audit-trail files are configured properly and are large
enough.
c. Partition the database file, DIT, across multiple disks if necessary. For more
information on how to partition the database file, see the steps for adding a
partition in the SQL/MP Installation and Management Guide.
3. If an audit server is configured, purge audit-trail files that are no longer needed.