Permission Checking in Disaster Recovery Gridsets

To enable permissions in a mirror grid, ensure that the following criteria are met:

1. Enable transport encryption and permission checking for the grids in the gridset.
2. Define the same users and roles in all the grids in the gridset.

When the data is mirrored from the primary grid to the mirror grids, the permissions are also mirrored. Thus, all the grids in the set must have the same users and roles defined. In a production environment, such user and role issues are unlikely to be an issue because all the users and roles typically come from the same LDAP server. However, in a testing or development environment where you rely on file-based authentication, you must ensure that all the FTL servers have a consistent view of the users and roles that exist in the realm. In addition, since the permissions for the table can only be set in the primary grid, users or roles that access the data only through a mirror grid must be granted access in the primary so that when the data is mirrored, the users can access it.

For more information about enabling permissions on a data grid, see Grid and Table Permissions.