User & Password

When using user credential based authentication (see the local or jaas Authentication Methods), a server will authenticate its fault-tolerant peer server by validating the user name and password provided as part of the connection request from the peer server.

This following files must be updated to perform local authentication:

  • The tibemsd.conf file for each server must have the same server name and password (the server and password parameters must be the same on each server).
  • The user name and password in the users.conf file for each server must match the values of the server and password parameters in the tibemsd.conf file.
Note: If the two EMS Servers are not sharing a users.conf file, make sure that you create a user with the same name as the EMS Server, and set the user's password with the value of the "server" password.

For example, you have two EMS Servers (Server 1 and Server 2) that are named "EMS-SERVER" and are to use a password of "mySecret", but which do not share a users.conf file. To set the user names and passwords, start the EMS Administration Tool on each server, as described in EMS Administration Tool, and do the following.

From the active (Server 1), enter:

   set server password=mySecret
   create user EMS-SERVER password=mySecret

From the standby (Server 2), enter:

   set server password=mySecret
   create user EMS-SERVER password=mySecret

From the active (Server 1), enter:

   set server authorization=enabled

From the standby (Server 2), enter:

   set server authorization=enabled

For jaas authentication, the tibemsd.conf changes are still required. However, a JAAS authentication module must be configured in lieu of the users.conf changes. See JAAS Authentication Modules for details.