Oracle Solaris Cluster enables you to determine if new nodes can add themselves to the global cluster and the type of authentication to use. You can permit any new node to join the cluster over the public network, deny new nodes from joining the cluster, or indicate a specific node that can join the cluster. New nodes can be authenticated by using either standard UNIX or Diffie-Hellman (DES) authentication. If you select DES authentication, you must also configure all necessary encryption keys before a node can join. See the keyserv (1M) and publickey (4) man pages for more information.
The phys-schost# prompt reflects a global-cluster prompt. Perform this procedure on a global cluster.
This procedure provides the long forms of the Oracle Solaris Cluster commands. Most commands also have short forms. Except for the long and short forms of the command names, the commands are identical.
phys-schost# clsetup
The Main Menu is displayed.
The New Nodes menu is displayed.
The clsetup utility generates the claccess command. The following example shows the claccess command that prevents new machines from being added to the cluster.
phys-schost# claccess deny -h hostnameExample 9-4 Permitting All New Machines to Be Added to the Global Cluster
The clsetup utility generates the claccess command. The following example shows the claccess command that enables all new machines to be added to the cluster.
phys-schost# claccess allow-allExample 9-5 Specifying a New Machine to Be Added to the Global Cluster
The clsetup utility generates the claccess command. The following example shows the claccess command that enables a single new machine to be added to the cluster.
phys-schost# claccess allow -h hostnameExample 9-6 Setting the Authentication to Standard UNIX
The clsetup utility generates the claccess command. The following example shows the claccess command that resets to standard UNIX authentication for new nodes that are joining the cluster.
phys-schost# claccess set -p protocol=sysExample 9-7 Setting the Authentication to DES
The clsetup utility generates the claccess command. The following example shows the claccess command that uses DES authentication for new nodes that are joining the cluster.
phys-schost# claccess set -p protocol=des
When using DES authentication, you must also configure all necessary encryption keys before a node can join the cluster. For more information, see the keyserv (1M) and publickey (4) man pages.