| Bookshelf Home | Contents | Index | Search | PDF | |
Siebel Server Installation Guide for UNIX > Preparing for the Installation > Planning Your Siebel Deployment >
Creating Siebel Accounts
The Siebel Enterprise Server requires that you create one or more of the following standard UNIX system user accounts, depending on whether you implement Central Dispatch:
- Siebel service owner account. An account on each Siebel Server in your Enterprise under which all Siebel processes and components operate. In any deployment, this account must exist on each Siebel Server, the Siebel Gateway Name Server, and on any machine on which the Siebel File System exists.
- Resonate manager account. An account on each server in your Central Dispatch site that is used by the Siebel Enterprise Server to automatically register Siebel resources with Central Dispatch. This account must exist only if you implement Central Dispatch.
- Resonate monitoring account. An account that is required for Central Dispatch connection brokering. This account must exist if you implement connection brokering with Central Dispatch.
NOTE: Do not disable these accounts. They must be enabled to connect to the nodes on which the accounts are created.
Creating the Siebel Service Owner Account
The Siebel Gateway Name Server and Siebel Server processes must operate under this common user account with appropriate permissions. All Siebel Enterprise Server software is also installed under this account, and the Service owner account must be used to start or stop Siebel Enterprise Server components.
Use the following guidelines to create the same Siebel service owner account on the Siebel Gateway Name Server, on each Siebel Server in the Enterprise, and on any machine on which the File System exists:
- Create the account at the network level, using an appropriate administration tool for your UNIX platform, so that the same account can be used for all UNIX servers within the Siebel Enterprise Server.
- Determine what the account name and password will be, and record this information in your copy of the Deployment Planning Worksheet. (For security reasons, you may prefer not to record the password.)
- The account password should preferably not require a change on next logon and must be set not to expire. To achieve this, do not assign a login shell to that account. (If you do not assign a login shell to the account, you also do not need to assign a home directory to the account.)
- The account name or password cannot contain any spaces.
- It is possible for the Siebel service owner and the Resonate manager accounts to be the same account if either account meets the requirements of both.
Creating the Resonate Manager Account
The Resonate manager account, also known as the Resonate Administrator account, is required when you use Central Dispatch for connection brokering. Therefore, you need an account with this role only if you install connection brokering.
This account is used by the Siebel Enterprise Server to automatically register Siebel resources with Central Dispatch.
Use the following guidelines to create the same Resonate manager account on each machine in the Central Dispatch site; that is, the machines on which the Central Dispatch Schedulers, the Siebel Gateway Name Server, and the Siebel Servers on which Central Dispatch performs connection-brokering:
- This account needs only to be user-level.
- Determine what the account name and password will be, and record this information in your copy of the Deployment Planning Worksheet. (For security reasons, you may prefer not to record the password.)
- The account password should preferably not require a change on next logon and must be set not to expire. To achieve this, do not assign a login shell to that account. (If you do not assign a login shell to the account, you also do not need to assign a home directory to the account.)
If your site requires a change of password each time a user logs in, see Implementing Load-Balancing with Central Dispatch.
- An account name cannot contain embedded spaces.
- It is possible for the Siebel service owner and the Resonate manager accounts to be the same account if that account satisfies the requirements for each account.
Creating the Resonate Monitoring Account
This account is required for the Central Dispatch connection brokering server. Therefore, you need this account only if you install connection brokering. Central Dispatch uses this account to monitor the load on your Siebel Servers and incoming connection requests.
The Resonate monitoring account, like the Resonate manager account, must exist on each machine in the Central Dispatch site.
Use the following guidelines to create a Resonate manager account on each machine in the Central Dispatch site:
- The Resonate monitoring account must have login privileges on each machine, but requires no additional privileges.
- It is recommended that the Resonate monitoring account and the Resonate manager account be different accounts, so that there is no possibility that the Resonate monitoring account can administer the machine. As such, they should have different passwords.
NOTE: Never log on to Dispatch Manager accounts directly as a user. The accounts exist on each machine so that Dispatch Manager can validate the password you enter when connecting to your Central Dispatch site before granting administration or monitoring privileges.
| Bookshelf Home | Contents | Index | Search | PDF | |
Siebel Server Installation Guide for UNIX Published: 24 June 2003 |