Managing Cluster Administrators in the Cluster

The ability to create server pools in a cluster is limited to the cluster administrators. In prior releases, by default, every registered operating system user was considered a cluster administrator and, if necessary, the default could be changed using crsctl add | delete crs administrator commands. The use of these commands, however, is deprecated in this release and, instead, you should use the access control list (ACL) of the policy set to control the ability to create server pools.

As a rule, to have permission to create a server pool, the operating system user or an operating system group of which the user is a member must have the read, write, and execute permissions set in the ACL attribute. Use the crsctl modify policyset –attr "ACL=value" command to add or remove permissions for operating system users and groups.