Running User Name Mapping on a server cluster

A server cluster is a group of independent computer systems, known as nodes, working together as a single system to ensure that mission-critical applications and resources remain available to clients. These nodes must be running Windows 2000 Advanced Server. Every node is attached to one or more cluster storage devices. Clustering allows users and administrators to access and manage the nodes as a single system rather than as separate computers.

User Name Mapping is specifically designed to make use of the server cluster and the server cluster's ability to replicate configuration settings among its nodes. This means that when User Name Mapping is installed on the nodes of a cluster, all changes to the configuration of User Name Mapping on one node are automatically replicated to User Name Mapping on all other nodes of the cluster. Consequently, you can manage User Name Mapping on all the nodes in the cluster simply by administering User Name Mapping on any one node. This ensures that user and group mappings and other settings will be identical on all servers in the cluster, thereby allowing you to easily achieve static load balancing by distributing User Name Mapping clients among the nodes of the cluster.

When you install User Name Mapping on a cluster, you should perform the following steps:

1. To achieve static load balancing, create one cluster group for each node with its own Internet Protocol (IP) address and network name resource, and assign the preferred owner for each group so that it is primarily owned by a different node
2. Install User Name Mapping on the nodes of the cluster one at a time. Before installing User Name Mapping on a node, move all groups away from the node.
3. When User Name Mapping has been installed on all nodes, return all groups to their primary owners.
4. Configure User Name Mapping on any node. Settings changed on one node are automatically replicated to all other nodes in the cluster.
5. Configure each client computer to use the virtual server name from one of the cluster groups as its User Name Mapping server. This will ensure that client computers will continue to be served by User Name Mapping in case of node failure. To provide static load balancing, evenly distribute clients among the virtual servers of the cluster.

Notes

• To run User Name Mapping on a server cluster, you must install User Name Mapping on the nodes of an existing cluster. Adding a stand-alone computer that is already running User Name Mapping as a new node in an existing cluster is not supported.
• When running User Name Mapping on a server cluster, do not create maps using local Windows user and group accounts. Because the security identifiers (SIDs) of local accounts are recognized only by the server where those accounts were created, other nodes in the cluster will not be able to resolve those accounts when the server fails. Instead, you should create maps using domain accounts only.
• If the cluster service is restarted on a node, you must also restart the User Name Mapping service. Until you do, configuration changes will not be replicated to and from User Name Mapping on the node.
• User Name Mapping configuration changes are not properly replicated among nodes in a cluster if you run Services for UNIX Administration or mapadmin on a computer that belongs to a domain that is not trusted by the domain of the cluster. To ensure that User Name Mapping configuration changes are properly replicated, always administer User Name Mapping running on a cluster using a computer that belongs to a trusted domain.
• You must maintain identical .maphosts files on all servers in the pool. For more information about the .maphosts file, see Controlling access to User Name Mapping.
• If you use PCNFS passwd and group files to provide user and group information for User Name Mapping running on a cluster, the passwd and group files must be located on local disk drives on each node, and the system administrator must update these files as required. In addition, if you restore mapping settings from a backup file, you must also copy the passwd and group files that are restored to the %sfudir%\PCNFS directory to the appropriate location on all of the nodes in the cluster and ensure that all nodes in the cluster are configured to use passwd and group files located in the same local path. (Note that when files are restored on the computer from which they were backed up, the passwd and group files are restored to %sfudir%\PCNFS, regardless of their original location, and User Name Mapping is configured to use the files at that location.) For more information about backing up and restoring User Name Mapping data, see To back up and restore maps.
• If you are running User Name Mapping as well as Server for NFS or Gateway for NFS on a server cluster, configure each node of the cluster to use localhost as its User Name Mapping server. For more information, see To set up authentication using User Name Mapping.