Migration Scenario 1: Child pools exist on the system

In this scenario, child pools exist on the system and a security administrator can create the ownership group and assign it to the existing child pool. All volumes that are associated with the child pool automatically inherit the ownership group of that child pool.

The following graphics show a configuration where child pools currently exist on the system and the process of assigning ownership groups to these child pools. The first graphic represents the current configuration before ownership groups are assigned to existing child pools. The second graphic shows the how some objects inherit the ownership group of the child pools and how others need to be added explicitly.
Figure 1. Example: Child pools are configured on the system
Example:

Using the management GUI

To use ownership group with existing child pools, complete the following steps:
  1. In the management GUI, select Access > Ownership Groups.
  2. On the Ownership Group page, select Create Ownership Group.
  3. On the Create Ownership Group page, enter a name for the ownership group and select Create.
  4. On the Ownership Group page, select Assign Child Pools.
  5. On the Assign Child Pools page, select the child pool that you want to add to the ownership group and click Assign. In the example, child pool0 is added to the ownership group. Because the volume inherits the ownership group of child pool0 automatically.
  6. If the system detects dependent resources for volumes that are within that child pool, the management GUI displays the Additional Resources to Add page where it lists hosts or host clusters that have mappings to volumes that inherit the ownership group. For example, in the preceding graphic, child pool0 is added to the ownership group and vol0 automatically inherits the ownership group of the child pool0. However, the host mapping between vol1 and host does not inherit the ownership group from vol0 because it also depends on the host. On the Additional Resources to Add page, select the host or host clusters to add to the ownership group. Click Proceed.
  7. On the Ownership Groups page, verify that the volumes and hosts are assigned to the new ownership group.
  8. In the example, pool1 also needs to be assigned to the same ownership group as pool0. Repeat this process for all child pools that you want ownership groups to manage access.
  9. After you have assigned ownership groups to all child pools, create a user group to include users that are the owners of the ownership group. Select Access > Users and click Create User Group.
  10. On the Create User Group page, enter the following information:
    Name
    Enter the name of the user group.
    Role
    Select the role for all users within the user group. User groups that are assigned in ownership groups cannot use the Security Administrator role.
    Ownership Group
    Select the ownership group that you created earlier and assign it to this user group.
  11. On the Access > Users page, select existing users or create new users to assign to the user group. These users automatically inherit the ownership group that is assigned to the user group. These users can now start creating objects like hosts and volumes within this ownership group, using capacity in the child pools that are assigned to the ownership group.

Using the command-line interface

To assign an existing child pool to a new ownership group, complete these steps:
  1. To create the ownership group, enter the following command:
    mkownershipgroup -name <name>
    where <name> is the name of the ownership group that you are creating.
  2. To assign an existing child pool to the new ownership group, enter the following command:
    chmdiskgrp -name <name> -ownershipgroup <owner_name> 
    where <name> is the name of the child pool and <owner_name> is the name of the new ownership group. Any volumes that are associated with the child pool inherit the new ownership group. If other dependent resources are related to these volumes, you might need to assign the ownership group to these objects. In the example, pool0 is added to the ownership group and vol0 automatically inherits the ownership group of the child pool. However, the host mapping between vol1 and host does not inherit the ownership group from vol0 because it also depends on the host. In this case, the host needs to be added to the ownership group.
  3. After you have create ownership groups, create a user group to include users that are the owners of the ownership group. To create a user group, enter the following command:
    mkusergrp -name <group_name> -role administator -ownershipgroup <owner_name>
    where <group_name> is the name of the user group and <owner_name>is the name of the new ownership group. User groups that are assigned to ownership groups cannot use the SecurityAdmin role.
    Note: Do specify -remote yes for this user group. This value enables remote authentication with LDAP which is not supported with ownership groups.
  4. You can use either the mkuser command to create new users in the user group or use the chuser to assign existing users to the user group. Users inherit the ownership group that was assigned to the user group. These users can now start creating objects like hosts and volumes within this ownership group, using capacity in the child pools that are assigned to the ownership group.
  5. Assign any dependent resources, such as hosts or host clusters, to the ownership groups. To assign a host to the ownership group, enter the following command:
    chhost -name <name> -ownershipgroup <owner_name>
    where <name> is the name of the host and <owner_name> is the name of the new ownership group.
  6. If other objects, like vol1 in the FlashCopy mapping with vol0 exist on the system, the child pool that provides storage for that volume must be assigned to the same ownership group.