Including or excluding user groups
When your Linux® management hosts use either Microsoft Active Directory (AD) or MIT Kerberos as the KDC, include or exclude user groups to limit users that are added to the cluster.
Before you begin
Users and user groups must be automatically added to the cluster. To enable users and user groups
to be added automatically, one of the following parameters must be configured on management
hosts:
- The ENABLE_AD_USERS_MANAGE parameter must be set to Y in sec_ego_gsskrb.conf when AD is used as the KDC (Kerberos authentication for a Linux cluster (Microsoft Active Directory)).
- The ENABLE_PAM_AUTH parameter must be set to Y and the PAM_SERVICE parameter must be configured in sec_ego_gsskrb.conf (see Enabling PAM authentication).