Adding AIX and LDAP groups on cluster nodes

Edit online

To define a new group on AIX® systems, the mkgroup command. This command adds an entry for the new group to various system security files, including /etc/group and /etc/security/group.

About this task

Note: The LDAP function is only available for PowerHA® SystemMirror® 7.1.1, or later.

You can also define a new group on all AIX cluster nodes and in LDAP from C-SPOC as described in the following procedure. The C-SPOC command performs some verification and then calls the AIX mkgroup command on each cluster node to create the group you specify. If you want to add an LDAP group, use the mkgroup -R LDAP command.

If a group with the same name exists on a cluster node, the operation ends. By default, the C-SPOC command requires that the nodes in the PowerHA SystemMirror cluster must be powered on and accessible over the network; otherwise, the command is not run successfully and produces an an error.

To define a new LDAP or AIX group on cluster nodes using the C-SPOC utility, complete the following steps:

Procedure

  1. From the command line, enter smit cl_admin.
  2. In SMIT, select Security and Users > Users in a PowerHA SystemMirror cluster > Add a group to the Cluster, and press Enter.
  3. In the Select an Authentication and registry mode window, select the mode and press Enter.
  4. Enter data in applicable fields to create the group account. The Group Name is a required field. You can also specify the group ID .
    Note: If you are adding a group to LDAP, you cannot edit all fields.
  5. Press Enter. The C-SPOC command runs, creating a new group on all AIX cluster nodes or in LDAP, depending on the mode you selected in step 4.