During a new DataKeeper installation setup, the user will be prompted for a DataKeeper Service Log On ID and Password.
The DataKeeper Service uses authenticated connections to perform volume switchovers and make mirror role changes across multiple servers. The Log On ID account chosen to run the DataKeeper Service will determine how much authority and permission is available to establish connections between servers and perform volume switchovers, especially when server or network disruptions occur.
Several types of Service Log On ID accounts are available as follows:
- A Domain Account with administrator privileges, valid on all connected servers in the domain (not recommended)
- A Server Account with administrator privileges, valid on all systems (same username and password). (recommended)
- The Local System Account (not recommended)
Note: A Server Account is recommended because when a Local System or a Domain user account is used, and the domain controller is not reachable, communication between the services on separate nodes is not possible.
Note: Group Managed Service Accounts(GMSA) are supported, but during the initial install you have to choose a Domain Account and then later you can switch it to a GMSA account.
Note: For Workgroups, use the Server Account option and use the server name \ administrator on each system as the Service Account for DataKeeper. You should also log on to all servers using this same Log On ID and Password (see related Known Issue).
Note: The domain or server account used must be added to the Local System Administrators Group. The account must have administrator privileges on each server that DataKeeper is installed on.
Please note that the Local System account cannot be authenticated properly in a domain when network connectivity with Active Directory is lost. In that situation, connections between servers cannot be established with the Local System account causing DataKeeper volume switchover commands, via the network, to be rejected. IT organizations requiring fault tolerance during disaster recovery, including network disruptions, should not use the Local System account.
DataKeeper Installation – Service Logon ID Type Selection:
If a Domain or Server account is selected above, the DataKeeper Service Log On ID and Password Entry Form is displayed to enter that information.
It is recommended that the LifeKeeper and DataKeeper service accounts are synchronized on each system to ensure more reliable switchovers and failovers.
LifeKeeper Service Logon:
If the DataKeeper Service has previously been configured with a Service Log On ID and Password, the setup program will omit the Service ID and Password selection dialogs. However, at any time, an administrator can modify the DataKeeper Service Log On ID and Password using the Windows Service Applet. Be sure to restart the DataKeeper Service after changing the Log On ID and/or Password.
The following table outlines these requirements:
Environment | DataKeeper Service Requirements | DataKeeper UI Requirements |
---|---|---|
Same Domain or Trusted Domain Environment |
|
|
Mixed Environment Servers in a Mixture of Domain and WorkGroup or Servers in Separate Domains |
|
|
DataKeeper Cluster Edition Environment |
|
|
Post your comment on this topic.