Patrick_Higgins_6715

Non root user running an automic (10.0.8) agent.

Discussion created by Patrick_Higgins_6715 on May 23, 2017
We have an opportunity.    We are a partly consolidated subsidiary.  
So we have applications and file systems that are in the old domain (subsidiary)and in the new domain (of our parent).   Within a few years everything will be in the new domain.

We have Agents in both the old and new domains.   Mostly not an issue.

BUT

If we have an Event or File Check or some other objects that is run on an agent in the new domain and it tries to access a shared file system that is really in the old domain, the object will fail (and additional complication is that the old file system is really a Windows file system that is shared to Linux).   The objects ran fine when everything was in the old domain, it has only come up with our tests of moving the single largest application (over 70% of total job volume) from the old domain to the new.   Our guess (not tested) is the reverse (from old domain server to new domain file system) will have the same 'opportunity'.

Our Linux agents are all running as root.   Security will not allow root to access non-local files.   Ideas?

One is to define a domain user in the new domain, with just enough privileges to run the jobs/events/tasks/objects.  And grant that user access to the shared file system in the old domain.   I THINK this will work,   But I will have trouble getting it through Security unless I can limit that user's rights to the minimum.

Automic does not give much guidance on running as any type of non-root user, much less a variation like ours.

Ideas/comments/suggestions/prayers?

Outcomes