Setting Up Global Security

In order to set up global security, you must configure both the primary XDB Server and the global security XDB Server. The primary XDB Server is the XDB Server which clients will log into. The global security server will verify AuthIDs and passwords. The instructions in this topic discuss one primary server and one global security server.

If you wish to have a fully distributed environment, complete the Primary Server Configuration instructions (page 8-37) for each XDB Server that you wish to be a primary XDB Server. Complete the Global Security Configuration instructions (page 8-41) for each XDB Server you wish to be a global security XDB Server.

Note: We strongly recommend that you plan your global security scheme before implementing it, especially if you will be allowing outbound mapping, inbound mapping and trusting between servers using global security. Be sure to consider items that are assigned on a per server basis (groups and governor privileges) and those that are assigned on a per location basis (database and table privileges).

Because global security is an extension of server-to-server security, you must register the global security server and location as you would any other server or location. If you have already configured other locations on your global security server, you might need to update values in the system tables rather than insert new ones. See the chapter Server-to-Server Connectivity for detailed instructions.