Job manager security
After registering servers to the job manager we can queue and submit asynchronous administrative jobs directly to a large number of servers over a geographically dispersed area.Security configuration requirements should be kept to a minimum prior to registration. The administrative agent or deployment manager must have the same administrative security state (either enabled or disabled). To enable security after federation, enable all administrative agent and dmgr processes within the same administrative domain, then restart all of the processes at the same time.
We can leverage chained certificate to exchange only the long-lived root certificates between an administrative agent, deployment manager and job manager. When a personal certificate expires it does not affect trust established during federation.
The Rivest Shamir Adleman (RSA) certificate is the default administrative authentication mechanism for the job manager. RSA does not rely on shared keys.
Add a profile Universal Unique Identifier (UUID) to all certificates generated. This profile UUID is used to authorize requests to extract jobs from the job manager queue.
Job Manager jobs can be associated with caller credentials: either LTPA or Kerberos, or with specified credentials using a user ID and password). Both are stored with the job. The password is obfuscated using the standard utilities and can be encrypted when the password encryption plug point is enabled. LTPA and Kerberos are refreshed as long as the authentication mechanism allows them to be refreshed.
Administrative agent or deployment manager access to FileTransferServlet is performed by sending a valid RSA certificate that is trusted by the job manager and is validated by CertPath.
The required administrative roles for executing flexible management jobs are defined by the underlying administrative commands used by those jobs. For example, the required role for starting and stopping servers is the operator role. The operator role is also required for execution of the flexible management jobs that start and stop servers. The general rules for assigning required administrative roles are:
- View data requires the monitore role.
- Update data requires the configurator role.
- Manage jobs requires the operator role.
- Register or un-registering managed nodes requires the administrator role.
Related:
RSA token authentication mechanism LTPA Kerberos (KRB5) authentication support Job manager Job manager settings Configure the RSA token authentication mechanism Configure administrative authentication Administer nodes remotely using the job manager Configure job managers Administrative roles Job status collection