/Management/Replica permissions
Use the /Management/Replica container object of the protected object space to control the replication of the master policy database. High-level controls on this object affect the operation of the policy server and the resource managers in the domain. Replica management controls are used to determine which resource managers are allowed to download the master policy database to their local file system.
Permission Operation v (view) Read the master policy database.
All ISAM servers that maintain a local replica of the policy database must be granted view (v) permission on the /Management/Replica object. This group of servers includes all resource managers and the authorization servers. The replication process requires these processes be allowed to view and access entries out of the master policy database. The ISAM installation automatically grants read permission to any server that requires access to the master policy database. When a resource manager is configured into the domain, it is automatically added as a member to the ivacld-servers group. This group, by default, is given permission to download the master policy database.
Parent topic: /Management permissions