The audit server creates and maintains the security elements
of clusterwide objects in a database called VMS$OBJECTS.DAT, located
in SYS$COMMON:[SYSEXE]. You should ensure that the object database
is present on each node in the cluster by specifying a file name
that resolves to the same file through the cluster, not to a file
that is unique to each node.
To reestablish the logical name after each system boot, define
the logical in SYSECURITY.COM. The command procedure SYSECURITY.COM
has to be defined before the audit server starts up.
The object database contains the following information:
Audit and alarm settings for all objects,
established through the DCL command SET AUDIT
Security profiles for all resource domain objects,
all security class objects, and all cluster-visible devices (see
Protecting Objects)
This database is updated whenever characteristics are modified,
and the information is distributed so that all nodes participating
in the cluster share a common view of the objects.
You cannot change security profiles or create protected objects
when the object server is absent and cannot update the cluster database
VMS$OBJECTS.DAT. However, you can modify the system parameter SECURITY_POLICY
to allow security profile changes to protected objects on a local
node (bit 4) or the creation of protected objects on a local node
(bit 5).
HP OpenVMS Guide to System Security
Security for the System Administrator
