Help Center > > User Guide> FusionInsight Manager Operation Guide (Applicable to 3.x)> Cluster Management> Managing Mutual Trust Relationships Between Managers> Introduction to Mutual Trust Relationships Between Clusters

Introduction to Mutual Trust Relationships Between Clusters

Updated at: Mar 25, 2021 GMT+08:00

Function Description

By default, users of big data clusters in safe mode can only access resources in the cluster. In other clusters, they cannot perform identity authentication to access resources in safe mode.


  • Domain

    The usage range of users in each system is called a domain. Each Manager system must have a unique domain name. Cross-Manager access means users to be used across domains.

  • User Encryption

    Cross-Manager mutual trust relationships can be configured by using FusionInsight Manager. The current Kerberos server supports only aes256-cts-hmac-sha1-96:normal and aes128-cts-hmac-sha1-96:normal. Encryption types for encrypting cross-domain users cannot be changed.

  • User Authentication

    After cross-manager mutual trust is configured, if a user with the same name exists in the two systems and the user with the same name in the peer system has the permission to access a resource in the system, the current system user can access the remote resource.

  • Direct Mutual Trust

    When cross-cluster mutual trust relationships are built between two clusters, the system saves the mutual-trust receipts. Users can access the remote system through the mutual-trust receipts.

Did you find this page helpful?

Submit successfully!

Thank you for your feedback. Your feedback helps make our documentation better.

Failed to submit the feedback. Please try again later.

Which of the following issues have you encountered?

Please complete at least one feedback item.

Content most length 200 character

Content is empty.

OK Cancel