The Sybase integration software that interfaces MSCS to Adaptive Server requires a login (with ha_role and sa_role) and password for the Adaptive Server you are configuring as a companion server. This allows the integration software to log in to Adaptive Server to control it for cluster operations.
The login and its password are stored as part of the Windows Registry Cluster Database (under HKLM\Cluster). Even though this information is encrypted to prevent users from obtaining privileged login information, Sybase recommends that you protect the appropriate area of the registry using a Discretionary Access Control List (DACL) that allows only administrators access to the information.
To encrypt the cluster login and password:
Execute REGEDIT.EXE.
From the window titled HKEY_LOCAL_MACHINE on Local Machine, double-click the Cluster folder, then select the Resources key.
Select Permissions from the Security menu. A dialog called Registry Key Permissions displays.
Select Remove from the Registry Key Permissions dialog box to remove all entries except CREATOR OWNER and machine_name\Administrators, where machine_name is the local machine name. This prevents anyone except administrative users from reading this part of the Registry.
Click OK.
Repeat this process on both cluster nodes.
