Are there any best practice suggestions in terms of disaster recovery and QPMU? For example, if the masters go down UPM commands won't be working.
We recommend that you add failover masters to your license cluster for added redundancy. The failover master(s) would take over if all of the load balancing masters were unavailable. You should also backup your xml licenses and security policies so that you could reinstate the masters after a catastrophic failure. Event and keystroke log files should also be backed up for audit purposes.
Privilege Manager requires a master to authorize commands against the security policy and to record event and keystroke logs. The only exception to this is a failsafe feature implemented in 5.5.2 build (036). The failsafe feature allows a command (shell) to run (using password authentication) if the root user has a pmshell assigned as it's default login shell and no masters are available.
failsafe command - If the root user's shell is a pmshell, allow a failsafe command to run if the master is down or the Agent is in Single User Mode.