New Features and Enhancements

IBM Sterling Connect:Direct® for UNIX 6.3 and its related software have the following features and enhancements:

Base Release (v6.3)

New Features or Enhancements
To install this software, you should go to the Passport Advantage website, and follow instructions described to complete the download. The maintenance installations on Fix Central also support new and upgrade installation; the Fix Lists include the relevant instructions.

IBM® Connect:Direct for UNIX has the following features and enhancements:

-Ordinary User Mode
  • In prior releases, to allow it to access files as an appropriate user, IBM Sterling Connect:Direct for UNIX has run as superuser, and consequently the Certified Container has run with elevated privileges. In Ordinary User Mode, available in a container deployment, the Certified Container runs with standard privileges. To separate the Administrator and User roles, OUM supports:
    • Many CD Admins for administrating CD. The built-in account cduser is a CD Admin; more may be added. A CD Admin has configuration authority but does not need access to the files that CD transfers.
    • One fully functional user account for executing CD process language scripts, the built-in account appuser. appuser has no configuration authority and must be granted access to the files that CD transfers. Other User accounts may be defined, but they will lack the ability to execute Run Tasks and Run Jobs. For more information, refer to Ordinary User Mode in IBM Connect:Direct for Unix Containers.

      As mentioned in the previous IBM Connect:Direct for UNIX version, the customization of UID/GID of cduser and appuser is deprecated and will be removed from future releases.

      This support has been removed from the IBM Connect:Direct for UNIX release. By default, the UID/GID of cduser will remain as 45678/45678. Thus, plan and proceed further.

-RFE CONDIRECT-I-251: Enhanced Support for NFS Root Squash
RFE CONDIRECT-I-251 has been addressed. When Connect:Direct UNIX accesses a file on an NFS file system with root squash enabled, it is no longer necessary to set world execute permission on the directories in the file's path.
-Removal of support of deprecated Security Protocols
  • With this release, the support of SSL 3.0 protocol has been removed completely.
    • If SSL along with other protocols was configured prior to an upgrade to Connect:Direct for UNIX 6.3, then after upgrade instead of SSL, other protocols would be used.
    • In case only SSL was configured before upgrade, then after upgrade TLS 1.2 will be used automatically in the background.

  • With this release, Connect:Direct for UNIX won’t support new configurations of deprecated Security Protocols like TLS 1.0 and TLS 1.1. Existing configurations with these deprecated protocols, inherited during an upgrade from an earlier release, will still be supported. A Connect:Direct admin won’t be able to configure nodes with these deprecated protocols or their supported cipher suites. Connect:Direct won’t accept any requests with deprecated protocols.
    • In case of an upgrade from an older version where the deprecated protocols were configured, these will still be honoured and will be preserved after upgrade to Connect:Direct for UNIX 6.3.
    • After an upgrade, if a deprecated protocol is removed either accidentally or intentionally, it cannot be configured again.

-This release of IBM Connect:Direct for UNIX is certified to run on AIX 7.3 and RHEL 9.