Updating records

You can update various parameters in records that IBM® Connect:Direct® uses. Required parameters are displayed in bold.

Path record

The ndm.path record identifies the path to IBM Connect:Direct files. The following table describes the parameter available for this record:

Parameter Description Value Restart Required
path The path to all IBM Connect:Direct subdirectories and files. path specification Not Applicable
Note: Not recommended to be changed. If changed, restart is required.

SNODE work path parameter

The snode.work.path parameter is part of the ndm.path record and identifies the path to the shared work area for SNODE work files. This path must point to a cluster file system, such as IBM's GPFS, or a Network File System version 4 (NFSv4) or greater resource. This includes the Amazon Elastic File System (EFS), as it is mounted via NFSv4 protocol. NFSv3 is not supported. This optional parameter provides a means to share SNODE work files among nodes in a load balancing environment. SNODE return code files (steprc files) and copy checkpoint information are created in this area when the snode.work.path parameter is specified. The following table describes the snode.work.path parameter:
Parameter Description Value Restart Required
snode.work.path The path to the shared work area for SNODE work files.
Note: Specify the same path for all nodes in a cluster.
path specification No

Process Library location parameter

The default value of this parameter is <installation directory>/process, which will be created during installation with the appropriate permissions. A corresponding initparm with the name 'process.dir' is added pointing to this path.

In case the Connect:Direct Admin chooses an alternative location for the process library, this directory must have UNIX permission 1775. Also, the parent directory of the new location should have permissions such that Connect:Direct admin can perform read/write on the new 'process library'. The initparm 'process.dir' pointing to the default process library should also be updated to point to the new location.

The process.dir parameter is part of the ndm.path record and identifies the path to the Connect:Direct process library but it is configurable and can be changed. The following table describes the process.dir parameter:
Parameter Description Value Restart Required
process.dir The location of process library used by Integrated File Agent path specification No

Node name record

The ndm.node record identifies the name of the IBM Connect:Direct node. The following table describes the parameter available for this record:
Parameter Description Value Restart Required
name The name of the node. The maximum length is 16 bytes. If a node name is longer, the name will be truncated. Not Applicable
Note: Not recommended to be changed. If changed, restart is required.
instance.id A unique identifier for Connect:Direct nodes in a load balanced (LB) cluster. A unique text identifier for each node in an LB cluster. By default, it is initialized with a universally unique identifier (UUID). Not Applicable.
Note: Changing this setting is not recommended. If changed, a restart is required.

PAM service record

The ndm.pam record identifies the PAM service configuration file used to authenticate the user authority for IBM Connect:Direct Processes. If the service initialization parameter is defined and if PAM is installed on the IBM Connect:Direct server, PAM is used to authenticate users for service-providing application.

The service name required is typically defined in the /etc/pam.conf file for AIX, Solaris and HP operating systems, or defined and named by a file in the /etc/pam.d directory for Linux operating systems. Your system might also have a man page for PAM that provides further details.

The following table describes the parameter available for this record:
Parameter Description Value Restart Required
service PAM service configuration file name. File name No

Quiesce/resume record

The ndm.quiesce record specifies whether IBM Connect:Direct is operating in a “test” mode.

Use this record in conjunction with the NDMPXTBL table to enable the test mode. If you enable the quiesce.resume parameter, you must have an NDMPXTBL parameter table updated for your environment in the installation ndm/cfg/<nodename> directory. For more information on the test mode and the NDMPXTBL table, see Processing Flow of the Test Mode.

The following table describes the parameter available for this record:
Parameter Description Value Restart Required
quiesce.resume Enables/disables the test mode for IBM Connect:Direct. y | n

y—Enables the test mode.

n—Disables the test mode. The default is n.

Yes

Priority record

The proc.prio record identifies the default value of the Process priority. The following table describes the parameter available for this record:
Parameter Description Value Restart Required
default The default value of the Process priority. 1–15. The default value is 10.

15 is the highest priority.

No

Restrict record

If a run directory restriction is defined in the user configuration file (userfile.cfg), the restrict record determines if commands containing certain special characters are allowed.

For more information on the userfile.cfg file, see Local User Information Record Format and Remote User Information Record. The following parameter is available for this record:
Parameter Description Value Restart Required
cmd Determines if commands with certain special characters are allowed. y | n

y—Restricts the ability to use commands with any of the following special characters:

; & ‘ |

n—Does not restrict allowed commands.

No

Remote node connection record

The rnode.listen record contains parameters used by the local node to monitor inbound connection requests.

You can modify the IP address and port number in the rnode.listen record while the server is running. However, you must recycle the server before the change is active. The following table describes the remote node connection parameters:
Parameter Description Values Restart Required
recid A unique identifier of an rnode.listen record. A text string Yes
comm.info The information needed to monitor connection requests from remote nodes using TCP/IP. This parameter is required.
  • For TCP/IP connections, specify the host name or the IP address and port number. If specifying an IP address and port, separate parameters with a semicolon (;). Separate multiple addresses/host names with a comma, for example: 10.23.107.5;1364, fe00:0:0:2014::7;1364, msdallas-dt;1364

    For more information on specifying IP addresses and host names, see IP Addresses, Host Names, and Ports.

For TCP/IP connections, specify the host name or the IP address and port number:

10.23.107.5;1364

Separate multiple IP/host addresses with a comma (,):

fe00:0:0:2014::7;1364, msdallas-dt;1364

A space can be added after the comma for readability.

Set the IP address to monitor a specific adapter or to 0.0.0.0, to monitor all adapters.

The default port is 1364.

Yes
comm.transport The transport protocol for the remote node. tcp

tcp—For TCP/IP connections

Yes

Transmission Control Queue record

The tcq record provides information that pertains to the Transmission Control Queue (TCQ).

The following parameters are available for this record:
Parameter Description Value Restart Required
max.age The maximum number of days a Process with Held-in-Error status remains in the TCQ before it is automatically deleted. A three-digit decimal number. IBM Connect:Direct does not automatically delete Processes when max.age=0.

The default is 8 days.

Yes
ckpt.max.age The maximum number of days a Process' checkpoint file is stored unused before it is automatically deleted. An integer in the range 0 - 2147483647, inclusive. IBM Connect:Direct does not automatically delete the checkpoint file when ckpt.max.age=0.

The default is 8 days after a fresh installation. If ckpt.max.age is left unset, it defaults to 2147483647.

Yes

Connect:Direct Secure Plus record

The Connect:Direct Secure Plus record (Secure+ record) provides information pertaining to remote configuration of Connect:Direct Secure Plus from the IBM Connect:Direct client API.

This record is not included in the initparm.cfg file by default. You must manually add the Secure+ record to the initparm.cfg file. The following parameters are available for this record:
Parameter Description Value Restart Required
certificate.directory Specifies a default certificate directory for Secure+ commands issued from the IBM Connect:Direct client API. If the certificate directory is not configured, the default directory created during installation is used. Directory path name No
s+cmd.enforce.secure. connection Specifies whether Secure+ commands are accepted from the IBM Connect:Direct client API on unsecure connections. y | n

y—Commands from unsecure connections are not accepted. The default is y.

n—Commands from unsecure connections are accepted

No

Global Copy record

The Global Copy record called copy.parms provides default information for the IBM Connect:Direct copy operation.

The ecz parameters are only used when extended compression is defined in a Process. The following parameters are available for this record:
Record Description Value Restart Required
ckpt.interval The default number of bytes transmitted in a copy operation before a checkpoint is taken. Following is a list of the maximum number of digits for each byte interval:

no—No checkpointing

nnnnnnnn—Up to an 8-digit decimal

nnnnnnnnK—Up to an 8-digit decimal, where K denotes 1024 bytes

nnnnnnnnM—Up to an 7-digit decimal, where M denotes 1048576 bytes

nnnnG—Up to an 4-digit decimal, where G denotes 1073741824 bytes

The maximum possible value is 1 terabyte (TB). The normal value is 64KB. No
ulimit The action taken when the limit on a user output file size is exceeded during a copy operation. n—Ignores the limit. n is the default value.

y—Recognizes the user file size limit. If this limit is exceeded during a copy operation, the operation fails.

No
xlate.dir The name of the directory containing the translation tables. Any valid directory.

The default path is d_dir/ndm/xlate.

No
xlate.send The default translation table used when sending data to a remote node. Any valid directory.

The default file name is def_send.xlt.

No
xlate.recv The name of the default translation table used when copying data from a remote node. The default file name is def_recv.xlt in the directory defined in the xlate.dir parameter. No
continue.on.exception The method to use to handle an exception condition in a Process. If a step fails due to a STOP IMMEDIATE or FLUSH exception issued on the remote node, the Process is placed in the Hold HE queue, regardless of the value of this parameter. y—Continues Processing with the next step.

n—Places a Process in the Hold queue with a value of HE.

The default is n.

No
ecz.compression.level Sets the compression level. 1–9. The default is 1.

1—The fastest but offers the least degree of compression.

9—Provides the greatest degree of compression but is the slowest.

No
ecz.memory.level How much virtual memory to allocate to maintaining the internal compression state. 1–9. The default is 4.

1—Uses the least memory and 9 uses the most memory.

No
ecz.windowsize The size of the compression window and history buffer. The larger the window, the greater the compression. However, increasing the window uses more virtual memory. Valid values are 9–15. The default is 13. No
retry.codes The codes to recognize as a file allocation retry attempt. File allocation retry enables a Process with a file allocation or open error on either the local or remote node to run the Process again, beginning at the copy step where the error occurred. This feature supports the ability to retry a Process that failed when a file is already in use.

When a file allocation or open error occurs on either the local or remote node, the PNODE searches for the error or message ID in the retry.codes and retry.msgids parameters. If the error code or message ID is found, the Process is retried.

Since error codes can vary from one operating system to another and the same error code can have different meanings, use message IDs to identify retry conditions when communicating between two different platforms.

You can perform retry attempts based on codes only, IDs only, or a combination of the two.

When a retry condition is detected, the session is terminated cleanly and the Process is placed in the Timer queue.
Note: If you are using the file allocation retry function when communicating with a remote node on an operating system that is not UNIX, identify operating system retry codes using formats and code values defined by the remote node.
Any valid error code No
retry.msgids Identifies the message IDs to use to support a file allocation retry attempt.

Since error codes can vary from one operating system to another and the same error code can have different meanings, use message IDs to identify retry conditions when communicating between two different platforms.

When a file allocation or open error occurs on either the local or remote node, the PNODE searches for the message ID in the retry.msgids parameters. If the message ID is found, the Process is retried.

You can perform retry attempts based on codes only, message IDs only, or a combination of the two.

When a retry condition is detected, the session is terminated cleanly and the Process is placed in the Timer queue.

Any of the valid file allocation retry messages. No
tcp.crc Globally turn on or off the CRC function for TCP/IP Processes. y | n

y—Turns on the CRC function globally.

n—Turns off the CRC function globally. The default is n.

No
tcp.crc.override Determines whether netmap remote node and Process statement overrides for CRC checking are allowed. If this value is set to n, setting overrides for CRC checking will be ignored. y | n

y—Allows netmap remote node and Process statement overrides for CRC checking.

n—Prevents netmap remote node and Process statement overrides for CRC checking. The default is n.

No
strip.blanks Determines whether trailing blank characters are stripped from the end of a record. If strip.blanks is not defined in the initialization parameter, the default value of i is used. y | n | i

y—Strips blanks from the end of a record

n—Does not strip blanks from the end of a record

i—Setting for strip.blanks is determined by the default value of the remote node type as follows:

  • z/OS, VM, and i5OS—y
  • All other platforms—n
No
insert.newline Arbitrarily appends an LF character at the end of each record when receiving a datatype=text file. By default, an LF character is not appended if one already exists at the end of a record. y | n

y—Arbitrarily appends an LF character

n—Appends an LF character if needed

No
recv.file.open.perm recv.file.open.perm=nnn, where nnn is an octal integer describing the desired default permissions for new files received.

It is the same as the value documented for the copy sysopt permiss.

Octal Integer No
recv.file.open.ovrd
recv.file.open.ovrd=x, where x is one of the following three values:
  • Y: Allow copy step sysopt permiss value to override recv.file.open.perm value when receiving a new file. This is the default.
  • N: Disallow copy step sysopt permiss value to override recv.file.open.perm value when receiving a new file.
  • P: Allow copy step sysopt permiss value to override recv.file.open.perm value when pnode is receiving a new file.
y | n | p No
fsync.after.receive Files received and closed by C:D to an NFS destination may not be immediately ready for processing due to NFS cached writes. This parameter optionally calls fsync function to attempt to flush all data to disk before closing the file. [y|n]. Default is y. No

Global Run Task record

The Global Run Task record called runtask.parms is used if the pnode and snode cannot resynchronize during a restart.

If a Process is interrupted when a run task on an SNODE step is executing, IBM Connect:Direct attempts to synchronize the previous run task step on the SNODE with the current run task step. If synchronization fails, IBM Connect:Direct reads the restart parameter to determine whether to perform the run task step again. The following parameter is available for this record:
Parameter Description Value Restart Required
restart If processing is interrupted when a run task on an SNODE step is executing and if synchronization fails after a restart, IBM Connect:Direct reads the restart parameter to determine whether to perform the run task step again. Set this parameter in the initialization parameters file of the SNODE.
Note: When a load balancing cluster is used and the snode.work.path is specified, the restart parameter takes effect only when resynchronization fails.
y | n

y—The run task program runs again. The default is y.

n—The Process skips the run task step.

No

Statistics file information record

The statistics file information record called stats defines the statistics facility. The following parameters are available for this record:
Parameter Description Value Restart Required
file.size The maximum size in bytes of an individual statistics data file. The statistics file name is written in the format of Syyyymmdd.ext, where yyyy indicates year, mm indicates month, and dd indicates day. The extension (ext) begins as 001. When a statistics file reaches the defined size within a 24-hour period, a new file is created with the same file name. The extension value is incremented by one. nnnnnnnn, nnnnnnnnK, nnnnnnnM, or nnnnG—Establishes a default output file size limit for the statistics files. K denotes 1024 bytes. M denotes 1048576 bytes. G denotes 1073741824 bytes. The maximum value you can specify is 1 TB. No
log.commands Determines whether commands are written to the statistics file. If you want to log all commands except the select statistics and select process commands, set this parameter to y and the log.select parameter to n. y | n

y—Commands are written to the statistics file.

n—Commands are not written to the statistics file. The default is n.

No
log.select Specifies whether IBM Connect:Direct creates a statistics record when a select process or select statistics command is executed. y | n

y—A statistics record is created.

n—A statistics record is not created. The default is n.

No
max.age Specifies how old a statistics file must be before it is archived. Once a day, a shell script is executed that identifies the statistics files that are as old as the max.age, runs the tar command and the compress command to create a compressed archive, and then deletes the statistics files that have been archived. A 3-digit decimal number. The default is 8 days.

0—no archiving.

Yes

Running a Process generates multiple statistics records. To accommodate the large number of statistics records generated, IBM Connect:Direct closes the current statistics file and creates a new statistics file at midnight every day. It can also close the current file before midnight if the file size exceeds the value set for the file.size initialization parameter. The default file size is 1 megabyte.

Statistics files are stored in the d_dir/work/cd_node directory. Names of the statistics files are in the format Syyyymmdd.ext, where yyyy indicates year, mm indicates month, and dd indicates day. The extension (ext) begins as 001. The extension is incremented by one each time a new statistics file is created in a single day.

Connect:Direct for UNIX provides a utility to archive and purge statistics files. You identify when to archive a statistics file by setting the parameter, max.age. The max.age parameter defines how old a statistics file must be before you want to archive the file. Once a day, the script called statarch.sh is started. This script identifies the statistics files that are greater than or equal to the max.age. It then runs the tar command and the compress command to create a compressed archived file of all the statistics records that match the max.age parameter. Once the statistics files are archived, these files are purged.

The archived files are stored in the directory where the statistics files and TCQ are stored. The shell script, statarch.sh, is located in the ndm/bin directory. If necessary, modify the script to customize it for your environment.

If you want to restore statistics files that have been archived, run the statrestore.sh script. It uses the tar command to restore all the statistics files in the archive. Once files are restored, the statistics records can be viewed using the select statistics command.

Server authentication record

The server authentication record called authentication is used during the authentication procedure.

The following parameters are available for this record:
Parameter Description Value Restart Required
server.program The name and location of the server program used during the authentication procedure. The default is ndmauths. No
server.keyfile The name and location of the key file used during the authentication procedure. The default is keys.server. No

User exit record

The user exit record called user.exits provides interfaces to specified programs. The available user exits include Statistics Exit, File Open Exit, and Security Exit. The following parameters are available for this record:
Parameter Description Value Restart Required
stats.exit.program The gateway control program used during the user exit procedure. This exit is given control for each statistics record that is written. Name of the gateway control program. No
file.open.exit.program The file open exit program used during the user exit procedure. It enables you to control file names on both the sending and receiving node. The exit is located so that it takes control on the receiving (remote) node before the file is opened.

This exit applies only to the copy statement and provides access to all file control parameters (including the data set name file name, sysopt parameters, and disposition).

Name of the file open exit program. No
security.exit.program The security exit program used during the user exit procedure. This exit generates and verifies passtickets, and it also supports other password support programs, such as PASSTICKET, part of the RACF security system available on MVS hosts and also supported by IBM on UNIX AIX and OS/2 computers using the NETSP product. Name of the security exit program. No
security.exit.flag Modifies the default behavior of security.exit.program. This is an optional parameter. snode_sec_exit_only | sec_exit_only

snode_sec_exit_only— Causes IBM Connect:Direct to use the security exit, when it is acting in the role of the SNODE. After IBM Connect:Direct receives a valid message, it evaluates the proxy and the secure point-of-entry to establish the local user. The security exit is not used when IBM Connect:Direct is the PNODE.

sec_exit_only—Causes IBM Connect:Direct to always use the security exit. After IBM Connect:Direct receives a valid message, it evaluates the proxy and the secure point-of-entry to establish the local user.

No

Secure cdpmgr initialization procedure

Secure cdpmgr initialization is used to sanitize inherited environment variables to prevent run task steps from depending on one or more of the inherited environment variables from working properly.
Parameter Description Value Restart Required
ndm.env_vars:sanitize Implementing standard safe initialization procedures, cdpmgr sanitizes environment variables inherited from the user that starts it. This sanitization procedure may prevent some run task steps from working properly if the tasks were designed to rely on these inherited variables. While IBM recommends designing run tasks so that they don't rely on inherited environment variables, this parameter provides the option to prevent cdpmgr from sanitizing inherited environment variables. [y|n]. Default is y. Yes

License record

The license record identifies Connect:Direct license metrics.

Following table lists the parameters and their possible values:
Parameter Possible Values Restart Required

license.edition

  • Premium
  • Standard
  • Solo
  • Default: Blank (undefined)
  • Container
Yes

license.type

  • Production
  • Non-Production
  • Default: Non-Production
    Note: For container, the default value is Production
Yes

license.pvu

A non-negative integer
  • The license.pvu parameter is only applicable for non-container Connect:Direct Premium licenses
  • This value can be calculated using the IBM License Metric Tool (ILMT) or it can be looked up at the IBM Processor Value Unit licensing website.
  • Default: 0
Yes

license.vpc

Attention: The license.vpc parameter is only applicable for Connect:Direct Container Premium licenses.
A non-negative integer
  • This value can be calculated using the IBM License Metric Tool (ILMT) or or for more information about how to determine the usage of VPCs, see Virtual Processor Core (VPC)
  • Default: 1
Yes

install.agent record

The install.agent record contains IBM Sterling Connect:Direct parameters to control the Connect:Direct Install Agent, used by Control Center Director to manage applying upgrades and maintenance.

Parameter Description Value Restart Required
agent.port Configures the Agent listening port that Control Center Director will use to communicate with the Agent. Port number Default Value: 1365 Yes
osa.rest.url Configures the Control Center Director Open Server Architecture (OSA) URL, the target location where Agent posts all the events to Control Center Director. Valid URL
Example:
osa.rest.url=https://<ip/hostname:port>/osa/events/post:
[Default:<blank>]
Note: Ensure that you insert a ';' and not a ':' between hostname and port and after https.
Default Value: blank
No
osa.disable Allows disabling OSA without deleting osa.rest.url. Y | N No
agent.enable Specifies whether the agent is enabled to run, or disabled and will be stopped. Y | N No
agent.installation_id Identifies the Connect:Direct installation package installed by Control Center Director. Informational only, managed by CCD. No
installer.location Specifies the location of installer download during upgrade via Control Center Director. Valid path on system
Note: The path should be an absolute path.
No

Backup locations record

The backup.locations record contains IBM Sterling Connect:Direct parameters to specify custom backup paths and installation program paths, used by Control Center Director during upgrade.

Parameter Description Value Restart Required
cd.backup Specifies the location where backup of Connect:Direct will be stored before an upgrade. path No
agent.backup Specifies the location where backup of Install Agent will be stored before an upgrade. path No
emergency_restore.installers Specifies the location where Connect:Direct installer will be stored, which can be used during emergency restore. path No
installer.location Specifies the location of installer download during upgrade via Control Center Director. path No

cd.file.agent Record

The cd.file.agent record contains IBM Connect:Direct parameters to control Connect:Direct File Agent.

The following table describes the parameter available for this record:
Parameter Description Value Restart Required
cdfa.enable Specifies whether the Integrated File Agent is enabled to run or disabled and will be stopped. y|n No

port.check record

The port.check record contains IPv4/IPv6 address or hostname from which port check connections are expected and allowed. Wildcard(*) can also be used in IP addresses and hostnames.

Note: This feature is always enabled in a container deployment.

Any change in port.check record requires a service restart. However, if an invalid value is added to this record, the service restart would fail.

The following table describes the parameter available for this record:
Parameter Description Value Restart Required
trusted.addr Specifies the IPv4/IPv6 address or hostname from which port check connections are expected and allowed.
  • list of valid IP addresses or hostnames with or without wildcard (*) separated with commas
  • IP address range using masking in CIDR notation
  • blank (default)
Yes

Some examples of entries with wildcard and masking-

172.20.185.*
172.20.*.*
2001:DB8:0:0:0:0:0:*
199.2.4.0/24
fd00:0:0:2015::0/48
172.20.185.20/255.255.255.0
*.lab.example.com
cd*.lab.example.com