Updating records
You can update various parameters in records that IBM® Connect:Direct® uses. Required parameters are displayed in bold.
Path record
The ndm.path record identifies the path to IBM Connect:Direct files. The following table describes the parameter available for this record:
Parameter | Description | Value | Restart Required |
---|---|---|---|
path |
The path to all IBM Connect:Direct subdirectories and files. | path specification | Not Applicable Note: Not recommended to be changed. If changed,
restart is required.
|
SNODE work path parameter
ndm.path
record and identifies the path to the shared work area for SNODE work files. This path must point to
a cluster file system, such as IBM's GPFS, or a Network File System version 4 (NFSv4) or greater
resource. This includes the Amazon Elastic File System (EFS), as it is mounted via NFSv4 protocol.
NFSv3 is not supported. This optional parameter provides a means to share SNODE work files among
nodes in a load balancing environment. SNODE return code files (steprc files) and
copy checkpoint information are created in this area when the
snode.work.path parameter is specified. The following table describes the
snode.work.path parameter:
Parameter | Description | Value | Restart Required |
---|---|---|---|
snode.work.path | The path to the shared work area for SNODE work files. Note: Specify the same path for all nodes in a cluster.
|
path specification | No |
Process Library location parameter
The default value of this parameter is <installation directory>/process, which will be created during installation with the appropriate permissions. A corresponding initparm with the name 'process.dir' is added pointing to this path.
In case the Connect:Direct Admin chooses an alternative location for the process library, this directory must have UNIX permission 1775. Also, the parent directory of the new location should have permissions such that Connect:Direct admin can perform read/write on the new 'process library'. The initparm 'process.dir' pointing to the default process library should also be updated to point to the new location.
process.dir
parameter is part of the ndm.path record and identifies the
path to the Connect:Direct process library but it is configurable and can be changed. The
following table describes the process.dir
parameter:
Parameter | Description | Value | Restart Required |
---|---|---|---|
process.dir |
The location of process library used by Integrated File Agent | path specification | No |
Node name record
Parameter | Description | Value | Restart Required |
---|---|---|---|
name |
The name of the node. | The maximum length is 16 bytes. If a node name is longer, the name will be truncated. | Not Applicable Note: Not recommended to be changed. If changed,
restart is required.
|
instance.id |
A unique identifier for Connect:Direct nodes in a load balanced (LB) cluster. | A unique text identifier for each node in an LB cluster. By default, it is initialized with a universally unique identifier (UUID). | Not Applicable. Note: Changing this setting is not recommended.
If changed, a restart is required.
|
PAM service record
The ndm.pam record identifies the PAM service configuration file used to authenticate the user authority for IBM Connect:Direct Processes. If the service initialization parameter is defined and if PAM is installed on the IBM Connect:Direct server, PAM is used to authenticate users for service-providing application.
The service name required is typically defined in the /etc/pam.conf
file for
AIX, Solaris and HP operating systems, or defined and named by a file in the
/etc/pam.d
directory for Linux operating systems. Your system might also have a man page
for PAM that provides further details.
Parameter | Description | Value | Restart Required |
---|---|---|---|
service |
PAM service configuration file name. | File name | No |
Quiesce/resume record
The ndm.quiesce record specifies whether IBM Connect:Direct is operating in a “test” mode.
Use this record in conjunction with the NDMPXTBL table to enable the test mode. If you enable the quiesce.resume parameter, you must have an NDMPXTBL parameter table updated for your environment in the installation ndm/cfg/<nodename> directory. For more information on the test mode and the NDMPXTBL table, see Processing Flow of the Test Mode.
Parameter | Description | Value | Restart Required |
---|---|---|---|
quiesce.resume |
Enables/disables the test mode for IBM Connect:Direct. | y | n y—Enables the test mode. n—Disables the test mode. The default is n. |
Yes |
Priority record
Parameter | Description | Value | Restart Required |
---|---|---|---|
default |
The default value of the Process priority. | 1–15. The default value is 10. 15 is the highest priority. |
No |
Restrict record
If a run directory restriction is defined in the user configuration file (userfile.cfg), the restrict record determines if commands containing certain special characters are allowed.
Parameter | Description | Value | Restart Required |
---|---|---|---|
cmd |
Determines if commands with certain special characters are allowed. | y | n y—Restricts the ability to use commands with any of the following special characters: ; & ‘ | n—Does not restrict allowed commands. |
No |
Remote node connection record
The rnode.listen record contains parameters used by the local node to monitor inbound connection requests.
Parameter | Description | Values | Restart Required |
---|---|---|---|
recid |
A unique identifier of an rnode.listen record. | A text string | Yes |
comm.info |
The information needed to monitor connection requests from remote
nodes using TCP/IP. This parameter is required.
|
For TCP/IP connections, specify the host name or the IP address
and port number: 10.23.107.5;1364 Separate multiple IP/host addresses with a comma (,): fe00:0:0:2014::7;1364, msdallas-dt;1364 A space can be added after the comma for readability. Set the IP address to monitor a specific adapter or to 0.0.0.0, to monitor all adapters. The default port is 1364. |
Yes |
comm.transport |
The transport protocol for the remote node. | tcp tcp—For TCP/IP connections |
Yes |
Transmission Control Queue record
The tcq record provides information that pertains to the Transmission Control Queue (TCQ).
Parameter | Description | Value | Restart Required |
---|---|---|---|
max.age |
The maximum number of days a Process with Held-in-Error status remains in the TCQ before it is automatically deleted. | A three-digit decimal number. IBM Connect:Direct does not
automatically delete Processes when max.age=0. The default is 8 days. |
Yes |
ckpt.max.age |
The maximum number of days a Process' checkpoint file is stored unused before it is automatically deleted. | An integer in the range 0 - 2147483647, inclusive. IBM Connect:Direct does not
automatically delete the checkpoint file when ckpt.max.age=0. The default is 8 days after a fresh installation. If ckpt.max.age is left unset, it defaults to 2147483647. |
Yes |
Connect:Direct Secure Plus record
The Connect:Direct Secure Plus record (Secure+ record) provides information pertaining to remote configuration of Connect:Direct Secure Plus from the IBM Connect:Direct client API.
Parameter | Description | Value | Restart Required |
---|---|---|---|
certificate.directory |
Specifies a default certificate directory for Secure+ commands issued from the IBM Connect:Direct client API. If the certificate directory is not configured, the default directory created during installation is used. | Directory path name | No |
s+cmd.enforce.secure. connection |
Specifies whether Secure+ commands are accepted from the IBM Connect:Direct client API on unsecure connections. | y | n y—Commands from unsecure connections are not accepted. The default is y. n—Commands from unsecure connections are accepted |
No |
Global Copy record
The Global Copy record called copy.parms provides default information for the IBM Connect:Direct copy operation.
Record | Description | Value | Restart Required |
---|---|---|---|
ckpt.interval |
The default number of bytes transmitted in a copy operation before
a checkpoint is taken. Following is a list of the maximum number of digits for each
byte interval: no—No checkpointing nnnnnnnn—Up to an 8-digit decimal nnnnnnnnK—Up to an 8-digit decimal, where K denotes 1024 bytes nnnnnnnnM—Up to an 7-digit decimal, where M denotes 1048576 bytes nnnnG—Up to an 4-digit decimal, where G denotes 1073741824 bytes |
The maximum possible value is 1 terabyte (TB). The normal value is 64KB. | No |
ulimit |
The action taken when the limit on a user output file size is exceeded during a copy operation. | n—Ignores the limit. n is the default value. y—Recognizes the user file size limit. If this limit is exceeded during a copy operation, the operation fails. |
No |
xlate.dir |
The name of the directory containing the translation tables. | Any valid directory. The default path is d_dir/ndm/xlate. |
No |
xlate.send |
The default translation table used when sending data to a remote node. | Any valid directory. The default file name is def_send.xlt. |
No |
xlate.recv |
The name of the default translation table used when copying data from a remote node. | The default file name is def_recv.xlt in the directory defined in the xlate.dir parameter. | No |
continue.on.exception |
The method to use to handle an exception condition in a Process. If a step fails due to a STOP IMMEDIATE or FLUSH exception issued on the remote node, the Process is placed in the Hold HE queue, regardless of the value of this parameter. | y—Continues Processing with the next step. n—Places a Process in the Hold queue with a value of HE. The default is n. |
No |
ecz.compression.level |
Sets the compression level. | 1–9. The default is 1. 1—The fastest but offers the least degree of compression. 9—Provides the greatest degree of compression but is the slowest. |
No |
ecz.memory.level |
How much virtual memory to allocate to maintaining the internal compression state. | 1–9. The default is 4. 1—Uses the least memory and 9 uses the most memory. |
No |
ecz.windowsize |
The size of the compression window and history buffer. The larger the window, the greater the compression. However, increasing the window uses more virtual memory. | Valid values are 9–15. The default is 13. | No |
retry.codes |
The codes to recognize as a file allocation retry attempt. File
allocation retry enables a Process with a file allocation or open error on either
the local or remote node to run the Process again, beginning at the copy step where
the error occurred. This feature supports the ability to retry a Process that failed
when a file is already in use. When a file allocation or open error occurs on either the local or remote node, the PNODE searches for the error or message ID in the retry.codes and retry.msgids parameters. If the error code or message ID is found, the Process is retried. Since error codes can vary from one operating system to another and the same error code can have different meanings, use message IDs to identify retry conditions when communicating between two different platforms. You can perform retry attempts based on codes only, IDs only, or a combination of the two. When a retry condition is detected,
the session is terminated cleanly and the Process is placed in the Timer queue.
Note: If you are using the file allocation retry function
when communicating with a remote node on an operating system that is not UNIX,
identify operating system retry codes using formats and code values defined by
the remote node.
|
Any valid error code | No |
retry.msgids |
Identifies the message IDs to use to support a file allocation
retry attempt. Since error codes can vary from one operating system to another and the same error code can have different meanings, use message IDs to identify retry conditions when communicating between two different platforms. When a file allocation or open error occurs on either the local or remote node, the PNODE searches for the message ID in the retry.msgids parameters. If the message ID is found, the Process is retried. You can perform retry attempts based on codes only, message IDs only, or a combination of the two. When a retry condition is detected, the session is terminated cleanly and the Process is placed in the Timer queue. |
Any of the valid file allocation retry messages. | No |
tcp.crc |
Globally turn on or off the CRC function for TCP/IP Processes. | y | n y—Turns on the CRC function globally. n—Turns off the CRC function globally. The default is n. |
No |
tcp.crc.override |
Determines whether netmap remote node and Process statement overrides for CRC checking are allowed. If this value is set to n, setting overrides for CRC checking will be ignored. | y | n y—Allows netmap remote node and Process statement overrides for CRC checking. n—Prevents netmap remote node and Process statement overrides for CRC checking. The default is n. |
No |
strip.blanks |
Determines whether trailing blank characters are stripped from the end of a record. If strip.blanks is not defined in the initialization parameter, the default value of i is used. | y | n | i y—Strips blanks from the end of a record n—Does not strip blanks from the end of a record i—Setting for strip.blanks is determined by the default value of the remote node type as follows:
|
No |
insert.newline |
Arbitrarily appends an LF character at the end of each record when receiving a datatype=text file. By default, an LF character is not appended if one already exists at the end of a record. | y | n y—Arbitrarily appends an LF character n—Appends an LF character if needed |
No |
recv.file.open.perm |
recv.file.open.perm=nnn , where nnn is an octal
integer describing the desired default permissions for new files received.It is
the same as the value documented for the copy |
Octal Integer | No |
recv.file.open.ovrd |
recv.file.open.ovrd=x , where x is one of the following three
values:
|
y | n | p | No |
fsync.after.receive |
Files received and closed by C:D to an NFS destination may not be immediately ready for processing due to NFS cached writes. This parameter optionally calls fsync function to attempt to flush all data to disk before closing the file. | [y|n]. Default is y. | No |
Global Run Task record
The Global Run Task record called runtask.parms is used if the pnode and snode cannot resynchronize during a restart.
Parameter | Description | Value | Restart Required |
---|---|---|---|
restart | If processing is interrupted when a run task on an SNODE step is
executing and if synchronization fails after a restart, IBM Connect:Direct reads the
restart parameter to determine whether to perform the run task step
again. Set this parameter in the initialization parameters file of the SNODE. Note: When a load balancing cluster is used and the snode.work.path is
specified, the restart parameter takes effect only when
resynchronization fails.
|
y | n y—The run task program runs again. The default is y. n—The Process skips the run task step. |
No |
Statistics file information record
Parameter | Description | Value | Restart Required |
---|---|---|---|
file.size |
The maximum size in bytes of an individual statistics data file. The statistics file name is written in the format of Syyyymmdd.ext, where yyyy indicates year, mm indicates month, and dd indicates day. The extension (ext) begins as 001. When a statistics file reaches the defined size within a 24-hour period, a new file is created with the same file name. The extension value is incremented by one. | nnnnnnnn, nnnnnnnnK, nnnnnnnM, or nnnnG—Establishes a default output file size limit for the statistics files. K denotes 1024 bytes. M denotes 1048576 bytes. G denotes 1073741824 bytes. The maximum value you can specify is 1 TB. | No |
log.commands |
Determines whether commands are written to the statistics file. If you want to log all commands except the select statistics and select process commands, set this parameter to y and the log.select parameter to n. | y | n y—Commands are written to the statistics file. n—Commands are not written to the statistics file. The default is n. |
No |
log.select |
Specifies whether IBM Connect:Direct creates a statistics record when a select process or select statistics command is executed. | y | n y—A statistics record is created. n—A statistics record is not created. The default is n. |
No |
max.age |
Specifies how old a statistics file must be before it is archived. Once a day, a shell script is executed that identifies the statistics files that are as old as the max.age, runs the tar command and the compress command to create a compressed archive, and then deletes the statistics files that have been archived. | A 3-digit decimal number. The default is 8 days. 0—no archiving. |
Yes |
Running a Process generates multiple statistics records. To accommodate the large number of statistics records generated, IBM Connect:Direct closes the current statistics file and creates a new statistics file at midnight every day. It can also close the current file before midnight if the file size exceeds the value set for the file.size initialization parameter. The default file size is 1 megabyte.
Statistics files are stored in the d_dir/work/cd_node directory. Names of the statistics files are in the format Syyyymmdd.ext, where yyyy indicates year, mm indicates month, and dd indicates day. The extension (ext) begins as 001. The extension is incremented by one each time a new statistics file is created in a single day.
Connect:Direct for UNIX provides a utility to archive and purge statistics files. You identify when to archive a statistics file by setting the parameter, max.age. The max.age parameter defines how old a statistics file must be before you want to archive the file. Once a day, the script called statarch.sh is started. This script identifies the statistics files that are greater than or equal to the max.age. It then runs the tar command and the compress command to create a compressed archived file of all the statistics records that match the max.age parameter. Once the statistics files are archived, these files are purged.
The archived files are stored in the directory where the statistics files and TCQ are stored. The shell script, statarch.sh, is located in the ndm/bin directory. If necessary, modify the script to customize it for your environment.
If you want to restore statistics files that have been archived, run the statrestore.sh script. It uses the tar command to restore all the statistics files in the archive. Once files are restored, the statistics records can be viewed using the select statistics command.
Server authentication record
The server authentication record called authentication is used during the authentication procedure.
Parameter | Description | Value | Restart Required |
---|---|---|---|
server.program |
The name and location of the server program used during the authentication procedure. | The default is ndmauths. | No |
server.keyfile |
The name and location of the key file used during the authentication procedure. | The default is keys.server. | No |
User exit record
Parameter | Description | Value | Restart Required |
---|---|---|---|
stats.exit.program |
The gateway control program used during the user exit procedure. This exit is given control for each statistics record that is written. | Name of the gateway control program. | No |
file.open.exit.program |
The file open exit program used during the user exit procedure. It
enables you to control file names on both the sending and receiving node. The exit is
located so that it takes control on the receiving (remote) node before the file is opened.
This exit applies only to the copy statement and provides access to all file control parameters (including the data set name file name, sysopt parameters, and disposition). |
Name of the file open exit program. | No |
security.exit.program |
The security exit program used during the user exit procedure. This exit generates and verifies passtickets, and it also supports other password support programs, such as PASSTICKET, part of the RACF security system available on MVS hosts and also supported by IBM on UNIX AIX and OS/2 computers using the NETSP product. | Name of the security exit program. | No |
security.exit.flag |
Modifies the default behavior of security.exit.program. This is an optional parameter. | snode_sec_exit_only | sec_exit_only snode_sec_exit_only— Causes IBM Connect:Direct to use the security exit, when it is acting in the role of the SNODE. After IBM Connect:Direct receives a valid message, it evaluates the proxy and the secure point-of-entry to establish the local user. The security exit is not used when IBM Connect:Direct is the PNODE. sec_exit_only—Causes IBM Connect:Direct to always use the security exit. After IBM Connect:Direct receives a valid message, it evaluates the proxy and the secure point-of-entry to establish the local user. |
No |
Secure cdpmgr initialization procedure
Parameter | Description | Value | Restart Required |
---|---|---|---|
ndm.env_vars:sanitize |
Implementing standard safe initialization procedures, cdpmgr sanitizes environment variables inherited from the user that starts it. This sanitization procedure may prevent some run task steps from working properly if the tasks were designed to rely on these inherited variables. While IBM recommends designing run tasks so that they don't rely on inherited environment variables, this parameter provides the option to prevent cdpmgr from sanitizing inherited environment variables. | [y|n]. Default is y. | Yes |
License record
The license record identifies Connect:Direct license metrics.
Parameter | Possible Values | Restart Required |
---|---|---|
|
|
Yes |
|
|
Yes |
|
A non-negative integer
|
Yes |
Attention: The
license.vpc parameter is
only applicable for Connect:Direct Container Premium
licenses. |
A non-negative integer
|
Yes |
install.agent record
The install.agent record contains IBM Sterling Connect:Direct parameters to control the Connect:Direct Install Agent, used by Control Center Director to manage applying upgrades and maintenance.
Parameter | Description | Value | Restart Required |
---|---|---|---|
agent.port |
Configures the Agent listening port that Control Center Director will use to communicate with the Agent. | Port number Default Value: 1365 | Yes |
osa.rest.url |
Configures the Control Center Director Open Server Architecture (OSA) URL, the target location where Agent posts all the events to Control Center Director. | Valid
URL Example:
Default Value: blank
Note: Ensure that you insert a ';' and not a ':'
between hostname and port and after
https.
|
No |
osa.disable |
Allows disabling OSA without deleting osa.rest.url. | Y | N | No |
agent.enable |
Specifies whether the agent is enabled to run, or disabled and will be stopped. | Y | N | No |
agent.installation_id |
Identifies the Connect:Direct installation package installed by Control Center Director. | Informational only, managed by CCD. | No |
installer.location |
Specifies the location of installer download during upgrade via Control Center Director. | Valid path on system Note: The
path should be an absolute path.
|
No |
Backup locations record
The backup.locations record contains IBM Sterling Connect:Direct parameters to specify custom backup paths and installation program paths, used by Control Center Director during upgrade.
Parameter | Description | Value | Restart Required |
---|---|---|---|
cd.backup |
Specifies the location where backup of Connect:Direct will be stored before an upgrade. | path | No |
agent.backup |
Specifies the location where backup of Install Agent will be stored before an upgrade. | path | No |
emergency_restore.installers
|
Specifies the location where Connect:Direct installer will be stored, which can be used during emergency restore. | path | No |
installer.location | Specifies the location of installer download during upgrade via Control Center Director. | path | No |
cd.file.agent Record
The cd.file.agent record contains IBM Connect:Direct parameters to control Connect:Direct File Agent.
Parameter | Description | Value | Restart Required |
---|---|---|---|
cdfa.enable |
Specifies whether the Integrated File Agent is enabled to run or disabled and will be stopped. | y|n | No |
port.check record
The port.check record contains IPv4/IPv6 address or hostname from which port check connections are expected and allowed. Wildcard(*) can also be used in IP addresses and hostnames.
Any change in port.check record requires a service restart. However, if an invalid value is added to this record, the service restart would fail.
Parameter | Description | Value | Restart Required |
---|---|---|---|
trusted.addr | Specifies the IPv4/IPv6 address or hostname from which port check connections are expected and allowed. |
|
Yes |
Some examples of entries with wildcard and masking-
172.20.*.*
2001:DB8:0:0:0:0:0:*
199.2.4.0/24
fd00:0:0:2015::0/48
172.20.185.20/255.255.255.0
*.lab.example.com
cd*.lab.example.com