Worksheet Instructions
Before you install Connect:Direct® for UNIX, complete the following worksheets to help you gather the information needed to complete the installation.
- Installation Worksheet
- User Authorization Information File Worksheet
- CLI/API Configuration File Worksheet
- Network Map Remote Node Information File Worksheet
- Server Authentication key File Worksheet
- Client Authentication key File Worksheet
Installation Worksheet
Complete this worksheet to assist you during the installation procedure.
Parameter | Value |
---|---|
TCP/IP host name of the computer where the Connect:Direct for UNIX server is installed | |
Directory or path on which the distribution media will be mounted | |
Destination directory where IBM® Connect:Direct will be installed, including the full path name |
Customization Worksheet
Use this worksheet during customization. Refer to the Customizing Connect:Direct for UNIX.
Parameter | Default Value | Value to Use |
---|---|---|
Connect:Direct node name you are
customizing, up to 16 characters long. Important: Characters used in Netmap Node
Names (or Secure+ Node Names or Secure+ Alias Names) should be restricted to A-Z, a-z, 0-9
and @ # $ . _ - to ensure that the entries can be properly managed by Control Center, or IBM Sterling Connect:Direct Application Interface
for Java™ for Java (AIJ) programs.
|
||
Initialization Parameters File Information | ||
TCP/IP port number that the server monitors for an API connection request. | 1363 | |
TCP/IP port number that the server monitors for a remote Connect:Direct connection request: Note: Use
the default port number, if available. If the default port number is being used by another service,
use any other available port. Check the /etc/services file for a list of ports.
|
1364 | |
TCP/IP port number that the server uses to communicate with Install Agent included in Connect:Direct. | 1365 |
User Authorization Information File Worksheet
Use this worksheet when you are defining the user authorization information which includes the remote user information records and local user information records.
All IBM Connect:Direct users must have an entry in the user authorization information file.
Remote User Information Record
IBM Connect:Direct uses the remote user information record to establish a proxy relationship between remote and local user IDs. Remote user IDs are translated to valid local user IDs on the system where you are installing Connect:Direct for UNIX. IBM Connect:Direct also uses the remote and local user information records to determine the functionality of the user IDs that are translated and connected to it through a client using a IBM Connect:Direct API.
Use the following table to create a list of remote user IDs and the local user IDs to which they will be mapped. If necessary, make copies of this page to record additional remote user IDs and local user IDs.
For more information on creating remote user information records and for information on using special generic characters to map remote user IDs, refer to the Connect:Direct for UNIX Administration Guide.
Remote User ID | at | Remote Node Name | mapped to | Local User ID |
---|---|---|---|---|
@ | = | |||
@ | = | |||
@ | = | |||
@ | = | |||
@ | = | |||
@ | = | |||
@ | = | |||
@ | = | |||
@ | = | |||
@ | = | |||
@ | = | |||
@ | = | |||
@ | = | |||
@ | = | |||
@ | = |
Local User Information Record
Use the following table to record the local user ID records to create and the parameters to define. Define the additional parameters by editing the userfile.cfg file using any standard UNIX editor.
Default values are shown as capital letters in brackets. Before you begin defining local user information records, make copies of this worksheet for the number of users you plan to create.
Local User ID | Parameter | Description | Value to Assign |
---|---|---|---|
admin.auth | Determines if the user has administrative authority. y—All the other command parameter capabilities in the local user information record are automatically assigned to this user. n—You must grant specific command parameters individually. |
||
client.cert_auth | Determines if the user can perform certificate authentication for client API
connections. y—Enables client certificate authentication for the user n—Disables client certificate authentication for the user |
y | n | |
client.source_ip | Use this parameter to list all of the IP addresses and/or host names that are valid for this user's API connection. If you specify values for this field, the IP address of this user's API connection is validated with the client.source_ip list. If the IP address does not match the one specified on the list, the connection is rejected. |
A comma-separated list of client IP addresses or host names associated with client IP addresses. The IP address of the client connection for this user must match the address configured in this field. For example: nnn.nnn.nnn.nnn, localhost |
|
cmd.chgproc | Specifies whether the user can issue the change Process command. y—Allows the user to issue the command. n—Prevents the user from issuing the command. a—Allows all users to issue this command. |
y | n | a | |
cmd.external.stat.log | Determines if the user can log stats in to Connect:Direct for UNIX from
Integrated File Agent. y-Allows the user to log stats from Integrated File Agent into Connect:Direct for Unix stats. n- Prevents the user from logging stats from Integrated File Agent into Connect:Direct for Unix stats. |
y | n | |
cmd.delproc | Specifies whether the user can issue the delete Process command. y—Allows the user to issue the command. n—Prevents the user from issuing the command. a—Allows all users to issue this command. |
y | n | a | |
cmd.flsproc | Specifies whether the user can issue the flush Process command. y—Allows the user to issue the command. n—Prevents the user from issuing the command. a—Allows all users to issue this command. |
y | n | a | |
cmd.selproc | Specifies whether the user can issue the select Process command. y—Allows the user to issue the command. n—Prevents the user from issuing the command. a—Allows all users to issue this command. |
y | n | a | |
cmd.selstats | Specifies whether the user can issue the select statistics command. y—Allows the user to issue the command. n—Prevents the user from issuing the command. a—Allows all users to issue this command. |
y | n | a | |
cmd.viewproc | Specifies whether the user can issue the view process command. y-Allows the user to issue the command. n-Prevents the user from issuing the command. |
y | n | |
cmd.stopndm | Specifies whether the user can issue the stop command. y—Allows the user to issue the command. n—Prevents the user from issuing the command. |
y | n | |
cmd.submit | Specifies whether the user can issue the submit Process command. y—Allows the user to issue the command. n—Prevents the user from issuing the command. |
y | n | |
cmd.s+conf | Specifies whether the user can issue Secure Plus configuration commands
from network clients, such as IBM® Control Center or Java API. y-Allows the user to issue the command. n-Prevents the user from issuing the command. |
y | n | |
cmd.trace | Specifies whether the user can issue the trace command. y—Allows the user to issue the command. n—Prevents the user from issuing the command. |
y | n | |
descrip | Permits the administrator to add descriptive notes to the record. | text string ________________ | |
name | Specifies the name of the user. | user name ________________ | |
fileagent.auth | Determines if the user can issue get/update File Agent JSON configuration
command. y-Allows the user to issue both get/update File Agent JSON configuration command. n-Prevents the user from issuing File Agent JSON configuration command. v-Allows the user to issue only get File Agent JSON configuration. |
y | n | v | |
phone | Specifies the telephone number of the user. | user phone ________________ | |
pstmt.copy | Specifies whether the user can issue the copy command. y—Allows the user to issue the command. n—Prevents the user from issuing the command. |
y | n | |
pstmt.copy. ulimit |
Specifies the action to take when the limit on a user output file size is
exceeded during a copy operation. The value for this parameter overrides the equivalent value for the ulimit parameter in the initialization parameters file. If a value is not defined in the initialization parameters file, the default is n. y or n or nnnnnnnK or nnnnM or nG where nnnnnnnK, nnnnM or nG establishes a default output file size limit for all copy operations. K—Thousands of bytes. M—Denotes millions of bytes. G—Denotes billions of bytes. The maximum value you can specify is 1 trillion byte. |
||
pstmt.crc | Enables the user to override the initial settings in the initialization
parameters or network map settings files for specifying the use of CRC checking in a process
statement. y-Allows the user to specify CRC checking on a Process statement n-Prevents user from specifying CRCchecking on a Process statement |
y | n | |
pstmt.download | Specifies whether the user can download files. y—Allows the user to issue the command. n—Prevents the user from issuing the command. |
y | n | |
pstmt.download _dir |
Specifies the directory to which the user can download files. | ||
pstmt.runjob | Specifies whether the user can issue the run job statement. y—Allows the user to issue the command. n—Prevents the user from issuing the command. |
y | n | |
pstmt.runtask | Specifies whether the user can issue the run task statement. y—Allows the user to issue the command. n—Prevents the user from issuing the command. |
y | n | |
pstmt.submit | Specifies whether the user can issue the submit statement. y—Allows the user to issue the command. n—Prevents the user from issuing the command. |
y | n | |
snode.ovrd | Specifies whether the user can code the snodeid parameter on the submit command
and Process and submit statements. y—Allows the user to issue the command. n—Prevents the user from issuing the command. |
y | n | |
pstmt.upload | Specifies whether the user can upload files. y—Allows the user to issue the command. n—Prevents the user from issuing the command. |
y | n | |
pstmt.upload_dir | Specifies the directory from which the user can upload files. | ||
proclib.auth | Determine if the user can issue process library commands like add,
delete, rename, list and get. y-Allows the user to issue all the process library commands. n-Prevents the user from issuing process library commands. v- Allows the user to only view the process library via get/list commands. |
y | n | v | |
pstmt.run_dir | Specifies the directory that contains the programs and scripts the user can execute. | ||
pstmt.submit_dir | Specifies the directory from which the user can submit Processes. |
CLI/API Configuration File Worksheet
Use this worksheet to define the parameters needed to create a client configuration file. Create a separate file for each client attached to the server.
Parameter | Default Value | Value To Use |
---|---|---|
Port number of the
Connect:Direct for UNIX server
to which this client will connect. Note: Use the default port number
if available. If the default port number is being used by another
service, use any other available port. Check the /etc/services file
for a list of ports.
|
1363 | |
Host name of the
Connect:Direct for UNIX server
to which this API will connect. You can also type the IP address of the server. |
Network Map Remote Node Information File Worksheet (TCP/IP)
The initial network map file containing a local node definition is created for you during the installation procedure; however, you must add a remote node record to the network map for each remote node you will communicate with unless you plan to specify the IP address or host name with the SNODE parameter when you submit a Process.
Use the information on this worksheet when you modify the network map. Make a copy of this worksheet for each remote node in the network.
Parameter | Default Value | Value To Use |
---|---|---|
Remote Connect:Direct node name | ||
Host name or IP address on which the remote IBM Connect:Direct server will run. | ||
Communication port number to call the remote Connect:Direct server: | 1364 |
Server Authentication Key File Worksheet
The initial server authentication key file is created during the installation procedure; however, you can update your key later. Use the information on this worksheet when you modify your key.
Parameter | Default Value | Value To Use |
---|---|---|
The host name on which the API is executed. An asterisk (*) stands for any host. |
* |
IBM Connect:Direct security depends on a key (similar to a password) in a IBM Connect:Direct server and an identical key in each API that communicates with that server. The keys are defined and coordinated by the system administrator of the specific node or nodes, and should be kept secure. Be sure the authentication keys are available during installation, but do not record them on this worksheet or where they can be lost.
Client Authentication Key File Worksheet
The initial client authentication key file is created automatically during the installation; however, you can update your key at a later date. Use the information on this worksheet when you modify the key.
Parameter | Default Value | Value To Use |
---|---|---|
The host name on which a IBM Connect:Direct is
executed. An asterisk (*) stands for any host. |
* |
IBM Connect:Direct security depends on a key, similar to a password, in a IBM Connect:Direct server and an identical key in each API that will communicate with that server. The keys are defined and coordinated by the system administrator of the specific node or nodes, and should be kept secure.
Have the authentication keys you will use available during installation, but do not record them on this worksheet or anywhere else that could compromise security.