Worksheet Instructions

Before you install Connect:Direct® for UNIX, complete the following worksheets to help you gather the information needed to complete the installation.

  • Installation Worksheet
  • User Authorization Information File Worksheet
  • CLI/API Configuration File Worksheet
The following worksheets are provided for your convenience:
  • Network Map Remote Node Information File Worksheet
  • Server Authentication key File Worksheet
  • Client Authentication key File Worksheet

Installation Worksheet

Complete this worksheet to assist you during the installation procedure.

Parameter Value
TCP/IP host name of the computer where the Connect:Direct for UNIX server is installed  
Directory or path on which the distribution media will be mounted  
Destination directory where IBM® Connect:Direct will be installed, including the full path name  

Customization Worksheet

Use this worksheet during customization. Refer to the Customizing Connect:Direct for UNIX.

Parameter Default Value Value to Use
Connect:Direct node name you are customizing, up to 16 characters long.
Important: Characters used in Netmap Node Names (or Secure+ Node Names or Secure+ Alias Names) should be restricted to A-Z, a-z, 0-9 and @ # $ . _ - to ensure that the entries can be properly managed by Control Center, or IBM Sterling Connect:Direct Application Interface for Java™ for Java (AIJ) programs.
   
Initialization Parameters File Information
TCP/IP port number that the server monitors for an API connection request. 1363  
TCP/IP port number that the server monitors for a remote Connect:Direct connection request:
Note: Use the default port number, if available. If the default port number is being used by another service, use any other available port. Check the /etc/services file for a list of ports.
1364  
TCP/IP port number that the server uses to communicate with Install Agent included in Connect:Direct. 1365  

User Authorization Information File Worksheet

Use this worksheet when you are defining the user authorization information which includes the remote user information records and local user information records.

All IBM Connect:Direct users must have an entry in the user authorization information file.

Remote User Information Record

IBM Connect:Direct uses the remote user information record to establish a proxy relationship between remote and local user IDs. Remote user IDs are translated to valid local user IDs on the system where you are installing Connect:Direct for UNIX. IBM Connect:Direct also uses the remote and local user information records to determine the functionality of the user IDs that are translated and connected to it through a client using a IBM Connect:Direct API.

Use the following table to create a list of remote user IDs and the local user IDs to which they will be mapped. If necessary, make copies of this page to record additional remote user IDs and local user IDs.

For more information on creating remote user information records and for information on using special generic characters to map remote user IDs, refer to the Connect:Direct for UNIX Administration Guide.

Remote User ID at Remote Node Name mapped to Local User ID
  @   =  
  @   =  
  @   =  
  @   =  
  @   =  
  @   =  
  @   =  
  @   =  
  @   =  
  @   =  
  @   =  
  @   =  
  @   =  
  @   =  
  @   =  

Local User Information Record

Use the following table to record the local user ID records to create and the parameters to define. Define the additional parameters by editing the userfile.cfg file using any standard UNIX editor.

Default values are shown as capital letters in brackets. Before you begin defining local user information records, make copies of this worksheet for the number of users you plan to create.

Local User ID Parameter Description Value to Assign
  admin.auth Determines if the user has administrative authority.

y—All the other command parameter capabilities in the local user information record are automatically assigned to this user.

n—You must grant specific command parameters individually.

 
  client.cert_auth Determines if the user can perform certificate authentication for client API connections.

y—Enables client certificate authentication for the user

n—Disables client certificate authentication for the user

y | n
  client.source_ip Use this parameter to list all of the IP addresses and/or host names that are valid for this user's API connection. If you specify values for this field, the IP address of this user's API connection is validated with the client.source_ip list. If the IP address does not match the one specified on the list, the connection is rejected.

A comma-separated list of client IP addresses or host names associated with client IP addresses.

The IP address of the client connection for this user must match the address configured in this field.

For example: nnn.nnn.nnn.nnn, localhost

  cmd.chgproc Specifies whether the user can issue the change Process command.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

a—Allows all users to issue this command.

y | n | a
  cmd.external.stat.log Determines if the user can log stats in to Connect:Direct for UNIX from Integrated File Agent.

y-Allows the user to log stats from Integrated File Agent into Connect:Direct for Unix stats.

n- Prevents the user from logging stats from Integrated File Agent into Connect:Direct for Unix stats.

y | n
  cmd.delproc Specifies whether the user can issue the delete Process command.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

a—Allows all users to issue this command.

y | n | a
  cmd.flsproc Specifies whether the user can issue the flush Process command.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

a—Allows all users to issue this command.

y | n | a
  cmd.selproc Specifies whether the user can issue the select Process command.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

a—Allows all users to issue this command.

y | n | a
  cmd.selstats Specifies whether the user can issue the select statistics command.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

a—Allows all users to issue this command.

y | n | a
  cmd.viewproc Specifies whether the user can issue the view process command.

y-Allows the user to issue the command.

n-Prevents the user from issuing the command.

y | n
  cmd.stopndm Specifies whether the user can issue the stop command.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

y | n
  cmd.submit Specifies whether the user can issue the submit Process command.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

y | n
  cmd.s+conf Specifies whether the user can issue Secure Plus configuration commands from network clients, such as IBM® Control Center or Java API.

y-Allows the user to issue the command.

n-Prevents the user from issuing the command.

y | n
  cmd.trace Specifies whether the user can issue the trace command.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

y | n
  descrip Permits the administrator to add descriptive notes to the record. text string ________________
  name Specifies the name of the user. user name ________________
  fileagent.auth Determines if the user can issue get/update File Agent JSON configuration command.

y-Allows the user to issue both get/update File Agent JSON configuration command.

n-Prevents the user from issuing File Agent JSON configuration command. v-Allows the user to issue only get File Agent JSON configuration.

y | n | v
  phone Specifies the telephone number of the user. user phone ________________
  pstmt.copy Specifies whether the user can issue the copy command.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

y | n
  pstmt.copy.

ulimit

Specifies the action to take when the limit on a user output file size is exceeded during a copy operation.

The value for this parameter overrides the equivalent value for the ulimit parameter in the initialization parameters file. If a value is not defined in the initialization parameters file, the default is n.

y or n or nnnnnnnK or nnnnM or nG where nnnnnnnK, nnnnM or nG establishes a default output file size limit for all copy operations.

K—Thousands of bytes.

M—Denotes millions of bytes.

G—Denotes billions of bytes.

The maximum value you can specify is 1 trillion byte.

 
  pstmt.crc Enables the user to override the initial settings in the initialization parameters or network map settings files for specifying the use of CRC checking in a process statement.

y-Allows the user to specify CRC checking on a Process statement

n-Prevents user from specifying CRCchecking on a Process statement

y | n
  pstmt.download Specifies whether the user can download files.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

y | n
  pstmt.download

_dir

Specifies the directory to which the user can download files.  
  pstmt.runjob Specifies whether the user can issue the run job statement.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

y | n
  pstmt.runtask Specifies whether the user can issue the run task statement.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

y | n
  pstmt.submit Specifies whether the user can issue the submit statement.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

y | n
  snode.ovrd Specifies whether the user can code the snodeid parameter on the submit command and Process and submit statements.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

y | n
  pstmt.upload Specifies whether the user can upload files.

y—Allows the user to issue the command.

n—Prevents the user from issuing the command.

y | n
  pstmt.upload_dir Specifies the directory from which the user can upload files.  
  proclib.auth Determine if the user can issue process library commands like add, delete, rename, list and get.

y-Allows the user to issue all the process library commands.

n-Prevents the user from issuing process library commands.

v- Allows the user to only view the process library via get/list commands.

y | n | v
  pstmt.run_dir Specifies the directory that contains the programs and scripts the user can execute.  
  pstmt.submit_dir Specifies the directory from which the user can submit Processes.  

CLI/API Configuration File Worksheet

Use this worksheet to define the parameters needed to create a client configuration file. Create a separate file for each client attached to the server.

Parameter Default Value Value To Use
Port number of the Connect:Direct for UNIX server to which this client will connect.
Note: Use the default port number if available. If the default port number is being used by another service, use any other available port. Check the /etc/services file for a list of ports.
1363  
Host name of the Connect:Direct for UNIX server to which this API will connect.

You can also type the IP address of the server.

   

Network Map Remote Node Information File Worksheet (TCP/IP)

The initial network map file containing a local node definition is created for you during the installation procedure; however, you must add a remote node record to the network map for each remote node you will communicate with unless you plan to specify the IP address or host name with the SNODE parameter when you submit a Process.

Use the information on this worksheet when you modify the network map. Make a copy of this worksheet for each remote node in the network.

Parameter Default Value Value To Use
Remote Connect:Direct node name    
Host name or IP address on which the remote IBM Connect:Direct server will run.    
Communication port number to call the remote Connect:Direct server: 1364  

Server Authentication Key File Worksheet

The initial server authentication key file is created during the installation procedure; however, you can update your key later. Use the information on this worksheet when you modify your key.

Parameter Default Value Value To Use
The host name on which the API is executed.

An asterisk (*) stands for any host.

*  

IBM Connect:Direct security depends on a key (similar to a password) in a IBM Connect:Direct server and an identical key in each API that communicates with that server. The keys are defined and coordinated by the system administrator of the specific node or nodes, and should be kept secure. Be sure the authentication keys are available during installation, but do not record them on this worksheet or where they can be lost.

Client Authentication Key File Worksheet

The initial client authentication key file is created automatically during the installation; however, you can update your key at a later date. Use the information on this worksheet when you modify the key.

Parameter Default Value Value To Use
The host name on which a IBM Connect:Direct is executed.

An asterisk (*) stands for any host.

*  

IBM Connect:Direct security depends on a key, similar to a password, in a IBM Connect:Direct server and an identical key in each API that will communicate with that server. The keys are defined and coordinated by the system administrator of the specific node or nodes, and should be kept secure.

Have the authentication keys you will use available during installation, but do not record them on this worksheet or anywhere else that could compromise security.