The credentials file

The credentials file contains user credentials that can be used by many IBM® InfoSphere® Information Server commands that support the -authfile option, such as dsjob, DirectoryCommand, and others.

Attention: Because the credentials file is used to run commands that require a password, it is essential to store the credentials file in a secure location and hide its contents. The file must not be readable, writeable, or executable by anyone other than a user or group with administrator access. Also, users that run commands that use the credentials file must have the same access as the file.

The credentials file has the following format:

  • It must be encoded with your platform default character set or ASCII characters only.
  • Each entry must occupy a whole line without leading and trailing white space.
  • The file must contain a user and password entry, although some tools, such as dsjob support additional name-value pairs, such as domain and server.
  • The name and value pairs are separated by an equals sign (=). For example:
  • When a value is specified in encrypted text, it must have been encrypted with the encrypt command. The encrypted string is prefixed with '{alias}', where alias is the alias of the encryption provider.
  • When a value is specified in plain, non-encrypted text, the value must not start with an opening brace ({) nor contain a closing brace (}) in the plain text string.
  • You can add comment lines, which must start with the number sign (#).
  • If the same key name exists multiple times in the file, the first name-value pair is used.

A sample credentials file:

# dsadm credentials