User Authorization Information File

In order for users to have access to IBM® Connect:Direct® and use IBM Connect:Direct commands and statements, you need to define a record for each user ID in the user authorization information file, called userfile.cfg. The user ID is the key to the local user information record. It must be a valid user ID on the local system and must be unique. To disable access to the software for a local user, delete or comment out the local user information record.

You can create a generic user ID by specifying an asterisk (*) as the user ID. If a user does not have a specific local user information record, the user authorizations will default to those specified in this generic record. If no generic local user information record is defined and no specific local user information record is defined for the user, the user cannot use IBM Connect:Direct.

IBM Connect:Direct may optionally use remote user information records to translate remote user IDs to valid local user IDs where IBM Connect:Direct is installed. If an snodeid parameter is not coded on the incoming Process, IBM Connect:Direct uses this proxy relationship to determine the rights of remote users to issue IBM Connect:Direct commands and statements.

Connect:Direct for UNIX uses the asterisk (*) character to establish generic mappings that facilitate mapping remote user IDs to local user IDs. The asterisk matches the node name or the host name. For example, you can specify *@node name to map the remote user ID to all user IDs at one node name, specify id@* to map to a specific user ID at all node names, or specify *@* to match all users at all node names.

Sample Mapping of Remote User IDs to Local User IDs

The following table displays sample remote user ID mappings to local user IDs using the special characters:

Remote User ID	at	Remote Node Name	is mapped to	Local User ID	Result of Mapping
user	@	*	=	test02	Remote user ID “user” on all remote nodes is mapped to local user ID test02.
*	@	mvs.node3	=	labs3	All remote user IDs on remote node mvs.node3 are mapped to local user ID labs3.
*	@	*	=	vip01	All remote user IDs on all remote nodes are mapped to local user ID vip01.

You can generate all the records through the script-based customization procedure or generate only one or two records and use a text editor to generate additional records. After customization, you may want to modify some of the parameters. Use cdcust to create a new user file or a text editor to modify the file as necessary.

Sample User Authorization File

The following sample displays a user authorization file. In the sample, SAM1 is the remote user ID, MVS.SAM1.NODE is the remote node name, and sam is the local UNIX user ID.

SAM1@MVS.SAM1.NODE:\
   :local.id=sam:\
   :pstmt.upload=y:\
   :pstmt.upload_dir=/home/qatest/username/ndm/uploaddir:\
   :pstmt.download=y:\
   :pstmt.download_dir=/home/qatest/username/ndm/downloaddir:\
   :pstmt.run_dir=/home/qatest/username/ndm/rundir:\
   :pstmt.submit_dir=/home/qatest/username/ndm/submitdir:\
   :descrip=:
 sam:\
   :admin.auth=y:\
   :pstmt.copy.ulimit=y:\
   :pstmt.upload=y:\
   :pstmt.upload_dir=/home/qatest/username/ndm/uploaddir:\
   :pstmt.download=y:\
   :pstmt.download_dir=/home/qatest/username/ndm/downloaddir:\
   :pstmt.run_dir=/home/qatest/username/ndm/rundir:\
   :pstmt.submit_dir=/home/qatest/username/ndm/submitdir:\
   :name=:\
   :phone=:\
   :descrip=:\
   :cmd.s+conf=n: