![]() |
![]() |
|
|
Administrative Command Reference Pages
This section covers the following reference pages for administrative commands, formerly called man pages:
Refer to the BEA eLink Adapter for Mainframe CRM Administration Guide for information about the following CRM administration commands:
addumap
Adds a local-to-remote mapping for a local/remote domain pair.
Synopsis
addumap -d <local domain ID> -R <remote domain ID>
-p <local principal name> -u <remote username>
Description
addumap can only be executed as a subcommand of dmadmin(1). The purpose of this page is to describe options for the subcommand and to show examples.
The subcommand allows the administrator to add local-to-remote user mappings for a local/remote domain pair.
Mappings are defined to be inbound, outbound or both when the application is using SNA-type gateways and SECURITY is set to USER_AUTH, ACL, or MANDATORY ACL in the ubbconfig file and SECURITY is set to DM_PW or USER_PW in the DMCONFIG file.
The following options are available:
Before running this subcommand the application must be configured using either the Graphical Administrative Interface or tmloadcf(1) and dmloadcf(1). dmadmin addumap may be run on any active node.
Portability
This subcommand is available on the latest version of Tuxedo, as documented for this release of BEA eLink Adapter for Mainframe.
Diagnostics
The dmadmin addumap subcommand exits with a return code of 0 upon successful completion.
Example
addumap -d ldom -R cdom -p tuxusr -u CICSUSR
/*maps principal tuxusr with
remote user cicsusr */
See Also
dmadmin(1), delumap(5)
addusr
Adds a user to the remote domain user and password file.
Synopsis
addusr -d <local domain ID> -R <remote domain ID> -u <remote username>
[-w ]
Description
addusr can only be executed as a subcommand of dmadmin(1). The purpose of this page is to describe options for the subcommand and to show an example.
The subcommand allows the administrator to add remote user names and passwords to the remote domain remote user and password table. If -w is not specified, the user is prompted for a password.
The table entries created are used for passing remote user names and passwords to remote SNA domains when the application is using SNA-type gateways and SECURITY is set to USER_AUTH, ACL, or MANDATORY ACL in the ubbconfig file and SECURITY is set to DM_PW or USER_PW in the DMCONFIG file.
The following options are available:
Before running this subcommand the application must be configured using either the Graphical Administrative Interface or tmloadcf(1) and dmloadcf(1). dmadmin addusr may be run on any active node.
Portability
This subcommand is available on the latest version of Tuxedo, as documented for this release of BEA eLink Adapter for Mainframe.
Diagnostics
The dmadmin addusr subcommand exits with a return code of 0 upon successful completion.
Examples
addusr -d tux -R cics -u CICSUSR /*adds remote user CICSUSR to
cics domain's user and
password file. The
administrator is prompted for
a password*/
See Also
delusr(5), modusr(5)
delumap
Deletes a local-to-remote mapping for a local/remote domain pair.
Synopsis
delumap -d <local domain ID> -R <remote domain ID>
-p <local principal name> -u <remote username>
Description
delumap can only be executed as a subcommand of dmadmin(1). The purpose of this page is to describe options for the subcommand and to show examples.
The subcommand allows the administrator to delete local-to-remote user mappings for a local/remote domain pair.
Mappings are defined to be inbound, outbound or both when the application is using SNA-type gateways and SECURITY is set to USER_AUTH, ACL, or MANDATORY ACL in the ubbconfig file and SECURITY is set to DM_PW or USER_PW in the DMCONFIG file.
The following options are available:
Before running this subcommand the application must be configured using either the Graphical Administrative Interface or tmloadcf(1) and dmloadcf(1). dmadmin delumap may be run on any active node.
Portability
This subcommand is available on the latest version of Tuxedo, as documented for this release of BEA eLink Adapter for Mainframe.
Diagnostics
The dmadmin delumap subcommand exits with a return code of 0 upon successful completion.
Example
delumap -d ldom -R cics -p tuxusr -u CICSUSR
/*deletes the mapping of principal
tuxusr with remote user cicsusr */
See Also
dmadmin(1), addumap(5)
delusr
Deletes a user from the remote domain user and password file.
Synopsis
delusr -d <local domain> -R <remote domain> -u <remote username>
Description
delusr can only be executed as a subcommand of dmadmin(1). The purpose of this page is to describe options for the subcommand and to show an example.
The subcommand allows the administrator to remove remote user names and passwords from the remote domain remote user and password table.
Once the entries are deleted they can no longer be used for mapping remote user names and passwords to local user names and passwords when the application is using SNA-type gateways and SECURITY is set to USER_AUTH, ACL, or MANDATORY ACL in the ubbconfig file and SECURITY is set to DM_USER_PW in the DMCONFIG file.
The following options are available:
Before running this subcommand the application must be configured using either the Graphical Administrative Interface or tmloadcf(1) and dmloadcf(1). dmadmin delusr may be run on any active node.
Portability
This subcommand is available on the latest version of Tuxedo, as documented for this release of BEA eLink Adapter for Mainframe.
Diagnostics
The dmadmin delusr subcommand exits with a return code of 0 upon successful completion.
Examples
delusr -d tux -R cics -u CICSUSR /*deletes remote user CICSUSR to
cics domain users. The
administrator is prompted for a
password*/
See Also
addusr(5), modusr(5)
DMADM
/Domain administrative server.
Synopsis
DMADM SRVGRP = "identifier"
SRVID = "number"
REPLYQ = "N"
Description
The /DOMAIN administrative server (DMADM) is a Tuxedo-supplied server that provides run-time access to the binary domain configuration file (BDMCONFIG file). When DMADM is booted, the BDMCONFIG environment variable should be set to the pathname of the file containing the binary version of the DMCONFIG file.
DMADM is described in the SERVERS section of the UBBCONFIG file as a server running within a group, e.g., DMADMGRP. There should be only one instance of the DMADM running in this group and it must not have a reply queue (REPLYQ must be set to "N").
The following server parameters can also be specified for the DMADM server in the SERVERS section: SEQUENCE, ENVFILE, MAXGEN, GRACE, RESTART, RQPERM and SYSTEM_ACCESS.
Portability
DMADM is supported as a Tuxedo-supplied server on UNIX System and Windows NT operating systems.
Examples
The following example illustrates the definition of the administrative server and a gateway group in the UBBCONFIG file.
#
*GROUPS
DMADMGRP LMID=mach1 GRPNO=1
gwgrp LMID=mach1 GRPNO=2
#
*SERVERS
DMADM SRVGRP="DMADMGRP" SRVID=1001 REPLYQ=N RESTART=Y GRACE=0
GWADM SRVGRP="gwgrp" SRVID=1002 REPLYQ=N RESTART=Y GRACE=0
GWSNAX SRVGRP="gwgrp" SRVID=1003 RQADDR="gwgrp" REPLYQ=N
RESTART=N MIN=1 MAX=1
See Also
dmadmin(1), tmboot(1), dmconfig(5), GWADM(5), servopts(5), ubbconfig(5)
Tuxedo /Domain User Guide
Tuxedo Administrator's Guide
dmadmin
Tuxedo System/T Domain Administration Command Interpreter.
Synopsis
dmadmin [-c]
Description
The dmadmin interactive command interpreter is used for the administration of domain gateway groups defined for a particular Tuxedo System/T application. The interpreter can operate in two modes: administration mode and configuration mode.
The dmadmin command interpreter enters administration mode when called with no parameters. This is the default. In this mode, dmadmin can be run on any active node (excluding workstations) within an active application. Application administrators can use this mode to obtain or change parameters on any active domain gateway group. Application administrators may also use this mode to create, destroy, or re-initialize the DMTLOG for a particular local domain. In this case, the domain gateway group associated with that local domain must not be active, and dmadmin must be run on the machine assigned to the corresponding gateway group.
The dmadmin command interpreter enters configuration mode when it is invoked with the -c option or when the config subcommand is invoked. Application administrators can use this mode to update or add new configuration information to the binary version of the domain configuration file (BDMCONFIG).
The dmadmin command interpreter requires the use of the DOMAIN administrative server (DMADM) for the administration of the BDMCONFIG file and the gateway administrative server (GWADM) for the re-configuration of active DOMAIN gateway groups (there is one GWADM per gateway group).
Administration Mode Commands
Once dmadmin has been invoked, commands may be entered at the prompt (">") according to the following syntax:
command [arguments]
Several commonly occurring arguments can be given default values using the default command. Commands that accept parameters set using the default command. Check default to see if a value has been set. If no value is set, an error message is returned.
Once set, a default value remains in effect until the session is ended, unless changed by another default command. Defaults may be overridden by entering an explicit value on the command line, or reset by entering the value "*". The effect of an override lasts for a single instance of the command.
Output from dmadmin commands is paginated according to the pagination command in use (see the paginate subcommand below).
Commands may be entered either by their full name or their abbreviation (shown in parentheses) followed by any appropriate arguments. Arguments appearing in square brackets, [ ], are optional; those in curly braces, {}, indicate a selection from mutually exclusive options. Note that for many commands local_domain_name is a required argument, but commands can be set with the default command.
The following commands are available in administration mode:
Configuration Mode Commands
The dmadmin command enters configuration mode when executed with the -c option or when the config subcommand is used. In this mode, dmadmin allows run-time updates to the BDMCONFIG file. dmadmin manages a buffer that contains input field values to be added or retrieved, and displays output field values and status after each operation completes. The user can update the input buffer using any available text editor.
The dmadmin command first prompts for the desired section followed by a prompt for the desired operation.
The prompt for the section is as follows:
Sections:
1) LOCAL_DOMAINS 2) REMOTE_DOMAINS
3) LOCAL_SERVICES 4) REMOTE_SERVICES
5) ROUTING 6) ACCESS_CONTROL
7) PASSWORDS 8) TDOMAIN
9) OSITP 10) SNA
11) QUIT
Enter Section [1]:
The number of the default section appears in square brackets at the end of the prompt. You can accept the default by pressing RETURN or ENTER. To select another section enter its number, then press RETURN or ENTER.
dmadmin then prompts for the desired operation.
Operations:
1) FIRST 2) NEXT
3) RETRIEVE 4) ADD
5) UPDATE 6) DELETE
7) NEW_SECTION 8) QUIT
Enter Operation [1]:
The number of the default operation is printed in square brackets at the end of the prompt. Pressing RETURN or ENTER selects this option. To select another operation enter its number, then press RETURN or ENTER.
The currently supported operations are:
For configuration operations, the effective user identifier must match the System/T administrator user identifier (UID) for the machine on which this program is executed. When a record is updated or added, all default values and validations used by dmloadcf(1) are enforced.
dmadmin then prompts whether or not to edit the input buffer.
Enter editor to add/modify fields [n]?
Entering a value of y will put the input buffer into a temporary file and execute the text editor. The environment variable EDITOR is used to determine which editor to be used; the default is "ed". The input format is in field name/field value pairs and is described in the CONFIGURATION INPUT FORMAT section below. The field names associated with each DMCONFIG section are listed in tables in the subsections below. The semantics of the fields and associated ranges, default values, restrictions, etc., are described in dmconfig(5). In most cases, the field name is the same as the KEYWORD in the DMCONFIG file, prefixed with "TA_". When the user completes editing the input buffer, dmadmin reads it. If more than one line occurs for a particular field name, the first occurrence is used and other occurrences are ignored. If any errors occur, a syntax error will be printed and dmadmin prompts whether or not to correct the problem.
Enter editor to correct?
If the problem is not corrected (response n), then the input buffer will contain no fields. Otherwise, the editor is executed again.
Finally, dmadmin asks if the operation should be done.
Perform operation [y]?
When the operation completes, dmadmin prints the return value as in
Return value TAOK
followed by the output buffer fields. The process then begins again with a prompt for the section. All output buffer fields are available in the input buffer unless the buffer is cleared.
Entering break at any time restarts the interaction at the prompt for the section.
When "QUIT" is selected, dmadmin prompts for authorization to create a backup ASCII version of the configuration:
Unload BDMCONFIG file into ASCII backup [y]?
If a backup is selected, dmadmin prompts for the file name.
Backup filename [DMCONFIG]?
On success, dmadmin indicates that a backup was created, otherwise an error is printed.
Configuration Input Format
Input packets consist of lines formatted as follows:
-fldname-<tabs>-fldval
The field name is separated from the field value by one or more tabs (or spaces).
Lengthy field values can be continued on the next line by having the continuation line begin with one or more tabs (which are dropped when read back into dmadmin).
Empty lines consisting of a single newline character are ignored.
To enter an unprintable character in the field value or to start a field value with a tab, use a backslash followed by the two-character hexadecimal representation of the desired character (see ASCII(5) in a UNIX reference manual). A space, for example, can be entered in the input data as \20. A backslash can be entered using two backslash characters. dmadmin recognizes all input in this format, but its greatest usefulness is for non-printing characters.
Configuration Limitations
The following are general limitations of the dynamic domain re-configuration capability:
Restrictions for Configuration Field Identifiers/Updates
The following sections describe the following information for each DMCONFIG section:
All applicable field values are returned with the retrieval operations. Fields that are allowed and/or required for adding a record are described in dmconfig(5). Fields indicated below as key are key fields that are used to uniquely identify a record within section. These key fields are required to be in the input buffer when updates are done and are not allowed to be updated dynamically. The Update column indicates when a field can be updated. The possible values are:
Configuring the DM_LOCAL_DOMAINS Section
The following table lists the fields in the DM_LOCAL_DOMAINS section.
Configuring the DM_REMOTE_DOMAINS Section
The following table lists the fields in the DM_REMOTE_DOMAINS section.
Configuring the DM_TDOMAIN Section
The DM_TDOMAIN section contains the network addressing parameters required by TDOMAIN type domains. The following lists the fields in this section:
Field Identifier |
Field Type |
Update |
Notes |
---|---|---|---|
TA_LDOM or TA_RDOM |
string |
No/NoGW |
key |
TA_NWADDR |
string |
No/NoGW |
ASCII format (no embedded NULL characters) |
If the domain identifier (TA_LDOM) is a local domain identifier, then the TA_NWADDR field can be updated if the gateway group representing that local domain is not running.
Configuring the DM_OSITP Section
The DM_OSITP section contains the network addressing parameters required by OSITP type domains. The following lists the fields in this section:
If the domain identifier (TA_LDOM) is a local domain identifier, then the other fields in this table can be updated if the gateway group representing that local domain is not running.
Configuring the DM_LOCAL_SERVICES Section
The following table lists the fields in the DM_LOCAL_SERVICES section.
Configuring the DM_REMOTE_SERVICES Section
The following table lists the fields in the DM_REMOTE_SERVICES section.
Configuring the DM_ROUTING Section
The following table lists the fields in the DM_ROUTING section.
Field Identifier |
Field Type |
Update |
Notes |
---|---|---|---|
TA_ROUTINGNAME |
string |
No |
key |
TA_FIELD |
string |
Yes |
|
TA_RANGE |
string |
Yes |
|
TA_BUFTYPE |
string |
Yes |
|
Configuring the DM_ACCESS_CONTROL Section
The following table lists the fields in the DM_ACCESS_CONTROL section.
Field Identifier |
Field Type |
Update |
Notes |
---|---|---|---|
TA_ACLNAME |
string |
No |
key |
TA_RDOM |
string |
Yes |
|
Configuring the DM_PASSWORDS Section
The following table lists the fields in the DM_PASSWORDS section.
Field Identifier |
Field Type |
Update |
Notes |
---|---|---|---|
TA_LDOM |
string |
No |
key |
TA_RDOM |
string |
No |
key |
TA_LPWD |
string |
Yes |
format: { Y | N | U } |
TA_RPWD |
string |
Yes |
format: { Y | N | U } |
The TA_LPWD and TA_RPWD show the existence of a defined password for the local and/or the remote domain. Passwords are not displayed. If an UPDATE operation is selected, the value of the corresponding field must be set to U. The program will then prompt with echo turned off for the corresponding passwords.
Diagnostics in Configuration Mode
dmadmin fails if it cannot allocate an FML typed buffer, if it cannot determine the /etc/passwd entry for the user, or if it cannot reset the environment variables FIELDTBLS or FLDTBLDIR.
The return value printed by dmadmin after each operation completes indicates the status of the requested operation. There are three classes of return values.
The following return values indicate a problem with permissions or a Tuxedo System/T communications error. They indicate that the operation did not complete successfully.
The following return values indicate a problem in doing the operation itself and generally are semantic problems with the application data in the input buffer. The string field TA_STATUS will be set in the output buffer and will contain short text describing the problem. The string field TA_BADFLDNAME will be set to the field name for the field containing the value that caused the problem (assuming the error can be attributed to a single field).
The following return values indicate that the operation was successful.
When using dmunloadcf to print entries in the configuration, optional field values are not printed if they are not set (for strings) or 0 (for integers). These fields will always appear in the output buffer when using dmadmin. In this way, it makes it easier for the administrator to retrieve an entry and update a field that previously was not set. The entry will have the field name followed by a tab but no field value.
Configuration Example
In the following example, dmadmin is used to add a new remote domain. For illustration purposes, ed is used for the editor.
$ EDITOR=ed dmadmin
> config
Sections:
1) LOCAL_DOMAINS 2) REMOTE_DOMAINS
3) LOCAL_SERVICES 4) REMOTE_SERVICES
5) ROUTING 6) ACCESS_CONTROL
7) PASSWORDS 8) TDOMAIN
9) OSITP 10) SNA
11) QUIT
Enter Section [1]: 2
Operations:
1) FIRST 2) NEXT
3) RETRIEVE 4) ADD
5) UPDATE 6) DELETE
7) NEW_SECTION 8) QUIT
Enter Operation [1]: 4
Enter editor to add/modify fields [n]? y
a
TA_RDOM B05
TA_DOMAINID BA.BANK05
TA_TYPE TDOMAIN
w
53
q
Perform operation [y]? <return>
Return value TAUPDATED
Buffer contents:
TA_OPERATION 4
TA_SECTION 2
TA_DOMAINID BA.BANK05
TA_RDOM B05
TA_TYPE TDOMAIN
TA_STATUS Update completed successfully
Operations:
1) FIRST 2) NEXT
3) RETRIEVE 4) ADD
5) UPDATE 6) DELETE
7) NEW_SECTION 8) QUIT
Enter Operation [4]: 7
Sections:
1) LOCAL_DOMAINS 2) REMOTE_DOMAINS
3) LOCAL_SERVICES 4) REMOTE_SERVICES
5) ROUTING 6) ACCESS_CONTROL
7) PASSWORDS 8) TDOMAIN
9) OSITP 10) QUIT
Enter Section [1]: 8
Operations:
1) FIRST 2) NEXT
3) RETRIEVE 4) ADD
5) UPDATE 6) DELETE
7) NEW_SECTION 8) QUIT
Enter Operation [6]: 4
Enter editor to add/modify fields [n]? y
a
TA_RDOM B05
TA_NWADDR 0x00020401c0066d05
w
55
q
Perform operation [y]? <return>
Return value TAUPDATED
Buffer contents:
TA_OPERATION 4
TA_SECTION 8
TA_RDOM B05
TA_NWADDR 0x00020401c0066d05
TA_STATUS Update completed successfully
Operations:
1) FIRST 2) NEXT
3) RETRIEVE 4) ADD
5) UPDATE 6) DELETE
7) NEW_SECTION 8) QUIT
Enter Operation [4]: 8
> quit
The dmadmin program ends.
Security
If dmadmin is run with the application administrator's UID, it assumes a trusted user and Security is bypassed. If dmadmin is run with another user ID, and if the security option is enabled in the TUXCONFIG file, then the corresponding application password is required to start the dmadmin program. If standard input is a terminal, then dmadmin will prompt the user for the password with echo turned off. If standard input is not a terminal, the password is retrieved from the environment variable, APP_PW. If this environment variable is not specified and an application password is required, then dmadmin will fail to start.
When running with another user ID (other than the UID of the administrator) only a limited set of commands is available.
Environment Variables
The dmadmin command resets the FIELDTBLS and FLDTBLDIR environment variables to pick up the ${TUXDIR}/udataobj/dmadmin field table. Hence, the TUXDIR environment variable should be set correctly.
If the application requires security and the standard input to dmadmin is not from a terminal, then the APP_PW environment variable must be set to the corresponding application password.
The TUXCONFIG environment variable should be set to the pathname of the Tuxedo System/T configuration file.
General Diagnostics
If the dmadmin command is entered before the system has been booted, the following message is displayed:
No bulletin board exists. Only logging commands are available.
dmadmin then prompts for the corresponding commands.
If an incorrect application password is entered or is not available to a shell script through the environment, then a log message is generated, the following message is displayed, and the command terminates:
Invalid password entered.
Interoperability
dmadmin for /SNA must be installed on Tuxedo System/T R6.5. Other nodes in the same domain with an R6.5 gateway may be Tuxedo System/T R4.2.2 or later.
Portability
This command interpreter is supported as a Tuxedo System/T-supplied administrative tool on UNIX and Windows NT operating systems.
See Also
dmloadcf(1), tmadmin(1), dmconfig(5), DMADM(5), addusr(5), delusr(5)
Tuxedo /Domain User Guide
dmconfig
Tuxedo System/T ASCII domain configuration file.
Description
dmconfig is the ASCII version of a Tuxedo System/Domain domain configuration file; it is also referred to by its environmental variable name: DMCONFIG. The dmconfig file is parsed and loaded into a binary version by the dmloadcf utility. The binary configuration file, called the BDMCONFIG file, contains information used by domain gateways to initialize the context required for communications with other domains. dmadmin uses the binary file (or a copy of it) in its monitoring activity. There will be one BDMCONFIG file for each Tuxedo System/Domain application that uses the /Domain feature.
A DMCONFIG file, and its binary BDMCONFIG counterpart, are analogous to the UBBCONFIG and TUXCONFIG files of a non-/Domain System/T application. The DMCONFIG file extends the definition of a non-/Domain System/T application so that the application becomes a domain.
Definitions
A Tuxedo System/Domain Application is defined as the environment described in a single TUXCONFIG file. A System/T Application can communicate with another System/T Application or with another TP Application via a domain gateway group. In "Tuxedo System/Domain" terms, an Application is the same as a TP Domain.
A Gateway Group is a collection of domain gateway processes that provide communication services with a specific type of TP Domain.
A Domain Gateway is a Tuxedo System/Domain process that relays requests and replies to another TP Domain.
A Local Domain characterizes a part of the application (set or subset of services) that is made available to other domains. A Local Domain is always represented by a Domain Gateway Group, and both terms are used as synonyms.
A Remote Domain is a remote application that is accessed through a Gateway Group. The remote application may be another Tuxedo System/Domain application or an application running under another TP system.
A Remote Service is a service provided by a remote domain that is made available to the local application through a Gateway Group.
A Local Service is a service of a local domain that is made available to remote domains through a Gateway Group.
Configuration File Format
The format of a domain configuration file is as follows:
Lines beginning with the reserved word, DEFAULT:, contain parameter specifications that apply to any lines that follow them in the section in which they appear. Default specifications can be used in all sections. They can appear more than once in the same section. The format for these lines is:
DEFAULT: [ KEYWORD1 = value1 [ KEYWORD2 = value2 [...]]]
The values set on this line remain in effect until reset by another DEFAULT: line, or until the end of the section is reached. These values can also be overridden on non-DEFAULT: lines by placing the optional parameter setting on the line. If on a non-DEFAULT: line, the parameter setting is valid for that line only; lines that follow revert to the default setting. If DEFAULT: appears on a line by itself, all previously set defaults are cleared and their values revert to the system defaults.
If a value is numeric, standard C notation is used to denote the base (that is, 0x prefix for base 16 (hexadecimal), 0 prefix for base 8 (octal), and no prefix for base 10 (decimal)). The range of values acceptable for a numeric parameter are given under the description of that parameter.
If a value is an identifier, standard C rules are used. An identifier must start with an alphabetic character or underscore and contain only alphanumeric characters or underscores. The maximum allowable length of an identifier is 30 (not including the terminating null). An identifier cannot be the same as any KEYWORD.
A value that is neither an integer number or an identifier must be enclosed in double quotes. Certain special characters can be escaped inside a string using a backslash. "\\'' translates to a single backslash. ``\"\"'' translates to a double quote. "\n" translates to a newline. "\t" translates to a tab. "\f" translates to a form feed. "\x" (where 'x' is any character other than one of the previously mentioned special characters) translates to 'x'.
The DM_LOCAL_
DOMAINS Section
This section identifies local domains and their associated gateway groups. The section must have an entry for each gateway group (Local Domain). Each entry specifies the parameters required for the domain gateway processes running in that group.
Entries have the form:
LDOM required parameters [optional parameters]
where LDOM is an identifier value used to name each local domain. LDOM must be unique within a particular configuration. As you will see in the description of the DM_LOCAL_SERVICES section, LDOM is the identifier that connects local services with a particular gateway group.
The following are the required parameters:
Optional parameters describe resources and limits used in the operation of domain gateways:
The combined settings of the SECURITY parameters in the UBBCONFIG and the DMCONFIG files have the following effects:
If security is to be enforced by both the local domain and the host system for each request outbound from the local domain, the following settings must be made:
If security is to be enforced by both the local domain and the host system for each request inbound from the host system to the local domain, the following settings must be made:
For a request sent to the host system, the local principal userid is located in the domain security table and the associated remote userid, or userid and password, are put into the conversation start-up request before being sent over the LU6.2 conversation. (This occurs if SECURITY is set to IDENTIFY or VERIFY in the DM_SNALINKS section of the DMCONFIG file.)
For requests sent from the host system, the local domain extracts the remote userid, or userid and password, from the conversation start-up request and checks the domain security table. That table contains pairs of local principal user IDs and remote user IDs, maintained on a service-by-service basis. The remote user ID is mapped to the local principal userid. The local principal userid and password are used for further Access Control List (ACL) checking, as specified in the UBBCONFIG file.
When a request is received from the host system, the local domain checks the DMCONFIG file ACL for the local service to see if requests from the remote domain are permitted. If the DMCONFIG file does not contain an ACL for the local service, the service is accessible to all requests.
Therefore, if the ATTACHSEC level for the connection definition in the host system is Identify or Verify, the DMCONFIG SECURITY parameter must be set to DM_USER_PW so that a userid and a password are sent on the conversation start-up requests.
The DM_REMOTE_DOMAINS Section
This section identifies the known set of remote domains and their characteristics.
Entries have the form:
RDOM required parameters [optional parameters]
where RDOM is an identifier value used to identify each remote domain known to this configuration. RDOM must be unique within the configuration.
The following parameters are required:
The following parameter is optional:
The DM_TDOMAIN Section
This section defines the addressing information required by domains of type TDOMAIN. This section should have an entry per local domain if requests from remote domains to local services are accepted on that local domain (gateway group), and an entry per remote domain accessible by the defined local domains.
Entries have the form:
DOM required parameters [optional parameters]
where DOM is an identifier value used to identify either a local domain (LDOM) or a remote domain (RDOM) in the DM_LOCAL_DOMAINS section or in the DM_REMOTE_DOMAINS section. The DOM identifier must match a previously defined LDOM in the DM_LOCAL_DOMAINS sections or RDOM in the DM_REMOTE_DOMAINS section.
The following parameter is required:
The following parameter is optional:
Notice that multiple entries for a particular domain may be defined in this table. Multiple addresses specified for a remote domain mean that the first address (the first entry in the table for the remote domain) should be used to establish the connection and the other addresses should be used as back-up addresses in case of failure of the connection setup to the first address. Multiple addresses specified for a local domain mean that multiple listening ports are available on the same or different types of networks.
The DM_OSITP Section
This section defines the addressing information required by domains of type OSITP. This section should have one entry per gateway group (local domain), and one entry per remote domain of type OSITP.
Entries have the form:
DOM required parameters [optional parameters]
where DOM is an identifier value used to identify a local domain (LDOM) or a remote domain (RDOM) in the DM_LOCAL_DOMAINS section or in the DM_REMOTE_DOMAINS section. The DOM identifier must match a previously defined LDOM in the DM_LOCAL_DOMAINS sections or RDOM in the DM_REMOTE_DOMAINS section.
The following are required parameters:
The following are optional parameters:
The DM_SNACRM Section
The DM_SNACRM section provides three (3) keywords used to identify the Communications Resource Manager that will provide ATMI transaction semantics between a given domain and it's partners. Entries have the general form:
<CommunicationsResourceManagerName> parameters
Where <CommunicationsResourceManagerName> is the locally known name of this SNACRM definition to be used when referencing this SNACRM in subsequent sections. This name is an ASCII string 1 to 30 characters in length. The parameters are the keyword/value pairs that makeup the definition. All keywords are required for a valid SNACRM definition. Keywords can be in any order.
The DM_SNASTACKS Section
The DM_SNASTACKS section provides five (5) keywords which identify the third party SNA stack that should be used for connections established between a given domain and it's partners. Entries have the general form:
<StackReference> parameters
Where <StackReference> is the locally known name of this stack definition to be used when referencing this stack in subsequent sections. This name is an ASCII string 1 to 30 characters in length. The parameters are the keyword/value pairs that makeup the definition. All keywords are required for a valid stack definition. Keywords can be in any order.
The DM_SNALINKS Section
This section defines the SNA Link information required by domains of type SNA. Entries have the form:
Where LINK is an identifier value used to identify a connection between a local domain (LDOM) and a remote domain (RDOM). The RDOM identifier must match a previously defined RDOM in the DM_REMOTE_DOMAINS section.
The following parameters are available:
Caution: If you set MAXSYNCLVL=2 or make no entry for this parameter (that is, accept the default) without having installed the eLink Adapter for Mainframe software licensed for that level, the system configuration automatically reverts to Sync-level 1 and an error message is sent to the error log. To clear that error message, you must either reset the MAXSYNCLVL parameter to an appropriate value or purchase and install the correct software.
The DM_ACCESS_
CONTROL Section
This section specifies the access control lists used by local domain. Lines in this section are of the form:
ACL_NAME required parameters
where ACL_NAME is a (identifier) name used to identify a particular access control list; it must be 15 characters or less in length.
Required parameters are:
The DM_LOCAL_
SERVICES Section
This section provides information on the services exported by each local domain. This section is optional and if it is not specified then all local domains defined in the DM_LOCAL_DOMAINS section accept requests to all of the services advertised by the Tuxedo System/Domain application. If this section is defined then it should be used to restrict the set of local services that can be requested from a remote domain.
Lines within this section have the form:
service [optional parameters]
where service is the (identifier) local name of the exported service, and it must be 1-15 characters in length. This name corresponds to a name advertised by one or more servers running with the local Tuxedo System/Domain application. Notice that exported services inherit the default or special properties specified for the service in an entry in the SERVICES section of the TUXCONFIG file. Some of these parameters are: LOAD, PRIO, AUTOTRAN, ROUTING, BUFTYPE, and TRANTIME.
Optional parameters are:
The DM_REMOTE_SERVICES Section
This section provides information on services "imported" and available on remote domains. Lines within this DM_REMOTE_SERVICES section have the form:
service [optional parameters]
where service is the (identifier) name used by the local Tuxedo System/Domain application for a particular remote service. Remote services are associated with a particular remote domain.
Optional Parameters are:
The DM_ROUTING Section
This section provides information for data dependent routing of /T Domain service requests using FML, VIEW, X_C_TYPE, and X_COMMON typed buffers. Lines within the DM_ROUTING section have the form:
CRITERION_NAME required parameters
where CRITERION_NAME is the (identifier) name of the routing entry that was specified on the services entry. CRITERION_NAME must be 15 characters or less in length.
Required parameters are:
If the field value is not set (for FML buffers), or does not match any specific range and a wild-card range has not been specified, an error is returned to the application process that requested the execution of the remote service.
Files
The BDMCONFIG environment variable is used to find the BDMCONFIG configuration file.
Example 1
The following configuration file defines a 5-site domain configuration. The example shows 4 Bank Branch domains communicating with a Central Bank Branch. Three of the Bank Branches run within other Tuxedo System/Domain domains. The fourth Branch runs under the control of another TP Domain and OSI-TP is used in the communication with that domain.
# Tuxedo DOMAIN CONFIGURATION FILE FOR THE CENTRAL BANK
#
#
*DM_LOCAL_DOMAINS
# <local domain name> <Gateway Group name> <domain type> <domain id> <log device>
# [<audit log>] [<blocktime>]
# [<log name>] [<log offset>] [<log size>]
# [<maxrdom>] [<maxrdtran>] [<maxtran>]
# [<maxdatalen>] [<security>]
# [<tuxconfig>] [<tuxoffset>]
#
#
DEFAULT: SECURITY = NONE
c01 GWGRP = bankg1
TYPE = TDOMAIN
DOMAINID = "BA.CENTRAL01"
DMTLOGDEV = "/usr/apps/bank/DMTLOG"
DMTLOGNAME = "DMTLG_C01"
c02 GWGRP = bankg2
TYPE = OSITP
DOMAINID = "BA.CENTRAL01"
DMTLOGDEV = "/usr/apps/bank/DMTLOG"
DMTLOGNAME = "DMTLG_C02"
URCH = "ABCD"
#
*DM_REMOTE_DOMAINS
#<remote domain name> <domain type> <domain id>
#
b01 TYPE = TDOMAIN
DOMAINID = "BA.BANK01"
b02 TYPE = TDOMAIN
DOMAINID = "BA.BANK02"
b03 TYPE = TDOMAIN
DOMAINID = "BA.BANK03"
b04 TYPE = OSITP
DOMAINID = "BA.BANK04"
URCH = "ABCD"
*DM_TDOMAIN
#
# <local or remote domain name> <network address>
#
# Local network addresses
c01 NWADDR = "0x0002ff98c00b9d6d"
c01 NWADDR = "newyork01.65432"
# Remote network addresses
b01 NWADDR = "0x00020401c00b6d05"
b02 NWADDR = "dallas.65432"
b03 NWADDR = "0x00021094c00b6d9c"
*DM_OSITP
#
#<local or remote domain name> <apt> <aeq>
# [<aet>] [<acn>] [<apid>] [<aeid>]
# [<profile>]
#
c02 APT = "BA.CENTRAL01"
AEQ = "Tuxedo.R.4.2.1"
AET = "{1.3.15.0.3},{1}"
ACN = "XATMI"
b04 APT = "BA.BANK04"
AEQ = "Tuxedo.R.4.2.1"
AET = "{1.3.15.0.4},{1}"
ACN = "XATMI"
*DM_LOCAL_SERVICES
#<service_name> [<Local Domain name>] [<access control>] [<exported svcname>]
# [<inbuftype>] [<outbuftype>]
#
open_act ACL = branch
close_act ACL = branch
credit
debit
balance
loan LDOM = c02 ACL = loans
*DM_REMOTE_SERVICES
#<service_name> [<Remote domain name>] [<local domain name>]
# [<remote svcname>] [<routing>] [<conv>] [<trantime>]
# [<inbuftype>] [<outbuftype>]
#
tlr_add LDOM = c01 ROUTING = ACCOUNT
tlr_bal LDOM = c01 ROUTING = ACCOUNT
tlr_add RDOM = b04 LDOM = c02 RNAME ="TPSU002"
tlr_bal RDOM = b04 LDOM = c02 RNAME ="TPSU003"
*DM_ROUTING
# <routing criteria> <field> <typed buffer> <ranges>
#
ACCOUNT FIELD = branchid BUFTYPE ="VIEW:account"
RANGES ="MIN - 1000:b01, 1001-3000:b02, *:b03"
*DM_ACCESS_CONTROL
#<acl name> <Remote domain list>
#
branch ACLIST = b01, b02, b03
loans ACLIST = b04
Example 2
This example shows the Tuxedo System/Domain Configuration file required at one of the Bank Branches (BANK01).
#
#Tuxedo DOMAIN CONFIGURATION FILE FOR A BANK BRANCH
#
#
*DM_LOCAL_DOMAINS
#
b01 GWGRP = auth
TYPE = TDOMAIN
DOMAINID = "BA.BANK01"
DMTLOGDEV = "/usr/apps/bank/DMTLOG"
*DM_REMOTE_DOMAINS
#
c01 TYPE = TDOMAIN
DOMAINID = "BA.CENTRAL01"
*DM_TDOMAIN
#
b01 NWADDR = "0x00021094c00b689c"
c01 NWADDR = "0x0002ff98c00b9d6d"
*DM_LOCAL_SERVICES
#
tlr_add ACL = central
tlr_bal ACL = central
*DM_REMOTE_SERVICES
#
OPA001 RNAME = "open_act"
CLA001 RNAME = "close_act"
CRD001 RNAME = "credit"
DBT001 RNAME = "debit"
BAL001 RNAME = "balance"
DM_ACCESS_CONTROL
#
central ACLIST = c01
Example 3
This example shows the configuration file entries for an eLink Adapter for Mainframe application:
#================================================================
# DMCONFIG
# Application Domain Gateway Test Configuration
#
# See also
# See $(TOP)/Makefile for more information.
#
# @(#)SNA Devel apps/simpsna DMCONFIG 1.6 98/03/03 15:35:29
# Copyright 1997, BEA Systems, Inc., all rights reserved.
#----------------------------------------------------------------
*DM_LOCAL_DOMAINS
simpsnad
GWGRP=GROUP2
TYPE=SNAX
DOMAINID="simpsnad"
BLOB_SHM_SIZE=1000000
DMTLOGDEV=<your Tuxedo filesystem device and name for
DMTLOG>
#example DMTLOGDEV="/home/me/bin/DMTLOG"
*DM_REMOTE_DOMAINS
SIMPSNAG TYPE=SNAX DOMAINID="SIMPSNAG"
*DM_SNACRM
simpcrm SNACRMADDR="<your Host Socket Listen Address>"
LDOM="simpsnad"
#example SNACRMADDR="0x00021770cfbd2b0d" INET family 0x0002 port 6000 host 207.189.43.13 or SNACRMADDR=//207.189.43.13:6000
*DM_SNASTACKS
simpstk
SNACRM="simpcrm"
STACKTYPE=<SNACRM Stack Library Named Token>
LOCALLU=<Local LU definition specified in
stack product>
LTPNAME="*"
STACKPARMS=<Parameters passed to Stack
Product>
#example STACKTYPE="VTM28"
# LOCALLU="BEAAPPL1"
# STACKPARMS="testhp" Name of the host machine
*DM_SNALINKS
simplk1 STACKREF="simpstk"
RDOM="SIMPSNAG"
LSYSID=<Connection ID of remote (CICS)
region>
RSYSID=<SYSID of remote (CICS) region>
RLUNAME=<Alias of Applid for remote region>
MODENAME=<Mode name VTAM mode entry>
SECURITY="LOCAL"
STARTTYPE="COLD"
MAXSESS=<Total Session number>
MINWIN=<Session Local Winners>
MAXSYNCLVL=<0|1|2 Maximum Syncpoint Level>
#example LSYSID="BEA"
# RSYSID="TEST"
# RLUNAME="CICSTEST"
# MODENAME="SMSNA100"
# MAXSESS=10
# MINWIN=5
# MAXSYNCLVL=2
*DM_LOCAL_SERVICES
MIRROR LDOM="simpsnad"
CONV=N
RNAME="MIRRORSERV"
INBUFTYPE="STRING"
OUTBUFTYPE="STRING"
API="ATMI"
*DM_REMOTE_SERVICES
SIMPDPL AUTOTRAN=N
LDOM="simpsnad"
RDOM=SIMPSNAG
CONV=N
RNAME="TOUPDPLS"
INBUFTYPE="STRING"
OUTBUFTYPE="STRING"
API="ATMI"
FUNCTION="DPL"
SIMPDTP AUTOTRAN=N
LDOM="simpsnad"
RDOM=SIMPSNAG
CONV=N
RNAME="DTPS"
INBUFTYPE="STRING"
OUTBUFTYPE="STRING"
API="ATMI"
FUNCTION="APPC"
See Also
build_dgw(1), dmadmin(1), tmboot(1), tmshutdown(1), dmloadcf(1), dmunloadcf(1)
dmgwopts(5), GWADM(5), DMADM(5)
Tuxedo /Domain User Guide
Tuxedo Administrator's Guide
Tuxedo Programmer's Guide
dmloadcf
Parse a DMCONFIG file and load binary BDMCONFIG configuration file.
Synopsis
dmloadcf [-c] [-n] [-y] [-b blocks] {dmconfig_file | - }
Description
dmloadcf reads a file or the standard input that is in DMCONFIG syntax, checks the syntax, and optionally loads a binary BDMCONFIG configuration file. The BDMCONFIG environment variable points to the path name of the BDMCONFIG file where the information should be stored.
dmloadcf prints an error message if it finds any required section of the DMCONFIG file missing. If a syntax error is found while parsing the input file, dmloadcf exits without performing any updates to the BDMCONFIG file.
dmloadcf requires the existence of the $TUXDIR/udataobj/DMTYPE file. This file defines the valid domain types. If this file does not exist, dmloadcf exits without performing any updates to the BDMCONFIG file.
The effective user identifier of the person running dmloadcf must match the UID in the RESOURCES section of the TUXCONFIG file.
The -c option to dmloadcf causes the program to print minimum IPC resources needed for each local domain (gateway group) in this configuration. The BDMCONFIG file is not updated.
The -n option to dmloadcf causes the program to do only syntax checking of the ASCII DMCONFIG file without actually updating the BDMCONFIG file.
After syntax checking, dmloadcf checks to see if the file pointed to by BDMCONFIG exists, is a valid Tuxedo System file system, and contains BDMCONFIG tables. If these conditions are not true, the user is prompted to create and initialize the file with
Initialize BDMCONFIG file: path [y, q]?
where path is the complete file name of the BDMCONFIG file. Prompting is suppressed if the standard input or output are not terminals, or if the -y option is specified on the command line. Any response other than "y" or "Y" will cause dmloadcf to exit without creating the configuration file.
If the BDMCONFIG file is not properly initialized, and the user has given the go-ahead, dmloadcf creates the Tuxedo file system and then creates the BDMCONFIG tables. If the -b option is specified on the command line, its argument is used as the number of blocks for the device when creating the Tuxedo file system. If the value of the -b option is large enough to hold the new BDMCONFIG tables, dmloadcf will use the specified value to create the new file system; otherwise, dmloadcf will print an error message and exit. If the -b option is not specified, dmloadcf will create a new file system large enough to hold the BDMCONFIG tables. The -b option is ignored if the file system already exists. The -b option is highly recommended if BDMCONFIG is a raw device (that has not been initialized) and should be set to the number of blocks on the raw device. The -b option is not recommended if BDMCONFIG is a regular UNIX file.
If the BDMCONFIG file is determined to already have been initialized, dmloadcf ensures that the local domain described by that BDMCONFIG file is not running. If a local domain is running, dmloadcf prints an error message and exits. Otherwise, dmloadcf, to confirm that the file should be overwritten, prompts the user with:
"Really overwrite BDMCONFIG file [y, q]?"
Prompting is suppressed if the standard input or output are not a terminal or if the -y option is specified on the command line. Any response other than "y" or "Y" will cause dmloadcf to exit without overwriting the file.
If the SECURITY parameter is specified in the RESOURCES section of the TUXCONFIG file, then dmloadcf will flush the standard input, turn off terminal echo and prompt the user for an application password as follows:
Enter Application Password?
The password is truncated to 8 characters. The option to load the ASCII DMCONFIG file via the standard input (rather than a file) cannot be used when this SECURITY parameter is turned on. If the standard input is not a terminal, that is, if the user cannot be prompted for a password (as with a here file, for example), then the environment variable APP_PW is accessed to set the application password. If the environment variable APP_PW is not set with the standard input not a terminal, then dmloadcf will print an error message, generate a log message and fail to load the BDMCONFIG file.
Assuming no errors, and if all checks have passed, dmloadcf loads the DMCONFIG file into the BDMCONFIG file. It will overwrite all existing information found in the BDMCONFIG tables.
Portability
This command is supported as a Tuxedo-supplied administrative tool on UNIX and Windows NT operating systems.
Environment Variables
The environment variable APP_PW must be set for applications that require security (the SECURITY parameter in the TUXCONFIG file is set to APP_PW) and dmloadcf is run with something other than a terminal as the standard input.
The BDMCONFIG environment variable should point to the BDMCONFIG file.
Examples
The following example shows how a binary configuration file is loaded from the bank.dmconfig ASCII file. The BDMCONFIG device is created (or re-initialized) with 2000 blocks:
dmloadcf -b 2000 -y bank.dmconfig
Diagnostics
If an error is detected in the input, the offending line is printed to standard error along with a message indicating the problem. If a syntax error is found in the DMCONFIG file or the system is currently running, no information is updated in the BDMCONFIG file and dmloadcf exits with exit code 1.
If dmloadcf is run on an active node, the following error message is displayed:
*** dmloadcf cannot run on an active node ***
If dmloadcf is run by a person whose effective user identifier doesn't match the UID specified in the TUXCONFIG file, the following error message is displayed:
*** UID is not effective user ID ***
Upon successful completion, dmloadcf exits with exit code 0. If the BDMCONFIG file is updated, a userlog message is generated to record this event.
See Also
dmunloadcf(1), dmconfig(5), ubbconfig(5)
Tuxedo /Domain User Guide
Tuxedo Administrator's Guide
dmunloadcf
Unload binary BDMCONFIG domain configuration file
Synopsis
dmunloadcf
Description
dmunloadcf translates the BDMCONFIG configuration file from the binary representation into ASCII. This translation is useful for transporting the file in a compact way between machines with different byte ordering and backing up a copy of the file in a compact form for reliability. The ASCII format is the same as is described in dmconfig(5).
dmunloadcf reads values from the BDMCONFIG file pointed to by the BDMCONFIG environment variable and writes them to its standard output.
Portability
This command is supported as a Tuxedo-supplied administrative tool on UNIX and Windows NT operating systems.
Examples
To unload the configuration in /usr/tuxedo/BDMCONFIG into the file bdmconfig.backup:
BDMCONFIG=/usr/tuxedo/BDMCONFIG dmunloadcf > bdmconfig.backup
Diagnostics
dmunloadcf checks that the file pointed to by the BDMCONFIG environment variable exists, is a valid Tuxedo file system, and contains BDMCONFIG tables. If any of these conditions is not met, dmunloadcf prints an error message and exits with error code 1. Upon successful completion, dmunloadcf exits with exit code 0.
See Also
dmloadcf(1), dmconfig(5)
Tuxedo /Domain User Guide
GWADM
/Domain gateway administrative server.
Synopsis
GWADM SRVGRP = "identifier" SRVID = "number" REPLYQ = "N"
CLOPT = "-A -- [-a { on | off } ] [-s services ]
[-t { on | off } ]"
Description
The gateway administrative server (GWADM) is a Tuxedo-supplied server that provides administrative functions for a /Domain gateway group.
GWADM should be defined in the SERVERS section of the UBBCONFIG file as a server running within a particular gateway group, that is, SRVGRP must be set to the corresponding GRPNAME tag specified in the GROUPS section. The SVRID parameter is also required and its value must consider the maximum number of gateways allowed within the gateway group.
There should be only one instance of a GWADM per /Domain gateway group, and it should NOT be part of the MSSQ defined for the gateways associated with the group. Also, GWADM should have the REPLYQ attribute set to N.
The CLOPT option is a string of command line options that is passed to the GWADM when it is booted. This string has the following format:
CLOPT="-A -- <gateway group runtime parameters>"
The following runtime parameters are recognized for a gateway group:
The GWADM server must be booted before the corresponding gateways.
Portability
This server is supported on Tuxedo-supplied servers, using UNIX System and Windows NT operating systems.
Interoperability
The initial release of SNA-type gateways can only be installed on a node running Tuxedo.
Examples
The following example illustrates the definition of the administrative server in the UBBCONFIG file.
#
*GROUPS
DMADMGRP GRPNO=1
gwgrp GRPNO=2
#
*SERVERS
DMADM SRVGRP="DMADMGRP" SRVID=1001 REPLYQ=N RESTART=Y GRACE=0
GWADM SRVGRP="gwgrp" SRVID=1002 REPLYQ=N RESTART=Y GRACE=0
CLOPT="-A -- -a on -t on"
SNACRM SRVGRP="gwgrp" SRVID=1003 CLOPT="-A--//host:6000 gwgrp"
GWSNAX SRVGRP="gwgrp" SRVID=1004 RQADDR="gwgrp" REPLYQ=N
See Also
dmadmin(1), tmboot(1)
dmconfig(5), DMADM(5), servopts(5), ubbconfig(5)
Tuxedo /Domain User Guide
Tuxedo Administrator's Guide
GWSNAX
This is the gateway server process for eAM.
Synopsis
GWSNAX SRVGRP = "identifier" SRVID = "number" REPLYQ = "N"
CLOPT = "-A -- [-e {type} -m -n {type:min:max} -t {number}
-u {keyfile}]"
Description
The GWSNAX server provides Tuxedo functions for an eAM Gateway group.
GWSNAX should be defined in the SERVERS section of the UBBCONFIG file as a server running within a particular gateway group; that is, SRVGRP must be set to the corresponding GRPNAME tag specified in the GROUPS section. The SVRID parameter is also required and its value must consider the maximum number of gateways allowed within the gateway group. The GWSNAX definition must not precede its associated CRM server definition in the UBBCONFIG file.
There should be only one instance of a GWSNAX per eAM Gateway group, and it should NOT be part of the MSSQ defined for the gateways associated with the group.
The CLOPT option is a string of command line options that is passed to the GWSNAX when it is booted. This string has the following format:
CLOPT="-A -- <gateway runtime parameters>"
The following runtime parameters are recognized for a gateway:
min designates the minimum number of bits to be used for encryption. This level is used during the negotiation between the CRM and GWSNAX. Any number is acceptable, but the negotiated values resolve to 0, 56, or 128. The level specified must be supported by the security add-on package used. max designates the maximum number of bits to be used for encryption. This level is used during the negotiation between the CRM and GWSNAX. Any number is acceptable, but the negotiated values resolve to 0, 56, or 128.
The keyfile is the location file containing a hash key known to both this process and the CRM. The file contains a single line specifying a unique hash key (limited to eight characters). The file should be protected.
Portability
Refe to the eLink Adapter for Mainframe Release Notes for a complete listing of compatible operating systems.
Interoperability
Refer to the eLink Adapter for Mainframe Release Notes for a complete listing of supported platforms.
Examples
The following example illustrates the definition of the administrative server in the UBBCONFIG file.
#
*GROUPS
DMADMGRP GRPNO=1
gwgrp GRPNO=2
#
*SERVERS
DMADM SRVGRP="DMADMGRP" SRVID=1001 REPLYQ=N RESTART=Y GRACE=0
GWADM SRVGRP="gwgrp" SRVID=1002 REPLYQ=N RESTART=Y GRACE=0
CLOPT="-A -- -a on -t on"
SNACRM SRVGRP="gwgrp" SRVID=1003 CLOPT="-A--//host:6000 gwgrp"
GWSNAX SRVGRP="gwgrp" SRVID=1004 RQADDR="gwgrp" REPLYQ=N
CLOPT="-- -t 1"
See Also
dmadmin(1), tmboot(1)
dmconfig(5), DMADM(5), servopts(5), ubbconfig(5)
Tuxedo /Domain User Guide
Tuxedo Administrator's Guide
modusr
Modify a remote user password.
Synopsis
modusr -d <local domain> ID -R <remote domain ID> -u <remote username>
Description
modusr can only be executed as a subcommand of dmadmin(1). The purpose of this page is to describe options for the subcommand and to show an example.
The subcommand allows the administrator to modify passwords in the remote password table. The administrator is prompted for the remote password.
The table entries modified are used for passing remote user names and passwords to remote SNA domains when the application is using SNA-type gateways and SECURITY is set to USER_AUTH, ACL, or MANDATORY_ACL in the ubbconfig file and SECURITY is set to DM_USER_PW in the DMCONFIG file.
The following options are available:
Before running this subcommand the application must be configured using either the Graphical Administrative Interface or tmloadcf(1) and dmloadcf(1). dmadmin modusr may be run on any active node.
Portability
This subcommand is available on the latest version of Tuxedo, as documented for this release of BEA eLink Adapter for Mainframe.
Diagnostics
The dmadmin modusr subcommand exits with a return code of 0 upon successful completion.
Examples
modusr -d tux -R cics -u CICSUSR /*modifies remote user's password
sent to CICS. The administrator
is prompted for the password*/
See Also
delusr(5), addusr(5)
![]() |
![]() |
![]() |
|
Copyright © 2001 BEA Systems, Inc. All rights reserved.
|