Universal Data Mover Server for IBM i - UACL Example
Universal Data Mover Server for IBM i
The following set of rules permit services for the subnet 10.20.30 and denies all other connections.
udm_access 10.20.30.,*,*,allow,auth udm_access ALL,*,*,deny,auth
The following set of rules effectively permit connections from any host, but has limited access from host 10.20.30.40 to user TS1004 on that host.
- No host can execute commands as local user root.
- User TS1004 on host 10.20.30.40 can execute commands as local user tsup1004 without providing the password.
- Users TS1004 from host 10.20.30.40 can execute commands as any local user by providing the local user password.
udm_access 10.20.30.40,TS1004,tsup1004,allow,noauth udm_access 10.20.30.40,TS1004,*,allow,auth udm_access 10.20.30.40,*,*,deny,auth udm_access ALL,*,root,deny,auth