Universal Configuration Manager - Universal Broker

Owned by
Former user (Deleted)
Last updated: Feb 14, 2023 by
Stonebranch
16 min read

Universal Broker

Universal Broker: Message Options

Field

Description

Message Level

Error
Turns on message logging for errors only. Changes made here to the message level only affect the Broker when it is run as an NT Service. When the Broker is run as a console application, a command line parameter must be used to change the default message level.
 
Warning
Turns on message logging for warnings and errors. Changes made here to the message level only affect the Broker when it is run as an NT Service. When the Broker is run as a console application, a command line parameter must be used to change the default message level.
 
Info
Turns on message logging for all informational, warning and error messages. Changes made here to the message level only affect the Broker when it is run as an NT Service. When the Broker is run as a console application, a command line parameter must be used to change the default message level.
 
Audit
Turns on message logging for all audit, informational, warning and error messages. Changes made here to the message level only affect the Broker when it is run as an NT Service. When the Broker is run as a console application, a command line parameter must be used to change the default message level.
 
Trace
Allows all messages to be logged, including those used for debugging purposes. Changes made here to the message level only affect the Broker when it is run as an NT Service. When the Broker is run as a console application, a command line parameter must be used to change the default message level.

Message Language

Specifies the language used to display error messages.

Universal Broker: Network Options

Field

Description

TCP/IP Options

Multi-homed configuration
A multi-homed host is a machine that has more than one network interface card installed. On such machines, Universal Broker may be configured to accept incoming connections on only one of the interfaces.
To specify this address, check the option and enter a valid host name or IP address in the space provided. Otherwise, leave the option unchecked, and Universal Broker will accept connections on all network interfaces.
 
DNS cache timeout
Specifies the number of seconds to retain a resolved host name in the Broker memory cache. A value of 0 specifies no caching.

Service Interface Options

Port
Enter a port number or service name that will be used to accept incoming connections from Universal components.
 
Queue size
Specifies the number of connection requests that will be queued by Universal Broker. When the number of pending connection requests reaches this value, additional connection requests will be denied and a "connection refused" error will be issued. The default value for this option is 100.

Component Interface Options

Port
Enter a port number or service name that will be used for communications with Universal components.
 
Queue size
Specifies the number of connection requests that will be queued by Universal Broker. When the number of pending connection requests reaches this value, additional connection requests will be denied and a "connection refused" error will be issued. The default value for this option is 100.

Code Page

Sets the translation table used to translate text-based data transmitted across the network.

Universal Broker: Network Options - Advanced TCP/IP Options

Field

Description

Override the default TCP/IP receive buffer and set to:

(No help provided.)

Override the default TCP/IP receive buffer and set to:

(No help provided.)

Universal Broker: Runtime Options

Field

Description

Directory Options

Working Directory
Specifies the folder used by Universal Broker to store any generated output files. This folder will also be used as the default working directory for each component started by Universal Broker.
 
Spool File Directory
The directory where the spool files are stored. This directory must be located on local storage. It may not be located on any storage area accessed via the network which includes but is not limited to NFS, SAMBA, Microsoft File Sharing.
 
Start Universal Broker Service at system startup
Instructs the Universal Broker NT service to start when the system starts.

Max Number of Component Instances

Specifies the maximum number of Universal component instances that can be run at the same time.

Allow Manager components to retry start requests that fail win the max number of components are running.

(No help provided.)

Start Universal Broker Service at System Startup

Instructs the Universal Broker NT service to start when the system starts.

Universal Broker: SSL/TLS Protocol Options

Field

Description

Cipher Suite List

The cipher suite specifies the symmetric and message digest algorithms used for a session. The cipher suite is negotiated as part of the SSL/TLS handshake. If one of the cipher suites in the list cannot be agreed upon, the SSL/TLS handshake will fail, and the connection will be closed.

Negotiate Sessions using

(No help provided.)

Universal Broker: SSL/TLS Protocol Options - Certificate Options

Field

Description

Certificate Files

Certificate
The Certificate option specifies the X.509 certificate file that identifies the program to remote components with which it connects using the SSL/TLS protocol.
 
Private Key
The Private key option specifies the private key file associated with the X.509 certificate specified in the Certificate file.
 
Private Key Password
The Private key password specifies the password associated with the private key file.
 
Certificate Authority
The Certificate Authority option specifies a file with a list of trusted authorities. Any certificate received that is signed by a trusted Certificate Authority is accepted.
 
Certificate Revocation List
The Certificate Revocation List option specifies a file with a list of revoked certificates. Any certificate received that is in this list will not be accepted.

Universal Broker: Event Subsystem Options

Field

Description

Event Management Options

Delete Persistent events after
This option specifies how long, in seconds, an event message that is identified as a persistent event will wait to be received by a Universal Enterprise Controller (UEC). Persistent event messages are those whose types are contained in the event generation list. If a persistent event message is not delivered to UEC within the specified time, the Universal Broker will delete the event record from its local Universal Event Subsystem (UES) database.
 
The default value for this option is 172800 seconds, which is equivalent to 2 days.
 
Delete Monitoring events after
This option sepcifies the maximum amount of time, in seconds, event messages used for product activity monitoring will remain in the Universal Broker's local Universal Event Subystem (UES) database. If a monitoring event message is not delivered to a Universal Enterprise Controller (UEC) within the specified time, the Broker will delete the record from its local UES database.
 
The default value for this option is 600 seconds.

Event Generation Options

Generate Activity monitoring events
When this option is selected, the Universal Broker will generate events that monitor product activity. This option is selected by default.
 
Persistent event list
Specifies which events are to be generated and processed as persistent events. A persistent event is saved in a Universal Enterprise Controller (UEC) event database for long-term storage.
Enter a list and/or range of numeric event types, separated by a comma. To exclude an event or range of events, precede the entry with an upper- or lower-case 'X'. Use an asterisk ( * ) to specify all event types.
 
For example:

  • x*
    Do not generate any events (this is the default)
  • \*
    Generate all event types
  • 100
    Generate all event types except 100
  • 100,200-205
    Generate event type 100 and 200 through 205
  • 100,200-205,x202
    Generate event types 100 and 200 thru 205, excluding event type 202

Entries are processed from left to right, and the list is order dependent. For example, an entry of x*,100 prevents generation of all event types except 100, while an entry of 100,x* prevents generation of all event types (the right-most entry takes precedence).

Universal Broker: Access Control Lists

Universal Broker: Access Control Lists - Access ACL

Field

Description

Access Control List

Displays the entries contained in the Universal Broker Access Control List (ACL). This list is used to grant or deny access to Universal Broker based on the remote system's IP address. The order in which ACL entries are evaluated and applied are based on their position in this list. Use the Move Up and Move Down buttons to change an entry's priority.

Add Button

Displays a dialog box that allows an entry to be added to the Access Control List. The fields in this dialog are populated with default values.
 

 
Remote Host Name/IP Address
The IP address or name of the remote host for which access will be allowed or denied. To apply an access control entry to all IP addresses, use the keyword ALL (in all caps).
 
Access Type
Will cause the Universal Broker to accept/reject incoming connections from the specified host.

Edit Button

Displays a dialog that allows the selected Access Control List entry to be modified.
 

 
Remote Host Name/IP Address
The IP address or name of the remote host for which access will be allowed or denied. To apply an access control entry to all IP addresses, use the keyword ALL (in all caps).
 
Access Type
Will cause the Universal Broker to accept/reject incoming connections from the specified host.

Delete Button

Removes the selected item from the Access Control List.

Move Up Button

Moves the selected item up one position in the list.

Move Down Button

Moves the selected item down one position in the list.

Universal Broker: Access Control Lists - Event Access ACL

Field

Description

Event Access ACL

Event Access ACL List Box
Displays the Access Control List (ACL) entries that manage access to the Universal Event Subsystem (UES) database. The list is used to grant or deny read and/or delete access to the UES database, based on which system the request comes from and the user account that issued the request.
 
The order in which ACL entries are evaluated and applied are based on their position in this list. Use the Move Up and Move Down buttons to change an entry's priority.

Add Button

Displays a dialog box that allows an entry to be added to the Access Control List. The fields in this dialog are populated with default values.
 

 
Remove Host Name/IP Address
The IP address or name of the remote host for which access will be allowed or denied. To apply an access control entry to all IP addresses, use the keyword ALL (in all caps).
 
Remote User ID
The ID of a remote user account to which access will be allowed or denied. To apply an access control entry to user accounts, use an asterisk *.
 
Universal Event Subsystem Access
Displays the types of Universal Event Subsystem database access available. Check the box next to the access type to grant the specified access to the user. Uncheck the box to deny access to the user.

Edit Button

Displays a dialog that allows the selected Access Control List entry to be modified.
 

 
Remove Host Name/IP Address
The IP address or name of the remote host for which access will be allowed or denied. To apply an access control entry to all IP addresses, use the keyword ALL (in all caps).
 
Remote User ID
The ID of a remote user account to which access will be allowed or denied. To apply an access control entry to user accounts, use an asterisk *.
 
Universal Event Subsystem Access
Displays the types of Universal Event Subsystem database access available. Check the box next to the access type to grant the specified access to the user. Uncheck the box to deny access to the user.

Delete Button

Removes the selected item from the Access Control List.

Move Up Button

Moves the selected item up one position in the list.

Move Down Button

Moves the selected item down one position in the list.

Universal Broker: Access Control Lists - Remote Configuration Access ACL

Field

Description

Remote Configuration Access ACL

Remote Configuration Access ACL List Box
Displays the Access Control List (ACL) entries that manage requests to place the local Universal Broker into or out of managed mode, and requests to update Universal Product configurations when the local Broker is in managed mode. Requests are granted or denied based on the system from which the request was made, and the user account that issued the request.
 
The order in which ACL entries are evaluated and applied are based on their position in this list. Use the Move Up and Move Down buttons to change an entry's priority.

Add Button

Displays a dialog box that allows an entry to be added to the Access Control List. The fields in this dialog are populated with default values.
 

 
Remote HostName/IP Address
The IP address or name of the remote host for which access will be allowed or denied. To apply an access control entry to all IP addresses, use the keyword ALL (in all caps).
 
Remote User ID
The ID of a remote user account to which access will be allowed or denied. To apply an access control entry to user accounts, use an asterisk ( * ).
 
Universal Broker Configuration Access
Displays the types of Remote Configuration access available. Check the box next to the access type to grant the specified access to the user. Uncheck the box to deny access to the user.

Edit Button

Displays a dialog that allows the selected Access Control List entry to be modified.
 

 
Certificate ID
If the value entered here is listed in the Certificate Map, the authority to execute the request is granted or denied.
 
Universal Broker Config Access
Displays the types of Remote Configuration access available. Check the box next to the access type to grant the specified access whenever the requestor presents the corresponding certificate. Uncheck the box to deny access.

Delete Button

Removes the selected item from the Access Control List.

Move Up Button

Moves the selected item up one position in the list.

Move Down Button

Moves the selected item down one position in the list.

Universal Broker: Access Control Lists - Event Certificate ACL

Field

Description

Event Certificate ACL

Event Certificate ACL List Box
Displays the Access Control List (ACL) entries that manage access to the Universal Event Subsystem (UES) database. The list is used to grant or deny read and/or delete access to the UES database, based on the ID of a certificate presented by the requestor. This certificate ID must have a corresponding entry in the Universal Broker Certificate Map ACL.
 
The order in which ACL entries are evaluated and applied are based on their position in this list. Use the Move Up and Move Down buttons to change an entry's priority.

Add Button

Displays a dialog box that allows an entry to be added to the Access Control List. The fields in this dialog are populated with default values.
 

 
Certificate ID
If the value entered here is listed in the Certificate Map, the authority to execute the request is granted or denied.
 
Universal Event Subsystem Access
Displays the types of Universal Event Subsystem database access available. Check the box next to the access type to grant the specified access whenever the requestor presents the corresponding certificate. Uncheck the box to deny access.

Edit Button

Displays a dialog that allows the selected Access Control List entry to be modified.
 

 
Certificate ID
If the value entered here is listed in the Certificate Map, the authority to execute the request is granted or denied.
 
Universal Event Subsystem Access
Displays the types of Universal Event Subsystem database access available. Check the box next to the access type to grant the specified access whenever the requestor presents the corresponding certificate. Uncheck the box to deny access.

Delete Button

Removes the selected item from the Access Control List.

Move Up Button

Moves the selected item up one position in the list.

Move Down Button

Moves the selected item down one position in the list.

Universal Broker: Access Control Lists - Remote Configuration Certificate ACL

Field

Description

Remote Configuration Certificate ACL

Remote Configuration Certificate ACL List Box
Displays the Access Control List (ACL) entries that manage requests to place the local Universal Broker into or out of managed mode, and requests to update Universal Product configurations when the local Broker is in managed mode. Requests are granted or denied based on the credentials a requestor presents in the specified certificate. This certificate must have a corresponding entry in the Universal Broker Certificate Map ACL.
 
The order in which ACL entries are evaluated and applied are based on their position in this list. Use the Move Up and Move Down buttons to change an entry's priority.

Add Button

Displays a dialog box that allows an entry to be added to the Access Control List. The fields in this dialog are populated with default values.
 

 
Certificate ID
If the value entered here is listed in the Certificate Map, the authority to execute the request is granted or denied.
 
Universal Broker Configuration Access
Displays the types of Remote Configuration access available. Check the box next to the access type to grant the specified access whenever the requestor presents the corresponding certificate. Uncheck the box to deny access.

Edit Button

Displays a dialog that allows the selected Access Control List entry to be modified.
 

 
Certificate ID
If the value entered here is listed in the Certificate Map, the authority to execute the request is granted or denied.
 
Universal Broker Configuration Access
Displays the types of Remote Configuration access available. Check the box next to the access type to grant the specified access whenever the requestor presents the corresponding certificate. Uncheck the box to deny access.

Delete Button

Removes the selected item from the Access Control List.

Move Up Button

Moves the selected item up one position in the list.

Move Down Button

Moves the selected item down one position in the list.

Universal Broker: Access Control Lists - Certificate Map ACL

Field

Description

Certificate Map ACL List Box

Displays the entries contained in the X.509 certificate mapping. The order in which entries are evaluated and applied are based on their position in this list. Use the Move Up and Move Down buttons to change an entry's priority.

Add Button

Displays a dialog box that allows an entry to be added to the Access Control List. The fields in this dialog are populated with default values.
 

 
Certificate ID
The value entered here is used as a key to establish a mapping between this entry and a Universal ACL entry that may reference it.
 
Subject
The value entered here is used to match the subject field of an installed X.509 certificate. The subject contains properties of the entity identified by the certificate. It is formatted as an X.501 Distinguished Name (DN), which is a hierarchical list of attributes referred to as Relative Distinguished Names (RDNs).
 
Some of the more common RDN values that may be used in a DN include:

  • C
    Country Name
  • CN
    Common Name
  • L
    Locality
  • O
    Organization
  • OU
    Organizational Unit
  • ST
    State

The following are examples of Distinguished Names:

  • /C=US/ST=Georgia/L=Atlanta/O=Stonebranch, Inc./OU=R & D/CN=Joe Simson/
  • /C=US/ST=Georgia/L=Atlanta/O=Stonebranch, Inc./OU=Operations/
  • /C=US/ST=Georgia/L=Atlanta/O=Stonebranch, Inc./OU=Operations/CN=UEC/

E-Mail Address
The value entered here is used to match an installed X.509 certificate by comparing the dNSName of the subjectAltName extension value or the commonName (CN) Relative Distinguished Name attribute of a Distinguished Name's subject field. The host name entered here may contain wildcards. For example, *.acme.com.
 
Host Name
The value entered here is used to match an installed X.509 certificate by comparing the dNSName of the subjectAltName extension value or the commonName (CN) Relative Distinguished Name attribute of a Distinguished Name's subject field. The host name entered here may contain wildcards. For example, *.acme.com.
 
IP Address
The value entered here is used to match an installed X.509 certificate by comparing the iPAddress of the subjectAltName extension value. The IP Address entered must be in dotted decimal format (i.e., xx.xx.xx.xx).
 
Serial Number
The value entered here is used to match the Serial Number of an installed X.509 certificate. Please note that serial numbers are not unique across all certificates, only for those certificates provided by specific Certificate Authorities (CA's).

Edit Button

Displays a dialog that allows the selected Access Control List entry to be modified.
 

 
Certificate ID
The value entered here is used as a key to establish a mapping between this entry and a Universal ACL entry that may reference it.
 
Subject
The value entered here is used to match the subject field of an installed X.509 certificate. The subject contains properties of the entity identified by the certificate. It is formatted as an X.501 Distinguished Name (DN), which is a hierarchical list of attributes referred to as Relative Distinguished Names (RDNs).
 
Some of the more common RDN values that may be used in a DN include:

  • C
    Country Name
  • CN
    Common Name
  • L
    Locality
  • O
    Organization
  • OU
    Organizational Unit
  • ST
    State

The following are examples of Distinguished Names:

  • /C=US/ST=Georgia/L=Atlanta/O=Stonebranch, Inc./OU=R & D/CN=Joe Simson/
  • /C=US/ST=Georgia/L=Atlanta/O=Stonebranch, Inc./OU=Operations/
  • /C=US/ST=Georgia/L=Atlanta/O=Stonebranch, Inc./OU=Operations/CN=UEC/

E-Mail Address
The value entered here is used to match an installed X.509 certificate by comparing the dNSName of the subjectAltName extension value or the commonName (CN) Relative Distinguished Name attribute of a Distinguished Name's subject field. The host name entered here may contain wildcards. For example, *.acme.com.
 
Host Name
The value entered here is used to match an installed X.509 certificate by comparing the dNSName of the subjectAltName extension value or the commonName (CN) Relative Distinguished Name attribute of a Distinguished Name's subject field. The host name entered here may contain wildcards. For example, *.acme.com.
 
IP Address
The value entered here is used to match an installed X.509 certificate by comparing the iPAddress of the subjectAltName extension value. The IP Address entered must be in dotted decimal format (i.e., xx.xx.xx.xx).
 
Serial Number
The value entered here is used to match the Serial Number of an installed X.509 certificate. Please note that serial numbers are not unique across all certificates, only for those certificates provided by specific Certificate Authorities (CA's).

Delete Button

Removes the selected item from the Access Control List.

Move Up Button

Moves the selected item up one position in the list.

Move Down Button

Moves the selected item down one position in the list.

Universal Broker: Component Definitions

Field

Description

Universal Component Definitions List

Contains a list of definitions used by Universal Broker to manage Universal components.

Edit Button

Displays a dialog box that is used to modify an existing component definition.
 

 
Start Command
The complete path to the component's executable file.
 
Configuration File
The name of the file in which configuration options for the component are stored.
 
Working Directory
The component's working folder. The component uses this folder to store any output files or log files.
 
Maximum number of component instances
The maximum number of components that are allowed to run simultaneously. Setting this value to 0 prevents the component from running at all.

Universal Broker: Active Components

Field

Description

Active Components List

Contains a list of components that are currently running.

Broker System

Address of the Broker to query.

Port

Port the Broker being queried is listening on.

Refresh Button

Updates the list of active components.

Universal Broker: Information

Field

Description

Status

Universal Broker status.

Version

Universal Broker version.

Description

Universal Broker description.

Additional Universal Broker Information

Displays properties of Universal Broker.

Broker System

Address of the Broker to query.

Port

Port the Broker being queried is listening on.

Refresh Button

Updates the broker information.