USER_SECURITY - UEM Server configuration option

Description

The USER_SECURITY option specifies user security usage for the UEM Server.

The way in which this option is used depends on whether a UEM Server is running in demand-driven or event-driven mode.

For a demand-driven UEM Server, enabling this option means an authenticated local user account is required to start the Server and monitor an event. All event monitoring activity, including execution of event handler processes, is done in the security context of this user.

For an event-driven UEM Server, enabling this option means that before an event handler process can be executed, a local user account and password must be stored in the event handler record (remember that an event-driven Server relies completely upon stored event definition and event handler records for its input). If the stored account information is valid, any processes executed on behalf of the event handler will be done so in the security context of that account.


Windows

This option should be set only via the Universal Configuration Manager; check the box labelled "Require user ID and password to start process" on the Server Options page of the Universal Event Monitor Server configuration control.

Usage

Method

Syntax

IBM i

HP NonStop

UNIX

Windows

z/OS

Configuration File Keyword

security method

(tick)

(tick)

UEM Load Override

n/a

UEM Manager Override

n/a

Values

method is the user authentication method to be used.


UNIX

Valid values for method are:

  • default
    Credentials must be supplied for handler processes. The Universal Event Monitor Server uses authentication method, */etc/passwd* or */etc/shadow*.
  • inherit
    Universal Event Monitor Server will inherit the user account of the broker which started it. Handler processes are started with the same user ID as that inherited from the Broker.
  • none
    Universal Event Monitor Server will inherit the user account of the broker which started it. Handler processes are started with the same user ID as that inherited from the Broker.
  • pam
    Credentials must be supplied for handler processes. The Universal Event Monitor Server uses Pluggable Authentication Module interface
  • trusted
    HP Trusted Security authentication.

Windows

Valid values for method are:

  • default
    Credentials must be supplied for handler processes. The Universal Event Monitor Server uses Windows authentication.
  • inherit
    Universal Event Monitor Server will inherit the user account of the broker which started it. Handler processes are started with the same user ID as that inherited from the Broker.
  • none
    Universal Event Monitor Server will inherit the user account of the broker which started it. Handler processes are started with the same user ID as that inherited from the Broker.

Note

The inherit value replaces the none value. There currently are no plans to deprecate support for none, but new installs should use inherit instead of none.

Default Values

defaultAIX, HP-UX, Windows
pamLinux, Solaris