UDM_ACCESS - UDM UACL Entry
Description
A UDM_ACCESS UACL entry either allows or denies access to Universal Data Mover Server services.
If access is permitted, UDM_ACCESS also specifies whether or not user authentication is required.
There are two forms of the UDM_ACCESS entry based on the client identification method:
- udm_access form is for IP-based client identification.
- udm_cert_access is for X.509 certificate-based client identification.
A udm_access UACL entry is matched if all of the following occur:
- Request comes from an IP address identified by host.
- Remote end is executing as user remote_user.
- Remote user is requesting to execute a command as local user local_user.
A udm_cert_access UACL entry is matched if both of the following occur:
- Request comes from a client with a certificate identifier of certid.
- Remote user is requesting to execute a command as local user local_user.
The first matching rule is used to control access.
See UACL Entries for details on host, remote_user, and local_user specification syntax.
Usage
Method | Syntax | IBM i | UNIX | Windows | z/OS |
UACL File Keyword | udm_access host,remote_user,local_user,access,auth udm_cert_access certid,local_user,access,auth | | | | |
Values
Valid values for access are:
- deny
Service is denied. A message is returned to the remote end. The connection is closed. - allow
Service is accepted and processed.
Valid values for auth are:
- auth
Local user account must be authenticated. The Manager must provide a proper password for the account. - noauth
Local user account does not require user authentication.
Note
noauth should be used with care. Turning off user authentication may violate your local security policies on the Server system.