/
UDM_ACCESS - UDM UACL Entry

UDM_ACCESS - UDM UACL Entry

Jan 16, 2025

 Description

A UDM_ACCESS UACL entry either allows or denies access to Universal Data Mover Server services.

If access is permitted, UDM_ACCESS also specifies whether or not user authentication is required.

There are two forms of the UDM_ACCESS entry based on the client identification method:

  • udm_access form is for IP-based client identification.

  • udm_cert_access is for X.509 certificate-based client identification.

A udm_access UACL entry is matched if all of the following occur:

  • Request comes from an IP address identified by host.

  • Remote end is executing as user remote_user.

  • Remote user is requesting to execute a command as local user local_user.

A udm_cert_access UACL entry is matched if both of the following occur:

  • Request comes from a client with a certificate identifier of certid.

  • Remote user is requesting to execute a command as local user local_user.

The first matching rule is used to control access.

See UACL Entries for details on host, remote_user, and local_user specification syntax.

Usage

Method

Syntax

IBM i

UNIX

Windows

z/OS

UACL File Keyword

udm_access host,remote_user,local_user,access,auth

udm_cert_access certid,local_user,access,auth

Values

Valid values for access are:

  • deny
    Service is denied. A message is returned to the remote end. The connection is closed.

  • allow
    Service is accepted and processed.


Valid values for auth are:

  • auth
    Local user account must be authenticated. The Manager must provide a proper password for the account.

  • noauth
    Local user account does not require user authentication.