Universal Configuration Manager - Universal Control Server

Owned by Stonebranch (Deactivated)

Jul 12, 2024

12 min read

Universal Control Server

Universal Control Server: Message Options

Field	Description
Message Level	Error Turns on message logging for errors only. Warning Turns on message logging for warnings and errors. Info Turns on message logging for all informational, warning and error messages. Audit Turns on message logging for all audit, informational, warning and error messages. Trace Allows all messages to be logged, including those used for debugging purposes.

Universal Control Server: Server Options

Field

Description

Security Options

Require User ID and Password to start process
When this option is checked, Universal Command will require a valid user ID and password to start a process.

User must have batch logon right
When this option is checked, the Log on as a batch job user right must be granted to the user ID passed to Universal Command before the process will run. This is an advanced user right that must be set using the NT User Manager.

Code Page

Sets the translation table used to translate text-based data transmitted across the network.

Universal Control Server: Event Subsystem Options

Field

Description

Event Generation Options

Generate activity monitoring events
When this option is selected, the Universal Control Server will generate events that monitor product activity. This option is selected by default.

Persistent event list
Specifies which events are to be generated and processed as persistent events. A persistent event is saved in a Universal Enterprise Controller (UEC) event database for long-term storage.

Enter a list and/or range of numeric event types, separated by a comma. To exclude an event or range of events, precede the entry with an upper- or lower-case 'X'. Use an asterisk to specify all event types.

For example:

x*
Do not generate any events (this is the default)
*
Generate all event types
100
Generate all event types except 100
100,200-205
Generate event type 100 and 200 through 205
100,200-205,x202
Generate event types 100 and 200 thru 205, excluding event type 202

Entries are processed from left to right, and the list is order dependent. For example, an entry of x*,100 prevents generation of all event types except 100, while an entry of 100,x* prevents generation of all event types (the right-most entry takes precedence).

Universal Control Server: Access Control Lists

Universal Control Server: Access Control Lists - Access ACL

Field	Description
Access Control List	Displays the entries contained in the Universal Control Server Access Control List (ACL). This list is used to grant or deny access to Universal Control Server based on the remote system's IP address, the user account running the Universal Control Manager, and the user account with which the Server is executed. The order in which ACL entries are evaluated and applied are based on their position in this list. Use the Move Up and Move Down buttons to change an entry's priority.
Add Button	Displays a dialog box that allows an entry to be added to the Access Control List. The fields in this dialog are populated with default values. Remote Host Name/IP Address The IP address or name of the remote host for which access will be allowed or denied. To apply an access control entry to all IP addresses, use the keyword ALL (in all caps). Universal Control Manager User Account The ID of the user account executing the Universal Control Manager. Local User Account A local user account that may be provided to UCTL Server for authentication. Access Type Will cause the Universal Control Server to accept/reject incoming connections from the specified host, provided the Universal Control Manager is executed by the specified user account and the process is owned by the specified local user account. Requires Matching local user account When this option is checked, a local user account must be supplied to the Universal Control Server that matches the user account in whose security context the Universal Server component is running. This option only applies to Stop requests, and is effectively disabled for Refresh and Start requests. To prevent unauthorized users from issuing those requests, make sure security is enabled in the UCtl Server's configuration.
Edit Button	Displays a dialog that allows the selected Access Control List entry to be modified. Remote Host Name/IP Address The IP address or name of the remote host for which access will be allowed or denied. To apply an access control entry to all IP addresses, use the keyword ALL (in all caps). Universal Control Manager User Account The ID of the user account executing the Universal Control Manager. Local User Account A local user account that may be provided to UCTL Server for authentication. Access Type Will cause the Universal Control Server to accept/reject incoming connections from the specified host, provided the Universal Control Manager is executed by the specified user account and the process is owned by the specified local user account. Requires Matching local user account When this option is checked, a local user account must be supplied to the Universal Control Server that matches the user account in whose security context the Universal Server component is running. This option only applies to Stop requests and is effectively disabled for Refresh and Start requests. To prevent unauthorized users from issuing those requests, make sure security is enabled in the UCtl Server's configuration.
Delete Button	Removes the selected item from the Access Control List.
Move Up Button	Moves the selected item up one position in the list.
Move Down Button	Moves the selected item down one position in the list.

Universal Control Server: Access Control Lists - Request ACL

Field	Description
Request ACL List	Displays the entries contained in the Universal Control Server Access Control List (ACL). This list is used to grant or deny the ability to issue specific Universal Control Server requests based on the remote system's IP address, the user account running the Universal Control Manager, and a locally authenticated user account. The order in which ACL entries are evaluated and applied are based on their position in this list. Use the Move Up and Move Down buttons to change an entry's priority.
Add Button	Displays a dialog box that allows an entry to be added to the Access Control List. The fields in this dialog are populated with default values. Remote Host Name/IP Address The IP address or name of the remote host for which access will be allowed or denied. To apply an access control entry to all IP addresses, use the keyword ALL (in all caps). Universal Command Manager User Account The ID of the user account executing the Universal Control Manager. Local User Account A local user account that may be provided to UCTL Server for authentication. Request Type Specifies the type of request issued by the UCTL Manager. Valid request types are included in the list. * may also be specified to indicate the rule applies to all valid UCTL Manager request types. Request Name Enter the name of a Universal component here to set access for the specified local user account based on the UCTL Manager request. Use the default value of * to grant or deny access to all requests issued by the user. Access Type Will cause the Universal Control Server to accept/reject incoming connections from the specified host, provided the Universal Control Manager is executed by the specified user account and the process is owned by the specified local user account. Requires Matching local user account When this option is checked, a local user account must be supplied to the Universal Control Server that matches the user account in whose security context the Universal Server component is running. This option only applies to Stop requests and is effectively disabled for Refresh and Start requests. To prevent unauthorized users from issuing those requests, make sure security is enabled in the UCtl Server's configuration.
Edit Button	Displays a dialog that allows the selected Access Control List entry to be modified. Remote Host Name/IP Address The IP address or name of the remote host for which access will be allowed or denied. To apply an access control entry to all IP addresses, use the keyword ALL (in all caps). Universal Control Manager User Account The ID of the user account executing the Universal Control Manager. Local User Account A local user account that may be provided to UCTL Server for authentication. Request Type Specifies the type of request issued by the UCTL Manager. Valid request types for UCmd Servers running on Windows are included in the list. * may also be specified to indicate the rule applies to all valid UCmd Manager request types. Request Name Enter the name of a Universal component here to set access for the specified local user account based on the UCTL Manager request. Use the default value of * to grant or deny access to all requests issued by the user. Access Type Will cause the Universal Control Server to accept/reject incoming connections from the specified host, provided the Universal Control Manager is executed by the specified user account and the process is owned by the specified local user account. Requires Matching local user account When this option is checked, a local user account must be supplied to the Universal Control Server that matches the user account in whose security context the Universal Server component is running. This option only applies to Stop requests and is effectively disabled for Refresh and Start requests. To prevent unauthorized users from issuing those requests, make sure security is enabled in the UCtl Server's configuration.
Delete Button	Removes the selected item from the Access Control List.
Move Up Button	Moves the selected item up one position in the list.
Move Down Button	Moves the selected item down one position in the list.

Universal Control Server: Access Control Lists - Certificate ACL

Field	Description
Certificate ACL List	Displays the entries contained in the Universal Control Certificate Access Control List (ACL). The order in which ACL entries are evaluated and applied are based on their position in this list. Use the Move Up and Move Down buttons to change an entry's priority.
Add Button	Displays a dialog box that allows an entry to be added to the Access Control List. The fields in this dialog are populated with default values. Certificate ID When a UCTL Manager specifies a certificate ID from its command line, its corresponding UCTL Server compares it to the certificate ID entered here. If a match is found and the certificate ID has a corresponding entry in the Certificate Map list, the authority to execute the request is granted or denied to the specified local user account. Local User Account A local user account that may be provided to UCTL Server for authentication. Access Type Will cause the Universal Control Server to accept/reject incoming connections from the specified host, provided the Universal Control Manager is executed by the specified user account and the process is owned by the specified local user account. Requires Matching local user account When this option is checked, a local user account must be supplied to the Universal Control Server that matches the user account in whose security context the Universal Server component is running. This option only applies to Stop requests and is effectively disabled for Refresh and Start requests. To prevent unauthorized users from issuing those requests, make sure security is enabled in the UCtl Server's configuration.
Edit Button	Displays a dialog that allows the selected Access Control List entry to be modified. Certificate ID When a Universal Control Manager specifies a certificate ID from its command line, its corresponding UCTL Server compares it to the certificate ID entered here. If a match is found and the certificate ID has a corresponding entry in the Certificate Map list, the authority to execute the request is granted or denied to the specified local user account. Local User Account A local user account that may be provided to UCTL Server for authentication. Access Type Will cause the Universal Control Server to accept/Reject incoming connections from the specified host, provided the Universal Control Manager is executed by the specified user account and the process is owned by the specified local user account. Requires Matching local user account When this option is checked, a local user account must be supplied to the Universal Control Server that matches the user account in whose security context the Universal Server component is running. This option only applies to Stop requests and is effectively disabled for Refresh and Start requests. To prevent unauthorized users from issuing those requests, make sure security is enabled in the UCtl Server's configuration.
Delete Button	Removes the selected item from the Access Control List.
Move Up Button	Moves the selected item up one position in the list.
Move Down Button	Moves the selected item down one position in the list.

Universal Control Server: Access Control Lists - Certificate Request ACL

Field	Description
Certificate Request ACL List	Displays the entries contained in the Universal Control Server Access Control List (ACL). This list is used to grant or deny access to specific Universal Control Server requests based on a remote user who is identified by a certificate ID (which maps to a locally installed X.509 certificate), and a locally authenticated user account. The order in which ACL entries are evaluated and applied are based on their position in this list. Use the Move Up and Move Down buttons to change an entry's priority.
Add Button	Displays a dialog box that allows an entry to be added to the Access Control List. The fields in this dialog are populated with default values. Certificate ID When a UCTL Manager specifies a certificate ID from its command line, its corresponding UCTL Server compares it to the certificate ID entered here. If a match is found and the certificate ID has a corresponding entry in the Certificate Map list, the authority to execute the request is granted or denied to the specified local user account. Local User Account A local user account that may be provided to UCTL Server for authentication. Request Type Specifies the type of request issued by the UCTL Manager. Valid request types are included in the list. * may also be specified to indicate the rule applies to all valid UCTL Manager request types. Request Name: Enter the name of a Universal component here to set access for the specified local user account based on the UCTL Manager request. Use the default value of * to grant or deny access to all requests issued by the user. Access Type Will cause the Universal Control Server to accept/Reject incoming connections from the specified host, provided the Universal Control Manager is executed by the specified user account and the process is owned by the specified local user account. Requires Matching local user account When this option is checked, a local user account must be supplied to the Universal Control Server that matches the user account in whose security context the Universal Server component is running. This option only applies to Stop requests and is effectively disabled for Refresh and Start requests. To prevent unauthorized users from issuing those requests, make sure security is enabled in the UCtl Server's configuration.
Edit Button	Displays a dialog that allows the selected Access Control List entry to be modified. Certificate ID When a UCTL Manager specifies a certificate ID from its command line, its corresponding UCTL Server compares it to the certificate ID entered here. If a match is found and the certificate ID has a corresponding entry in the Certificate Map list, the authority to execute the request is granted or denied to the specified local user account. Local User Account A local user account that may be provided to UCTL Server for authentication. Request Type Specifies the type of request issued by the UCTL Manager. Valid request types are included in the list. * may also be specified to indicate the rule applies to all valid UCTL Manager request types. Request Name: Enter the name of a Universal component here to set access for the specified local user account based on the UCTL Manager request. Use the default value of * to grant or deny access to all requests issued by the user. Access Type Will cause the Universal Control Server to accept/Reject incoming connections from the specified host, provided the Universal Control Manager is executed by the specified user account and the process is owned by the specified local user account. Requires Matching local user account When this option is checked, a local user account must be supplied to the Universal Control Server that matches the user account in whose security context the Universal Server component is running. This option only applies to Stop requests and is effectively disabled for Refresh and Start requests. To prevent unauthorized users from issuing those requests, make sure security is enabled in the UCtl Server's configuration.
Delete Button	Removes the selected item from the Access Control List.
Move Up Button	Moves the selected item up one position in the list.
Move Down Button	Moves the selected item down one position in the list.