/
USER_SECURITY - UCMD Server configuration option

USER_SECURITY - UCMD Server configuration option

Jul 15, 2024

 Description

The USER_SECURITY option specifies whether or not to user security and, if so, the security method.

  • If user security is activated, the UCMD Server logs the user onto the system, and the command is run with the user's identity.

  • If user security is not activated, the command runs with the same identity as the UCMD Server.

Usage

Method

Syntax

IBM i

UNIX

Windows

z/OS

Configuration File Keyword

security option

Manager Override

n/a









Values

option is the specification (and method) for activating user security.



IBM i

  • DEFAULT
    User-supplied user ID and password is authenticated against the user profile.

  • NONE
    No user security.
     

UNIX

  • DEFAULT
    Use UNIX default user authentication method, */etc/passwd* or */etc/shadow*.

  • INHERIT
    Universal Command Server will inherit the user account of the broker which started it. The user's process is started with the same user ID as that inherited from the Broker.

  • NONE
    Universal Command Server will inherit the user account of the broker which started it. The user's process is started with the same user ID as that inherited from the Broker.

  • PAM
    Use the Pluggable Authentication Modules (PAM) interface to provide user authentication.

  • PAM_SESSIONS (Linux only)
    Processes Pluggable Authentication Modules (PAM) session modules in addition to account and authentication modules.

  • TRUSTED
    Use HP Trust Security authentication.

WARNING!

If PAM_SESSIONS is selected, the system requires that at least one session is configured for PAM. Without a properly configured PAM session module, Universal Command fails to start. Check system logs, including the authentication log, for failure information.

Windows

  • DEFAULT
    User\-supplied user ID and password is authenticated against the user profile.

  • INHERIT
    Universal Command Server will inherit the user account of the Broker which started it. The user's process is started with the same user ID as that inherited from the Broker.

  • NONE
    Universal Command Server will inherit the user account of the Broker which started it. The user's process is started with the same user ID as that inherited from the Broker.

z/OS

  • DEFAULT
    Use z/OS SAF user authentication method. The user ID must have an OMVS segment.

  • INHERIT
    Universal Command Server will inherit the user account of the broker which started it. The user's process is started with the same user ID as that inherited from the Broker.

  • NONE
    Universal Command Server will inherit the user account of the broker which started it. The user's process is started with the same user ID as that inherited from the Broker.

Note

For UNIX, Windows, and z/OS: The INHERIT value replaces the NONE value. There currently are no plans to deprecate support for NONE, but new installs should use INHERIT instead of NONE.

Default Values

DEFAULT

AIX, HP-UX, Windows, z/OS

PAM

Linux, Solaris