Table of Contents

Search

  1. Preface
  2. Introduction to PowerExchange
  3. DBMOVER Configuration File
  4. Netport Jobs
  5. PowerExchange Message Logs and Destination Overrides
  6. SMF Statistics Logging and Reporting
  7. PowerExchange Security
  8. Secure Sockets Layer Support
  9. PowerExchange Alternative Network Security
  10. PowerExchange Nonrelational SQL
  11. PowerExchange Globalization
  12. Using the PowerExchange ODBC Drivers
  13. PowerExchange Datatypes and Conversion Matrix
  14. DTL__CAPXTIMESTAMP Time Stamps
  15. PowerExchange Glossary

Linux, UNIX, and Windows Security

Linux, UNIX, and Windows Security

Use the SECURITY statement in the dbmover.cfg configuration file on Linux, UNIX, and Windows to configure PowerExchange security.
On Linux, UNIX, and Windows, you can configure the following types of PowerExchange security:
  • PowerExchange Listener commands
    . On Windows, if you set the first parameter in the SECURITY statement to 1 and the second parameter to Y, PowerExchange uses the TASKCNTRL parameter in USER statements in the sign-on file to control access to PowerExchange Listener LISTTASK and STOPTASK commands issued through the PowerExchange Navigator. Otherwise, PowerExchange does not control access to commands issued through the PowerExchange Navigator.
  • User authentication for the pwxcmd and infacmd pwx programs
    . If you set the first parameter in the SECURITY statement to 1 or 2, PowerExchange uses operating system facilities to authenticate users of the pwxcmd and infacmd pwx programs.
    If you set the second parameter to Y to configure PowerExchange selective sign-on, PowerExchange checks operating system user IDs and passwords after successful selective sign-on checking.
  • Authorization for running pwxcmd and infacmd pwx commands
    . If you set the first parameter in the SECURITY statement to 2 and set the second parameter to Y, PowerExchange checks these user credentials against the USER and AUTHGROUP COMMANDS statements in the sign-on file the PowerExchange sign-on file to check user authority to run specific pwxcmd and infacmd pwx commands. Otherwise, authority to run these commands is not checked.
  • Selective sign-on
    . If you set the second parameter in the SECURITY statement to Y, PowerExchange uses the selective sign-on file to limit the users that connect to PowerExchange and check user authority to issue PowerExchange Listener commands from the PowerExchange Navigator. Otherwise, any user ID can connect to PowerExchange and issue PowerExchange Listener commands from the PowerExchange Navigator on Windows.
  • LDAP Authentication
    . If you set the first positional parameter in the SECURITY statement to 1 or 2 and the third positional parameter to LDAP, PowerExchange uses LDAP authentication to verify the credentials of a client that is trying to connect to PowerExchange on a Linux, UNIX, or Windows system.