Table of Contents

Search

  1. Preface
  2. Introduction to PowerExchange
  3. DBMOVER Configuration File
  4. Netport Jobs
  5. PowerExchange Message Logs and Destination Overrides
  6. SMF Statistics Logging
  7. PowerExchange Security
  8. Secure Sockets Layer Support
  9. PowerExchange Alternative Network Security
  10. PowerExchange Nonrelational SQL
  11. PowerExchange Globalization
  12. Using the PowerExchange ODBC Drivers
  13. PowerExchange Datatypes and Conversion Matrix
  14. DTL__CAPXTIMESTAMP Time Stamps
  15. PowerExchange Glossary

i5/OS Security

i5/OS Security

Use the SECURITY statement in the DBMOVER configuration file on i5/OS to configure PowerExchange security.
You can configure the following types of PowerExchange security on i5/OS:
  • User authentication
    . If you specify 1 or 2 in the first parameter of the SECURITY statement, PowerExchange uses a valid operating system use ID and password to authenticate users to connect to and use PowerExchange. Instead of a password, you can specify a valid PowerExchange passphrase for i5/OS. For information about passphrases, see PowerExchange Passphrases. If you also configure PowerExchange selective sign-on, PowerExchange checks operating system user IDs and passwords or passphrases after successful selective sign-on checking.
  • Resource access
    . If you specify 2 in the first parameter of SECURITY statement, PowerExchange uses connection user IDs to authorize access to any resources that PowerExchange uses. Otherwise, resource access is controlled by the user ID under which PowerExchange jobs and tasks execute.
  • PowerExchange Listener commands
    . If you specify 2 in the first parameter of SECURITY statement, PowerExchange uses security objects to control user access to PowerExchange Listener LISTTASK and STOPTASK commands issued through the iSeries SNDLSTCMD interface, the PowerExchange Navigator, or the DTLUTSK utility. Otherwise, PowerExchange does not control commands issued through the iSeries SNDLSTCMD interface, the PowerExchange Navigator, or the DTLUTSK utility.
  • User authentication for the pwxcmd program
    . If you specify 1 or 2 in the first parameter of the SECURITY statement, PowerExchange uses operating system facilities to authenticate users of the pwxcmd program. If you also configure PowerExchange selective sign-on, PowerExchange checks operating system user IDs and passwords after successful selective sign-on checking.
  • Authorization for running pwxcmd commands
    . If you specify 2 in the first parameter of the SECURITY statement on the machine that is the target of a command, PowerExchange checks security objects in the PowerExchange data library to determine whether the user ID supplied on the pwxcmd program is authorized to run commands. Otherwise, authority to run pwxcmd commands is not checked.
  • Selective sign-on
    . If you specify Y in the second parameter of the SECURITY statement, PowerExchange uses the selective sign-on file to limit the users that connect to PowerExchange. Otherwise, any operating system user ID can connect to PowerExchange.