Versions Compared

Old Version 7

changes.mady.by.user Aaron Fistler

Saved on

compared with

New Version 8

changes.mady.by.user Aaron Fistler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Use one of the following commands to change the TCP/IP DDM attributes for non-secured operations:

  • CHGDDMTCPA PWDRQD(*NO)

  • CHGDDMTCPA PWDRQD(*USRID)


If you are going from a secured DDM connection to a non-secured DDM connection make sure to remove the server authentication entries. Use the commands to remove server Authentication entries for each user

  • RMVSVRAUTE USRPRF(user-profile) SERVER(QDDMSERVER)

  • RMVSVRAUTE USRPRF(user-profile) SERVER(QDDMDRDASERVER)

NOTE: "QDDMSERVER" and "QDDMDRDASERVER" must be uppercase.

...

Use one of the following commands to change the TCP/IP DDM attributes for secured operations:

  • CHGDDMTCPA PWDRQD(*YES)

  • CHGDDMTCPA PWDRQD(*USRIDPWD)

Automated secure TCP/IP DDM operations are not possible if authentication passwords cannot be stored. Use the following command to change the QRETSVRSEC system value so that passwords used for authentication can be stored on the system:

CHGSYSVAL QRETSVRSEC VALUE('1')

Preferred Server Authentication support

...

Use the following command to add server authentication entries for each user who will be authorized to perform secured TCP/IP operations to the remote systems:

ADDSVRAUTE USRPRF(user-profile) SERVER(QDDMDRDASERVER) USRID(remote-system-userid) PASSWORD(remote-system-password)

NOTE: "QDDMDRDASERVER" must be uppercase.

Use the following command to add a server authentication entry for the QBRMS user profile. (This user profile is used for network synchronization. )

ADDSVRAUTE USRPRF(QBRMS) SERVER(QDDMDRDASERVER) USRID(remote-system-userid) PASSWORD(remote-system-password)

...

Use the following command to remove server authentication entries for QDDMSERVER for each user who was authorized to perform secured TCP/IP operations to the remote systems:

RMVSVRAUTE USRPRF(user-profile) SERVER(QDDMSERVER)

NOTE: "QDDMSERVER" must be uppercase.

...

Use the following command to remove the QDDMSERVER server authentication entry for the QBRMS user profile.

RMVSVRAUTE USRPRF(QBRMS) SERVER(QDDMSERVER)

NOTE: "QDDMSERVER" must be uppercase.

Use the following command to remove the BRMS DDM profile.

INZBRM OPTION(*SECUREDDM) ACTION(*REMOVE)
 

If the remote-system-userid does not have *ALLOBJ special authority then the user should have QBRMS as a group profile and special authority must be *NONE. Use the following command on the remote system to change the user's profile.

CHGUSRPRF USRPRF(remote-system-userid) GRPPRF(QBRMS)
 

In addition, the remote system user should have *USE authority to the CRTDDMF command on the current system.

A server authorization entry can be removed using the RMVSVRAUTE command or changed using the CHGSVRAUTEcommand. See the CL Reference manual for a complete description of these commands and command parameters.

NOTES:

  1. There can only be one server authorization entry for a user no matter what remote system is specified. This means that for a user to access multiple systems in the network, that user's id and password must be the same on all BRMS networked systems.

  2. Do not use user profile QBRMS for the remote system userid. Create a new user profile and specify user profile QBRMS for the Group profile (GRPPRF) parameter of the remote system user profile. Use this new remote system userid for the User ID (USRID) parameter of the Add Server Authentication Entry (ADDSVRAUTE) command.

Step 3: Configure the TCP/IP DDM Server Automatic Restart

Use the following command to change the TCP/IP DDM server attributes if you want the server automatically started when TCP/IP is started:

CHGDDMTCPA AUTOSTART(*YES)

Step 4: Starting and Ending the DDM Server

Use the following command to end the TCP/IP DDM server if you changed any of the attributes:

ENDTCPSVR SERVER(*DDM)

Use the following command to start the TCP/IP DDM server:

STRTCPSVR SERVER(*DDM)

Step 5: Enable BRMS to use TCP/IP

Take the following action to enable BRMS to use TCP/IP

  1. WRKPCYBRM TYPE(*SYS)

  2. Select option 4 to Change network group

  3. Enter *YES in Enable for TCP/IP and press Enter.

Step 6: Setup BRMS network.

Refer to the the BRMS User Guide, Chapter 14 Networking with BRMS (or the IBM i Knowledge Center page Networking with BRMS) for  for instructions on how to set up a BRMS network. 

...

NOTE: Skip Step 7 if using the the Preferred Server Authentication support  support with QDDMDRDASERVER.

You can use the following BRMS command on one of the systems in the BRMS network to set the user profile and password to use for remote server secure DDM connections to all the systems in the BRMS network. To set the user profile:

...