Versions Compared

Old Version 8

changes.mady.by.user Aaron Fistler

Saved on

compared with

New Version Current

changes.mady.by.user Aaron Fistler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Perform the following steps to enable a BRMS networked system for TCP/IP operations.

BRMS network communications requires TCP/IP communications and relational database (RDB) entries for all of its network operations
which must be configured by your site security administrator. BRMS does not set up communication or create the necessary system
configurations. BRMS expects that the communication setup has been done by the site security administrator.

Step 1: Check TCP/IP

Use the following command to verify TCP/IP is running on each of the systems in the BRMS network:

...

You need to determine whether you intend to use secured or non-secured DDM connections to the remote systems in the BRMS network. In order to use a non-secured DDM connection, the user id must exist on the remote system, although the user's password will not be validated. To use a secured DDM connection the user id and password must be the same on both the local and remote systems. You may want to review this setup with your site security administrator before taking specific actions.

...

Use one of the following commands to change the TCP/IP DDM attributes for non-secured operations:

  • CHGDDMTCPA PWDRQD(*NO)

  • CHGDDMTCPA PWDRQD(*USRID)

If you are going from a secured DDM connection to a non-secured DDM connection make sure to remove the server authentication entries. Use the commands to remove server Authentication entries for each user

  • RMVSVRAUTE USRPRF(user-profile) SERVER(QDDMSERVER)

  • RMVSVRAUTE USRPRF(user-profile) SERVER(QDDMDRDASERVER)

NOTE: "QDDMSERVER" and "QDDMDRDASERVER" must be uppercase.

Go to step 3.

BRMS strongly encourages the use of Secured DDM connections and implementing passwords for the Relational Database Directory Entries used for DB2 for i call level interface (CLI) communications.

For Secured DDM connection

Use one of the following commands to change the TCP/IP DDM attributes for secured operations:

...

A server authorization entry can be removed using the RMVSVRAUTE command or changed using the CHGSVRAUTEcommand. See the CL Reference manual for a complete description of these commands and command parameters.

NOTES:

  1. There can only be one server authorization entry for a user no matter what remote system is specified. This means that for a user to access multiple systems in the network, that user's id and password must be the same on all BRMS networked systems.

  2. Do not use user profile QBRMS for the remote system userid. Create a new user profile and specify user profile QBRMS for the Group profile (GRPPRF) parameter of the remote system user profile. Use this new remote system userid for the User ID (USRID) parameter of the Add Server Authentication Entry (ADDSVRAUTE) command.

Go to step 3.

For Non-secured DDM connections

Use one of the following commands to change the TCP/IP DDM attributes for non-secured operations:

  • CHGDDMTCPA PWDRQD(*NO)

  • CHGDDMTCPA PWDRQD(*USRID)

If you are going from a secured DDM connection to a non-secured DDM connection make sure to remove the server authentication entries. Use the commands to remove server Authentication entries for each user

  • RMVSVRAUTE USRPRF(user-profile) SERVER(QDDMSERVER)

  • RMVSVRAUTE USRPRF(user-profile) SERVER(QDDMDRDASERVER)

NOTE: "QDDMSERVER" and "QDDMDRDASERVER" must be uppercase.

Step 3: Configure the TCP/IP DDM Server Automatic Restart

...

Take the following action to enable BRMS to use TCP/IP

  1. WRKPCYBRM TYPE(*SYS)

  2. Select option 4 to Change network group

  3. Enter *YES in Enable for TCP/IP and press Enter.

Step 6: Setup BRMS network.

Refer to the BRMS User Guide, Chapter 14 Networking with BRMS (or the IBM i Knowledge Center page Networking with BRMS) for instructions on how to set up a BRMS network. 

Step 7: Set up a secure DDM profile for BRMS to use.

Info

Starting with PTFs SI80271 (7.3), SI80272 (7.4) and SI80273 (7.5) Step 7 is no longer available. The INZBRM OPTION(*SECUREDDM) option has been disabled. The Preferred Server Authentication support with QDDMDRDASERVER in Step 2 must be used for secure DDM connection.

NOTE: Skip Step 7 if using the Preferred Server Authentication support with QDDMDRDASERVER.

You can use the following BRMS command on one of the systems in the BRMS network to set the user profile and password to use for remote server secure DDM connections to all the systems in the BRMS network. To set the user profile:

INZBRM OPTION(*SECUREDDM) ACTION(*SET) USER(xxxxx) PASSWORD()

Note: The INZBRM OPTION(*SECUREDDM) command requires *SECADM special authority. It is recommended that the user profile entered on the ACTION(*SET) be the same user profile that was entered for the QDDMSERVER server authentication entry for the QBRMS user profile in Step 2 instructions For secure DDM connection. The user profile and password must exist and be the same on the local and remote systems.