When I wrote about securing DDM files I bemoaned the lack of a WRKSVRAUTE command. While ago I stumbled across a Db2 for i View that will display a list of all the users I with DDM server authority.
This view has one of the longest names I have used to date: DRDA_AUTHENTICATION_ENTRY_INFO, and it contains the following four columns:
| Long column name | Short column name | Description |
| AUTORIZATION_NAME | USER_NAME | User profile |
| SERVER_NAME | SRVR_NAME | Target server for the authentication entry |
| SERVER_AUTHORIZATION_NAME | SRVR_USER | User profile on the target server |
| PASSWORD_STORED | PW_STORED | Is the password stored in the authentication entry? |
The SQL statement I am using to view the contents is nothing out of the ordinary.
01 SELECT * 02 FROM QSYS2.DRDA_AUTHENTICATION_ENTRY_INFO 03 ORDER BY SERVER_NAME |
OK, what do the contents of this View look like?
AUTHORIZATION_NAME SERVER_NAME SERVER_AUTHORIZATION_NAME ------------------ -------------- ------------------------- BRMSDDM QDDMDRDASERVER brmsddm QBRMS QDDMDRDASERVER brmsddm A********** QDDMSERVER GENERIC1 B********** QDDMSERVER GENERIC1 C********** QDDMSERVER GENERIC1 PASSWORD_STORED --------------- YES YES YES NO YES |
I am not going to repeat how these entries were added, as that is included in my earlier post here.
If I wanted I could take these results and present them in a subfile, then build my own WRKSVRAUTE command to call the subfile program. I am not going to show that here, but you understand the idea.
When I saw these results the question I had was: What is the difference between QDDMDRDASERVER and QDDMSERVER?
QDDMSERVER is just the server entry for DDM type communications only.
QDDMDRDASERVER using this server entry allows me to only have one entry for both DDM and DRDA types communications.
I am including a link, below, to IBM's explanation of both of these.
You can learn more about this from the IBM website:
- DRDA_AUTHENTICATION_ENTRY_INFO view
- Add QDDMDRDASERVER server authentication entry special value
- DRDA and DDM overview
This article was written for IBM i 7.4, and should work for some earlier releases too.
No comments:
Post a Comment
To prevent "comment spam" all comments are moderated.
Learn about this website's comments policy here.
Some people have reported that they cannot post a comment using certain computers and browsers. If this is you feel free to use the Contact Form to send me the comment and I will post it for you, please include the title of the post so I know which one to post the comment to.