Pathway/XM System Management Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

121

122

123

124

125

126

127

128

129

130

Managing a Pathway/XM Environment

Compaq NonStop™ Pathway/XM System Management Manual—426761-001

7-28

Configuration Tasks

Specifying Security

For Pathsend processes, there are two levels of security to consider: network-level

security and server-class security.

Network-Level Security

For Pathsend processes to access server processes, the following network conditions

must be met:

•

The LINKMON process must be able to open the well-known named PATHMON

process (to make link requests).

•

The LINKMON process must be able to open the server processes (to send user

requests).

•

The well-known named PATHMON process must be able to open the server

processes (to send startup messages).

All of these opens are performed using the user ID of the owner of the PATHMON

process. In a Pathway/XM environment, all the PATHMON processes have the same

owner, which is the user ID specified in the OWNER attribute of the PXMCFG SET

PATHWAY command; if this attribute is not specified, the default is the owner of the

PXMCOM process that issued the START PATHWAY command to start the

Pathway/XM environment. Therefore, the owner ID of the Pathway/XM environment

controlling the server class must have corresponding user IDs on—and remote

passwords with—the following systems:

•

The system where the Pathsend process is running

•

The system where the well-known named PATHMON process is running

•

The system where the server class is running

Server-Class Security

To configure servers for access by Pathsend processes, you use the SET SERVER

command to define attributes for the OWNER and SECURITY parameters. Together,

the OWNER and SECURITY parameters define whether a Pathsend process can access

a server class.

LINKMON processes perform authorization checks on each send to make sure that the

user ID of the Pathsend process at the time of the send conforms to the SERVER

OWNER and SERVER SECURITY attributes. (Note that TCPs ignore these

parameters; the parameters affect only access by Pathsend processes.)

The SERVER OWNER parameter defines the user ID that controls access to the server

class from a Pathsend process. The user ID you assign must be known to the system on

which the well-known named PATHMON process is running. In the SERVER

OWNER parameter, you define the user ID either with a system number, group number,

and user number or with a system name, group name, and user name.