Previous Topic Next topic Print topic


Global Security Server Configuration

Restriction: This topic applies to Windows environments only.

The global security server must be configured to contain information about all of the AuthIDs and passwords that it will verify. In the examples, the global security XDB Server is xdbserve.

Before using global security, you must first create a global security location on the global security server. This process involves renaming your SYSTEM location with the name of your global security location. In the examples, the global security location is sysglobal.

To create a global security location:

  1. From the primary XDB Server, start the XDB Server.
  2. On any client logged in to the primary XDB Server, start the SQL Wizard (Windows) or Interactive SQL (UNIX).
  3. Log in with an AuthID that has super user privileges, such as the INSTALL AuthID, provided with the XDB Server.
  4. From an SQL Window, set the current location to the SYSTEM location:
    SET LOCATION TO system;
  5. Issue the following SQL command to update the information about the global security location in the SYSIBM.SYSLOCATIONS table:
    UPDATE sysibm.syslocations 
        SET location = "global-security-location" 
          WHERE location = "system";

    In the examples used in this topic, the SQL command:

    UPDATE sysibm.syslocations 
        SET location = "sysglobal" 
          WHERE location = "system";

    would have been issued on the XDB Server xdbserve.

  6. Issue the following SQL command to update the information about the global security location in the SYSXDB.SYSLOCALS table:
    UPDATE sysxdb.syslocals 
        SET location = "global-security-location" 
          WHERE location = "system";

    In the examples used in this topic, the SQL command:

    UPDATE sysxdb.syslocals 
        SET location = "sysglobal" 
          WHERE location = "system";

    would have been issued on the XDB Server xdbserve.

  7. Exit the SQL Wizard (Windows) or Interactive SQL (UNIX).

In order to verify AuthIDs (usernames) and passwords, there must be values in the appropriate system tables, primarily SYSXDB.SYSACFUSERS, on the global security server.

AuthIDs are created using the SQL Wizard Admin menu (Windows) or the CREATE USER command in Interactive SQL (UNIX). Use this utility to enter AuthIDs and passwords for all users who will be accessing any XDB Server using this global security server.

  1. To enter AuthIDs and passwords from the global security XDB Server, start the XDB Server.
  2. On any client logged in to the global security XDB Server, start the SQL Wizard (Windows) or Interactive SQL (UNIX).
  3. Create AuthIDs and passwords for all users who will log into the primary XDB Server, and have their AuthIDs and passwords verified by the global security server.

To implement this topic's examples, create an AuthID Bob on XDBSERVE.

Previous Topic Next topic Print topic