Primary Server Configuration

Restriction: This topic applies to Windows environments only.

To configure the primary server for global security, you must update the system tables before you configure the server. You must follow these procedures in the order in which they appear because you cannot configure the primary server to use a global security location that it cannot access.

To update the system tables:

Note: When updating system tables, do not delete any seemingly empty records; these contain space characters in some columns and refer to locations controlled by your local XDB Server.
  1. From the primary XDB Server, start the XDB Server.
  2. On any client logged in to the primary XDB Server, start SQL Wizard (Windows) or Interactive SQL Utility (UNIX).
  3. Log in with an AuthID that has super user privileges, such as the INSTALL AuthID, provided with the XDB Server.
  4. From an SQL Window, set the current location to the SYSTEM location:
    SET LOCATION TO system;
  5. Issue the following SQL command to insert information about a remote server into the SYSIBM.SYSLUNAMES table:
    INSERT INTO sysibm.syslunames 
        VALUES ("remote-server","","","","","");

    where

    remote-server is the name of a remote XDB Server to be accessed.
    Note:

    If you have already set up server-to-server connectivity for the global security server, use the UPDATE command to update existing records in the SYSIBM.SYSLUNAMES table.

    In the examples used in this topic, the SQL command:

    INSERT INTO SYSIBM.SYSLUNAMES 
        VALUES ("xdbserve","","","","","");

    would have been issued on the XDB Server develop.

  6. Issue the following SQL command to insert information about the global security location into the SYSIBM.SYSLOCATIONS table:
    INSERT INTO SYSIBM.SYSLOCATIONS 
        VALUES (remote-location,"X", remote-server,link-type);

    where:

    remote-location is the name of the remote location to be accessed (unique among all locations on all servers that are used in distributed processing).
    X indicates it is an XDB Server.
    remote-server is the name of the remote server that controls the remote location.
    link-type is the communication protocol used to connect to the remote server.

    In the examples used in this topic, the SQL command:

    INSERT INTO SYSIBM.SYSLOCATIONS 
        VALUES ("sysglobal","X","xdbserve","B");

    would have been issued on the XDB Server develop.

  7. Issue the following SQL command to refresh the system:
    REFRESH LOCATIONS;
  8. Exit from SQL Wizard (Windows) or Interactive SQL Utility (UNIX).
  9. Shut down the primary XDB Server, as you need to make some changes to the server's configuration.

To configure the server:

  1. From the primary XDB Server, run the XDB Server Configuration Utility.
  2. Press F5 to access Multiuser Configuration options.
  3. Press F9 to turn on Global Security.
  4. Enter the name of the global security location. All logins to the XDB Server will be verified against the SYSXDB.SYSACFUSERS table in the location you specify. In the examples in this topic, the global security location is sysglobal.
  5. Press Enter to save the new location. Then, exit the utility.

Windows 2000

  1. From the primary XDB Server, run the XDB Server Configuration Utility.
  2. Click the Multiuser tab.
  3. Mark the Global Security checkbox.
  4. Enter the name of the global security location. All logins to the XDB Server will be verified against the SYSXDB.SYSACFUSERS table in the location you specify. In the examples in this topic, the global security location is sysglobal.
  5. Click OK.

Even though AuthIDs (usernames) and passwords are verified by a global security server, clients must have access to the tables they wish to use on the primary server. This can be done by granting the appropriate privileges to each client on the primary server. AuthIDs are created using SQL Wizard (Windows) or Interactive SQL Utility (UNIX). Privileges are granted using the SQL GRANT command from SQL Wizard (Windows) or Interactive SQL Utility (UNIX). See the chapter Security and Authority for more information on creating users and setting privileges.