4.4.1 Setting the procedure for restricting connections to JP1/AJS3
The following describes the setting procedure for restricting connection to JP1/AJS3.
- Organization of this subsection
(1) Setting the procedure
-
Copy the model file of the connection permission configuration file to the environment settings file storage folder.
For details about the model file and the environment settings file storage folder, see (3) The connection permission configuration file.
-
Change the name of the copied file to the specified name.
For details about the file names, see (3) The connection permission configuration file.
-
Use a text editor such as Notepad to edit the file.
Set the IP address of the hosts that you want to permit to connect in the connection permission configuration file.
For details about how to set the connection permission configuration file, see 4.4.2 How to set the connection permission configuration file.
-
Change the access permission of the connection permission configuration file.
The access permission of the model file is inherited as the permission of the storage folder. You need to change the access permission of the file so that general users will not be able to access or edit the file.
-
In Windows Control Panel, open the Services administrative tool, and stop the following service:
-
JP1/AJS3 service
-
JP1/AJS3 Queueless Agent service#
On the logical host, stop the JP1/AJS3 Queueless Agent service or detach the logical host.
- #:
-
This operation needs to be executed only if queueless jobs are used.
On the logical host, detach the logical host from the queueless agent service by using an ajsqldetach command or another method, without stopping the Service.
-
-
Execute the following command to set the environment setting parameters described in (2) Environment setting parameter below:
jajs_config -k definition-key "parameter-name"=value
-
Restart the services that you stopped in step 5. #
The new settings are applied.
- #:
-
If you detached the logical host from the queueless agent service in step 5, execute the ajsqlattach command to attach the logical host.
(2) Environment setting parameter
Definition key |
Environment setting parameter |
Explanation |
---|---|---|
[{JP1_DEFAULT|logical-host}\JP1AJS2COMMON]# |
"CONNECTIONRESTRICTION"= |
Setting for whether restricting connection is to be enabled or disabled |
- #:
-
The specification of the {JP1_DEFAULT|logical-host} part depends on whether the host is a physical host or a logical host. For a physical host, specify JP1_DEFAULT. For a logical host, specify the logical host name.
For details about the definition of this environment setting parameter, see 2.9.2(5) CONNECTIONRESTRICTION in the Job Management Partner 1/Automatic Job Management System 3 Configuration Guide 2.
Note that messages related to restricting connections are not output to the log by default. To output these messages to the log, you need to set the following environment setting parameters.
Definition key |
Environment setting parameter |
Explanation |
---|---|---|
[{JP1_DEFAULT|logical-host}\JP1AJSMANAGER]# |
"CONRESTRICTLOG"= |
Setting for whether connection restriction log data is to be output to the scheduler log |
"CONRESTRICTSYSLOG"= |
Setting for whether connection restriction log data is to be output to the Windows event log |
- #:
-
The specification of the {JP1_DEFAULT|logical-host} part depends on whether the host is a physical host or a logical host. For a physical host, specify JP1_DEFAULT. For a logical host, specify the logical host name.
For details about the definition of these environment setting parameters, see the following:
-
2.2.2(20) CONRESTRICTLOG in the Job Management Partner 1/Automatic Job Management System 3 Configuration Guide 2
-
2.2.2(21) CONRESTRICTSYSLOG in the Job Management Partner 1/Automatic Job Management System 3 Configuration Guide 2
(3) The connection permission configuration file
The following describes folders and files related to the connection permission configuration file.
(a) The environment settings file storage folder
Store the connection permission configuration file in the following environment settings file storage folder:
- For a physical host:
-
-
JP1/AJS3 - Manager
JP1/AJS3 - Manager-installation-folder\conf
-
JP1/AJS3 - Agent
JP1/AJS3 - Agent-installation-folder\conf
-
- For a logical host:
-
shared-folder\jp1ajs2\conf
(b) Name of the connection permission configuration file
Specify the name of the connection permission configuration file as follows:
- Manager connection permission configuration file
-
permitted_host_manager.conf
- Agent connection permission configuration file
-
permitted_host_agent.conf
(c) The model file of the connection permission configuration file
The following table lists the model file of the connection permission configuration file.
Installed product |
The model file of the manager connection permission configuration file |
The model file of the agent connection permission configuration file |
---|---|---|
JP1/AJS3 - Manager |
JP1/AJS3 - Manager-installation-folder\conf\permitted_host_manager.conf.model |
JP1/AJS3 - Manager-installation-folder\conf\permitted_host_agent.conf.model |
JP1/AJS3 - Agent |
-- |
JP1/AJS3 - Agent-installation-folder\conf\permitted_host_agent.conf.model |