Hitachi

Job Management Partner 1 Version 10 Job Management Partner 1/Automatic Job Management System 3 Configuration Guide 1

14.4.1 Setting the procedure for restricting connections to JP1/AJS3

The following describes the setting procedure for restricting connection to JP1/AJS3.

Organization of this subsection

(1) Setting the procedure

  1. Copy the model file of the connection permission configuration file to the environment settings file storage directory.

    For details about the model file and the environment settings file storage directory, see (3) The connection permission configuration file.

  2. Change the name of the copied file to the specified name.

    For details about the file names, see (3) The connection permission configuration file.

  3. Use an editor such as vi to edit the file.

    Set the IP address of the hosts that you want to permit to connect in the connection permission configuration file.

    For details about how to set the connection permission configuration file, see 14.4.2 How to set the connection permission configuration file.

  4. Change the access permission of the connection permission configuration file.

    The access permission of the model file is inherited as the permission of the storage directory. You need to change the access permission of the file so that general users will not be able to access or edit the file.

  5. Stop the JP1/AJS3 service.

    Execute the following commands to confirm that all processes have stopped:

    # /etc/opt/jp1ajs2/jajs_stop
# /opt/jp1ajs2/bin/jajs_spmd_status
# /opt/jp1ajs2/bin/ajsqlstop#
# /opt/jp1ajs2/bin/ajsqlstatus#
    #:

    This command needs to be executed only if queueless jobs are used. On the logical host, detach the logical host from the queueless agent service by using an ajsqldetach command without stopping the Service.

  6. Execute the following command to set the environment setting parameters described in (2) Environment setting parameter below: 

    jajs_config -k definition-key "parameter-name"=value

  7. Restart the services that you stopped in step 5.#

    The new settings are applied.

    #:

    If you detached the logical host from the queueless agent service in step 5,

    execute the ajsqlattach command to attach the logical host.

To Page Top

(2) Environment setting parameter

Table 14‒1: Environment setting parameter for setting whether restricting access to JP1/AJS3 is to be enabled or disabled

Definition key

Environment setting parameter

Explanation

[{JP1_DEFAULT|logical-host}\JP1AJS2COMMON]#

"CONNECTIONRESTRICTION"=

Setting for whether restricting connection is to be enabled or disabled
#:

The specification of the {JP1_DEFAULT|logical-host} part depends on whether the host is a physical host or a logical host. For a physical host, specify JP1_DEFAULT. For a logical host, specify the logical host name.

For details about the definition of this environment setting parameter, see 2.9.2(5) CONNECTIONRESTRICTION in the Job Management Partner 1/Automatic Job Management System 3 Configuration Guide 2.

Note that messages related to restricting connections are not output to the log by default. To output these messages to the log, you need to set the following environment setting parameters.

Table 14‒2: Environment setting parameter for outputting messages related to restricting connections to JP1/AJS3 to the log

Definition key

Environment setting parameter

Explanation

[{JP1_DEFAULT|logical-host}\JP1AJSMANAGER]#

"CONRESTRICTLOG"=

Setting for whether connection restriction log data is to be output to the scheduler log

"CONRESTRICTSYSLOG"=

Setting for whether connection restriction log data is to be output to the syslog
#:

The specification of the {JP1_DEFAULT|logical-host} part depends on whether the host is a physical host or a logical host. For a physical host, specify JP1_DEFAULT. For a logical host, specify the logical host name.

For details about the definition of these environment setting parameters, see the following:

To Page Top

(3) The connection permission configuration file

The following describes directorys and files related to the connection permission configuration file.

(a) The environment settings file storage directory

Store the connection permission configuration file in the following environment settings file storage directory:

For a physical host:

/etc/opt/jp1ajs2/conf/

For a logical host:

shared-directory/jp1ajs2/conf/

(b) Name of the connection permission configuration file

Specify the name of the connection permission configuration file as follows:

Manager connection permission configuration file

permitted_host_manager.conf

Agent connection permission configuration file

permitted_host_agent.conf

(c) The model file of the connection permission configuration file

The following table lists the model file of the connection permission configuration file.

Table 14‒3: The model file of the connection permission configuration file

Installed product

The model file of the manager connection permission configuration file

The model file of the agent connection permission configuration file

JP1/AJS3 - Manager

/etc/opt/jp1ajs2/conf/permitted_host_manager.conf.model

/etc/opt/jp1ajs2/conf/permitted_host_agent.conf.model

JP1/AJS3 - Agent

--

/etc/opt/jp1ajs2/conf/permitted_host_agent.conf.model
Legend:

-- : Not applicable

To Page Top

Trademarks

Copyright (C) 2012, 2014, Hitachi, Ltd.

Copyright (C) 2012, 2014, Hitachi Solutions, Ltd.