ibm-information-center/dist/eclipse/plugins/i5OS.ic.ddm_5.4.0.1/rbae5connauth.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="reference" />
<meta name="DC.Title" content="DDM connection authorization failure" />
<meta name="abstract" content="The error messages given for an authorization failure is CPF9190." />
<meta name="description" content="The error messages given for an authorization failure is CPF9190." />
<meta name="DC.Relation" scheme="URI" content="rbae5failures.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1999, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1999, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rbae5connauth" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>DDM connection authorization failure</title>
</head>
<body id="rbae5connauth"><a name="rbae5connauth"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">DDM connection authorization failure</h1>
<div><p>The error messages given for an authorization failure is CPF9190.</p>
<div class="section"><p>The message text is:</p>
<pre>Authorization failure on DDM TCP/IP connection attempt.</pre>
<p>The
cause section of the message gives a reason code and a list of meanings for
the possible reason codes. Reason code 17 means that there was an unsupported
security mechanism (SECMEC).</p>
</div>
<div class="section"><p>Prior to V4R5, there were two SECMECs implemented by <span class="keyword">DB2<sup>®</sup> UDB for iSeries™</span> that an <span class="keyword">iSeries</span> application
requester could use: user ID only and user ID with password. In V4R5, support
was added for the encrypted password security mechanism. However, the encrypted
password will be sent only if a password is available at the time the connection
is initiated.</p>
</div>
<div class="section"><p>The default required SECMEC for an <span class="keyword">iSeries server</span> is
user ID with password. If the source server sends only a user ID to a server
with the default SECMEC, the above error message with reason code 17 is given.</p>
</div>
<div class="section"><p>Solutions for the unsupported SECMEC failure are: </p>
</div>
<div class="section"> <ol><li>To allow the user ID only SECMEC at the server by running
the <span class="cmdname">CHGDDMTCPA PWDRQD (*NO)</span> command</li>
<li>To send at least a clear-text password on the connect request if PWDRQD
(*YES) is in effect at the server</li>
<li>To send an encrypted password if PWDRQD (*ENCRYPTED) is in effect at the
server</li>
</ol>
</div>
<div class="section"><p>A password can be sent by using the <span class="cmdname">ADDSVRAUTE</span> command
to add the remote user ID and password in a server authorization entry for
the user profile under which the connection attempt is to be made. </p>
</div>
<div class="section"><p>An attempt will automatically be made to send the password encrypted
in V4R5 and later systems. Note that pre-V4R5 <span class="keyword">iSeries server</span>s
cannot send encrypted passwords, nor can they decrypt encrypted passwords
of the type sent by V4R5 <span class="keyword">iSeries server</span>s.</p>
</div>
<div class="section"><p>Note that you have to have system value QRETSVRSEC (Retain Server
Security Data) set to '1' to be able to store the remote password in the server
authorization entry.</p>
</div>
<div class="section"> <div class="attention"><span class="attentiontitle">Attention:</span> <img src="./delta.gif" alt="Start of change" />For non-RDB DDM files, you
must enter the RDB name of QDDMSERVER on the <span class="cmdname">ADDSVRAUTE</span> command
in uppercase for use with DDM or the name will not be recognized during connect
processing, and the information in the authorization entry will not be used.<img src="./deltaend.gif" alt="End of change" /></div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rbae5failures.htm" title="The main causes for failed connection requests at a server configured for TCP/IP use is that the DDM TCP/IP server is not started, an authorization error occurred, or the machine is not running.">Handle connection request failures for TCP/IP</a></div>
</div>
</div>
</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<?xml version="1.0" encoding="UTF-8"?>`
			`<!DOCTYPE html`
			`PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html lang="en-us" xml:lang="en-us">`
			`<head>`
			`<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />`
			`<meta name="security" content="public" />`
			`<meta name="Robots" content="index,follow" />`
			`<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />`
			`<meta name="DC.Type" content="reference" />`
			`<meta name="DC.Title" content="DDM connection authorization failure" />`
			`<meta name="abstract" content="The error messages given for an authorization failure is CPF9190." />`
			`<meta name="description" content="The error messages given for an authorization failure is CPF9190." />`
			`<meta name="DC.Relation" scheme="URI" content="rbae5failures.htm" />`
			`<meta name="copyright" content="(C) Copyright IBM Corporation 1999, 2006" />`
			`<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1999, 2006" />`
			`<meta name="DC.Format" content="XHTML" />`
			`<meta name="DC.Identifier" content="rbae5connauth" />`
			`<meta name="DC.Language" content="en-us" />`
			`<!-- All rights reserved. Licensed Materials Property of IBM -->`
			`<!-- US Government Users Restricted Rights -->`
			`<!-- Use, duplication or disclosure restricted by -->`
			`<!-- GSA ADP Schedule Contract with IBM Corp. -->`
			`<link rel="stylesheet" type="text/css" href="./ibmdita.css" />`
			`<link rel="stylesheet" type="text/css" href="./ic.css" />`
			`<title>DDM connection authorization failure</title>`
			`</head>`
			`<body id="rbae5connauth"><a name="rbae5connauth"><!-- --></a>`
			`<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>`
			`<h1 class="topictitle1">DDM connection authorization failure</h1>`
			`<div><p>The error messages given for an authorization failure is CPF9190.</p>`
			`<div class="section"><p>The message text is:</p>`
			`<pre>Authorization failure on DDM TCP/IP connection attempt.</pre>`
			`<p>The`
			`cause section of the message gives a reason code and a list of meanings for`
			`the possible reason codes. Reason code 17 means that there was an unsupported`
			`security mechanism (SECMEC).</p>`
			`</div>`
			`<div class="section"><p>Prior to V4R5, there were two SECMECs implemented by <span class="keyword">DB2<sup>®</sup> UDB for iSeries™</span> that an <span class="keyword">iSeries</span> application`
			`requester could use: user ID only and user ID with password. In V4R5, support`
			`was added for the encrypted password security mechanism. However, the encrypted`
			`password will be sent only if a password is available at the time the connection`
			`is initiated.</p>`
			`</div>`
			`<div class="section"><p>The default required SECMEC for an <span class="keyword">iSeries server</span> is`
			`user ID with password. If the source server sends only a user ID to a server`
			`with the default SECMEC, the above error message with reason code 17 is given.</p>`
			`</div>`
			`<div class="section"><p>Solutions for the unsupported SECMEC failure are: </p>`
			`</div>`
			`<div class="section"> <ol><li>To allow the user ID only SECMEC at the server by running`
			`the <span class="cmdname">CHGDDMTCPA PWDRQD (*NO)</span> command</li>`
			`<li>To send at least a clear-text password on the connect request if PWDRQD`
			`(*YES) is in effect at the server</li>`
			`<li>To send an encrypted password if PWDRQD (*ENCRYPTED) is in effect at the`
			`server</li>`
			`</ol>`
			`</div>`
			`<div class="section"><p>A password can be sent by using the <span class="cmdname">ADDSVRAUTE</span> command`
			`to add the remote user ID and password in a server authorization entry for`
			`the user profile under which the connection attempt is to be made. </p>`
			`</div>`
			`<div class="section"><p>An attempt will automatically be made to send the password encrypted`
			`in V4R5 and later systems. Note that pre-V4R5 <span class="keyword">iSeries server</span>s`
			`cannot send encrypted passwords, nor can they decrypt encrypted passwords`
			`of the type sent by V4R5 <span class="keyword">iSeries server</span>s.</p>`
			`</div>`
			`<div class="section"><p>Note that you have to have system value QRETSVRSEC (Retain Server`
			`Security Data) set to '1' to be able to store the remote password in the server`
			`authorization entry.</p>`
			`</div>`
			`<div class="section"> <div class="attention"><span class="attentiontitle">Attention:</span> <img src="./delta.gif" alt="Start of change" />For non-RDB DDM files, you`
			`must enter the RDB name of QDDMSERVER on the <span class="cmdname">ADDSVRAUTE</span> command`
			`in uppercase for use with DDM or the name will not be recognized during connect`
			`processing, and the information in the authorization entry will not be used.<img src="./deltaend.gif" alt="End of change" /></div>`
			`</div>`
			`</div>`
			`<div>`
			`<div class="familylinks">`
			`<div class="parentlink"><strong>Parent topic:</strong> <a href="rbae5failures.htm" title="The main causes for failed connection requests at a server configured for TCP/IP use is that the DDM TCP/IP server is not started, an authorization error occurred, or the machine is not running.">Handle connection request failures for TCP/IP</a></div>`
			`</div>`
			`</div>`
			`</body>`
			`</html>`