ADMIN.SERVER

The ADMIN.SERVER command allows a system administrator to set security rules on QMNet public server definitions

The default behaviour of the SET.SERVER command is to create a server definition that may be accessed by all users of the system. There is a potential security weakness here because the slave process started on the remote system to handle the QMNet connection runs as the user name specified in the server definition, regardless of the user name of the local user accessing the remote file. Security can be improved by arranging that the user name used for the remote slave process is dependent on the user name or user group of the local user. This can be achieved by use of the ADMIN.SERVER command. Because there is no way in which QM can determine the password for a specific user, it is not possible for the remote server login to automatically using the same user name and password as the session from which QMNet is used.

Remote user: george

Local users: gsmith, dave

O/S groups :

QM groups :

--------------------------------------------------------------

Remote user: root

Local users:

O/S groups : admin

QM groups : admin

--------------------------------------------------------------

Remote user: sales

Local users: ALL

O/S groups :

QM groups :

--------------------------------------------------------------

SALES 193.118.14.97 F1=Help

Enter remote user name

The display consists of a series of four line entries with a horizontal separator. Each entry identifies the remote user name that will be used for the QMNet slave process based on criteria related to the local user accessing the QMNet file. When creating a QMNet connection, the list is scanned from the top downwards looking for the first entry that is applicable to the user.

In the above example, users logged in to the local system as gsmith or dave will connect to the remote server with user name george. Users who are members of either the operating system user group named admin or the QM user group of the same name will connect as user name root. All other users will connect as user name sales.

If the local user does not meet the conditions set by any entry in the list, connection to the server is not permitted. If a user fits the conditions for more than one entry in the list, the first one found applies.

The default action of the SET.SERVER command is to create a server definition in which the remote user is as specified in the command and the local users field is set to ALL.

To move through the entries in the displayed list, use any of the following keys:

Ctrl-N	Cursor down	Move down to next line
Ctrl-P Ctrl-Z	Cursor up	Move up to previous line
	Page down	Move down one page
	Page up	Move up one page

Ctrl-A	Home	Position the cursor at the start of the input data
Ctrl-B	Cursor left	Move the cursor left one character
Ctrl-D	Delete	Delete character under cursor
Ctrl-E	End	Position the cursor at the end of the input data
Ctrl-F	Cursor right	Move the cursor right one character
Ctrl-H	Backspace	Backspace one character
Ctrl-K		Delete all characters after the cursor
	Insert	Toggle insert/overlay mode. When overlay mode is enabled, data entered by the user replaces the character under the cursor rather than being inserted before this character.
F1		Display help text
F2		Move current entry up by one place
F3		Move current entry down by one place
F4		Import security settings from another server. A prompt box appears asking for the server name. Entry of a blank response aborts the action.

To insert a new entry, navigate to the bottom of the list and type in new data. The entry can be moved up if necessary with the F2 key.