Connect Direct For Microsoft Windows 4.7 Documentation

Download as pdf or txt
Download as pdf or txt
You are on page 1of 324

Sterling Connect:Direct for Microsoft Windows 4.

7 IBM

Documentation
Version 4.7
Sterling Connect:Direct for Microsoft Windows 4.7 IBM

Documentation
Version 4.7
This edition applies to Version 5 Release 2 of IBM Sterling Connect:Direct and to all subsequent releases and
modifications until otherwise indicated in new editions.
© Copyright IBM Corporation 1982, 2016.
US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract
with IBM Corp.
Contents
Chapter 1. Connect:Direct for Microsoft Installation Overview . . . . . . . . . . 28
Windows Release Notes. . . . . . . . 1 Automate Installation . . . . . . . . . . . 37
Requirements . . . . . . . . . . . . . . 1 About Silent Installations . . . . . . . . . 37
Features and Enhancements . . . . . . . . . 3 Customize Initialization Information for a Silent
Special Considerations . . . . . . . . . . . 6 Installation . . . . . . . . . . . . . 38
Known Restrictions . . . . . . . . . . . . 6 CD_SRVR.INI Parameter Values . . . . . . 38
Restrictions for Sterling Connect:Direct for Customize Sterling Connect:Direct for Microsoft
Microsoft Windows . . . . . . . . . . . 6 Windows Configuration Information . . . . . 42
Restrictions for Related Software. . . . . . . 8 Run a Silent Installation . . . . . . . . . 42
Installation Notes . . . . . . . . . . . . . 9 Perform an Unattended Uninstallation . . . . 43
Installation Notes for Sterling Connect:Direct
Requester . . . . . . . . . . . . . . 9 Chapter 3. System Guide . . . . . . . 45
Installation Notes for Sterling Connect:Direct File Configure the Local Node . . . . . . . . . 45
Agent. . . . . . . . . . . . . . . . 9 Configuring the Sterling Connect:Direct Local
Sterling Connect:Direct Secure Plus for Microsoft Node . . . . . . . . . . . . . . . 45
Windows . . . . . . . . . . . . . . 10 Adding or Modifying a Local Node Definition . 45
Upgrading Guidelines . . . . . . . . . . . 10 Adding a User . . . . . . . . . . . . 46
Upgrading Guidelines for Sterling Connect:Direct Modifying a User ID . . . . . . . . . . 46
for Microsoft Windows . . . . . . . . . 10 Deleting a User . . . . . . . . . . . . 47
Upgrading Guidelines for Related Software. . . 11 Attaching to a Local Node . . . . . . . . 47
About Local Functional Authorities . . . . . 47
Chapter 2. Getting Started Guide . . . 13 Define Remote User Proxies . . . . . . . . 53
Prepare for the Installation of IBM Sterling Creating or Modifying a Remote User Proxy . . 54
Connect:Direct for Microsoft Windows . . . . . 13 Deleting a Remote User Proxy . . . . . . . 55
Requirements for Copying Files To and From Define and Manage the Sterling Connect:Direct
Network Servers. . . . . . . . . . . . 13 Network . . . . . . . . . . . . . . . 55
Configure Microsoft Windows User Privileges . . 14 Define and Manage the Sterling Connect:Direct
Customize a Sterling Connect:Direct Logon Network . . . . . . . . . . . . . . 55
Account . . . . . . . . . . . . . . 14 About Defining the Network Map . . . . . . 56
Configure TCP/IP Connectivity . . . . . . 15 Define Remote Node Information . . . . . . 56
Sterling Connect:Direct for Microsoft Windows Creating or Modifying a Remote Node Definition 57
Installation Worksheet . . . . . . . . . . 15 Creating or Modifying a Communications Path
Install and Configure Database Software. . . . 16 Definition . . . . . . . . . . . . . . 63
Automate the Sterling Connect:Direct for Defining a New Mode for a Communications
Microsoft Windows Installation . . . . . . . 16 Path . . . . . . . . . . . . . . . . 65
Configure SNA Connectivity. . . . . . . . 17 Deleting a Network Map Entry . . . . . . . 66
SNA Configuration Worksheet . . . . . . . 17 Validating a Network Map Entry . . . . . . 67
Sample Sterling Connect:Direct for z/OS Viewing a Network Map as Text . . . . . . 67
Network Map Entries . . . . . . . . . . 18 Applying a Network Map . . . . . . . . 67
XCA Token Ring: Switched Net Definitions . . . 19 Printing and Viewing Node and Network Map
XCA Token Ring: Independent LU Definition . . 20 Definitions. . . . . . . . . . . . . . 68
XCA Token Ring: Major Node Definition . . . 21 View the Sample Configuration Files . . . . . 68
Sample Sterling Connect:Direct APPLDEF . . . 21 Customizing Configuration Files . . . . . . 69
Sample Sterling Connect:Direct MODEENTS Adding an Encrypted Password for a User Proxy 69
(Mode Definitions) . . . . . . . . . . . 21 Validating Configuration Files for Use with
Sample VTAM Start Options (ATCSTRxx) . . . 22 Sterling Connect:Direct . . . . . . . . . 70
z/OS Network Map Example for VTAM. . . . 23 Applying Updated Configuration Information . . 70
Microsoft Windows Network Map Example . . 23 Stop Sterling Connect:Direct for Microsoft Windows 71
Access SNA Server Configuration Listing . . . 24 Stopping Sterling Connect:Direct for Microsoft
Access Communications Server Configuration Windows . . . . . . . . . . . . . . 71
Listing . . . . . . . . . . . . . . . 27 Stopping Sterling Connect:Direct for Microsoft
SNA Server/Host Configuration Worksheet . . 27 Windows from Sterling Connect:Direct Requester. 71
Installing in a Windows clustered environment . . 28 Stopping Sterling Connect:Direct for Microsoft
Install Sterling Connect:Direct for Microsoft Windows Using the Services Facility . . . . . 72
Windows . . . . . . . . . . . . . . . 28

© Copyright IBM Corp. 1982, 2016 iii


Stopping Sterling Connect:Direct for Microsoft Manage a Sterling Connect:Direct Server . . . . 114
Windows Using the CLI . . . . . . . . . 72 Manage a Sterling Connect:Direct Server . . . 114
Stopping Sterling Connect:Direct for Microsoft Starting the Admin Tool Utility . . . . . . 114
Windows from the Admin Tool Utility . . . . 72 About the Toolbar . . . . . . . . . . . 114
Create a Process . . . . . . . . . . . . . 73 Starting and Stopping a Sterling Connect:Direct
About Processes . . . . . . . . . . . . 73 Server . . . . . . . . . . . . . . . 114
Establishing Preferences . . . . . . . . . 73 Configuring a Sterling Connect:Direct Server 115
Creating a Process . . . . . . . . . . . 76 Work with Active Directory. . . . . . . . 119
Commands and Statements . . . . . . . . 77 Adding an Active Directory Entry . . . . . 119
Process or Command Options . . . . . . . 83 Deleting an Active Directory Entry . . . . . 119
Setting Security Options . . . . . . . . . 84 Creating an Active Directory Report . . . . . 119
Setting Control Functions for a Command or Troubleshoot Sterling Connect:Direct . . . . . 120
Process . . . . . . . . . . . . . . . 84 Diagnose a Server Problem Using Traces . . . 120
Assigning Values to Symbolic Variables . . . . 85 Defining a Trace . . . . . . . . . . . 120
Specifying Accounting Data . . . . . . . . 87 Stopping a Trace . . . . . . . . . . . 121
Add Comments . . . . . . . . . . . . 87 Trace Startup Parameters . . . . . . . . 122
Validating Process Content . . . . . . . . 87 Recover from a Problem . . . . . . . . . 124
Saving a Process . . . . . . . . . . . . 88 Process Step Restart . . . . . . . . . . 124
Copying a Process . . . . . . . . . . . 88 Automatic Session Retry. . . . . . . . . 124
Changing a Submitted Process . . . . . . . 88 Checkpoint/Restart . . . . . . . . . . 125
Manage Processes Using a Work List . . . . . 89 Restart During Run Task Operations . . . . 125
Manage Processes . . . . . . . . . . . . 92 Troubleshoot Sterling Connect:Direct Problems 126
SMTP Notification . . . . . . . . . . . 92 Worksheets . . . . . . . . . . . . . . 126
Manage Processes . . . . . . . . . . . 93 Network Map Communications Mode Object
Understanding the TCQ . . . . . . . . . 93 Worksheet . . . . . . . . . . . . . 126
TCQ Logical Queues . . . . . . . . . . 93 Network Map Communications Path Object
View Processes in the TCQ . . . . . . . . 96 Worksheet . . . . . . . . . . . . . 127
Creating a Process Monitor . . . . . . . . 96 Network Map Remote Node Object Worksheet 128
Monitoring Processes Based on Selection Criteria 96 User Functional Authorization Worksheet . . . 129
Opening a Process Monitor File . . . . . . 98 Remote User Proxy Worksheet. . . . . . . 130
Saving a Process Monitor . . . . . . . . . 98 Change Sterling Connect:Direct Settings . . . . 131
The Process Monitor Output. . . . . . . . 98 Change Sterling Connect:Direct for Microsoft
Using the Output Display . . . . . . . . 100 Windows Settings . . . . . . . . . . . 131
Notification . . . . . . . . . . . . . 100 Sample Initialization Parameters Format . . . 132
NT Broadcast . . . . . . . . . . . . 100 Changing Initialization Parameters . . . . . 134
Changing Process Notification . . . . . . . 101 Specify an IP Address . . . . . . . . . . 147
View Process Statistics . . . . . . . . . 101 Specify IP Addresses, Host Names, and Ports 147
The Statistics Monitor Window . . . . . . 102 Submit a Process Using the Command Line
Delete Statistics Records . . . . . . . . . 103 Interface . . . . . . . . . . . . . . . 150
Control Statistics File Content . . . . . . . 103 Submit Processes Using the CLI Command . . 150
Creating a Statistics Report . . . . . . . . 103 Creating a Configuration File to Connect to a
Selecting Statistics Based on Process Name or Server . . . . . . . . . . . . . . . 150
Number . . . . . . . . . . . . . . 104 Invoke the CLI . . . . . . . . . . . . 151
Statistics Report Output . . . . . . . . . 106 Terminating the CLI . . . . . . . . . . 152
Understand the Microsoft Windows Event CLI Commands . . . . . . . . . . . 152
Logging Facility . . . . . . . . . . . 107 Command Syntax . . . . . . . . . . . 153
Control Event Log Content . . . . . . . . 108 Piping Conventions . . . . . . . . . . 153
Filter the Event Log . . . . . . . . . . 108 Submit Process Command . . . . . . . . 154
Viewing Messages . . . . . . . . . . . 109 Change Process Command . . . . . . . . 158
Send Messages to an SNMP Management Delete Process Command . . . . . . . . 159
System . . . . . . . . . . . . . . 109 Select Process Command . . . . . . . . 161
Identify the Trap Variables . . . . . . . . 110 Select Message Command . . . . . . . . 164
Initialization Events . . . . . . . . . . 111 Select Statistics Command . . . . . . . . 164
Shutdown Events . . . . . . . . . . . 111 Traceoff Command . . . . . . . . . . 173
API Events . . . . . . . . . . . . . 111 Traceon Command . . . . . . . . . . 174
Execution Events . . . . . . . . . . . 112 Help Command . . . . . . . . . . . 176
Miscellaneous Events . . . . . . . . . . 112 Stop Sterling Connect:Direct . . . . . . . 177
Use the Activity Log . . . . . . . . . . 113 Modify Translation Tables . . . . . . . . . 178
Opening an Activity Log . . . . . . . . 113 Translation Tables . . . . . . . . . . . 178
Saving an Activity Log . . . . . . . . . 113 Modify a Translation Table Using Sterling
Type Events . . . . . . . . . . . . . 113 Connect:Direct Requester . . . . . . . . 178

iv Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Edit Connection Settings . . . . . . . . . 179 Configure Sterling Connect:Direct Secure Plus
About the Client Connection Utility . . . . . 179 Remote Node Record . . . . . . . . . . 215
Start the Client Connection Utility . . . . . 179 Validate the Configuration . . . . . . . . 218
Add a Node . . . . . . . . . . . . . 180 Enable or Disable External Authentication for a
Deleting a Node . . . . . . . . . . . 180 Remote Node . . . . . . . . . . . . 218
Adding a User with Client Connection Utility 180 Configure External Authentication in the
Deleting a User with the Client Connection .SEAServer Record . . . . . . . . . . 219
Utility . . . . . . . . . . . . . . . 181 Automate Setup Using the CLI . . . . . . . 219
Updating a Node or User . . . . . . . . 181 Start and Set Up the Sterling Connect:Direct
Defining a Default Node or User . . . . . . 182 Secure Plus CLI . . . . . . . . . . . 219
Importing Registry Settings. . . . . . . . 182 Use LCU Files to Encrypt Passwords for Use
Exporting Registry Settings . . . . . . . . 182 with the Sterling Connect:Direct Secure Plus CLI 220
Printing Registry Settings . . . . . . . . 183 Sample Scripts . . . . . . . . . . . . 220
Use Sterling Connect:Direct for Microsoft Windows Manage the Parameters File . . . . . . . 221
in a Test Mode . . . . . . . . . . . . . 183 Manage CMS Keystore . . . . . . . . . 223
Use Sterling Connect:Direct in Test Mode . . . 183 Update the .Local Node Record . . . . . . 224
Preparing the NDMPXTBL Parameter Table . . 185 Manage Remote Node Records . . . . . . 225
Sample Test Scenarios . . . . . . . . . 186 Update the .Client Node Record . . . . . . 228
Manage the Sterling External Authentication
Chapter 4. Using FASP with IBM ServerRecord . . . . . . . . . . . . 229
Aspera High-Speed Add-on for Maintain the .Password File (Strong Password
Encryption) . . . . . . . . . . . . . 230
Sterling Connect:Direct for Microsoft Maintain Sterling Connect:Direct Secure Plus . . . 230
Windows (V4.7.0.4 or later) . . . . . 189 Sterling Connect:Direct Secure Plus Node List 230
Activating FASP . . . . . . . . . . . . 189 View Sterling Connect:Direct Secure Plus
Licensed bandwidth for FASP transactions . . . 190 Parameters File Information . . . . . . . 231
Using Sterling Connect:Direct for Microsoft View Sterling Connect:Direct Secure Plus Node
Windows with IBM Aspera High-Speed Add-on Record Change History . . . . . . . . . 232
and Sterling Secure Proxy . . . . . . . . . 190 Disable Sterling Connect:Direct Secure Plus . . 232
Configuring FASP . . . . . . . . . . . . 191 Delete a Sterling Connect:Direct Secure Plus
FASP Process Language . . . . . . . . . . 195 Remote Node Record . . . . . . . . . . 232
FASP Messages . . . . . . . . . . . . . 197 Resecure Sterling Connect:Direct Secure Plus
Monitoring FASP transactions . . . . . . . . 198 Parameters and Access Files . . . . . . . 233
Known Limitations . . . . . . . . . . . 198 View Statistics . . . . . . . . . . . . . 233
View Statistics . . . . . . . . . . . . 233
Chapter 5. Secure Plus Option Audits. . . . . . . . . . . . . . . . 235
Implementation Guide. . . . . . . . 201 Sterling Connect:Direct Secure Plus Parameters
Overview. . . . . . . . . . . . . . . 201 File Auditing . . . . . . . . . . . . 235
About Sterling Connect:Direct Secure Plus. . . 201 Sterling Connect:Direct Secure Plus Certificate
Security Concepts . . . . . . . . . . . 201 Auditing . . . . . . . . . . . . . . 237
Sterling Connect:Direct Secure Plus Tools . . . 204 Troubleshoot Sterling Connect:Direct Secure Plus 239
Plan the Sterling Connect:Direct Secure Plus Troubleshooting . . . . . . . . . . . 239
Configuration . . . . . . . . . . . . 206 Configuration Worksheets . . . . . . . . . 241
Summary of Processing Using Sterling Local Node Security Feature Definition
Connect:Direct Secure Plus . . . . . . . . 207 Worksheet . . . . . . . . . . . . . 241
IBM Sterling Connect:Direct Secure Plus for Remote Node Security Feature Definition
Microsoft Windows Documentation . . . . . 208 Worksheet . . . . . . . . . . . . . 242
Set Up Sterling Connect:Direct Secure Plus . . . 209 Certificate File Layout . . . . . . . . . . 243
Set Up Sterling Connect:Direct Secure Plus . . 209 Certificate File Layout . . . . . . . . . 243
Start Secure+ Admin Tool . . . . . . . . 209 Validate the Configuration . . . . . . . . . 243
Prepare to Set Up Sterling Connect:Direct Secure Exchange Data and Verify Results . . . . . . 244
Plus . . . . . . . . . . . . . . . . 209 Automation Scripts . . . . . . . . . . . 244
Populate the Sterling Connect:Direct Secure Plus Configure Sterling Connect:Direct Secure Plus to
Parameters File . . . . . . . . . . . . 210 Use the SSL or TLS Protocol . . . . . . . 244
Configure Nodes . . . . . . . . . . . . 211 Use LCU to Configure Encrypted Passwords . . . 247
Node Configuration Overview. . . . . . . 211 Configure Encrypted Passwords Using the LCU 247
Import Existing Certificates. . . . . . . . 212 Create an LCU File . . . . . . . . . . 249
Create CMS Key Store . . . . . . . . . 212
Configure the Sterling Connect:Direct Secure Chapter 6. SDK Programmers Guide 251
Plus .Local Node Record . . . . . . . . 213 Overview. . . . . . . . . . . . . . . 251

Contents v
Sterling Connect:Direct for Microsoft Windows User Exits . . . . . . . . . . . . . 284
SDK Overview . . . . . . . . . . . . 251 Apply Enhanced Security . . . . . . . . 284
Edit Connection Settings . . . . . . . . . 253 Apply Automated File Opening . . . . . . 286
Edit Connection Settings with the Client Structure Types. . . . . . . . . . . . . 287
Connection Utility . . . . . . . . . . . 253 Structure Types. . . . . . . . . . . . 287
Start the Client Connection Utility . . . . . 253 NETMAP_DESC_STRUCT Structure . . . . . 287
Add and Delete Node Connection Definitions 254 USER_STRUCT Structure . . . . . . . . 288
Add a Node . . . . . . . . . . . . . 254 MESSAGE_STRUCT Structure . . . . . . . 290
Delete a Node . . . . . . . . . . . . 255 NETMAP_MODE_SNA Structure . . . . . . 291
Add a User . . . . . . . . . . . . . 255 NETMAP_MODE_TCP Structure . . . . . . 291
Delete a User . . . . . . . . . . . . 256 NETMAP_NODE_STRUCT Structure . . . . 292
Update Node Properties . . . . . . . . . 256 NETMAP_PATH_STRUCT Structure. . . . . 293
Define a Default Node or Default User . . . . 257 PROCESS_STRUCT Structure . . . . . . . 294
Import Registry Settings . . . . . . . . . 257 NODE_STRUCT Structure . . . . . . . . 297
Export Registry Settings . . . . . . . . . 258 STATISTICS_STRUCT Structure . . . . . . 298
Print Registry Settings Report . . . . . . . 258 TRACE_STRUCT Structure . . . . . . . . 298
Apply the C API . . . . . . . . . . . . 258 TRANSLATE_STRUCT Structure . . . . . . 299
The C Applications Programming Interface . . 258 Return Codes . . . . . . . . . . . . . 300
Compile and Debug . . . . . . . . . . 259 C++ Class and the C API Functions Return
Activate Tracing . . . . . . . . . . . 259 Codes . . . . . . . . . . . . . . . 300
Standard C API . . . . . . . . . . . 259
View Sample Programs . . . . . . . . . 261 Chapter 7. .Net SDK User Guide . . . 303
Apply the C++ Class Interface. . . . . . . . 261 Sterling Connect:Direct for Microsoft Windows
Compile and Debug . . . . . . . . . . 261 .Net SDK Overview . . . . . . . . . . . 303
Manipulate Nodes. . . . . . . . . . . 262 Sample Programs . . . . . . . . . . . . 303
Create an Object to Connect to a Node . . . . 263 Add the .Net Class Interface . . . . . . . . 304
Manage Connections . . . . . . . . . . 264 About Classes . . . . . . . . . . . . . 304
View Information . . . . . . . . . . . 264 Connect to a Sterling Connect:Direct for Microsoft
Control the Return of Information . . . . . 265 Windows Node. . . . . . . . . . . . . 304
Execute Sterling Connect:Direct Commands . . 266 Disconnect Nodes . . . . . . . . . . . . 305
Manage Exception Conditions . . . . . . . 267 Submit Processes . . . . . . . . . . . . 305
Manage Administrative Functions . . . . . 268 Manage Processes . . . . . . . . . . . . 305
Multithreaded Access and Blocking . . . . . 270 Retrieve Statistics . . . . . . . . . . . . 307
Objects On The Stack . . . . . . . . . . 270 Node Properties . . . . . . . . . . . . 307
Apply the ActiveX Control Interface . . . . . . 271 Process Class . . . . . . . . . . . . . 307
Submit Process . . . . . . . . . . . . 271 Process Properties . . . . . . . . . . . . 308
Display Select Statistics Results . . . . . . 272 Statistic Class . . . . . . . . . . . . . 309
Apply Automation Servers . . . . . . . . . 278 Statistic Properties . . . . . . . . . . . . 309
Apply Automation Servers . . . . . . . . 278
Create Virtual Servers Using the Node Factory 279
Notices . . . . . . . . . . . . . . 311
Use Automation Objects . . . . . . . . . 282
Trademarks . . . . . . . . . . . . . . 313
Enhance Security and Automate File Opening with
Terms and conditions for product documentation 314
User Exits . . . . . . . . . . . . . . 284

vi Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Chapter 1. Connect:Direct for Microsoft Windows Release
Notes
The IBM® Sterling Connect:Direct® for Microsoft Windows Version 4.7 Release
Notes document supplements Sterling Connect:Direct for Microsoft Windows
version 4.7 documentation and the documentation for the following Sterling
Connect:Direct for Microsoft Windows related software: IBM Sterling
Connect:Direct Requester, IBM Sterling Connect:Direct File Agent, and IBM Sterling
Connect:Direct Secure Plus for Microsoft Windows. Release notes are updated with
each release of the product and contain last-minute changes and product
requirements. Read the document before installation.

Requirements
Sterling Connect:Direct for Microsoft Windows has the following requirements.

Hardware and Software

Sterling Connect:Direct for Microsoft Windows and related software require the
following hardware and software.

Component Hardware Software


Sterling v 512 MB RAM (min.) 1 Microsoft Windows operating system
Connect:Direct for GB or more options:
Microsoft Windows recommended v Microsoft Windows Server 2012 R2
v 200 MB disk space v Microsoft Windows Server 2012
v Microsoft Windows Server 2008 R2
v Microsoft Windows 10 (V4.7.0, Fix
Pack 3 or later)
v Microsoft Windows 8
v Microsoft Windows 7
v Virtualization software—All of the
above options running under VMware
Infrastructure 3 (VMware ESX server)
v Clustered environment supported on:
– Microsoft Windows 2008 Server R2
– Microsoft Windows 2012 Server
Microsoft TCP/IP Token ring or ethernet Microsoft TCP/IP WinSOCK interface
Support interface card installed as part of the Microsoft
Windows system

© Copyright IBM Corp. 1982, 2016 1


Component Hardware Software
SNA Connectivity Install one of the following:
v Microsoft SNA Server version 4.0, SP 3
v Microsoft SNA Client version 4.0
v Microsoft Host Integration Server 2006
v IBM eNetwork Communications
Server for Windows version 6.1
Note: The SNA API client is not
supported when installed on a
stand-alone computer. The server and
client components must be installed on
the same computer.
Database Software 2 GB or more. The Install one of the following before you
amount may vary install Sterling Connect:Direct for
depending on the product Microsoft Windows:
configuration and usage. Note: IBM solidDB is the default
database provided and installed with
Sterling Connect:Direct for Microsoft
Windows.
v Microsoft SQL Server 2014 (V4.7.0, Fix
Pack 3 or later), 2012, and 2008—This
software is not provided. You can
configure SQL Server during the
Sterling Connect:Direct installation.
Note: Local-domain access must be
available to Microsoft SQL Server.
v Microsoft SQL Server Express 2008
SP1. This software is not provided.
v MySQL Community Edition 5.5 with
My SQL Connector-ODBC 3.51 (x86,
32-bit version) or later. Download the
software from the MySQL Community
website at http://www.mysql.com/
products/community/.

For more information, see the IBM


Sterling Connect:Direct for Microsoft
Windows Getting Started Guide.
Sterling Same as requirements for Same requirements as Sterling
Connect:Direct File Sterling Connect:Direct Connect:Direct for Microsoft Windows
Agent for Microsoft Windows
Sterling Same as requirements for Same requirements as Sterling
Connect:Direct Sterling Connect:Direct Connect:Direct for Microsoft Windows
Requester for Microsoft Windows
Sterling Same as requirements for This software is required to build the
Connect:Direct for Sterling Connect:Direct samples, but is not required to run the
Microsoft Windows for Microsoft Windows samples.
SDK

Virtualization support

IBM cannot maintain all possible combinations of virtualized platforms. However,


IBM generally supports all enterprise class virtualization mechanisms, such as
VMware ESX, VMware ESXi, VMware vSphere, Citrix Xen Hypervisor, KVM
(Kernel-based virtual machine), and Microsoft Hyper-V Server.

2 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


IBM investigates and troubleshoots a problem until it is determined that the
problem is due to virtualization. The following guidelines apply:
v If a specific issue is happening because the system is virtualized and the
problem cannot be reproduced on the non-virtualized environment, you can
demonstrate the issue in a live meeting session. IBM can also require that further
troubleshooting is done jointly on your test environment, as there is not all types
and versions of VM software installed in-house.
v If the issue is not able to be reproduced in-house on a non-virtualized
environment, and troubleshooting together on your environment indicates that
the issue is with the VM software itself, you can open a support ticket with the
VM software provider. IBM is happy to meet with the provider and you to share
any information, which would help the provider further troubleshoot the issue
on your behalf.
v If you chose to use virtualization, you must balance the virtualization benefits
against its performance impacts. IBM does not provide advice that regards
configuring, administering, or tuning virtualization platforms.

Features and Enhancements


Sterling Connect:Direct for Microsoft Windows version 4.7 and its related software
have the following features and enhancements:

Fix Pack 4 (V4.7.0.4)

IBM® Aspera® High Speed Add-on for Sterling Connect:Direct® for Microsoft Windows uses
FASP(TM) (Fast and Secure Protocol) network transport to transfer files over high
bandwidth and high latency network connections. FASP support has been added for
interoperability with Sterling Connect:Direct for UNIX (V4.2.0.4 or later) and Sterling
Secure Proxy (V3.4.3.0 or later).

Fix Pack 3 (4.7.0.3)

Option to automatically delete a process from the TCQ after all connection retries are
exhausted.

Adds an initialization parameter conn.retry.exhaust.action. The two valid values for this
parameter are hold and delete:
v Hold - Places Processes in the hold queue in Held in Error status after all retry
attempts are used. This is the default value and retains the prior behavior of
Connect:Direct.
v Delete - Causes Processes to be permanently deleted from the TCQ after all
short-term and long-term retries are exhausted.

This feature also adds a message ID LCPF003E: Process Retry exceeded for &pname
&pnum.
Connect:Direct Windows SDK for x64 bit Windows Platform in C++.

Adds 64-bit versions of CdCore.lib and CdCore.dll files in a new x64 folder. To build the
C++ samples for the x64 platform, remove your existing *.sln and *.vcxproj files from the
CPPSample1 and CPPSample2 folders before you apply this fix. Once the fix is applied,
start with opening the new *.vcxproj files.

Chapter 1. Release Notes 3


Option to automatically delete a process from the TCQ after all connection retries are
exhausted.

Adds an initialization parameter conn.retry.exhaust.action. The two valid values for this
parameter are hold and delete:
v Hold - Places Processes in the hold queue in Held in Error status after all retry
attempts are used. This is the default value and retains the prior behavior of
Connect:Direct.
v Delete - Causes Processes to be permanently deleted from the TCQ after all
short-term and long-term retries are exhausted.

This feature also adds a message ID LCPF003E: Process Retry exceeded for &pname
&pnum.
The LCOA014I error messages provide more details about failed login attempts. This
feature adds the OS system error code as a feedback code (FDBK) and a specified user ID
to the message data for LCOA014I. Some typical error codes include:
v 1326: Login failure - unknown username or bad password.
v 1331: Login failure - account currently disabled.
v 1385: Login failure - the user was not granted the requested login type on this computer.
Concurrent sessions high water mark

The concurrent sessions high water mark count is the maximum number of sessions that
can run concurrently. This count is information only and it does not require any action
from the user. The high water mark count is logged each day at midnight local time and at
system shutdown in the SCNT record in Process statistics. A new LCNT001I message
provides the following information to the user: Concurrent Sessions High Water Mark
count of &MAX occurred at &TIME.
Increases the default window size of the control pad in Connect:Direct Requester.
Ability to create a configuration report from the CLI

Adds a parameter, cdconfig, to the traceon command. The configuration report is written
to a file named cdconfig.txt, which is created in the same folder as the specified trace file.
For example, enter the following command line in the CLI to create a configuration report
in C:\Temp\cdconfig.txt:
traceon file=C:\Temp\dummy.cdt config;
Connect:Direct Requester no longer overwrites the PNODE or SNODE when
$PNODE$="" or $SNODE$="" is found in REQUESTER_COMMENTS

When available, Connect:Direct Requester uses the REQUESTER_COMMENTS command


on a Process to determine for which PNODE and SNODE the process was built. The logic
no longer overwrites the PNODE or SNODE when $PNODE$="" or $SNODE$="" is found
the requester comments.

Fix Pack 2 (V4.7.0.2)

Connect:Direct Secure Plus Administration tool rewrites a node record file only when
the user modifies the file.

In previous versions, the administration tool rewrote node record files if the user viewed
them but did not update their settings.
Sterling Connect:Direct for Windows Total Max Sessions enforcement

An initialization parameter, sess.total, was added to limit the total number of concurrent
sessions. Valid numeric values are 1-510. If a value is not specified, the value is the sum of
the values of sess.pnode.max and sess.snode.max initialization parameters.

4 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Millisecond timestamp on statistics records in Sterling Control Center.

The Connect:Direct server stores millisecond time resolutions on some of the existing time
stamps that are saved in its statistics logs. A Connect:Direct API client can opt in or out of
displaying the extra millisecond time resolution characters.

Base Release (V4.7.0)

Addition of NIST SP800-131a and Suite B support for Sterling Connect:Direct UNIX and
Windows platforms.
Support for TSL 1.2 for Sterling Connect:Direct UNIX and Windows platforms.
Adds support for importing and exporting initialization parameters through the
Configuration Utility. To operate in silent mode, use the following commands:
– CdConfig.exe /Q /PInitparms.cfg /* Export */

– CdConfig.exe /Q /I /FInitparms.cfg /LCdConfig.log /* Import */

Attention: Verify that the service is stopped before you run an import.

Attention: The node name and server.path initialization parameters cannot be changed and
are ignored during the import.
Applied removal of STS support for Sterling Connect:Direct for UNIX and Windows.
Provides for automated deployment of Sterling Connect:Direct for UNIX across the
enterprise with enterprise deployment tools such as IBM Tivoli® Endpoint Manager. For
more information, seeIBM Sterling Connect:Direct Enterprise Deployment Guide.
Adds 64-bit support for Sterling Connect:Direct for Microsoft Windows .NET SDK. The
.NET samples support building 32- and 64-bit versions. The x64 directory includes release
and debug builds of the 64-bit .NET SDK.
Enhances the PNODE Delete/Flush Process command to support stopping processes while
they are executing an SNODE Run Task step. For users of the Connect:Direct Command
Line Interface (CLI Direct.exe), note: The CLI’s DELETE PROCESS command is required to
remove an executing (EXEC) process from the queue. Additionally, one of the HOLD or
FORCE arguments to the DELETE PROCESS command must be set to YES. For example,
DELETE PROCESS FORCE=YES; /* Delete executing process from the queue */ DELETE
PROCESS HOLD=YES; /* Delete executing process and place it in the HOLD queue */The
default for both FORCE and HOLD is NO. Therefore, at least one must be specified and
set to YES in order for the process to be deleted when you use the CLI.
Increases the default maximum database size for IBM solidDB to 8000M.

Features removed from this release


v Removed support for Sterling Certificate Wizard. You should start using IBM
iKeyman instead, which is located in the bin directory of the JRE bundled with
Sterling Connect:Direct for Microsoft Windows. For information on how to use
iKeyman, see iKeyman Overview.
v The Station-to-Station (STS) protocol is a cryptographic key agreement scheme
based on classic Diffie-Hellman that provides mutual key and entity
authentication. IBM is ending support for the STS (Station-to-Station) protocol in
the Connect:Direct family of products, beginning with version 5.2 for z/OS and
Distributed Platforms. This corresponds to Connect:Direct Windows 4.7,
Connect:Direct Unix 4.2, and Connect:Direct i5/OS 3.8.
Why is STS being removed?
As computing power increases many security standards are moving towards
stronger encryption. STS does not support the strongest encryption algorithms.

Chapter 1. Release Notes 5


The closed nature of the standard prevents the addition of stronger encryption,
and puts IBM at risk if any vulnerabilities are found in the future. In a risk
situation, IBM would be unable to take corrective action and still support STS.
What are the alternatives?
The Connect:Direct family currently supports several alternatives to STS. In
addition, Connect:Direct 5.2 (this release) brings new support for TLS 1.1,
TLS1.2, FIPS suite B, and several other major encryption and security features.
If you require the STS protocol, you must remain on the most recent release
according to the following table. End of support is not determined for these
versions and customers are given a minimum one year notice.

Operating System Last Version with STS Support


z/OS 5.1.1
Windows 4.6.1
UNIX 4.1
i5/OS 3.7

Special Considerations
This section details special considerations to be aware of for your platform.
v Certain maintenance fixes should be applied to Sterling Connect:Direct for z/OS
to have the correct TLS protocol negotiation with Sterling Connect:Direct for
Microsoft Windows 4.7. It is suggested the you upgrade Sterling Connect:Direct
for z/OS with these four HIPER fixes: UI14876, UI14924, UI16043, UI16936. For
additional information, see http://www14.software.ibm.com/webapp/set2/
psearch/search?domain=psp and search for the FMID for CDZ/5.2 (HDGA520)
and select Upgrade STRCD520, Subset HDGA520 , then select Service
Recommendations for the most current list of HIPER fixes.
v The database retry feature retries a connection for up to eight minutes before a
failure is allowed to continue. When you use client applications like Sterling
Connect:Direct Requester, the application may appear to quit working. If this
occurs, check the event log for database errors indicating a retry is in progress. If
the retry is unsuccessful, you may need to recycle the Sterling Connect:Direct for
Microsoft Windows server.
v IBM solid DB
– If you do not install IBM solidDB as your database and would like to install it
at a later time, re-run setup.exe. You can also install the solidDB feature.

Known Restrictions
Sterling Connect:Direct for Microsoft Windows and its related software have the
following known restrictions.

Restrictions for Sterling Connect:Direct for Microsoft Windows


Sterling Connect:Direct for Microsoft Windows version 4.7 has the following
restrictions:
v Secure+ ParmFiles encrypted with IDEA is not upgradeable. Impacted versions
include, Connect:Direct for Windows 4.2.00
v Changes to the SPCli will break customer scripts.
v There is no GUI support for creating ECDSA signed certificates.

6 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


v You can keep an earlier version of Sterling Connect:Direct for Microsoft
Windows on the computer on which you are installing Sterling Connect:Direct
for Microsoft Windows version 4.7.
v Sterling Connect:Direct for Microsoft Windows version 4.7 SNMP and NT
Broadcast do not send messages on 64-bit operating systems.
v Built-in variables should only be specified in a SUBMIT statement within a
Process if the statement will be executed on a Sterling Connect:Direct for
Microsoft Windows version 4.6 (or later) node or another Sterling Connect:Direct
version that supports built-in variables.
v Temporary addresses, which are a security feature of the IPv6 protocol, are
generated automatically by the operating system and are used only for
outbound connections. These addresses have a short life span and are replaced
by other temporary outbound addresses. This feature of the IPv6 protocol causes
problems with Netmap Checking. If the outgoing address of the PNODE
randomly changes and netmap checking is enabled by the SNODE, the SNODE
always refuses the connection because the IP address of the PNODE never
matches the IP address configured for it.
You can work around the problem created by temporary addresses in two ways:
– On the PNODE, configure outgoing.address in the initialization parameters
file using the IPv6 address for the PNODE server. This ensures that the IP
address that the PNODE uses to create a connection to a remote node is
always constant. Consider the following:
- If a PNODE has several IP addresses configured, for example, two IPv6
addresses and two IPv4 addresses, configure the outgoing.address
initialization parameter with one IPv6 address. This address can then be
used to connect to an SNODE configured with either IPv6 or IPv4
addresses.
- If a PNODE wants to use an IPv4 address to connect to an SNODE that has
both IPv6 and IPv4 IP addresses, ensure that the tcp.api.port and
tcp.host.port initialization parameters of the SNODE are configured with
an IPv4 address and port.
– Disable temporary addresses for the PNODE. This is a configuration option in
the Windows networking component. If the temporary addresses are not
generated, connections to a remote that use the IPv6 protocol use the
configured IPv6 address.

Note: To disable temporary addresses in the Windows Vista OS, issue the
following command from a command prompt: netsh interface ipv6 set privacy
state=disabled. For other Windows operating systems, see the Microsoft Windows
documentation.

See RFC 3041 for more information on IPv6 temporary addresses.


v If you modify user authorizations from the Sterling Connect:Direct server and
the Sterling Connect:Direct Requester is attached, you must detach and reattach
to the Sterling Connect:Direct server. When you reattach to the Sterling
Connect:Direct server, Sterling Connect:Direct Requester reads the updated user
information.
v Sterling Connect:Direct for Microsoft Windows previously supported the
DESKTOP(YES) parameter in the SYSOPTS statement of a Sterling
Connect:Direct Process. This parameter enabled user programs launched by the
Sterling Connect:Direct service to interact with the Windows desktop. Currently
this parameter functions only on versions of Microsoft Windows prior to
Windows Vista and Windows Server 2008. For security reasons, Microsoft has

Chapter 1. Release Notes 7


removed support for Interactive Services from those two operating systems.
Microsoft blocks any attempt by a Windows service to interact with the desktop.
Sterling Connect:Direct administrators should begin to remove the
DESKTOP(YES) parameter from all Sterling Connect:Direct for Microsoft
Windows Process scripts. Alternatively, you can switch DESKTOP(YES)
references to DESKTOP(NO).
To ease the transition of upgrading to Sterling Connect:Direct for Microsoft
Windows, Sterling Connect:Direct detects when a process using DESKTOP(YES)
is submitted on a Windows system that does not support Interactive Services.
When DESKTOP(YES) is detected, Sterling Connect:Direct dynamically switches
to DESKTOP(NO) and records the following warning in the statistics:

LPRS020I Invalid DESKTOP value specified.


DESKTOP=YES is not supported on this version of Windows.
The RUN TASK / JOB will continue with DESKTOP reset to NO.

After this warning is written to Sterling Connect:Direct statistics, the Process is


allowed to continue as if DESKTOP(NO) had been originally specified.
This transitional feature works only if the RUN TASK or RUN JOB is capable of
running without desktop interaction. That is, if manually switching
DESKTOP(YES) to DESKTOP(NO) would cause the Sterling Connect:Direct
Process to fail, then the dynamic switch to DESKTOP(NO) will not be an
effective solution. If the program executed by the RUN TASK/JOB is unable to
execute without user interaction then that program must be changed so that it
no longer needs user interaction.
v Under conditions of high CPU usage, a Sterling Connect:Direct Process running
over UDT may be interrupted by a lost connection. Should this occur, Sterling
Connect:Direct retries the Process. If connection losses due to high CPU usage
are occurring, their frequency can be reduced by restricting the number of
concurrent UDT sessions through netmap session limits.
v For Sterling Connect:Direct for Microsoft Windows version 4.6.0.1 or later to
work using the UDT protocol with servers running Sterling Connect:Direct for
z/OS® 4.8.00, you must install a fix for the Sterling Connect:Direct for z/OS
server. Without this fix (T014159), the first time a Process is initiated in Sterling
Connect:Direct for Microsoft Windows using UDT, the Process will fail with a
“Connection Broken” error. The RPLERRCK DD indicates the UDT error code of
2001.

Restrictions for Related Software


The related software has the following restrictions:

Related Software Restriction


Sterling Connect:Direct The following functions are not supported for Sterling
Requester Connect:Direct Requester connected to a Sterling Connect:Direct
for UNIX or Sterling Connect:Direct for UNIX OpenVMS server:
v Server initialization parameters (initparms) maintenance
v Network map maintenance
v User authorization management
v Remote user proxies
v List all users
v New translation table
v Selecting statistics by copy file name (No statistics are
available for OpenVMS servers.)

8 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Related Software Restriction
The following Trace facility options are not supported for
Sterling Connect:Direct Requester connected to Sterling
Connect:Direct for UNIX for or Sterling Connect:Direct
OpenVMS servers:
v Ability to wrap file
v Ability to set maximum file size
v Ability to do MAIN trace
v Ability to trace by Process number, Process name, or
destination (advanced options)

Installation Notes
Before you install Sterling Connect:Direct and its related applications, read all the
information in this section and follow all the guidelines.
v Complete any worksheets before installing Sterling Connect:Direct and its
related software.
v Review your security configuration to ensure compatibility with Sterling
products.
v Verify that you have the current updates for Sterling Connect:Direct for
Microsoft Windows, Sterling Connect:Direct Requester, Sterling Connect:Direct
for Microsoft Windows File Agent, and Sterling Connect:Direct Secure Plus for
Microsoft Windows.
v Review theIBM Sterling Connect:Direct for Microsoft Windows Getting Started Guide.

Installation Notes for Sterling Connect:Direct Requester


Before you install Sterling Connect:Direct Requester, complete the following
pre-installation tasks:
v Define users for Microsoft Windows.
v Configure and test TCP/IP connectivity by configuring a valid IP address, IP
subnet, and IP gateway, or configure and test SNA connectivity, if necessary.
If the communications partner is on another subnet or network and a firewall is
between the communications partner and the computer, verify that the Access
Control Lists (ACLs) are correctly configured to allow access to and from the IP
address and IP ports. Contact the security administrator for more information on
configuring the ACLs.

Installation Notes for Sterling Connect:Direct File Agent


Before you install Sterling Connect:Direct File Agent, read information in this
section and follow the guidelines.
v Review the information on using and configuring Sterling Connect:Direct File
Agent in IBM Sterling Connect:Direct for Microsoft Windows Getting Started Guide.
v When you install Sterling Connect:Direct File Agent initially or upgrade to a
later version, it is installed as a service on Microsoft Windows using the Local
System Account. If you change the user account for Sterling Connect:Direct File
Agent after installation, each time you perform an upgrade, you must change
from the Local System Account to a different user account for the service, if
necessary.

Chapter 1. Release Notes 9


Sterling Connect:Direct Secure Plus for Microsoft Windows
Before you install Sterling Connect:Direct Secure Plus for Microsoft Windows, read
all the information in this section and follow the guidelines.
v Print and review IBM Sterling Connect:Direct Secure Plus for Microsoft Windows
Implementation Guide.
v To install Sterling Connect:Direct Secure Plus for Microsoft Windows at the same
time that you install Sterling Connect:Direct for Microsoft Windows, follow the
instructions in IBM Sterling Connect:Direct for Microsoft Windows Getting Started
Guide.
v When you upgrade from a previous version of IBM Sterling Connect:Direct
Secure Plus for Microsoft Windows, the parameters file is converted and can be
used with the new version.

Upgrading Guidelines
Observe the following guidelines for upgrading Sterling Connect:Direct for
Microsoft Windows and its related software.

Upgrading Guidelines for Sterling Connect:Direct for Microsoft


Windows
Observe the following guidelines:
v Before you perform any upgrade procedure, create backup copies of the
following Sterling Connect:Direct for Microsoft Windows installation files:
– Directory: C:\Program Files\Sterling Commerce\Connect Direct v4.n.n, where
n.n represents your current version number
– Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Sterling
Commerce\Connect:Direct for Windows NT\v4.n.n, where n.n represents
your version number
v If you are upgrading from an earlier version of Sterling Connect:Direct for
Microsoft Windows, the installation automatically copies the network map and
user definitions.
v Microsoft Installation (MSI) does not recognize the Install Shield installations;
therefore, Install Shield and MSI cannot point to the same installation folder or
you may have problems uninstalling Sterling Connect:Direct for Microsoft
Windows. If you upgrade Sterling Connect:Direct for Microsoft Windows, the
installation copies the folders of the older version of Sterling Connect:Direct for
Microsoft Windows to the new installation directory before the new version is
installed. The new version overwrites existing files in the destination folder.
v The ODBC DSN is updated to include new DSN names to prevent previous
uninstalls from removing them. DBWiz updates the configuration of SQL Server
databases.

10 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Upgrading Guidelines for Related Software
Observe the following additional guidelines:

Related Software Guideline


Sterling Connect:Direct The installation has changed from a single-user installation to
Requester all users. Any user who is logged on can start Sterling
Connect:Direct Requester. Because the configuration is user
specific, Sterling Connect:Direct Requester automatically creates
the base registry key if one does not exist.
Microsoft Installation (MSI) does not recognize Install Shield
installations; therefore, Install Shield and MSI cannot point to
the same installation folder or you may have problems
uninstalling Connect:Direct for Microsoft Windows. If you
upgrade Sterling Connect:Direct Requester, the installation
copies the folders of the older version of Sterling Connect:Direct
Requester to the new installation directory before the new
version is installed. The new version overwrites existing files in
the destination folder.
Sterling Connect:Direct When you upgrade Sterling Connect:Direct File Agent, it is
File Agent installed as a service on Microsoft Windows using the Local
System Account. If you change the user account for Sterling
Connect:Direct File Agent after installation, each time you
perform an upgrade, you must change from the Local System
Account to a different user account for the service.

Chapter 1. Release Notes 11


12 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation
Chapter 2. Getting Started Guide
Prepare for the Installation of IBM Sterling Connect:Direct for
Microsoft Windows
Before you install Sterling Connect:Direct for Microsoft Windows, make sure the
following tasks are complete:
v Make sure system meets product hardware and software requirements
v Define users for Microsoft Windows
v Configure and test TCP/IP or SNA connectivity as needed
v Install and configure IBM solid DB, Microsoft SQL Server, Microsoft SQL Server
Express, or MySQL for database support
v Install and configure SNMP as needed
v If you plan to use NT Broadcast to send user notification messages, ensure that
NT Broadcast is configured
v Complete installation worksheets

Requirements for Copying Files To and From Network Servers


When you are ready to create Processes, be aware that Sterling Connect:Direct
allows you to share information across computers. All of the data does not have to
be on the server. Observe the following requirements to enable copying files
among network servers:
v Files to copy must reside on a file server accessible by Sterling Connect:Direct
for Microsoft Windows.
v You must provide a valid user ID and password for the file server where the
files reside. Use a local node ID when you submit a Process on the local node
and a remote node ID when you submit a Process on a remote node. Supply
information as part of the process statement or the submit command or use the
Login Connection Utility to provide this information.
v If a Process has multiple copy steps, the local node ID or remote node ID
parameter must be appropriate for each file server from which, or to which you
transfer a file. This method is necessary because the parameters apply to the
Process as a whole and not to individual copy steps.
v Specify the Universal Naming Convention (UNC) form of the file name if the
file is not on a drive directly connected to the same Microsoft Windows server
as Sterling Connect:Direct. If the file is on the Microsoft Windows server where
Sterling Connect:Direct is installed, you can specify the drive letter. The UNC
name format is:
\\servername\share point name\filename
– The servername is the Microsoft Windows server where data resides.
– The share point name is the name under which the remote Microsoft
Windows server shares the directory you want to access.
– The filename specifies the name of the file and any subdirectories.

© Copyright IBM Corp. 1982, 2016 13


Configure Microsoft Windows User Privileges
Sterling Connect:Direct for Microsoft Windows must be installed by a Microsoft
Windows administrator. However, ongoing administration requires that the
administrator be a member of the Microsoft Windows Users group and is defined
in the Sterling Connect:Direct User Authorities with administrative privileges
based on the admin template.

After Sterling Connect:Direct for Microsoft Windows is installed, attach to Sterling


Connect:Direct for Microsoft Windows as sysadmin and add a user as a Sterling
Connect:Direct for Microsoft Windows administrator (for example, cdadmin) with
the user right, Log on locally. Then, delete sysadmin from the Sterling
Connect:Direct for Microsoft Windows User Authorities.

Refer to Microsoft Windows system documentation for instructions on setting up


an administrator account. Refer to the IBM Sterling Connect:Direct for Microsoft
Windows System Guide for information on configuring user authorities.

Customize a Sterling Connect:Direct Logon Account


About this task

Sterling Connect:Direct for Microsoft Windows is installed under the local System
account.

To create a custom account, assign the account the following privileges:


v Log on as service—Set this privilege to allow a Microsoft Windows service to
run in the context of the specified user instead of running in the context of the
local system account.
v Replace a process level token—Turn on this privilege to allow Sterling
Connect:Direct for Microsoft Windows to submit Processes on behalf of logged
on users.
v Be a member of the Local Administrator Group—If you want to allow the node
to update its entry in Active Directory, the account must also be a member of the
Enterprise Admin group.
v Sterling Connect:Direct Secure Plus directory—Give the account full permissions
to the Sterling Connect:Direct Secure Plus directory.

Note: These privileges are stored locally, even if the computer is a member of a
domain. As a result, privileges cannot be set on the domain controller and granted
to all computers on the domain.

CAUTION:
Enabling the option, Allow service to interact with desktop when running
Sterling Connect:Direct under the local System account, presents a security risk
and may allow access to services that interact with the desktop.

After you create the account, you assign it as the account for Sterling
Connect:Direct. To identify the custom logon account:

Procedure
1. Select Start > Settings > Control Panel > Administrative Tools > Services.
2. Double-click the Sterling Connect:Direct server.
3. Click the Log On tab.
14 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation
4. Select This account to identify the custom logon account.
5. Type the account name to use for logging onto Sterling Connect:Direct, or click
Browse and double-click the user account.
6. Type the password in the Password and Confirm password fields.
7. Click OK.

Configure TCP/IP Connectivity


To enable TCP/IP connectivity, configure each computer with a valid IP address, IP
subnet, and IP gateway. If the communications partner is on another subnet or
network and a firewall is between the communications partner and the Microsoft
Windows computer, verify that the Access Control Lists (ACLs) are correctly
configured. Contact your Firewall/Security Administrator for more information on
configuring the ACLs for your firewall.

Sterling Connect:Direct for Microsoft Windows Installation


Worksheet
Complete this worksheet before you install Sterling Connect:Direct for Microsoft
Windows.

Decision Choices Additional Information


What Sterling Connect:Direct v Sterling Connect:Direct
software to install? Requester
v Sterling Connect:Direct
Server
v Sterling Connect:Direct
Secure Plus
Choose the installation v Accept the default
directory (where X installation directory -
represents the drive letter.) X:\Program Files\Sterling
Commerce\Connect Direct
4.7.00
v Change the installation
directory
v Install on a network drive
v Place an icon on a desktop
to perform the installation
the first time the
application is opened.
Name the Sterling Note: To change the local
Connect:Direct node - The node name after the product
default local node name is is installed, you must
the name of the Microsoft reinstall Sterling
Windows computer. Connect:Direct for Microsoft
Windows.
Identify the database v IBM solidDB If security is implemented on
software Microsoft SQL
v Microsoft SQL Server
Server—Microsoft Windows
Express
Authentication, create a valid
v Microsoft SQL Server user ID and password and a
v MySQL CREATE TABLE privilege
within the database.

Chapter 2. Getting Started Guide 15


Decision Choices Additional Information
Identify TCP/IP Identify Node-to-Node IP
communication information Address, Node-to-Node Port,
User Interface IP Address,
User Interface Port
Identify UDT communication Identify Node-to-Node IP
information Address, Node-to-Node Port,
User Interface IP Address,
User Interface Port
Identify additional v APPC Connectivity - SNA.
components Identify LU Name, Net ID,
Mode Name.
v Process Notification.
Specify NT Broadcast or
SMTP. If SMTP, specify
Host Address, Host Port
(default is 25), and Sender.
v Load an Existing Network
Map. Identify the fully
qualified pathname for the
MAP.CFG.
v Load Existing User
Authorities. Identify the
Fully qualified pathname
for the USER.CFG.

Install and Configure Database Software


The database logs Process statistics, internal messages, and the Process control
queue. Determine which software to use as the database software.
v To use IBM solidDB, accept the default database option during the Sterling
Connect:Direct for Microsoft Windows installation.
v To use SQL Server, install it on the local computer, a network drive, or remote
computer accessible from the local Sterling Connect:Direct node.
v To use SQL Server Express, download and install it.
– SQL Server Express is installed on the same machine as Sterling
Connect:Direct for Microsoft Windows. To use the default configuration, both
applications must be installed by the same user.
To allow different users to install the components, download Studio
Management Express from Microsoft and modify the user configurations.
– Microsoft SQL Server Express is not supported on Itanium 64. To use Sterling
Connect:Direct on Itanium 64, use a remote Microsoft SQL Server as your
database or attach to a remote Microsoft SQL Server Express installation.
Studio Management Express from Microsoft can configure Microsoft SQL
Server Express for remote use. Refer to Microsoft support for information.
v To use MySQL, download and install it.

Automate the Sterling Connect:Direct for Microsoft Windows


Installation
You can automate Sterling Connect:Direct for Microsoft Windows installations
using an initialization (INI) file. Implement automated installations by specifying a

16 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


path to the INI file from the command line of the Microsoft Windows setup. See
“About Silent Installations” on page 37 for information about automating
installations.

Configure SNA Connectivity


If you plan to use SNA network communications connectivity with Sterling
Connect:Direct, install and configure SNA before installing Sterling Connect:Direct
for Microsoft Windows. Use the “SNA Configuration Worksheet” to identify the
parameters necessary to configure SNA.

In addition, create an active connection between the local and remote nodes.
Sterling Connect:Direct for Microsoft Windows requires the following information
for the local and remote SNA networks in order to configure a peer- or host-based
partner SNA connection:
v Network name
v Mode name (local system only)
v Control point name
v Node ID
v Network address (remote system only)
v LU name and LU alias name (these names may be the same value; Sterling
Connect:Direct uses the LU alias name)

Note: Sterling Connect:Direct for Microsoft Windows supports only independent


LU6.2.

Refer to the “SNA Server/Host Configuration Worksheet” on page 27 when


mapping SNA connection parameters between Sterling Connect:Direct for
Microsoft Windows and a host system.

Note: Consult the SNA product documentation or contact your SNA vendor for
any questions about configuring the SNA communications software.

SNA Configuration Worksheet


Use this worksheet to identify the parameters necessary to configure SNA. Make
copies of this worksheet for each SNA configuration. See the “z/OS Network Map
Example for VTAM” on page 23 for SNA Server configuration examples.

Node Information Needed Additional Information


Local Node Decide the following: The LU Alias name is a
v Sterling Connect:Direct user-defined name that
Node Name references the LU name
defined in the local SNA
v LU Alias Name
network. This value can be
Get the following the same as the actual LU
information from your SNA name.
administrator:
v LU Name
v Network Name
v Mode Name
v Control Point Name
v Node ID

Chapter 2. Getting Started Guide 17


Node Information Needed Additional Information
Remote Node Get the following The LU Alias name is a
information from your user-defined name that
trading partner: references the LU name
v Sterling Connect:Direct defined in the remote SNA
Node Name network. This value can be
the same as the actual LU
v LU Alias Name
name. Obtain that
Get the following information from the SNA
information from your SNA administrator of the remote
administrator: system.

v LU Name
v Network Name
v Control Point Name
v Node ID
v Network Address

Sample SNA Configuration


This section illustrates a sample SNA configuration used to connect to IBM Sterling
Connect:Direct for z/OS. You provide the following SNA resource definitions
during the Microsoft SNA configuration. These values are derived from VTAM
definitions supporting connections between Sterling Connect:Direct for z/OS and
Sterling Connect:Direct for Microsoft Windows. Contact the VTAM administrator
for the values you need to specify during SNA configuration.

Microsoft Windows Parameter Value z/OS


Remote LU Name = M1CDXY2B =APPLID
Local LU Name = M1R01LUA =LU NAME
Network Name = CSDNET =NETID
Mode Name = NDM624K =MODEENT
Remote Control Point Name = CSDSA01 =SSCPNAME
Local Control Point Name = M1RPU01 =PU NAME
Local Sterling Connect:Direct Node = SS.DUB.USER1 =ADJACENT.NODE
Name
Remote Sterling Connect:Direct Node = CDNT0001 =LOCAL.NODE
Name
Local Node ID = 0716200D =XID
Remote Network Address = 4000 7000 6200 =MAC Address

Sample Sterling Connect:Direct for z/OS Network Map Entries


The following sample illustrates Sterling Connect:Direct for z/OS network map
entries for Microsoft Windows SNA software running Sterling Connect:Direct for
Microsoft Windows.

18 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


*****************************************************************
* *
* Connect:Direct NETWORK MAP *
* *
*****************************************************************
* *
*****************************************************************
* LOCAL NODE *
*****************************************************************
LOCAL.NODE = ((SS.DUB.USER1 M1CDXX2B,, SUPERUSR) -
TCQ= (USER1.R210.TCX -
USER1.R210.TCQ) )
*
ADJACENT.NODE = (PARSESS = (10 2) -
(CDNT0001, M1R01LUA, LU62) -
ENVIRONMENT=NT -
LOGMODE=NDM624K )

XCA Token Ring: Switched Net Definitions


The following sample illustrates the major node definitions for an XCA device.

***************************************************
* *
* *
*XCA TR DEFINITION *
* *
* *
*CHANGE LOG *
* *
***************************************************
M1R01PU VBUILD TYPE=SWNET, X
MAXGRP=1, MAXIMUM NUMBER OF UNIQUE GRPNM X
MAXNO=1 MAXIMUM NUMBER OF UNIQUE DIALNO
*
***
M1RPU01 PU ADDR=01, X
PUTYPE=2, X
ISTATUS=ACTIVE, X
DBLK=071, X
IDNUM=6200D, X
PASSLIM=8, X
DLOGMOD=NDM624K, X
MODETAB=DALLMTAB, X
SSCPFM=USSSCS, X
USSTAB=LSUSSTAB, X
PACING=7, X
VPACING=7, X
DISCNT=(NO), X
MAXDATA=521, X
MAXPATH=2, X
MAXOUT=8
*
M1RPTH0D PATH GRPNM=M1XG516D, X
DIALNO=0011111111111D DUMMY
*M1ROLUA LU LOCADDR=0, DLOGMODE=NDM6241C
*3270
*
M1R01LU2 LU LOCADDR=2,DLOGMOD=D4A3290
M1R01LU3 LU LOCADDR=3,DLOGMOD=D4A3290
*
*LU 6.2 ILU
*

Chapter 2. Getting Started Guide 19


XCA Token Ring: Independent LU Definition
The following sample illustrates the Independent LU definitions included as Cross
Domain Resources.

******************************************************************
VTAM 3.4 CDRSC DEFINITIONS FOR INDEPENDENT LU’S *
* 6.2 ILU DEFINITION - XCA TR ACCESS *
*CHANGE LOG: *
* *
* *
* *
******************************************************************
M1R01CDS VBUILD TYPE=CDRSC
*
M1R01CDS VBUILD TYPE=CDRSC
ALSLIST=M1RPU01, ADJ LINK STATION X
MODETAB=DALLMTAB, LOGON MODE TABLE X
DLOGMOD=NDM624K, LOGON MODE TABLE ENTRY X
RESSCB=5 SESSION CONTROL BLOCKS
M1R01LUB CDRSC ISTATUS=ACTIVE, X
ALSLIST=M1RPU01, ADJ LINK STATION X
MODETAB=DALLMTAB, LOGON MODE TABLE X
DLOGMOD=NDM624K, LOGON MODE TABLE ENTRY X
RESSCB=5 SESSION CONTROL BLOCKS
*
M1R01LUB CDRSC ISTATUS=ACTIVE, X
ALSLIST=M1RPU01, ADJ LINK STATION X
MODETAB=DALLMTAB, LOGON MODE TABLE X
DLOGMOD=NDM624K, LOGON MODE TABLE ENTRY X
RESSCB=5 SESSION CONTROL BLOCKS
*
M1R01LUC CDRSC ISTATUS=ACTIVE, X
ALSLIST=M1RPU01, ADJ LINK STATION X
MODETAB=DALLMTAB, LOGON MODE TABLE X
DLOGMOD=NDM622K, LOGON MODE TABLE ENTRY X
RESSCB=5 SESSION CONTROL BLOCKS
*
M1R01LUD CDRSC ISTATUS=ACTIVE, X
ALSLIST=M1RPU01, ADJ LINK STATION X
MODETAB=DALLMTAB, LOGON MODE TABLE X
DLOGMOD=NDM621K, LOGON MODE TABLE ENTRY X
RESSCB=5 SESSION CONTROL BLOCKS
*

20 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


XCA Token Ring: Major Node Definition
The following sample illustrates the major node definitions for an XCA device.

*****************************************************************
* *
* XCA MAJOR NODE *
* *
* CHANGE LOG: *
*****************************************************************
M1XCA516 VBUILD TYPE=XCA XCA MAJOR NODE
*
M1XP5161 PORT MEDIUM=RING, TOKEN-RING X
SAPADDR=4, SERVICE ACCESS POINT ADDRESS X
ADAPNO=0, ADAPTER NUMBER X
CUADDR=516 CHANNEL UNIT ADDRESS
*
M1XG516D GROUP DIAL=YES, SWITCHED PERIPHERAL NODE X
CALL=IN, DIAL IN AS PER MCDATA X
ISTATUS=ACTIVE ACTIVATED AT GEN
*
M1XL516D LINE ANSWER=ON PU CAN DIAL IN
*
M1X516PD PU
*
***

Sample Sterling Connect:Direct APPLDEF


The following sample illustrates the application definitions for Sterling
Connect:Direct for z/OS.

ZZAPPGLP VBUILD TYPE=APPL


*****************************************************************
* C:D z/OS TEST LU 6.2 ILU APPL DEFINITION *
* *
*****************************************************************
*
M1CDXY2B APPL ACBNAME=M1CDXY2B, VTAM APPLID X
APPC=YES, LU 6.2 CAPABLE X
AUTH=(ACQ,VPACE), VTAM AUTHORITY FOR THIS APP X
AUTOSES=10, # OF AUTO CONT WINNER ACTIVATES X
DDRAINL=ALLOW, DRAIN ALLOWED FOR CNOS 0 X
DLOGMOD=NDMLM1K, DEFAULT MODE TABLE ENTRY X
DMINWNL=10, MIN CONT WINNER FOR LOCAL LU X
DMINWNR=10, MIN CONT WINNER FOR REMOTE LU X
DRESPL=ALLOW, APPL WILL DO SESSION DEACTIVATES X
DSESLIM=20, MAX # OF ALLOWED SESS FOR MODE X
EAS=509, APPROX # OF CONCURRENT SESSIONS X
MODETAB=DALLMTAB, MODE TABLE NAME X
VPACING=7 DEFAULT RECEIVE PACING VALUE
*

Sample Sterling Connect:Direct MODEENTS (Mode


Definitions)
The following sample illustrates the mode definition entries for an independent
LU.

Chapter 2. Getting Started Guide 21


*****************************************************************
* *
* LU 6.2 WITH 4K RU’S *
* *
*****************************************************************
NDM624K MODEENT LOGMODE=NDM624K, *
TYPE=1, *
COS=NDMCOS1, *
FMPROF=X’13’, *
TSPROF=X’07’, *
PRIPROT=X’B0’, *
SECPROT=X’B0’, *
PSNDPAC=X’04’, *
SRCVPAC=X’04’, *
SSNDPAC=X’04’, *
COMPROT=X’D0B1’, *
RUSIZES=X’8989’, *
PSERVIC=X’060200000000000000000300’ *
* 0 1 2 3 4 5 6 7 8 9 1011
*****************************************************************
* *
* LU 6.2 WITH 2K RU’S *
* *
*****************************************************************
NDM622K MODEENT LOGMODE=NDM622K, *
TYPE=1, *
COS=NDMCOS1, *
FMPROF=X’13’, *
TSPROF=X’07’, *
PRIPROT=X’B0’, *
PSNDPAC=X’04’, *
SRCVPAC=X’04’, *
SSNDPAC=X’04’, *
SECPROT=X’B0’, *
COMPROT=X’D0B1’, *
RUSIZES=X’8888’, *
PSERVIC=X’060200000000000000000300’ *
* 0 1 2 3 4 5 6 7 8 9 1011
*****************************************************************
* *
* LU 6.2 WITH 1K RU’S *
* *
*****************************************************************
NDM621K MODEENT LOGMODE=NDM621K, *
TYPE=1, *
COS=NDMCOS1, *
FMPROF=X’13’, *
TSPROF=X’07’, *
PRIPROT=X’B0’, *
PSNDPAC=X’04’, *
SRCVPAC=X’04’, *
SSNDPAC=X’04’, *
SECPROT=X’B0’, *
COMPROT=X’D0B1’, *
RUSIZES=X’87

Sample VTAM Start Options (ATCSTRxx)


The following sample represents the VTAM Start Option entries for NETID and
SSCPNAME.

22 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


*****************************************************************
* *
* z/OS VTAM START DEFINITION *
* *
*****************************************************************
HOSTSA=01, X
NODETYPE=NN, X
CONNTYPE=LEN, X
CPCP=YES, X
GWSSCP=YES, X
NETID=CSDNET, X
SSCPID=15015, X
SSCPNAME=CSDSA01, X
LISTBKUP=DEFAULTS, X
TNSTAT,NOCNSL,TIME=60, X
PPOLOG=YES, X
XNETALS=YES, X
NCPBUFSZ=2048, X
HOTIOTRM=50, X
IOPURGE=5M, X
MSGLEVEL=V4R1, X
MAINTLVL=9311, X
IOBUF=(750,320,50,,30,100,3000), X
CRPLBUF=(500,,0,,25,1), X
LFBUF=(300,,0,,32,1), X
LPBUF=(80,,0,,12,1), X
SFBUF=(40,,0,,34,1), X
SPBUF=(32,,0,,32,1), X
BSBUF=(600,,0,,25,50), X
XDBUF=(55,,0,,5,1)

z/OS Network Map Example for VTAM


The following sample illustrates the use of the VTAM parameters (identified by the
alphabetic characters inside brackets) in a z/OS network map.

LOCALNODE= ADJACENT.NODE=(
(node name[b], (node name[a],
communications name[o],, communications name[m],,
superuser password) LU62)
TCQ=(tcxdsn, tcqdsn)) PARSESS=(max[d], default)
ENVIRONMENT=NT
LOGMODE=logmode entry name[c])

Refer to the platform-specific Sterling Connect:Direct installation or administration


guides for network map information on other host platforms.

Microsoft Windows Network Map Example


The following sample illustrates the use of the SNA parameters (identified by
alphabetic characters in brackets) in a Microsoft Windows network map.

Chapter 2. Getting Started Guide 23


CREATE_SNA_MODE Name(mode [c])
MAXRUsize (MaxRU [e]) MaxPacingSize(7) MaxNetSessLimit(8)
CREATE_SNA_COMMPATH Name(commpathname)
Transport(transport-type) Adapter(0) Address(000000000000)
NetId(netid[f]) PUName() LUName(LUName [m])
ProfileName() LULocAddr(0) Mode(mode[c]) LUSessLimit(8)
CREATE_REMOTENODE Name(remotenodename [b])
LRetry(10) LRetryTime(180) Sretry(10) SretryTime(10) SessPnodeMax(32)
SessSnodeMax(32) DefaultClass(1) RemoteOSEnv(OS/390) NetName(NetName[f])
PartnerName(PartnerName[o]) TPName(NNV2DTF) Mode(mode[c]) CommPath(commpathname)

Access SNA Server Configuration Listing


Use the following Microsoft Windows SNA Server command to display the
configuration and redirect the information to a file:

snacfg /print>filename

The following sample illustrates the Microsoft SNA server configuration listing for
a configured Microsoft Windows server using the values listed in the VTAM
Sample Definitions:

24 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


MODE #INTER /ADD \
/SESSIONLIM:8 \
/CONWIN:4 \
/CONLOSE:0 \
/AUTOACT:0 \
/AUTOPARTNER:No \
/HIGHPRIORITY:Yes \
/PACESENDCNT:7 \
/PACERECVCNT:7 \
/MAXSENDRU:1024 \
/MAXRECVRU:1024 \
/MAXSENDRU:1024 \
/COMMENT:"Interactive" \
MODE #BATCH /ADD \
/SESSIONLIM:8 \
/CONWIN:4 \
/CONLOSE:0 \
/AUTOACT:0 \
/AUTOPARTNER:No \
/HIGHPRIORITY:No \
/PACESENDCNT:3 \
/PACERECVCNT:3 \
/MAXSENDRU:1024 \
/MAXRECVRU:1024 \
/MAXSENDRU:1024 \
/MAXSENDRU:1024 \
/COMMENT:"Batch" \
MODE #BATCHSC /ADD \
/SESSIONLIM:8 \
/CONWIN:4 \
/CONLOSE:0 \
/AUTOACT:0 \
/AUTOPARTNER:No \
/HIGHPRIORITY:No \
/PACESENDCNT:3 \
/PACERECVCNT:3 \
/MAXSENDRU:1024 \
/MAXRECVRU:1024 \
/MAXSENDRU:1024 \
/MAXSENDRU:1024 \
/COMMENT:"Batch" \
MODE BLANK /ADD \
/SESSIONLIM:8 \
/CONWIN:4 \
/CONLOSE:0 \
/AUTOACT:0 \
/AUTOPARTNER:No \
/HIGHPRIORITY:No \
/PACESENDCNT:3 \
/PACERECVCNT:3 \
/MAXSENDRU:1024 \
/MAXRECVRU:1024 \
/MAXSENDRU:1024 \
/MAXSENDRU:1024 \
/COMMENT:"8 Blank chars" \

Chapter 2. Getting Started Guide 25


MODE QPCSUPP /ADD \
/SESSIONLIM:64 \
/CONWIN:32 \
/CONLOSE:0 \
/AUTOACT:0 \
/AUTOPARTNER:Yes \
/HIGHPRIORITY:Yes \
/PACESENDCNT:7 \
/PACERECVCNT:7 \
/MAXSENDRU:1024 \
/MAXRECVRU:1024 \
/MAXSENDRU:1024 \
/MAXSENDRU:1024 \
/COMMENT:"5250 Mode" \
MODE NDM624K /ADD \
/SESSIONLIM:20 \
/CONWIN:10 \
/CONLOSE:10 \
/AUTOACT:0 \
/AUTOPARTNER:No \
/HIGHPRIORITY:No \
/PACESENDCNT:7 \
/PACERECVCNT:7 \
/MAXSENDRU:4096 \
/MAXRECVRU:4096 \
/MAXSENDRU:4096 \
/MAXSENDRU:4096 \
/COMMENT:" " \
SERVER CSD-PUBS /ADD \
/CPNAME:M1RPU01 \
/NETNAME:CSDNET \
/COMMENT:"" \
LINK SNADLC1 /ADD \
/SERVER:CSD-PUBS \
/LINKTYPE:Token \
CONNECTION TOKEN1 /ADD \
/SERVER:CSD-PUBS \
/COMMENT:"802.2 Connection" \
/ACTIVATION:OnServerStartup \
/CALLDIRECTION:Both \
/LOCALBLOCKNO:071 \
/LOCALNODENO:6200D \
/CPNAME:CSDSA01 \
/NETNAME:CSDNET \
/REMOTEBLOCKNO: \
/REMOTENODENO: \
/LINKSERVICE:SNADLC1 \
/REMOTEEND:Host \
/CONNTYPE:802.2 \
/XIDTYPE:Format3 \
/REMOTENETADDR:400070006200 \
/REMOTESAPADDR:4 \
/MAXBTULEN:1929 \
/RECEIVEACKTHRESH:2 \
/NAKSENDLIMIT:8 \
/RETRYLIMIT:10 \
/XIDRETRIES:3 \
/T1TIMEOUT:Default \
/T2TIMEOUT:Default \
/TITIMEOUT:Default \
/ACTIVATEDELAY:Default \
/ACTIVATERETRYLIMIT:None \

26 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


APPCRLU M1CDXY2B /ADD \
/CONNECTION:TOKEN1 \
/NETNAME:CSDNET \
/LUNAME:M1CDXY2B \
/COMMENT:"" \
/UNINTERPNAME:M1CDXY2B \
/AUTOPARTNER:No \
/PARALLELSESS:Yes \
APPCLLU M1R01LUA /ADD \
/SERVER:CSD-NTSNA1 \
/LUNUMBER:0 \
/NETNAME:CSDNET \
/LUNAME:M1R01LUA \
/COMMENT:"" \
/AUTOPARTNER:No \
/DEFAULTPOOL:No \
/TPTIMEOUT:60 \
APPCLLU M1R01LUA \
/ADDPARTNER:M1CDXY2B,NDM624K,TOKEN1 \
APPCLLU M1R01LUB /ADD \
/SERVER:CSD-NTSNA1 \
/LUNUMBER:0 \
/NETNAME:CSDNET \
/LUNAME:M1R01LUB \
/COMMENT:"" \
/AUTOPARTNER:No \
/DEFAULTPOOL:No \
/TPTIMEOUT:60 \
APPCLLU M1R01LUB \
/ADDPARTNER:M1CDXX2B,NDM624K,TOKEN1 \
USER USER1 /ADD \
/DOMAIN:CSD-NTSNA1 \
/COMMENT:"" \
USER USER1 \
/INSERT:M1R01LU2 \
USER USER1 \
/INSERT:M1R01LU3 \
DIAGNOSTIC \
/AUDITLEVEL:10 \

Access Communications Server Configuration Listing


The SNA configuration listing for IBM Communications Server is stored in a file
with an extension of acg. The name for this file is defined when you install the
Communications Server.

SNA Server/Host Configuration Worksheet


Complete this worksheet before you set up and configure an SNA connection
between the host and the SNA server.

For each parameter listed, record the parameter value mapped between SNA and
VTAM. Use the alphabetic identifier to understand how the parameters are
implemented in the network map in the example.

Identifier Parameter Parameter value Mapped Host/VTAM


Between SNA and VTAM
[a] Local Sterling LOCAL.NODE
Connect:Direct node name=

Chapter 2. Getting Started Guide 27


[b] Remote Sterling ADJACENT.NODE
Connect:Direct node name=
[c] Mode= LOGMODE
[d] Session Limits= VTAM APPLID DSESSLIM
[e] Max RU= LOGMODE RU Size
[f] Server Netname= VTAMNETID (owner of
PU)
[g] Server CPNAME= VTAM PU Name
[h] Connection CPNAME= VTAM SSCPNNAME
[i] Connection Netname= VTAM NETID (owner of
PU)
[j] Connection VTAM PU DBLK
LOCALBLOCKNO=
[k] Connection VTAM PU IDNUM
LOCALNODENO=
[l] Connection Remote Network Address
REMOTENETADDR=
[m] Local LU Name VTAM LU Name (must be
(APPCLU)= independent)
[n] APPCLU Netname= VTAM NETID (owner of
PU)
[o] Remote Partner LU VTAM APPLID
(APPCRLU)=
[p] APPRCLU Netname= VTAM NETID (owner of
APPLID)

Installing in a Windows clustered environment


For instructions on installing Sterling Connect:Direct for Microsoft Windows in a
Windows clustered environment, see Deploying Sterling Connect:Direct in a
Windows 2012 Failover Cluster

Note: When installing in a clustered environment, you must deselect the Requester
feature (do not install it at this time). Instead, do one of the following:
v Install the Sterling Connect:Direct Requester (Stand-Alone) using the
CDRequester Setup.exe. See Installation Notes for Sterling Connect:Direct
Requestor for more information.
v Install the Requester feature on a different system outside the cluster
environment.

Install Sterling Connect:Direct for Microsoft Windows

Installation Overview
After you complete the installation worksheets, you are ready to install Sterling
Connect:Direct for Microsoft Windows.

Install all components or selected components. Sterling Connect:Direct components


include:

28 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


v Sterling Connect:Direct for Microsoft Windows server-Performs the functions
issued from the user interface. If you want a dedicated server, install only this
component. It also includes the Command Line Interface (CLI), a tool that allows
you to issue commands to the server.
v Sterling Connect:Direct for Microsoft Windows Requester-A graphical user
interface that makes it easy to configure the Sterling Connect:Direct
environment, create Processes, and submit commands to the server.
v Sterling Connect:Direct File Agent-Scans watched directories for files. When a
file is detected, Sterling Connect:Direct File Agent either submits a default
Process to Sterling Connect:Direct or performs the actions specified by the rules
for the file.
v Sterling Connect:Direct Secure Plus-Implements security into a Sterling
Connect:Direct operation. It must be installed on both nodes in order to activate
the security software.

Software Developer's Kit (SDK) allows programmers to customize the functions of


Sterling Connect:Direct for Microsoft Windows.

After you install Sterling Connect:Direct for Microsoft Windows, TCP/IP


information, database information and notification method is defined in the
initialization parameters. To change TCP/IP information, the notification type, or
the Sterling Connect:Direct database, refer to the IBM Sterling Connect:Direct for
Microsoft Windows System Guide.

Sterling Connect:Direct for Microsoft Windows Installation Icons


You choose the installation type to meet your needs. For example, if you want to
install a standalone server, install only the Sterling Connect:Direct for Microsoft
Windows server software. If you want to use a computer as a server and a
workstation, install both the server software and Sterling Connect:Direct Requester.
To install Sterling Connect:Direct Secure Plus, use the custom installation to install
both Sterling Connect:Direct for Microsoft Windows and Sterling Connect:Direct
Secure Plus.

Additionally, if you have a large network of computers where you need to install
Sterling Connect:Direct for Microsoft Windows, you can set up a silent installation.
To configure a silent installation, install Sterling Connect:Direct for Microsoft
Windows at one computer. Then use the initialization parameters file that was
created during the installation to create a silent installation. Send the modified INI
file to each computer on which to perform the silent installation.

Icons are displayed by each component to illustrate the selected installation type.
The icons and installation types are described below:

The component is installed to the local drive.

Selected features of the component are installed.

The component is not installed.

Adds an icon to the Sterling Connect:Direct program group of the selected


computer. The component is only installed when the user clicks the
program icon to run the program.

The component is installed on the network.

Chapter 2. Getting Started Guide 29


Sterling Connect:Direct for Microsoft Windows is installed in the directory called
X:\Program Files\Sterling Commerce\Connect Direct v4.7.00\component.

If you would like to install Sterling Connect:Direct for Microsoft Windows in


another location, select the Custom setup during the installation and click Change.
The remaining procedures use the default installation path.

Install Sterling Connect:Direct for Microsoft Windows and


Optionally Sterling Connect:Direct Secure Plus or SNMP
About this task

To install Sterling Connect:Direct for Microsoft Windows and optionally Sterling


Connect:Direct Secure Plus or SNMP:

Procedure
1. If you are installing from a CD, insert the CD into the CD drive. If Autorun is
enabled, the installation automatically starts. Otherwise, start setup.exe from
the Microsoft Windows run option.
2. If you downloaded the software, double-click setup.exe from the download
folder.
3. On the Welcome dialog, click Next.
4. To install Sterling Connect:Direct Secure Plus or SNMP, select Custom and
click Next. The Custom Setup dialog box is displayed that shows the features
available for installation.
v To configure MySQL or SQL Server, disable the solidDB feature on this
dialog.
v To install Sterling Connect:Direct Secure Plus, click the icon next to
application and identify the type of installation.
v To install an SNMP extension agent, click the icon next to the application to
remove the red X. This option is only available if SNMP Trap Service is
installed.

Note: SNMP is only supported on 32-bit systems and is not displayed as a


feature on 64-bit systems.
5. To change the default installation path, click Change. Select the installation
location and click OK.
6. Click Next.
7. To configure the Sterling Connect:Direct, enable Custom and click Next.
8. The name of the local node is displayed. It is the hostname of the computer
where you are installing the product. To change the local node name, type the
alternate node name and click Next.
9. Select the SQL server to use and click Next.
10. Configure the database you selected as follows:
v If you accepted the default database, solidDB, type the information
provided by your system administrator and click Next.

Note: If you chose another database and decide to install solidDB at a later
time, run setup.exe. You can also install the solidDB feature using the
"Add/Remove Programs" tool from the Windows Control Panel, or
"Programs and Features" on Windows Vista and later Windows versions. .
v To configure MySQL, type the MySQL Server options provided by your
system administrator and click Next.

30 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


v To configure SQL Server, type the address of the remote SQL Server and
identify the authentication method. Click Next.
v For SQL Server Express, the SQL Server field is populated with
(local)\CDWINDOWS. Unless an advanced configuration is performed, do
not make changes to the SQL Server field or the Microsoft Windows
authentication credentials of the current user. Click Next.
11. To specify an optional user account to run the Sterling Connect:Direct service,
type the service account name and password, and click Next. When setting up
the logon account, give the account the following privileges:
v Act as part of the operating system
v Log on as a service
v Log on locally
v Replace a process-level token
v Full permissions over the installation directory
v Make the user a member of the local Administrators Group
12. To configure TCP/IP as the connection method, provide the following
information and click Next:
v Node-to-Node IP Address
v Node-to-Node Port
v User Interface IP Address
v User Interface Port
13. If you installed SNA, do the following to configure SNA support:
a. Select Configure SNA.
b. Type the local LU name in the Local LU Name field.
c. Type the network name or ID in the Network Name (NET ID) field.
d. Type the mode name in the APPC Mode Name field.
e. Click Next.
14. To configure SNMP support:
v To enable SNMP extension agent, select Enable Connect:Direct SNMP
Extension Agent.
v To enable event logging, select Enable SNMP Event Logging.
15. Click Next.
16. To use Active Directory, select Register Client Connection Settings and click
Next.
17. To configure notification support:
v To enable Microsoft Windows broadcasting, select NT Network Broadcast.
v To enable SMTP, select SMTP.
18. Click Next.
19. To use a predefined network map, user authorities or initialization parameters
file, for example exported from a previous versions of the product, click
Browse and select the configuration file to import. Click Next.
20. Click Install.
21. When the installation is finished, Sterling Connect:Direct Requester is
automatically started. If you do not want it to start automatically, deselect this
option.
22. Click Finish.

Chapter 2. Getting Started Guide 31


Install Sterling Connect:Direct Server and Requester
Before you begin

If you chose a database other than the included solidDB, make sure you have
installed your database before you begin this installation.

About this task

To install Sterling Connect:Direct Server and Requester:

Procedure
1. Insert the CD into the CD drive. If Autorun is enabled, the installation
automatically starts. Otherwise, start setup.exe from the Microsoft Windows
run option.
2. If you downloaded the software, double-click CDWindows setup.exe from the
download folder.
3. On the Welcome dialog, click Next.
4. Select Typical and click Next.

Note: When installing in a clustered environment, you must deselect the


Requester feature (do not install at this time). Instead, do one of the following:
v Install the Sterling Connect:Direct Requester (Stand-Alone) using the
CDRequester Setup.exe.
v Install the Requester feature on a different system outside the cluster
environment.
5. To configure the Sterling Connect:Direct Server, enable Default and click Next.
6. Select the database to use and click Next.

Note: The SQL Server option applies to either a remote SQL Server or the
local installation of SQL Server Express.
7. Click Next.
8. Configure the database you selected as follows:
v If you accepted the default database, solidDB, type the information
provided by your system administrator and click Next.

Note: If you chose another database and decide to install solidDB at a later
time, run setup.exe. You can also install the solidDB feature using the
"Add/Remove Programs" tool from the Windows Control Panel, or
"Programs and Features" on Windows Vista, 2008R2 or Windows 7.
v To configure MySQL, type the MySQL Server options provided by your
system administrator and click Next.
v To configure SQL Server, type the address of the remote SQL Server and
identify the authentication method. Click Next.
v For SQL Server Express, the SQL Server field is populated with
(local)\CDWINDOWS. Unless an advanced configuration is performed, do
not make changes to the SQL Server field or the Microsoft Windows
authentication credentials of the current user. Click Next.
9. Click Install.
10. When the installation is finished, Sterling Connect:Direct Requester is
automatically started. If you do not want it to start automatically, deselect the
option.
11. Click Finish.
32 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation
Upgrade Sterling Connect:Direct for Microsoft Windows
About this task

To upgrade Sterling Connect:Direct:

Procedure
1. Double-click the setup.exe file.
2. On the Welcome dialog, click Next.
3. To install Sterling Connect:Direct Server and Requester, select Typical. Click
Next.
4. To install Sterling Connect:Direct Secure Plus and Sterling Connect:Direct for
Microsoft Windows, select Custom. Click Next.
5. Select Upgrade and click Next.
6. To save the previous version of Sterling Connect:Direct, check Keep <version -
nodename>." Click Next.
7. Click Install.
8. If you installed Sterling Connect:Direct Requester, it starts automatically. To
disable the automatic start, deselect this option. Click Finish.

Add Sterling Connect:Direct for Microsoft Windows Components


Before you begin

Before you can add a component, Sterling Connect:Direct for Microsoft Windows
must be installed.

About this task

After you install the product, you can change the installed components including
repair a component that is corrupt, remove a component, or install an additional
component.

To add, remove, or repair a Sterling Connect:Direct component:

Procedure
1. Start the Sterling Connect:Direct for Microsoft Windows installation.
2. On the Welcome dialog, click Next.
3. To install additional components:
a. Select Modify and click Next.
b. Select the component to add and enable This feature will be installed on
local hard drive. Click Next.
c. Click Install.
d. Click Finish.

Repair Sterling Connect:Direct for Microsoft Windows


Components
Before you begin

Before performing this procedure, Sterling Connect:Direct for Microsoft Windows


must be installed.

Chapter 2. Getting Started Guide 33


About this task

To repair Sterling Connect:Direct for Microsoft Windows components:

Procedure
1. Start the Sterling Connect:Direct for Microsoft Windows installation.
2. On the Welcome dialog, click Next.
3. Select Repair and click Next
4. Click Install to repair the installation.
5. Click Finish to complete the modification.

Remove Sterling Connect:Direct for Microsoft Windows


Components
Before you begin

Before performing this procedure, Sterling Connect:Direct for Microsoft Windows


must be installed.

About this task

To remove a Sterling Connect:Direct for Microsoft Windows installed component:

Procedure
1. Start the Sterling Connect:Direct for Microsoft Windows installation.
2. On the Welcome dialog, click Next.
3. Select Modify to remove a Sterling Connect:Direct component and click Next.
4. Select the component to remove, select This feature will not be available, and
click Next.
5. Click Install.
6. Click Finish.

Install Sterling Connect:Direct Requester Only (Stand Alone)


About this task

Computers other than the one on which Sterling Connect:Direct is installed may
require that Sterling Connect:Direct Requester be installed.

If you installed Sterling Connect:Direct in a clustered environment, you cannot use


Requester unless it is installed separately, as Stand-Alone or on a separate machine
from Sterling Connect:Direct. If you are installing in a clustered environment, you
must deselect the Requester feature and use these instructions to install it
separately.

To install Sterling Connect:Direct Requester (stand alone):

Procedure
1. Insert the Sterling Connect:Direct Requester CD into the CD drive or
double-click the CDRequester setup.exe file downloaded from IBM Passport
Advantage.

34 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


2. If the Autorun option is enabled for the CD drive, the installation automatically
starts. If the Autorun option is disabled, start the installation from the Microsoft
Windows Run dialog.
3. On the Welcome dialog, click Next.
4. Click Next.
5. On the Setup Type dialog, select Typical and click Next.
6. Click Install.

Install Sterling Connect:Direct File Agent


About this task

When you install Sterling Connect:Direct File Agent, Java Runtime Environment
(JRE) is automatically installed.

To install Sterling Connect:Direct File Agent:

Procedure
1. Insert the Sterling Connect:Direct for Microsoft Windows CD into the CD drive,
or locate the files you extracted from the IBM Passport Advantage, and
double-click the FileAgentInstall.exe file.
2. From the Introduction dialog box, click Next.
3. To install Sterling Connect:Direct File Agent in a selected location, click Choose
and select the location.
4. Click Next, then click Install.
5. When the installation is complete, click Done.

Uninstall Sterling Connect:Direct for Microsoft Windows


About this task

The Sterling Connect:Direct for Microsoft Windows Uninstall program removes the
application, its components, Sterling Connect:Direct Requester, and Sterling
Connect:Direct for Microsoft Windows server, program items, and most server and
Registry settings.

To uninstall the Sterling Connect:Direct Server program and all of the server
utilities:

Procedure
1. Click Start > Programs > Settings > Control Panel > Add-Remove Programs.
2. Highlight Sterling Connect:Direct for Microsoft Windows and click Remove.
3. Click Yes to confirm the removal of this program.
4. Click Finish.
5. Click OK to close the Add/Remove Programs Properties dialog box.

Add Initialization Parameters to Support Firewall Navigation


About this task

If you communicate with a trading partner using a firewall, set two initialization
parameters to support it. You assign a specific TCP/IP source port number or a
range of port numbers with a particular TCP/IP address or addresses for outgoing

Chapter 2. Getting Started Guide 35


Sterling Connect:Direct sessions. Setting these parameters allows controlled access
to a Sterling Connect:Direct server if it is behind a packet-filtering firewall without
compromising security.

To add firewall support initialization parameters:

Procedure
1. Coordinate IP addresses and associated port assignments with your firewall
administrator.
2. Add the following parameter to the Local Node Characteristics section of the
initialization parameters file: tcp.src.ports=(valid IP address/optional subnet
mask | valid IP address pattern, associated port number | associated range of
port numbers | associated port number, associated range of port numbers)
3. Apply the new initialization parameter.
4. A second parameter called tcp.src.ports.list.iterations is automatically added to
the Local Node Characteristics section during installation and has a default
value of 1. Refer to the following table for a description and valid values for
these parameters:

Parameter Name Parameter Definition Valid Values


tcp.src.ports An IP address or multiple Valid IP address with an
addresses and the ports optional mask for the upper
permitted for the address boundary of the IP address
when going through a range and the associated
packet-filtering firewall. outgoing port number or
range of port numbers for
the specified IP address, for
example:

(199.2.4.*, 1024),
(fd00:0:0:2015:*::*, 2000-3000),
(199.2.4.0/255.255.255.0,
4000-5000),(fd00:0:0:2015::0/
48, 6000, 7000)

A wildcard character (*) is


supported to define an IP
address pattern. If the
wildcard character is used,
the optional mask is not
valid.
tcp.src.ports.list.iterations The number of times that A numeric value from 1-255.
Sterling Connect:Direct scans The default value is 1.
the list of available ports
defined in tcp.src.ports to
attempt a connection before
going into a retry state. This
parameter is automatically
added to the initialization
parameter and is assigned a
value of 1. If desired, change
this value.

5. Coordinate the specified port numbers with the firewall administrators.

36 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Firewall Configuration Example
The following example illustrates a configuration of the firewall navigation
initialization parameter. An explanation follows the example. Although the
tcp.src.ports parameter is shown as a multi-line parameter, Sterling Connect:Direct
for Microsoft Windows only supports single-line parameters.

tcp.src.ports= (199.2.4.*, 5000-5050),


(199.2.4.7, 1376),
(200.200.0.0/255.255.0.0, 2000-2100, 3000-3100),
(138.16.17.*, 2000-2050, 3000-3050, 4001, 4005)

In the example, if Sterling Connect:Direct initiates a session with a remote node at


the IP address 199.2.4.7, it will use only port 1376. A session 199.2.4.6 (or any other
address beginning with 199.2.4) will use any port in the range 5000 to 5050.

A session to 200.200.4.10 uses a port from within the two ranges specified (2000 to
2100 or 3000 to 3100). Additionally, because of the subnet mask specification, a
session to any IP address beginning with 200.200 will choose a port from within
the two ranges specified.

The port for a session to any address beginning with 138.16.17 is selected from one
of the two ranges (2000 to 2050 or 3000 to 3050) or the two individual ports
specified (4001 or 4005).

Automate Installation

About Silent Installations


You can automate Sterling Connect:Direct for Microsoft Windows installation and
configuration for distribution throughout your enterprise by performing silent
installations. Silent installations require no user responses during the installation
routine. Configuration information is supplied by the initialization file that you
define. Before you perform a silent installation, install Sterling Connect:Direct for
Microsoft Windows on a master node and configure a network map and user
authorizations.

The Microsoft Installer Properties are the foundation of a silent installation.


Properties can be set on the command line or by creating custom transforms. A
transform is a collection of changes applied to an installation. Transforms alter the
installation database and can be used to customize a base installation package.
Applying a transform to a base installation package adds or replaces data in the
installation database.

Silent Installation Options

You can perform a default silent installation that installs Sterling Connect:Direct
server and Sterling Connect:Direct Requester, or you can use transforms to modify
the settings of an installation package. The transforms included with this product
enable, disable, and remove a feature from the Sterling Connect:Direct for
Microsoft Windows.msi package. To change the silent installation setting, use a
transform to enable or disable the desired feature.

Chapter 2. Getting Started Guide 37


Requirements for Silent Installation

For each node where a silent installation is performed, determine if the node uses
special services, for example, Active Directory, SNMP, or SNA. For these nodes, a
custom INI file is required. If no custom INI file is present, the default installation
is performed.

Customize Initialization Information for a Silent Installation


About this task

The Sterling Connect:Direct server supports an INI file, which can specify the
value of installation properties. If you plan to use the INI file to manage a silent
installation, change the parameters of the INI file provided with Sterling
Connect:Direct for Microsoft Windows to specify site-specific information.

The Sterling Connect:Direct for Microsoft Windows server initialization file


(CD_SRVR.INI) is located on the CD in the /advanced folder. The Sterling
Connect:Direct Requester and SDK installations do not use initialization files. To
set the installation directory for an installation, specify the INSTALLDIR property
in the command line.

To define site-specific parameter values in an INI file for each node where you
install Sterling Connect:Direct for Microsoft Windows using the silent installation,
do the following:

Procedure
1. Open the CD_SRVR.INI file using any text editor, such as Microsoft Windows
Notepad.
2. Define the site-specific initialization parameters for a node and save the file.
3. Repeat steps 1–2 for each server where Sterling Connect:Direct will be installed.

CD_SRVR.INI Parameter Values


Parameter Name Parameter Definition Values
CD_SETUP_TYPE Specifies the type of installation. Default | Custom | Upgrade
Default configures a new installation.
Upgrade migrates an existing
installation. Custom and Default
values have the same effect in silent
installs.
CD_NODENAME Local node name, from 1-16 If this field is blank, the parameter
characters, consisting of numbers, defaults to the first 16 characters of
letters, @, #, $, -, underscore (_), and the computer where the server is
period (.) with no spaces or installed.
apostrophes.
CD_UPGRADE_NODE The version of software and node to Version number/node name. For
upgrade. Valid only if example:
CD_SETUP_TYPE=Upgrade. CD_UPGRADE_NODE=V3.3.02\
MyNode. The default node is the first
node of the most recent version
installed.

38 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Name Parameter Definition Values
CD_UPGRADE_KEEPSCR_FLAG Prevents the current version from 1=enabled. If the selected installation
being deleted before installing the type is Upgrade/Migrate, the
new version. Valid only if previously installed version is
CD_SETUP_TYPE=Upgrade. uninstalled by default.
CD_HOST_IP The IP address or host name of the Any valid IP address or host name. If
server used for node-to-node blank, the IP address is obtained
communication. from the destination computer's IP
address in the TCP/IP stack.
CD_HOST_PORT The port number that Sterling A numeric value in the format nnnn,
Connect:Direct for Microsoft where nnnn is a positive integer no
Windows, or user-written API larger than four digits. The default is
programs, will use to establish client 1364.
sessions with this Sterling
Connect:Direct server for outgoing
communications.
CD_API_IP The IP address or host name of the Any valid IP address or host name. If
server used for API (client) blank, the IP address is obtained
connections. from the destination computer's IP
address in the TCP/IP stack.
CD_API_PORT The port number that Sterling A numeric value in the format nnnn,
Connect:Direct for Microsoft where nnnn is a positive integer no
Windows or user-written API larger than four digits. The default is
programs will use to establish client 1363.
sessions with this Sterling
Connect:Direct server. You must
specify the port when it differs from
the default.
CD_SNA_FLAG Configures the local node for SNA 1=enabled. Disabled by default.
services. If enabled, the remaining
SNA settings must be specified.
CD_SNA_LUNAME The local LU name to use during Valid 1-8 character LU name obtained
SNA communications. If no LU name from the SNA Service Key or
is specified, the name defaults to the computer name up to 8 characters.
first 8 characters of the name of the
computer.
CD_SNA_NETID The SNA network ID. Only valid if A valid 1-8 character network ID.
CD_SNA_FLAG is set.
CD_SNA_MODE The SNA mode name. Only valid if NDM624K | a valid 1-8 character
CD_SNA_FLAG is set. mode name
CD_SNMP_FLAG Configures and enables the SNMP 1=enabled. Disabled by default.
Trap Agent.
CD_EVENTLOG_FLAG Enables SNMP Event logging. 1=enabled. Disabled by default.
CD_ACTIVEDIR_FLAG Registers the client IP address to 1=enabled. Disabled by default.
active directory.
CD_NOTIFY_TYPE Defines the Process completion NT Broadcast | SMTP
notification type.
CD_NOTIFY_SMTP_HOST If CD_NOTIFY_TYPE = SMTP, this Host address in the format
field identifies the IP address of the xxx.xxx.xxx
SMTP host.
CD_NOTIFY_SMTP_PORT If CD_NOTIFY_TYPE = SMTP, this Port number up to four characters.
field identifies the port used by the The default value is 25.
SMTP host.

Chapter 2. Getting Started Guide 39


Parameter Name Parameter Definition Values
CD_NOTIFY_SMTP_SENDER If CD_NOTIFY_TYPE = SMTP, this Valid e-mail address.
field identifies the e-mail address to
identify the sender of the message
CD_NOTIFY_SMTP_AUTHENTICATE If CD_NOTIFY_TYPE = SMTP, this 1=enabled. Disabled by default.
field enables authentication. If this
value is not set, the user ID and
password fields are ignored.
CD_NOTIFY_SMTP_USERID If CD_NOTIFY_TYPE = SMTP, this A valid user ID.
field identifies the user ID to use to
authenticate the server.
CD_NOTIFY_SMTP_PWD If CD_NOTIFY_TYPE = SMTP, this A valid user password.
field identifies the user password to
use to authenticate the server.
CD_USERAUTH_FILE The path name and file name of a Any valid user authority file. For
valid user authority file. example: C:\Configurations\
MyUserAuth.cfg
CD_NETMAP_FILE The path name and file name of a Any valid network map file. For
valid network map file. example: C:\Configurations\
MyNetmap.cfg
CD_INITPARMS_FILE The path name and file name of a Any valid Microsoft Windows
valid initialization parameter file. directory and initialization parameter
file name. For example:
C:\Configurations\MyInitparms.cfg
CD_SVC_ACCOUNT Service user account. Installation fails Domain\Username format. The
if the user doesn't have the following default account is the local system
privileges: act as part of the account.
operating system, log on locally, log
on as service, replace a process level
token.
CD_SVC_ACCOUNT_PWD Service user account password.
CD_DATABASE_NAME Specifies the name of the database. The default database name is
CDWINNT.
CD_DATABASE_TYPE Configures the TCQ and Statistics SOLIDDB | MSSQL | MYSQL
databases. MSSQL or MySQL must
be installed and configured prior to
installing Sterling Connect:Direct.
SolidDB is optionally installed and
configured during the install.
CD_SOLIDDB_PORT If CD_DATABASE_TYPE = The default port number is 23470.
SOLIDDB, this parameter specifies
the solidDB server port number.
CD_SOLIDDB_USERID If CD_DATABASE_TYPE = The default user ID is root.
SOLIDDB, this parameter specifies
the user ID of the solidDB server
administrator.
CD_SOLIDDB_PWD If CD_DATABASE_TYPE =
SOLIDDB, this parameter specifies
the solidDB server system
administrator's password. The
password is required.

40 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Name Parameter Definition Values
CD_SQL_SERVER If CD_DATABASE_TYPE = MSSQL, Valid SQL Server
this parameter specifies the name of
the SQL server.
CD_SQL_AUTHENTICATION If CD_DATABASE_TYPE = MSSQL, Disabled by default.
this parameter specifies the SQL
authentication.
CD_SQL_USERID If CD_DATABASE_TYPE = MSSQL,
this parameter specifies the user ID
of the SQL server system
administrator. If SQL authentication
is enabled, the SQL user ID and
password are required.
CD_SQL_PWD If CD_DATABASE_TYPE = MSSQL, Valid 1-30 character SQL Server
this parameter specifies the SQL System administrator password
server system administrator's
password.
CD_MYSQL_HOST If CD_DATABASE_TYPE = MYSQL, The default host name is LocalHost.
this parameter specifies the host
name for the MySQL server.
CD_MYSQL_PORT If CD_DATABASE_TYPE = MYSQL, The default port number is 1366.
this parameter specifies the number
of the MySQL server port.
CD_MYSQL_USERID If CD_DATABASE_TYPE = MYSQL, The default user ID is root.
this parameter specifies the user ID
of the MySQL server system
administrator.
CD_MYSQL_PWD If CD_DATABASE_TYPE = MYSQL,
this parameter specifies the MySQL
server system administrator's
password. The password is optional.
CD_SPE_DISABLE_FLAG Disables the Secure+ Strong 1=disabled. Enabled by default.
password encryption feature.
CD_KEYSTORE_FILE Specifies the file name for Secure+ The file name should not include a
KeyStore file. path. The default file name is
cdkeystore.kdb.
CD_KEYSTORE_PWD Specifies the password for Secure+
KeyStore file. The password is
required when Secure+ is installed.
CD_NETMAP_CHECK Specifies the initialization parameter Y|L|R|N
network map check settings.
CD_NODE_CHECK Specifies the initialization parameter A|B|C
node check settings.
CD_CLIENT_KEYCERT_FILE Specifies the Secure+ Client Key
Certificate file name. (PEM PKCS8).
CD_CLIENT_KEYCERT_PWD Specifies the password for the
Secure+ Client Key Certificate file.
CD_CLIENT_CIPHERSUITES Enables the TSL or SSL cipher suites The default is
for the node record. Optional. (TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA)
CD_ADMIN_USERID Specifies the default Connect:Direct Any valid user ID.
user authority.

Chapter 2. Getting Started Guide 41


Customize Sterling Connect:Direct for Microsoft Windows
Configuration Information
After you install Sterling Connect:Direct for Microsoft Windows on a master node,
you can customize configuration information for distribution within your
enterprise by using Sterling Connect:Direct Requester to configure the network
map, user authorizations, and initialization parameters on the master node. You
can then extract those files using the Configuration Utility. For more information
about using the Configuration Utility, refer to "Defining and Managing the Sterling
Connect:Direct Network" in Help or in the IBM Sterling Connect:Direct for Microsoft
Windows System Guide.

To apply the customized configuration files during a silent installation, set


parameter values in the CD_SRVR.INI file as follows:
v To apply a customized network map file, set CD_NETMAP_FILE to the fully
qualified path to a customized network map configuration file.
v To apply a customized user authorization file, set CD_USERAUTH_FILE to the
fully qualified path to a customized User Authorization configuration file.
v To apply customized initialization parameters, set CD_INITPARMS_FILE to the
fully qualified path to a customized initialization parameters file.

Run a Silent Installation


About this task

Setup.exe installs the Microsoft Installer, Visual C++ Runtime Libraries and other
prerequisites on a system when they do not already exist. To complete the
installation, Setup.exe reboots the system if required and resumes the installation
after the computer has restarted.

Setup.exe can accept a limited number of command-line parameters.


v You can pass parameters through Setup.exe to the included .msi file (MsiExec)
by using the /v option. Afte you specify this option, list any supported
parameters that can be passed to Msiexec.exe.
v To prevent Setup.exe from displaying a progress bar when it launches, use the
/s command-line parameter. For example, if you enter Setup.exe /s, Setup.exe
launches, but the user interface is not displayed.
v If you use the /v option and a command contains a text with a quotation mark
within existing quotes, type a backslash (\) before the text. For example, the
command line contains the following: /v"C:\My Files\SecurePlusEnable.mst\".
Because the path contains spaces, you must use quotes. However, because
quotes are required around the complete argument, failure to use a backslash
before internal quotes causes the statement to fail.
v Do not put a space between the command-line option (/v) and the arguments.
v To define multiple parameters with the /v option, separate them with a space.

To attach to the network and install Sterling Connect:Direct for Microsoft Windows
features from the network location in a silent installation:

Procedure
1. Click Start > Run. The Run dialog box is displayed.

42 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


2. In the Open field of the Run dialog box, type a command similar to following
example:

Setup.exe /s /v/qn

This command installs all Sterling Connect:Direct for Microsoft Windows


components including Sterling Connect:Direct Requester and Sterling
Connect:Direct Secure Plus.

Note: Setup.exe installs Sterling Connect:Direct for Microsoft Windows in the


default directory c:\Program Files\Sterling Commerce\Connect Direct
v[current version]. If you want to install Sterling Connect:Direct for Microsoft
Windows in a different directory, use the INSTALLDIR option on the command
line. Enclose the pathname in quotes and terminate the path with a backslash,
as in the following example:

Setup.exe /v"INSTALLDIR=\"D:\Program Files\Sterling Commerce\Connect Direct v4.7.00\""

3. Computers in a Microsoft Windows 2000 or XP Domain that use Active


Directory can also automate installations using the software installation
extension of the Group Policy Snap-In. The Microsoft Windows installer uses an
/M command line parameter to generate MIF files. In the following example,
the CDNT.mif file is created to report success or failure:

setup.exe /s /v/qn /M C:\Windows\CDNT.mif

Perform an Unattended Uninstallation


Procedure

Sterling Connect:Direct for Microsoft Windows provides for an unattended


uninstallation. In the following example, the /x command parameter removes the
package:

Setup.exe /x

Chapter 2. Getting Started Guide 43


44 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation
Chapter 3. System Guide
Configure the Local Node

Configuring the Sterling Connect:Direct Local Node


Before using IBM Sterling Connect:Direct for Microsoft Windows to transfer files,
you have to configure the local node.

You can configure the local node using the Configuration Tool or with Sterling
Connect:Direct Requester. This set of topics provides instructions for using
Requester. Requester is a graphical user interface that enables you to define local
nodes, user IDs, user authorities, and remote user proxies.

With the Sterling Connect:Direct Configuration Tool, you edit text files of user
authorization and network map parameters, and you can export these files.
However, using the Configuration Tool requires that you understand all the
Sterling Connect:Direct keywords and their parameters. Sterling Connect:Direct
Requester makes it easier to define user authorization parameters.

Note: The Configuration Tool also enables you to view or print a configuration.
See Print and View Node and Network Map Definitions under Define and Manage
the Sterling Connect:Direct Network.

To configure the local node using Requester, you:


1. Add a node definition for each server at the local site.
2. Add a user ID for each person who accesses one of the local servers.
3. Define the functions each local user can perform (functional authorities).
4. If necessary, configure user proxies for remote user access to the local node.

Adding or Modifying a Local Node Definition


About this task
To use Sterling Connect:Direct for Microsoft Windows, you begin by configuring a
local node for each server in the local network. You identified a local node when
you first installed Sterling Connect:Direct. Depending on the configuration at your
location, you can have more than one local node.

To add a local node definition for a server:

Procedure
1. Select Node > Connection Settings > Insert Node.
2. Type the node name in the Name field or select a node in Active Directory
Nodes if Active Directory is enabled.
3. Optionally, select the default user ID to associate with the node in the Default
User ID field.
4. Select the operating system used by the node in the Operating System field. If
any nodes are registered in Active Directory, select Windows to display nodes
registered in the Active Directory Nodes field.

© Copyright IBM Corp. 1982, 2016 45


5. Enter the TCP/IP address in the Address field.

Note: See “Specify IP Addresses, Host Names, and Ports” on page 147.
6. Type the port number in the Port field.
7. If this is the default node, select Set as the Default Node.
8. Click OK.
9. To modify a local node definition for a server at your site, double-click the
node on the Nodes tab of the Control Pad (left side of the Requester main
window). Modify fields as required and click OK.

Adding a User
About this task
To add a new Sterling Connect:Direct user from Sterling Connect:Direct Requester:

Procedure
1. If more than one local node is configured, on the Nodes tab of the Control Pad,
highlight the local node to which the user is to be added.
2. Select Node > Connection Settings > Edit Userids.
3. Click Insert.
4. Type information in the following fields:
v Name—Type the name of the new user. Either type the user name as defined
in the Microsoft Windows setup, such as "lmore", or type a fully-qualified
user name in the UPN format, such as "[email protected]".
v Password—Type the password defined for the user.
v Verify Password—Retype the password defined for the user.
5. Click Remember Password to automatically reload the password when you
attach as this user.
6. Click Set as the Default User if you want the new user to be the default user
for the node.
7. Click OK.
8. If the verification password you typed does not match the initial password, you
receive a message indicating the passwords do not match when you click OK.
Retype the verification password and click OK.
9. Click OK on the User Properties window to save the settings, then click Close.
Attention: Changes made to node settings are not written to the Registry until
you select OK.

Modifying a User ID
About this task

To modify a user ID from Sterling Connect:Direct Requester:

Procedure
1. If more than one local node is configured, on the Nodes tab of the Control Pad,
highlight the local node for which the user is to be modified.
2. Select Node > Connection Settings > Edit Userids.
3. Double-click the user ID to modify.

46 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


4. Modify fields as necessary.
5. Click OK.

Deleting a User
About this task

To delete a user from a node, from Sterling Connect:Direct Requester:

Procedure
1. If more than one local node is configured, on the Nodes tab of the Control Pad,
highlight the local node from which the user is to be deleted.
2. Select Node > Connection Settings > Edit Userids.
3. Select the user you want to delete.
4. Select Delete, then click Confirm. The user is deleted.

Attaching to a Local Node


About this task

After you configure the local node and define network users, you must attach to
the local node. If a user ID is set as the default and has the option Remember
Password activated, the user is automatically attached to the server.

Procedure
1. Select Node > Attach.
2. Select a user ID from the Userid list.
3. In the Password field, type the password that corresponds to the user ID.
4. Click OK.

About Local Functional Authorities


After you define a user ID for each user with access to the local node, you can
limit the tasks a user can perform by defining user authorities for each user ID. For
example, you can permit a user to submit Processes but not monitor or delete
them. Define user authority as a default administrator or a general user. Then
define the directories where a user can perform functions. You can define
authorities for remote users, and you can group users under group authorities.

Define a Functional Authority Type

You can define two types of users: administrators and general users. Each user
type has a set of default privileges. The default administrator and general user
definitions allow the user to perform basic Sterling Connect:Direct tasks. You can
use these templates to assign user authorities and restrict privileges. The following
table defines the default authorities of the administrator and the general user:

Default Default General


Authority Administrator User
View Processes in the TCQ yes yes
Issue the copy receive, copy send, run job, and yes yes
run task Process statements

Chapter 3. System Guide 47


Default Default General
Authority Administrator User
Issue the submit Process statement all yes
Monitor, submit, change, and delete all Processes yes no
Monitor, submit, change, and delete your own yes yes
Processes
Run programs yes yes
Access Process statistics all yes
Upload and download files from any directory yes yes
Upload and download files to or from specific no no
directories
Run programs from any directory yes yes
Run programs from specific directories yes no
Update the network map yes no
Update the translation table yes yes
Update local user authorities yes no
Update remote user secure point-of-entry proxies yes no
Stop Sterling Connect:Direct for Microsoft yes no
Windows
Invoke the refresh initialization parameters yes yes
options
Use the trace tool or issue traceon and traceoff yes no
commands
Override execution priority, including Hold, all yes
Retain, and Plexclass status
User type can override the CRC status on. off

Note: The CRC will


be off if Secure+ is
used.
Override Process options such as file attributes all yes
and remote node ID

Define Directories Where Users Can Perform Tasks

You then define directories where a user can perform tasks. If you do not specify a
directory for a function, the user can perform it from any directory, regardless of
whether the request is submitted from the PNODE or the SNODE; however, the
remote user proxy can override the directory specification. Directory restrictions for
the Upload and Download directory can be bypassed if restrictions are not also
provided for the Process and Program directory paths. As a result, if the remote
user is allowed to use the Run Task and Run Job features to execute commands
from any directory, then they could perform operating system commands. These
commands could include copy commands to copy files to any directory, bypassing
the Upload and Download restrictions.

To prevent this, set directory restrictions for the Process and program features
using a separate directory path from the Upload and Download directory path or
disable the Run Job and Run Task for this user. Programs that be run are defined
in the Process and Program directories.

48 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Define Remote User Proxies

You can define remote user proxies. A remote user proxy associates a remote user
with a local user ID and gives the remote user the authority to perform the same
functions as the proxy. This is useful if you want to give a remote user access to a
server, but you do not want to define a user ID and user authorities for the user.
Defining a remote user proxy also provides the remote user access to the local
node without the need to remember password information.

Defining User Authority


About this task

Use this procedure to restrict the functions that a user can perform and the
directories where a function can be performed.

To set user authorities:

Procedure
1. Select Admin > Functional Authorities. The User Authorities view is the
default view.
2. Choose one of the following types of users:
v Click New Admin to create a new user authority with full privileges for
Process controls and functions.
v Click New Genusr to create a user authority with reduced privileges.
3. Type a name, from 1 to 50 alphanumeric characters, for the new user in the
Name field. You can use spaces.

Note: You can enter a user ID in UPN format such as


[email protected]. The UPN format allows you to identify both the user
name and the domain.
4. Do one of the following:
v To save the new user authority with the default privileges, click OK.
v To modify the default user privileges, continue with the next step.
5. To restrict the control functions or statements a user is authorized to perform,
change the value of one or more of the fields on the Main tab to No to deny
user authority for that privilege and click OK.

Field Name Definition Valid Values


Submit Grants authority to submit Processes. Yes | No
Monitor Grants access to the Process Monitor Yes | No | All
function.

Yes specifies that you can monitor your


own Processes; All specifies that you can
monitor anyone's Processes.
Change Grants authority to change Processes in the Yes | No | All
TCQ.

Yes specifies that you can change your own


Processes; All specifies that you can change
anyone's Processes.

Chapter 3. System Guide 49


Field Name Definition Valid Values
Delete Grants authority to delete Processes from Yes | No | All
the TCQ.

Yes specifies that you can delete your own


Processes; All specifies that you can delete
anyone's Processes.
Statistics Grants authority to access Process statistics Yes | No | All
using the Select Statistics command.

Yes specifies that you can access statistics


for your own Processes; All specifies that
you can access statistics for anyone's
Processes.
Copy Send Grants authority to submit copy Process Yes | No
statements.
Copy Receive Grants authority to receive copy Process Yes | No
statements.
Run Job Grants authority to submit run job Process Yes | No
statements.
Run Task Grants authority to submit run task Process Yes | No
statements.
Submit Grants authority to submit Processes from Yes | No
within another Process.

6. To define directory restrictions, click the Directories tab.


7. To restrict a user's access to directories, specify the directory from which the
user can perform a function, submit Processes, or run programs and click OK.
Refer to the following table for the Directory Restrictions functions:

Field Name Description


Upload Specifies the directory that the user can copy files from and use as a
source.

Security in some Microsoft Windows systems prompts for administrative


permissions confirmation when it writes to the Program Files
subdirectories. If you specify a Program Files directory in the Upload field,
the system may be unable to copy files to that location.

To fix this problem:


1. Specify an upload directory that is not in the Program Files directory.
2. On the Sterling Connect:Direct for Microsoft Windows Server, use
Microsoft Windows Control Panel to change User Account Control
Settings to Never Notify.

Reboot the server to enable the updates.


Download Specifies the directory that the user can copy files to and use as a
destination.
Process Specifies the directory from which the user can submit a Process.
Note: Setting a Process directory restriction here only restricts submit
statements within a Process. In other words, given an entry in this field, a
user (or, in the case of a group functional authority, a group) can use
Requester to submit a Process without restrictions on where the Process is
submitted from, but a Submit Process statement within the Process will
run only from the directory specified here.

50 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Field Name Description
Program Specifies the directory from which the user can run a program.

8. To define administrative privileges, click the Admin tab.


9. To give a user access to an administrative function, change the value to Yes
and click OK. Refer to the following table for Administrative functions:

Field Name Definition Valid Values


Netmap Grants authority to update the network map. Yes | No
Translation Table Grants authority to update the translation tables. Yes | No
User Authorities Grants authority to update local user Sterling Yes | No
Connect:Direct functional authorities.
User Proxy Grants authority to update user proxies. Yes | No
Secure+ Grants authority to send Sterling Connect:Direct Yes | No
Secure Plus commands through the API.
Stop Grants authority to stop Sterling Connect:Direct. Yes | No
Refresh Grants authority to refresh the Sterling Yes | No
Connect:Direct server initialization parameters.
Trace Grants authority to access the Trace utility. Yes | No

10. Click the Override tab to define override authority.


11. To grant access to the override function, set any of the override privileges to
Yes. Refer to the following table for the override privilege functions:

Field Name Definition Valid Values


Execution Grants authority to override the default execution Yes | No | All
Priority priority in a Process.
Remote Node ID Grants authority to use the remote node ID Yes | No
parameter on the Process or when submitting the
Process.
File Attributes Grants authority to override the system's default file Yes | No
attributes when creating files using a copy Process.
ACL Update Grants authority to define access–allowed and Yes | No
access–denied entries in the Access Control List
(ACL) for a file created using a copy Process.
CRC Grants authority to override the CRC-enabled state ON | OFF |
in node and Process statements. Blank

12. Click OK.

Modifying a User Authority


About this task

To modify user authority information for Process statement and control


functionality:

Procedure
1. Select Admin > Functional Authorities.
2. Double-click the user authority to edit.
3. Change the user authorities as necessary.

Chapter 3. System Guide 51


4. Click OK.

Deleting a User Authority


About this task

To delete a user authority:

Procedure
1. Select Admin > Functional Authorities.
2. Select the user you want to delete and click Delete.

Defining a Group Authority


About this task

Use this procedure to create group authorities. Group authorities allow you to
group users who exercise the same level of functional authorities.

To define a group authority:

Procedure
1. Select Admin > Functional Authorities.
2. Click the Group Authorities tab.
3. To add a group authority, do one of the following:
v Click New Admin to create a new group based on *Admin settings as the
default.
v Click New Genusr to create a new group based on Genusr settings as the
default.
4. Type the name, from 1 to 50 alphanumeric characters, for the new group. You
can use spaces.
5. Define the group as either a local group or domain group by doing one of the
following:
v If the group is local, click Local and enter the name of the group as defined
by the workstation administrator under My Computer/Manage/Local Users
and Groups.
v If this is a domain group, click Domain Name, then enter the name of the
group as defined by the domain administrator, and the name of the domain
on which the group is defined.

Note: Local groups are groups defined locally on the server using the O/S
utility for managing local users and groups. If your users are defined locally,
use local groups. If your users are not defined locally but in a domain, use
domain groups. If you have some users in local and some in domains, you can
use both.
6. Do one of the following:
v To save the new group authority with default privileges, click OK.
v To modify the default group privileges, continue with the next step.
7. To restrict the control functions or statements users in the group are authorized
to perform, change the value of the fields on the available tab to No to deny
authority for that privilege and click OK.

52 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Note: Refer to “Defining User Authority” on page 49 for definitions of specific
user authorities.
8. Click OK to finish defining the group authority.

Modifying a Group Authority


About this task

To modify group authority information for Process statement and control


functionality:

Procedure
1. Select Admin > Functional Authorities and click the Group Authorities tab.
2. Double-click the group authority to edit.
3. Change authorities for the group as necessary.
4. Click OK.

Sequencing Group Authorities


About this task

A user can be a member of multiple groups, local and domain. Since each group
authority defined can contain different restrictions, the order of groups as they are
checked for a match is important. More restrictive groups should be checked
before less restrictive groups.

To change a group's position in the order of group functional authorities:

Procedure
1. On the Group Authorities tab of the Functional Authorities window, select the
group functional authority to move.
2. Move the group up in the order by clicking Move Up.
3. Move the group down in the order by clicking Move Down.
4. Click OK.

Deleting a Group Authority


About this task

To delete a group authority:

Procedure
1. Select Admin > Functional Authorities and click the Group Authorities tab.
2. Select the group you want to delete and click Delete.

Define Remote User Proxies


The secure point-of-entry proxies definition contains remote user information for
operations initiated from remote Sterling Connect:Direct nodes. It defines a proxy
relationship between a user at a remote Sterling Connect:Direct node and a local
user ID. This relationship enables users at remote nodes to submit work to their
system that interacts with the Microsoft Windows node without defining user IDs

Chapter 3. System Guide 53


and passwords for the specified Microsoft Windows system in the Processes.
Several proxies can use the same local user account with overrides specific to each
proxy.

Sterling Connect:Direct names each definition of this type according to the remote
node and submitter ID. Each definition contains the user ID and password for a
local account to use when the specified remote user submits Processes that interact
with this node.

Note: When you update the password for the specified local user account on your
Microsoft Windows system, you must update the corresponding Sterling
Connect:Direct secure point-of-entry proxy as well. This process is not automated.

The user proxy definition specifies the following Sterling Connect:Direct remote
user information:
v Remote Sterling Connect:Direct user ID and remote Sterling Connect:Direct node
name. You can also set a generic user ID called <ANY USER> and node name
<ANY NODE> to allow all of your remote users to connect through one proxy.
v Local user ID and password to use with submitted operations from the remote
Sterling Connect:Direct node.
v Any directory restrictions for Sterling Connect:Direct operations.

When a remote user submits a Sterling Connect:Direct Process that does not have a
remote node security ID specified, Sterling Connect:Direct for Microsoft Windows
accesses the proxy definition that corresponds to the specified user and logs on to
the Microsoft Windows server using the account information specified in the proxy
definition. If a proxy definition is not available for a given remote node/submitter
ID combination, the Process must explicitly specify the user ID and password to
use on the local node. Use the remote node ID security parameter in the Process
statement to provide the necessary security information to execute Processes with
this node.

Creating or Modifying a Remote User Proxy


About this task

To create or modify a proxy for a remote user:

Procedure
1. Select Admin > User Proxies.
2. Do one of the following:
v To add a new remote user proxy, click Insert.
v To modify a proxy, double-click the Remote User name to modify.
3. Add or modify the following information:
a. For a new proxy, type the remote node user ID or select <ANY USER> to
define a generic user ID.
b. Type the submitter ID, a specific node name, or select <ANY NODE> to
define a generic node.
c. Type the local user ID to map to the remote node or a specific user ID in
the Userid field.
d. Type the password twice associated with the local user ID to which the
proxy is mapped.

54 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Note: You can enter a user ID in UPN format such as [email protected].
4. If necessary, click the Directories tab to define the directory restrictions for the
remote user.
5. Select whether the proxy user has permission to perform Copy Send or Copy
Receive operations or if the permissions for the proxy user are the same as for
the real user (User).
6. Modify one or more of the following functions:
v Specify the directory the user can use to copy files from and use as a source
directory in the Upload field. If no directory is specified, the user can copy
files from any directory.
v Specify the directory the user can use to copy files to and use a destination
directory in the Download field. If no directory is specified, the user can
copy files to any directory.
v Specify the directory containing the Processes the user has authority to
submit in the Process field. If no directory is specified, the user can submit
Processes from any directory.
v Specify the directory containing the programs the user has authority to run
in the Program field. If no directory is specified, the user can run programs
from any directory.
v Specify whether the user can submit copy Process statements using the Copy
Send field. If you specify USER, this setting defaults to the proxy entry's
local user's functional authority setting.
v Specify whether the user can receive copy Process statements using the Copy
Receive field. If you specify USER, this setting defaults to the proxy entry's
local user's functional authority setting.
7. Click OK.

Deleting a Remote User Proxy


About this task
To delete user proxy information for an existing remote Sterling Connect:Direct
user:

Procedure
1. Select Admin > User Proxies.
2. Select the remote user you want to delete.
3. Click Delete.
4. Click Close.

Define and Manage the Sterling Connect:Direct Network

Define and Manage the Sterling Connect:Direct Network


Sterling Connect:Direct uses a network map to identify the remote nodes that can
communicate with the local node. Two methods are available to update the
network map:
v Sterling Connect:Direct Requester provides a graphical user interface to create
network map entries.

Chapter 3. System Guide 55


v The Configuration Tool enables you to extract a Sterling Connect:Direct for
Microsoft Windows network map as a text file from the Microsoft Windows
Registry. You can then update the network map and insert it into the Registry to
apply it.

About Defining the Network Map


You create a remote node entry in the network map for each remote node that the
local node communicates with. Each network map entry contains information
about the remote node, such as the remote node name, the operating system type,
the communications mode, and the communications path to use when connecting
to the remote node. The communications mode and communications path are
separately defined information that can be associated with one or more remote
nodes.

The remote node definition, the communications mode, and communications path
definition are the three components of each network map entry.

Note: The network map is not mandatory if the initialization parameter called
netmap.check is set to n and all remote nodes have TCP/IP paths that you identify
by their IP address or host name.

Define Remote Node Information


You define a network map entry for each remote node that communicates with the
local node. The network map defines the following components:
v Remote node definition—Information about remote Sterling Connect:Direct
nodes that the local node communicates with, including retry parameters,
maximum session connections, and network information.
v Communications mode—Information relating to session characteristics for a
protocol, such as TCP/IP, APPC, or UDT mode information. A communications
mode can be associated with one or more communications paths or remote node
definitions.
v Communications path—Transport and protocol information about the available
communications paths and their attributes. The protocol information includes
protocol type, such as TCP/IP, and specific protocol type information, such as
the name of the TCP mode for TCP/IP protocols. The protocol information also
includes the LU 6.2. protocol type and specific protocol information, such as Net
ID, PU Name, and LU name for LU 6.2 protocols. Each communications path
definition specifies a default communications mode.
Each remote node definition can be related optionally to one communications
mode and can be related to multiple communications paths, allowing multiple
communications paths and modes to be available for use when communicating
with the named remote node. These communications paths and modes can be
shared with other remote nodes and are not specific to one remote node
definition. Communications paths are used when establishing sessions with a
remote Sterling Connect:Direct node. Sterling Connect:Direct tries each
communications path named, in the order in which it is listed, until either a
session is established or all paths have been tried. You must designate at least
one path.

When defining, modifying, or deleting network map entries, be aware of the


dependencies among the three components and the manner in which they refer to

56 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


each other. For example, before you name a communications mode in your
communications path definition, the communications mode must exist.

Creating or Modifying a Remote Node Definition


About this task

The remote node definitions contain information for remote Sterling Connect:Direct
nodes that the local Sterling Connect:Direct node communicates with.

To create or modify a remote node definition in the network map:

Procedure
1. Select Admin > Netmap to open the network map.
2. Do one of the following:
v To add a node, select Netmap > Insert and type a node name in the Name
field.
v To modify an existing node, double-click the node name in the Netmap
window.
3. Define information in the following fields for the remote node you are
configuring on the Main tab. Refer to the following table for information on
each field:

Field Name Description Valid Values


Name The name of the remote Sterling A 1- to 16-character alphanumeric string
Connect:Direct node. If you are modifying a
node, this field cannot be edited.
Operating System The operating system for the remote node. OpenVMS | OS/390 | OS/400 | Tandem |
UNIX | VM | VSE | Windows
Max Pnode Sess The maximum concurrent connections for all A numeric value from 0–255. The default is
remote nodes when the local Sterling 1. For a workstation version of Sterling
Connect:Direct node originates the Process. Connect:Direct for Microsoft Windows, this
This field is limited to the lesser of the field is limited to 1.
values defined in the initialization
parameters file and the network map
definition for a given node.
Max Snode Sess The maximum concurrent connections, A numeric value from 0–255. The default is
where the local Sterling Connect:Direct for 1. For a workstation version of Sterling
Microsoft Windows, node is the partner, or Connect:Direct for Microsoft Windows,
secondary, node cooperating with a remote maximum SNODE sessions are limited to 2.
Sterling Connect:Direct node to execute a
Process. The maximum number of
concurrent sessions is limited to the lesser of
the values defined in the initialization
parameters file and the network map
definition for a given node.
Default Class The default session class used to start session A numeric value from 1 to the value of
managers. A Process executes on the maximum concurrent local node connections
specified class or any higher session class. (sess.pnode.max). The default value is 1. The
This value overrides the equivalent value for value cannot be greater than the maximum
this node in the initialization parameters. number of local sessions with primary
control.

Chapter 3. System Guide 57


Field Name Description Valid Values
Short Term Retry The number of retry attempts if a short-term A numeric value from 1–255. The default is
Attempts connection failure occurs. Long-term retry 10.
parameters are used after the number of
short-term attempts you specify has been
reached.
Short Term Retry The amount of time to wait between each A 24-hour time value formatted as hh:mm:ss.
Interval short-term retry attempt. The maximum value is 23:59:59. The default
is 00:00:10 or 10 seconds.
Long Term Retry The number of retry attempts after all of the A numeric value from 0–255. The default is
Attempts short-term retry attempts are used. 0.
Long Term Retry The amount of time to wait between each A 24-hour time value formatted as hh:mm:ss.
Interval long-term retry attempt. The maximum value is 23:59:59. The default
is 00:03:00, or 3 minutes.

4. To configure TCP/IP settings, click the TCP/IP tab and set the TCP/IP
attributes. Refer to the following table for definitions of the fields:

Field Name Description Valid Values


Host/IP Address The host name or IP address of the remote A numeric value in the format
node. Alias names are not supported. nnn.nnn.nnn.nnn (IPv4) or
nnnn:nnnn:nnnn:nnnn:nnnn:
nnnn:nnnn:nnnn (IPv6) or the host name.

Port/Service The communications port number for A numeric value in the format nnnnn, where
Sterling Connect:Direct if it differs from the nnnnn is a positive integer from 0–65535.
default value specified in the initialization
parameters.
Mode Override Select the name of the network map TCP/IP Name of a defined TCP/IP communications
communications mode definition record used mode.
when communicating with this remote node.
If this parameter is not specified, its value
defaults to the last TCP/IP mode in the list.
Alt Comm Outbound The alternate communication address Fully qualified host name or IP address and
(communication path) used for outbound port number.
Processes. This parameter provides the
alternate addresses for a remote node that A comma separates the list of alternate
has multiple NIC cards. When the local node communication paths as shown in the
is the PNODE, the alternate addresses are following example:
tried (starting with the first IP address listed)
if an initial attempt to the primary address salmon;9400, 10.20.40.65;9500
fails. After a connection has been established,
The list is processed from the top down.
if the connection is subsequently lost,
attempts to reestablish the connection
through the retry mechanism use the same
address as the initial connection.

When the local node is the SNODE, the


alternate addresses are used in the Netmap
check.
Note: This parameter should not be used in
a outbound Process if the SNODE is Sterling
Connect:Direct/Plex.

58 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Field Name Description Valid Values
Alternate Comminfo Provides support for establishing hostname1/IP address, hostname2/IP
netmap-checked sessions with address, hostname3/IP address
high-availability (especially load balancing)
systems with multiple IP addresses, such as host name—Host name associated with the
Sterling Connect:Direct/Plex for z/OS. Use IP address. For example:
this parameter to list all IP addresses or host
names that are part of the multiple IP hops (where hops is a machine on the local
address environment. domain)

For Sterling Connect:Direct/Plex, this list hops.domain.com (fully-qualified host name)


should include the address of each Sterling
Connect:Direct/Server with a different IP nnn.nnn.nnn.nnn or nnnn:nnnn:nnnn:nnnn:
address from the Sterling nnnn:nnnn:nnnn:nnnn—IP address of
Connect:Direct/Plex Manager. a machine running Sterling Connect:Direct

If a remote node has more than one outgoing


IP address (as in a load balancing
environment), specify all of the remote
node's possible outgoing addresses in the
Alternate Comminfo field so that those
outgoing IP addresses are contained in the
local node's netmap entry for that remote
node. This configuration allows netmap
checking to succeed when the remote node
connects to the local node using any of the
possible outgoing IP addresses specified.

5. To configure UDT settings, click the UDT tab and set the UDT attributes.
Refer to the following table for definitions of the fields:

Field Name Description Valid Values


Host/IP Address The host name or IP address of the remote A numeric value in the format
node. Alias names are not supported. nnn.nnn.nnn.nnn (IPv4) or
nnnn:nnnn:nnnn:nnnn:nnnn:
nnnn:nnnn:nnnn (IPv6) or the host name.
Port/Service The communications port number for A numeric value in the format nnnnn, where
Sterling Connect:Direct if it differs from the nnnnn is a positive integer from 0–65535.
default value specified in the initialization
parameters.
Mode Override Select the name of the network map UDT Name of a defined UDT communications
communications mode definition record used mode.
when communicating with this remote node.
If this parameter is not specified, its value
defaults to the last UDT mode in the list.

Chapter 3. System Guide 59


Field Name Description Valid Values
Alt Comm Outbound The alternate communication address Fully qualified host name or IP address and
(communication path) used for outbound port number.
Processes. This parameter provides the
alternate addresses for a remote node that A comma separates the list of alternate
has multiple NIC cards. When the local node communication paths as shown in the
is the PNODE, the alternate addresses are following example:
tried (starting with the first IP address listed)
if an initial attempt to the primary address salmon;9400, 10.20.40.65;9500
fails. After a connection has been established,
The list is processed from the top down.
if the connection is subsequently lost,
attempts to reestablish the connection
through the retry mechanism use the same
address as the initial connection.

When the local node is the SNODE, the


alternate addresses are used in the Netmap
check.
Note: This parameter should not be used in
a outbound Process if the SNODE is Sterling
Connect:Direct/Plex.
Alternate Comminfo Provides support for establishing hostname1/IP address, hostname2/IP
netmap-checked sessions with address, hostname3/IP address
high-availability (especially load balancing)
systems with multiple IP addresses, such as host name—Host name associated with the
Sterling Connect:Direct/Plex z/OS. Use this IP address. For example:
parameter to list all IP addresses or host
names that are part of the multiple IP hops (where hops is a machine on the local
address environment. domain)

For Sterling Connect:Direct/Plex, this list hops.csg.domain.com (fully-qualified host


should include the address of each Sterling name)
Connect:Direct/Server with a different IP
address from the Sterling nnn.nnn.nnn.nnn or nnnn:nnnn:nnnn:nnnn:
Connect:Direct/Plex Manager. nnnn:nnnn:nnnn:nnnn—IP address of a
machine running Sterling Connect:Direct
If a remote node has more than one outgoing
IP address (as in a load balancing
environment), specify all of the remote
node's possible outgoing addresses in the
Alternate Comminfo field so that those
outgoing IP addresses are contained in the
local node's netmap entry for that remote
node. This configuration allows netmap
checking to succeed when the remote node
connects to the local node using any of the
possible outgoing IP addresses specified.

6. To configure the APPC settings, click the APPC tab and set the APPC
attributes. Refer to the following table for a description of the fields:

Field Name Description Valid Values


Network Name The name of the SNA network in which the SNA network name
remote Sterling Connect:Direct node resides.
Partner LU The name of the partner node to be used as A 1–8 character alphanumeric string
the remote connection end point for the
LU-to-LU session. This is the VTAM APPLID
for host connections or partner LU name for
LU 6.2 only.

60 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Field Name Description Valid Values
Mode Override The name of the network map APPC Name of a defined APPC communications
communications mode definition record that mode
is used when communicating with this
remote node. If this parameter is not
specified, its value defaults to the last APPC
mode in the list.

7. To identify the communications path, click the Communication Paths tab.


8. Perform the following actions as required:
v To add a path defined in the network map, select a path name from the
Available Paths box and click the right arrow button.
v To view the properties of a path, select the path from the Available Paths
box and click Properties.
v To add a new path to the network map, click New.
v To delete a path, select the path in the Available Paths box and click
Delete.
v To select all available paths, click Add All.
v To remove a selected path, select the path in the Selected Paths box and
click the left arrow button.
v To remove all selected paths, click Remove All.
9. To add a description of the node, click the Description tab. Sterling
Connect:Direct does not use this information. Refer to the following table for a
description of each field:

Field Name Description Valid Values


Name The name of the Sterling Connect:Direct A 1- to 49-character alphanumeric string
administrator or operator for the remote
node.
Phone Number The phone number of the administrator or A 1- to 39-character alphanumeric string
operator for the remote node. Do not use
blanks in this string.
Node Description Any additional information you want to A 1- to 127-character alphanumeric string
include specific to the remote node.

10. Click OK.

Adding or Modifying Communications Mode Settings


About this task

You can add or modify the settings for a communications mode object. These
values override the values in the initialization parameters file.

Procedure
1. Select Admin > Netmap to open the network map.
2. Do one of the following:
v To modify an existing mode definition, double-click the mode.
v To add a new mode definition, right-click in the mode box and click Insert.

Chapter 3. System Guide 61


3. Modify the mode settings as required. If you are defining a new object, select
either TCP/IP or APPC as the protocol to associate with the communications
path. Refer to the following table for the definitions, descriptions, and valid
values for each field.

Field Name Description Valid Values


Name The name of the remote node and A 1- to 48-character
communications path object types. If you alphanumeric string
are modifying settings for a remote node,
the Name field is not blank. You cannot
change the name.
Protocol The type of communications protocol. TCP/IP | APPC

TCP/IP is the default value.

4. To add or update TCP/IP settings, click the TCP/IP tab. Refer to the following
table for a description of each field:

Field Name Description Valid Values


Buffersize The buffer size for transmitting data to and A numeric value from
from the remote Sterling Connect:Direct 256–65536.
node. This value overrides the value in the
initialization parameters file. The default is 65535.
Pacing Send The number of send operations to perform A numeric value from 0–63.
Count before automatically waiting for a pacing
response from the remote Sterling The default is 0.
Connect:Direct node. A value of 0 indicates
that there is no pacing. This value overrides
the value in the initialization parameters
file.
Pacing Send The amount of time Sterling Connect:Direct An integer from 0–86400.
Delay waits before sending each outbound data
buffer to the remote node. This can prevent The default is 0.
flooding the network. A value of 0 indicates
that Sterling Connect:Direct sends each data
buffer as soon as possible. This value
overrides the value in the initialization
parameters file.
CRC Specifies whether CRC checking is turned OFF | ON | blank
on.

The default value for the local node is OFF.


The default value for the remote node is
blank.

The remote node defaults to blank to


simplify the use of the crc.override
parameter. When crc.override is enabled in
the initialization parameter, only the nodes
that require a different configuration need
to be changed.

5. To add or update APPC settings, click the APPC tab and type the following
values:
a. A valid RU size between 256 and 4096 in the Max RU Size field. The
default is 4096.

62 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


b. The largest permissible pacing window size for sessions in this mode
grouping in the Max Pacing field. Sterling Connect:Direct sends this
number of data buffers before waiting for an acknowledgment from the
remote node. A value of 0 indicates no pacing. The default is 7 and the
maximum is 63.
c. The maximum sessions allowed in this mode group. The default is 8.
Specify if you are using dependent LUs as the communications path.
6. Click OK.

Creating or Modifying a Communications Path Definition


About this task

The communications path defines the physical communications path between the
local Sterling Connect:Direct node and one or more remote Sterling Connect:Direct
nodes.

If you install SNA software and select APPC support during installation, two
communications path objects are created in the Microsoft Windows Registry: one
for TCP/IP and one for APPC. If you do not have APPC support, only a TCP/IP
default communications path object is created.

Procedure
1. Do one of the following:
v To modify a communications path definition, double-click the definition in
the CommPath window.
v To add a new communications path, right-click the CommPath box and click
Insert.
2. To define a communications path, type the name of the communications path
in the Name field, and select the protocol to associate with it: TCP/IP, APPC,
or UDT.
3. Define a new mode or assign an existing mode to the communications path.
4. To associate an existing mode with the communications path, select the mode
from the Selected Mode drop-down list.
5. To define a new mode to associate with the communications path:
v Click New.
v Type the name of the new mode in the Name field.
v Select the protocol to associate with the mode: TCP/IP, APPC, or UDT, and
click OK.
6. To add or update TCP/IP settings, click the TCP/IP tab. Refer to the following
table for the name, definition, and valid values for each field.

Field Name Description Valid Values


Buffersize The buffer size for transmitting data A numeric value from
to and from the remote Sterling 256–65536.
Connect:Direct node. This value
overrides the value in the The default is 65535.
initialization parameters file.

Chapter 3. System Guide 63


Field Name Description Valid Values
Pacing Send Count The number of send operations to A numeric value from 0–63.
perform before automatically waiting
for a pacing response from the The default is 0.
remote Sterling Connect:Direct node.
A value of 0 indicates that there is no
pacing. This value overrides the
value in the initialization parameters
file.
Pacing Send Delay The amount of time Sterling An integer from 0–86400.
Connect:Direct waits before sending
each outbound data buffer to the The default is 0.
remote node. This can prevent
flooding the network. A value of 0
indicates that Sterling Connect:Direct
sends each data buffer as soon as
possible. This value overrides the
value in the initialization parameters
file.
CRC Specifies whether CRC checking is OFF | ON | blank
turned on.

The default value for the local node


is OFF. The default value for the
remote node is blank.

The remote node defaults to blank to


simplify the use of the crc.override
parameter. When crc.override is
enabled in the initialization
parameter, only the nodes that
require a different configuration need
to be changed.

7. To add or update APPC settings, click the APPC tab. The following table shows
the name, definition, and valid values for each field on the APPC tab.

Field Name Description Valid Values


Adapter Number Indicates whether the token ring Primary | Alternate
adapter number to be used for this
connection is Primary or Alternate.
Adapter Address The token ring address of the remote Valid remote node token ring
node. This address consists of address
hexadecimal digits. Enter all zeroes if
the local node is the same as the remote
node.
Local SNA The SNA network name of the local Valid SNA network name
Network Sterling Connect:Direct node. This name
must match the name of the SNA
network in which the local Sterling
Connect:Direct node resides.
LU Name The name of a Local APPC LU Valid LU alias name
configured within Microsoft SNA Server.
This parameter is required.

8. To add or update UDT settings, click the UDT tab. The following table shows
the name, definition, and valid values for each field on the UDT tab.

64 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Field Name Description Valid Values
Buffersize The buffer size for transmitting data to A numeric value in the range
and from the remote Sterling 256-65536.
Connect:Direct node. This value
overrides the value in the initialization
parameters file.
UDT33 CRC Specifies whether CRC checking is OFF | ON | blank
turned on.

The default value for the local node is


OFF. The default value for the remote
node is blank.

The remote node defaults to blank to


simplify the use of the crc.override
parameter. When crc.override is enabled
in the initialization parameter, only the
nodes that require a different
configuration need to be changed.

9. Click OK.

Defining a New Mode for a Communications Path


About this task

To define a new mode for a communications path:

Procedure
1. Select Admin > Netmap to open the network map.
2. Right-click the CommPath box and click Insert.
3. Type the name of the communications path in the Name field.
4. Click New.
5. Type the name of the new mode in the Name field.
6. Select TCP/IP, APPC, or UDT to identify the protocol to associate with the
mode.
7. To add TCP/IP settings, click the TCP/IP tab. Refer to the following table for
the name, definition, and valid values for each field.

Field Name Description Valid Values


Buffersize The buffer size for transmitting data to A numeric value from
and from the remote Sterling 256–65536.
Connect:Direct node. This value overrides
the value in the initialization parameters The default is 65535.
file.
Pacing Send The number of send operations to A numeric value from 0–63.
Count perform before automatically waiting for
a pacing response from the remote The default is 0.
Sterling Connect:Direct node. A value of 0
indicates that there is no pacing. This
value overrides the value in the
initialization parameters file.

Chapter 3. System Guide 65


Field Name Description Valid Values
Pacing Send The amount of time Sterling An integer from 0–86400.
Delay Connect:Direct waits before sending each
outbound data buffer to the remote node. The default is 0.
This can prevent flooding the network. A
value of 0 indicates that Sterling
Connect:Direct sends each data buffer as
soon as possible. This value overrides the
value in the initialization parameters file.
CRC Specifies whether CRC checking is turned OFF | ON | blank
on.

The default value for the local node is


OFF. The default value for the remote
node is blank.

The remote node defaults to blank to


simplify the use of the crc.override
parameter. When crc.override is enabled
in the initialization parameter, only the
nodes that require a different
configuration need to be changed.

8. To add UDT settings, click the UDT tab. Refer to the following table for the
name, definition, and valid values for each field.

Field Name Description Valid Values


Buffersize The buffer size for transmitting data to A numeric value from
and from the remote Sterling 256–65536.
Connect:Direct node. This value overrides
the value in the initialization parameters The default is 65535.
file.
UDT33 CRC Specifies whether UDT33 CRC checking OFF | ON | blank
is turned on.

The default value for the local node is


OFF. The default value for the remote
node is blank.

The remote node defaults to blank to


simplify the use of the crc.override
parameter. When crc.override is enabled
in the initialization parameter, only the
nodes that require a different
configuration need to be changed.

9. Click OK twice to close Mode Properties and Path Properties.

Deleting a Network Map Entry


About this task
To delete a network map entry:

Procedure
1. Select Admin > Netmap.
2. Right-click the network map entry you want to delete and click Delete.

66 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


3. Click Yes to delete the entry. You are returned to the Netmap for Nodename
dialog box, and the entry is listed with a red bar to the left of it.
4. Right-click the dialog box and click Apply.

Validating a Network Map Entry


About this task

After you create a network map entry, you can validate the entry to ensure it was
created correctly. For example, if you typed an invalid entry in a field, or
accidentally deleted a communications path, the validation function generates an
error message and explains why you received it.

To validate a network map entry:

Procedure
1. Select Admin > Netmap.
2. Select the network map entry to validate.
3. Right-click the Netmap for Nodename window and click Validate.
4. After you validate the network map entry, close the Netmap for Nodename
window.

Viewing a Network Map as Text


About this task

To view a network map entry as text:

Procedure
1. Select Admin > Netmap.
2. Select the network map entry you want to view as text.
3. Right-click the Netmap for Nodename window to open the shortcut menu and
click Text View.
4. Right-click the window again and select List View to view the network map
entry in its original presentation.

Applying a Network Map


About this task

To apply a network map file to the node:

Procedure
1. Select Admin > Netmap > Validate. If no errors are found, the output window
contains the message Netmap validation Successful.
2. Select Netmap > Apply.
3. Select the node name and click OK.

Chapter 3. System Guide 67


Printing and Viewing Node and Network Map Definitions
About this task

After you set up a node and define a network map, use the Configuration Tool to
extract the network map and user authorization information from the Registry as
plain text files. You can then update the parameters in the extracted files for
distribution to the nodes in an environment.

After you customize the files with site-specific parameters, you can insert them
into the Microsoft Windows Registry where they are applied while the server is
running, or you can apply them during a new Sterling Connect:Direct installation.

Procedure
1. Click Start and point to All Programs > IBM Sterling Connect:Direct > v4.6.0
> CD Configuration Tool.
2. Select File > Extract.
3. Click OK. The network map and User Authorization information for the node
are extracted as cascading windows named Map and User.
4. To save the extracted user authorization information:
a. Click the User dialog box.
b. Select File > Save As.
c. Select the directory where you want to save the file.
d. If necessary, type a different file name in the File name field and click Save.
5. To save the extracted network map information:
a. Click the Map dialog box.
b. Select File > Save As.
c. Select the directory where you want to save the file.
d. If necessary, type a different file name in the File name field and click Save.

View the Sample Configuration Files


To update configuration information, you can use the sample configuration files as
a template. These text files contain the valid keywords for a network map and user
authorizations. You can customize these files to configure nodes in an enterprise.

Note: To automate the installation of Sterling Connect:Direct for Microsoft


Windows, you can perform a silent installation that requires no user interaction
and that applies the User.cfg and Map.cfg files during the installation. See IBM
Sterling Connect:Direct for Microsoft Windows Getting Started Guide for information on
silent installations.

Two sample configuration files are included with the Configuration Tool:
v Map.cfg file—Network map objects are created in the Registry during
installation. These objects contain the remote node, communications path, and
communications mode definitions. You can update the network map on your
nodes by customizing the sample Map.cfg file and inserting it into the Microsoft
Windows Registry.
v User.cfg file—Use the parameters in User.cfg to build user functional authorities
and user proxies. Sterling Connect:Direct applies the information in this file to
authorize local and remote users to issue commands and Process statements and
to perform tasks. Use the Configuration Tool to create authorizations for each
68 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation
user, including encrypted passwords for user proxies. After you have created the
user authorizations, you can insert the User.cfg file into the Microsoft Windows
Registry.

Customizing Configuration Files


About this task

You use the Configuration Utility to customize configuration files for your
environment and prepare them for rollout. You can edit configuration information
using this tool. You can also use it to add encrypted passwords to user proxies and
validate the configuration files for use with Sterling Connect:Direct.

Procedure
1. Select File > Open.
2. Select the drive and directory where the configuration file is located.
3. Select the file and click Open.

Note: To save the original file as a template for building future configuration
files, save the file with a different name before you alter any of the
configuration information.
4. Edit the parameters as necessary.
5. Select File > Save.

Adding an Encrypted Password for a User Proxy


About this task
You can set up and enable user proxies on the local Sterling Connect:Direct server
that allow remote users to log on to the local server without revealing their
password. User proxies improve security on the remote node by protecting remote
users' passwords.

The Configuration Utility can be used to insert encrypted passwords into the proxy
section of the USER.CFG file. When you enter a password, the Configuration
Utility encrypts it for you.

To add a local user ID and encrypted password:

Procedure
1. Open the User.cfg file.
2. Place the cursor on the line following the Proxy section header.
3. Select Tools > Password.
4. Type the user ID and password in the Userid and Password fields.
5. Retype the password in the Verify Password field.
6. Click OK. The encrypted password is inserted as the LocalPassword parameter
value and the User ID is inserted as the LocalUserid parameter.

Chapter 3. System Guide 69


Validating Configuration Files for Use with Sterling
Connect:Direct
About this task

After you have customized a file, validate the configuration to ensure that the file
can be used with Sterling Connect:Direct. When you validate a file, error messages
describe any errors and each error is highlighted so you can easily determine
which information must be revised.

To validate a configuration file:

Procedure
1. Open the configuration file to validate.
2. Select Tools > Validate. The file is validated.
v If no errors are detected, a message indicating this is displayed. Click OK to
return to the file.
v If errors are detected, an error message is displayed with the error identifier
and an explanation of the problem. The error is highlighted in the
configuration file. Click OK to close the error message.
3. Edit the configuration information to clear each error.
4. Repeat this procedure until no errors are returned.

Note: When you save a configuration file, the Configuration Utility


automatically validates it. You cannot save a file if it contains invalid
information.

Applying Updated Configuration Information


About this task

You can update the network map and user authorizations, including proxies and
group authorizations, by adding the updated configuration files to the Microsoft
Windows Registry. After they are added, the settings are applied when the server
is running.

Restriction: You cannot use CDConfig to change existing objects in the network
map and user authorizations. It can only be used to create new netmap or user
authorization objects; however, you can use CDConfig to change individual
initialization parameters.

The CD Configuration Utility (CDConfig.exe) uses the following command-line


parameters:
Table 1. CDConfig.exe Command-Line Parameters
Parameter Description
/q Silently runs the utility while the file is extracted or inserted.
/i Inserts the configuration file into the Registry (use with /ffilename).
/ffilename File to insert into the Registry.
/pfilename Extracts initialization parameters from the node specified.
/mfilename Extracts netmap from the node specified.

70 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Table 1. CDConfig.exe Command-Line Parameters (continued)
Parameter Description
/ufilename Extracts user configuration from the node specified.

To create and apply user and netmap files in silent mode, type the following
commands:

EXTRACT CONFIGURATION
1. To extract initialization parameters to a Initparms.cfg file:
CDConfig.exe /pC:\MyDir\Initparms.cfg /q
2. To extract a netmap to a Map.cfg file:
CDConfig.exe /mC:\MyDir\Map.cfg /q
3. To extract user configuration to a User.cfg file:
CDConfig.exe /uC:\MyDir\User.cfg /q

INSERT CONFIGURATION
1. To update (individual) initialization parameters from an Initparms.cfg file:
CDConfig.exe /i /fC:\MyDir\Initparms.cfg /q
2. To insert new netmap objects from a Map.cfg file:
CDConfig.exe /i /fC:\MyDir\Map.cfg /q
3. To insert new user authorization objects from a User.cfg file:
CDConfig.exe /i /fC:\MyDir\User.cfg /q

Review the CdConfig.log file to verify success.

Stop Sterling Connect:Direct for Microsoft Windows

Stopping Sterling Connect:Direct for Microsoft Windows


You can stop the Sterling Connect:Direct for Microsoft Windows server in the
following ways:
v Issue the Stop command from Sterling Connect:Direct Requester or the
command line interface (CLI).
v Use the Services facility on the Microsoft Windows Control Panel.
v Use the Admin Tool utility.

Stopping Sterling Connect:Direct for Microsoft Windows from


Sterling Connect:Direct Requester
About this task

To stop Sterling Connect:Direct for Microsoft Windows from Sterling


Connect:Direct Requester:

Procedure
1. Select Admin > Netmap to open the node you want to stop.
2. Select Admin > Stop Node.
3. Select one of the stop server options:

Chapter 3. System Guide 71


v Terminate processes at end of step—Stops Sterling Connect:Direct when all
executing Process steps are complete. Writes statistics records, closes files,
and shuts down Sterling Connect:Direct.
v Quiesce after active processes complete—Stops the server when all executing
Processes are complete. No new Processes are started.
v Immediate orderly shutdown—Stops all activity, terminates Processes and
connections, writes statistic records, closes files, and shuts down Sterling
Connect:Direct.
v Force termination now—Forcibly terminates Sterling Connect:Direct. No
attempt is made to terminate executing Processes or to write statistic records.
All server resources are released. This is the least desirable way to stop the
server.
4. Click OK to stop the node. If the server is stopped, the icon in the Control
Panel nodes view is unavailable.

Stopping Sterling Connect:Direct for Microsoft Windows Using


the Services Facility
About this task
To stop Sterling Connect:Direct for Microsoft Windows from the Microsoft
Windows Services facility:

Procedure
1. Click Start > Settings > Control Panel >Administrative Tools > Services.
2. Select the Sterling Connect:Direct node you want to stop.
3. Click Stop. The display changes to indicate that Sterling Connect:Direct has
stopped.

Note: Sterling Connect:Direct for Microsoft Windows does not implement the
Pause and Continue functions on the Services applet.

Stopping Sterling Connect:Direct for Microsoft Windows Using


the CLI
Procedure

To stop Sterling Connect:Direct for Microsoft Windows from the CLI, issue the stop
command.

Stopping Sterling Connect:Direct for Microsoft Windows from


the Admin Tool Utility
About this task

To stop Sterling Connect:Direct for Microsoft Windows from the Admin Tool
Utility:

Procedure
1. Select the Sterling Connect:Direct for Microsoft Windows server to stop.
2. Click the red traffic light icon on the toolbar.

72 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Create a Process

About Processes
A Process is a set of statements grouped together to perform a series of Sterling
Connect:Direct tasks. You define the tasks to perform and save the Process to a file.
Finally, you use the Submit Process command to execute all the tasks defined in
the Process.

Processes allow you to automate routine tasks, execute multiple tasks with one
command, save the Process to a file for future use, and build blocks of work based
on conditions. Before you build a Process, decide what tasks you want to perform
and what nodes you want to use.

Building a Process requires the following tasks:


v Creating a Process statement
v Building the group of tasks that perform the work by adding commands
v Setting command options
v Validating Process content
v Saving the Process file

Before creating a Process, you can establish preferences related to Processes and
other Sterling Connect:Direct Requester operations.

Establishing Preferences
About this task
Throughout your session with Sterling Connect:Direct Requester, certain predefined
preferences are in effect. Sterling Connect:Direct establishes default user
preferences during installation. You can modify preferences at any time to more
accurately reflect how you work. Preferences save you time, since preferences are
used for all instances, except when you override the values.

To establish preferences:

Procedure
1. From the Sterling Connect:Direct Requester Main Window, select Tools >
Options.
2. To set general preferences, change the values in the fields on the General tab of
the Options panel.

Field Description
Reload last saved workspace at startup When selected, Sterling Connect:Direct Requester displays the last
saved workspace when you log in.
Track Processes in the execution status To obtain summary information about a Process and display the
window information in the Execution Status Window. This option establishes
the default for the Submit Process page.
Enable in-place editing To directly change the label field on the Program Definition Editor
(PDE) and eliminate the need to edit the labels through the Process
Properties page.

Chapter 3. System Guide 73


Field Description
Activity log Use the options in this window to display the activity log in the
Output window, save the activity log to a file, append data to the
log file, or create a new log file every time you start Sterling
Connect:Direct.

Check Enable the activity log in the Output window to display the
activity log there.

Check Write the activity output to a file and type the name of the
file to write the activity log to a file. Select the appropriate button to
create a new file every time you start Sterling Connect:Direct
Requester or to append activity to the existing log file at startup.

3. To set Process preferences, click the Process Defaults tab and change the values.

Field Description Valid Values


Hold To hold Processes in the Hold queue in HI No—Execute a Process as soon as resources
(Held Initially) status until explicitly are available.
released. A Process submitted with Hold set
to Yes is placed in the Hold queue even if Yes—Hold a Process.
you specify a Start Time.
Call—Hold a Process until the remote node
connects to the local node. At that time, the
Process is released for execution.
Retain Processes are retained in the Hold queue in No—Do not retain Processes after execution.
HR (Held for Retain) status after execution.
You can release the Process for execution Yes—Retain Processes after execution.
later through the Process Monitor function or
explicitly delete it. Initial—Retain Processes in the Hold queue
in HR status for automatic execution every
time the Process Manager initializes. Do not
provide a start time parameter when you
choose this option.
Plexclass The class that directs the Process to only Name of the class.
certain servers in a Sterling
Connect:Direct/Plex. This parameter is only
used in a Sterling Connect:Direct/Plex.
CRC Specifies whether CRC checking is turned OFF | ON | blank
on.
OFF—Do not perform CRC checking.
The default value for the local node is OFF.
The default value for the remote node is ON—Perform CRC checking.
blank.
blank—Use the value defined in crc.override.
The remote node defaults to blank to
simplify the use of the crc.override
parameter. When crc.override is enabled in
the initialization parameter, only the nodes
that require a different configuration need to
be changed.
Priority The preferred priority of a Process in the The valid range is 1–15, where 15 is the
TCQ. Sterling Connect:Direct uses the highest priority.
priority parameter for Process selection. A
Process with a higher priority is selected for
execution before a Process with a lower
priority.

74 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Field Description Valid Values
Class The preferred session class on which a Values range from 1 to the maximum
Process can execute. A Process can execute in number of local node sessions in the network
the class specified or any higher session map definition.
class.
Notify Userid The computer name of the user to receive A valid computer name.
Process completion messages.
Accounting Data An arbitrary string used as the preferred The maximum length of the string is 256
accounting information for the PNODE or characters.
the SNODE or both nodes.

4. To set Work List preferences, click the Work List tab and change the values.

Field Description Valid Values


Track worklist is the worklist status Determine if Work List statuses are On or Off
window reported in the status window.
Max Delay for Serial Execution Identifies the maximum amount of Unlimited—The command processor
time to wait. This parameter is useful waits until the Process completes
when the Process is submitted by a execution.
batch file and you want to suspend
further execution of the batch file Time and hh:mm:ss—Select this
until the submitted Process option and type the time to wait for
completes. a Process to complete.

5. To set directory preferences, click the Directories tab and change the values.

Field Description
Processes To define the default directory for Process files
Work Lists To define the default directory for Work Lists.
Process Monitors To define the default directory for Process Monitor files.
Statistics Monitors To define the default directory for Statistics Monitors.
Start "Save as" in these directories Select this check box to make these directories the default when saving.

6. To set file type preferences, click the File Types tab and select the file extensions
to associate with Sterling Connect:Direct.

File Extension Description


.cdp Process Definitions
.cdw Work Lists
.cds Statistics Monitors
.cdm Process Monitors
.cdn Network Map

7. To set statistics preferences, click Select Stat Defaults and change the values.

Field Description Valid Values


Monitor Determine if all statistics are monitored or only selected All Statistics For Last _ hrs:min
statistics, based on criteria or for Step and Process
completion only. If you choose All, indicate the time Filter Using Selection Criteria Pages
range for the selection.
Step and Process Completion
Statistics Only

Chapter 3. System Guide 75


Field Description Valid Values
Refresh Display Identify whether you want the Statistics Monitor display Refresh every _ minutes
to be refreshed. Specify the interval in minutes between
refreshes if you choose the Refresh every _ minutes. Refresh on open

Autoscroll—Display the latest


statistics

8. To set Process Monitor preferences, click Select Proc Defaults and change the
values.

Field Description Valid Values


Monitor Determine if all Processes will be All Processes
monitored or only selected Processes,
based on selection criteria. Filter Using Selection Criteria Page
Refresh Display Identify whether you want the Refresh every _ seconds
Process Monitor display to be
refreshed. Specify the interval in Refresh on open
seconds between refreshes if you
choose Refresh every _ seconds.

9. Click OK.

Creating a Process
About this task

A Process begins with a Process statement that defines general information about
the Process. When you create a Process, the PEND statement is added to the end of
the Process and is a required statement that marks the end of a Process. Do not
edit or delete the PEND statement.

Procedure
1. Select File > New > Process.
2. Type a Process name, from 1 to 8 alphanumeric characters, in the Process
Name field.
3. If all work will be performed on the PNODE, type or select the name of the
PNODE in the PNODE Name field.
4. To issue a warning message if an attempt is made to submit the Process on a
different PNODE, click Warn if submitted to a different node.
5. To issue a warning message if an attempt is made to submit the Process on a
PNODE with a different operating system, click Warn if submitted to a
different operating system.
6. Specify the SNODE in one of the following ways:
v Select the node from the drop-down menu.
v Type the name of a Sterling Connect:Direct node.
v Specify an IP address and port, using the following format:
hostname|IPaddress;portnumber|servicename
7. Click OK.
8. Add commands as necessary to the Process.
9. If desired, change the options for the Process.

76 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Commands and Statements
You can add commands and conditional statements to a Process statement to
perform various functions. When you add a command to a Process, you use the
preferences you defined or you set unique values for each command.

The following table lists the commands you can insert in a Process.

Command Description
Copy The Copy statement transfers data between two nodes. The Copy statement identifies the
source files, applies any pre-transfer attributes such as compression or checkpointing, transfers
the file to the destination, and saves the file to the new file name.
Run Task You can run programs and commands by adding the Run Task command to a Process. The
Run Task command executes programs on the PNODE or the SNODE.
Run Job The Run Job command executes batch jobs or commands on the specified node. Jobs submitted
using the Run Job command run in the background. The return code associated with the run
job statement indicates the success of the Run Job command and not the success of the batch
job or command.

Use the Run Job command to perform the following types of tasks:
v Submit jobs in an z/OS environment to the internal reader, a facility that transfers jobs to the
job entry subsystem (JES).
v Submit a job at the OpenVMS node in an OpenVMS environment.
v Submit an OS/400 CL command to run as a separate job through the SBMJOB command.
v Invoke a UNIX command shell and execute UNIX commands.
v Submit jobs through the VSE virtual reader, a facility that transfers jobs to VSE/POWER.
v Start programs in the Microsoft Windows environment.
Submit Process Submits a Process from within an executing Process on the PNODE or the SNODE. To use the
Submit statement, the Process must reside on the node you are submitting the Process to. Use
the Submit statement to execute a Process on the SNODE which would, in turn, submit a
Process to a third node.

You can use the following conditional statements to perform tasks based on
conditions you establish.

Statement Description
If The If statement executes a block of statements based on the results of a previous statement. The
results are categorized by a return code. The If statement checks the value of the return code and
executes the block if the statement is true.

You must use the Eif statement (endif) with the If statement. If the conditions of the If statement
are not satisfied, use an Else statement to designate the execution of alternate instructions.
Else The Else statement defines a block of statements that execute when the If statement is not true.
The Else statement is only valid when used in combination with the If statement.
Endif (Eif) The Endif statement (Eif) marks the end of the If statement and any statements based on the If
condition. The Endif statement is only valid when used in combination with the If statement.
Goto The Goto statement executes a jump to a specific statement that occurs later in a Process. This
statement cannot be used to loop to a statement earlier in the Process. Use the Goto statement
with the step label to define the location of the statement in the Process.
Exit The Exit statement bypasses all remaining steps in a Process and ends the Process.

Chapter 3. System Guide 77


Add a Copy Statement to a Process
About this task

Use the Copy statement to create a new file or append data to an existing file. To
use the Copy statement in a Process, identify the PNODE and the SNODE. Identify
the source file and, if symbolic variables are used, assign values to the variables or
specify built-in variables before the Process is submitted.

Sterling Connect:Direct for Microsoft Windows supports the string (*) and
character (?) wildcards, allowing you to copy multiple files from a source directory
to a target directory with a single copy statement.

Note: The list of files to be copied is generated at the start of a wildcard copy.
When a Process restarts, in a wildcard copy statement, the step restarts with the
first file that is not completely copied. If you are using checkpointing, the
statement restarts at the last checkpoint of the file that is not completely copied.

Procedure
1. Open a Process file.
2. Select Process > Insert > Copy.
3. To identify the step within the Process, type a label of up to 8 alphanumeric
characters in Copy Statement Label.
4. Select one of the following actions:
v To copy a file to the SNODE, select Send.
v To copy a file from the SNODE, select Receive.
5. Type the name of the source file in the Source Filename field.
6. Enter the name of the file in the Destination Filename field.
7. Select one of the following destination disposition options:
v NEW—To create a new file at the destination
v RPL—To replace the information in an existing file if it exists or to create a
new file if the file does not already exist.
v MOD—To append the transferred information to an existing file.
8. To enter compression and checkpoint restart options, click the Transfer tab and
select from the following options:
v To use compression, select one of the following compression types in the
Compression window:

Compression Option Description Valid Values


None Turn on this option if you do None
not want compression.
Primary Char Turn on this option to The hex or character to
compress repetitive characters. compare
Specify the primary character
to compress. If the character is
repeated 2–63 times, the
characters are compressed to
one byte. If other characters
are repeated 3–63 times in
succession, the characters are
compressed to two bytes.

78 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Compression Option Description Valid Values
Extended Turn on this option to Comp Level—Select the level
compress repetitive strings. of compression from 1–9.
Extended compression
produces the best compression Window—Select the window
results. Specify this type of size level from 9–15. The
compression when lines are Default is 13.
limited and data is repetitive.
Memory—Select a memory
The Window value identifies compression from 1–9. The
the compression for windows. Default is 4.
The greater the window size,
the greater the degree of
compression. A window size
of 8 uses 1K of memory while
a window size of 15 uses 128K
of memory.

Memory identifies how much


virtual memory is allocated to
maintain the internal
compression state.

v To use checkpoint restart, select one of the following options:


– Default—To use checkpoint restart options defined in the default Process.
– None—To turn off checkpoint restart.
– Check—To eliminate the need to retransmit an entire file in the event of
a transmission failure. If a copy procedure is interrupted, Sterling
Connect:Direct restarts that copy at the last checkpoint. If you turn on
this option, type the interval at which to mark a checkpoint restart and
turn on either Kilobytes or Megabytes to indicate the measurement to
use.
9. To override the preferences or provide additional parameters to describe the
sending and receiving files, select one of the following:
v To define options for the sending file, click the From <Operating system>
tab, and type the sysopts parameters. Refer to the online help for more
information.
v To define options for the receiving file, click the To <Operating system> tab,
and type the sysopts parameters. Refer to the online help for more
information.

Note: These tabs reflect the operating system of the sending and receiving file
location.
10. Click the Comment tab and add an optional description of the statement.
11. Click OK.

Adding a Submit Statement


About this task

Use the Submit statement to execute tasks defined in the Process.

To add a Submit statement:

Chapter 3. System Guide 79


Procedure
1. Open a Process file.
2. Select Process > Insert > Submit.
3. Select the name of the node where the Process file is located in the Location
field. You can submit from the default node or select another node.
4. In the Filename field, type the full path and Process file name. If you are
submitting a Process on a Microsoft Windows node, you can click the browse
button to locate the Process file.
5. To override the Process name, type a 1- to 8-character alphanumeric string in
the New Name field.
6. If you want the Process to execute with a different SNODE, enter or select the
SNODE in the SNODE field. The SNODE you define here overrides the
SNODE defined in the Process file.
7. Select Track Execution in Output Window to view activity during execution.
8. Continue defining the command.

Adding a Run Task Statement


About this task

You can run programs and commands by adding the Run Task statement to a
Process. The Run Task statement executes programs on the PNODE or the SNODE.

To add a Run Task statement:

Procedure
1. Open a Process file.
2. Select Process > Insert > Run Task.
3. To identify the step within the Process, type a label of up to 8 alphanumeric
characters in Run Task Statement Label.
4. Select the node where the program or command will execute in the Submit To
field.
5. Type one of the following, based on the node type, in the Program field:
v Type Windows for a Microsoft Windows node.
v Type UNIX for a UNIX node.
v For OS/400, type cmd(CL command) [parameter for OS/400 SBMJOB
command] .
v For z/OS, type the name of the program to be attached as a subtask in
uppercase letters.
v For HP NonStop, type the name of the object file.
v For VSE, type the name of the program to be attached as a subtask in
uppercase letters.
6. Use the Optional Parameters or Commands as necessary, for the operating
system you selected in Step 5. Refer to the Help for syntax.
7. Click the Comment tab and add a description of the command. This
information is optional.
8. Click OK.

80 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Adding a Run Job Command
About this task

The Run Job command executes batch jobs or commands on the specified node.

Jobs submitted using the Run Job command run in the background. The return
code associated with the run job statement indicates the success of the Run Job
command and not the success of the batch job or command.

Restriction: You cannot execute IBM Sterling Connect:Direct HP NonStop


commands using Run Job.

Procedure
1. Open a Process statement.
2. Select Process > Insert > Run Job.
3. Type the statement label in the Run Job Statement Label field.
4. Select the node where the job will execute.
5. Type the Filename based on the operating system used by the node. This field
is valid only for the following operating systems:
v For Microsoft Windows nodes, type Windows.
v For z/OS nodes, type the data set that contains the job in the format:
DATASETNAME | DATASETNAME(MEMBER). The data set and member
must be in uppercase. If the data set is a PDS, specify the member. The data
set containing the job must exist on the z/OS node where the job will
execute. A data set containing JCL is limited to a record length of 80 bytes.
v For i5 Series nodes, type i5 Series.
v For VSE nodes, type the name of the member in the LIBDEF source chain
that contains the job to be submitted in the format: | membertype(member).
If the membertype is not specified, this job must be cataloged with a
membertype of J.
v For UNIX, type dummy.
v For OpenVMS, type PGM=VMS.
6. Type any Optional Parameters or Commands.
7. Click OK.

Adding an If Statement
About this task

The If statement executes a block of statements based on the results of a previous


statement. The results are categorized by a return code. The If statement checks the
value of the return code and executes the block if the statement is true.

You must use the Eif statement (endif) with the If statement. If the conditions of
the If statement are not satisfied, use an Else statement to designate the execution
of alternate instructions.

Procedure
1. Select Process > Insert > If.
2. Enter the statement label in the If Statement Label field.
3. Select a step label on which to base the operator and value.

Chapter 3. System Guide 81


4. Select the type of comparison statement in the Operator field.
5. Select one of the following return codes in the Value field:

Return Code Description


0 Indicates successful completion of the stop.
4 Indicates a warning.
8 Indicates an error condition.
16 Indicates a catastrophic error.

6. To add optional comments, click the Comments control tab.


7. Click OK to save the statement. The If statement is displayed in the Process
window.
8. Create the block of statements that executes based on the If statement. You can
add an Else statement to execute a block of statements if the condition in the If
statement is not satisfied.
9. Add an Eif statement to the end of the block to designate the end of the block
of statements.

Adding an Else Statement


About this task

The Else statement defines a block of statements that execute when the If statement
is not true. The Else statement is only valid when used in combination with the If
statement.

To add an Else statement:

Procedure
1. Select Process > Insert > Else.
2. Optionally, add a comment to the Process.
3. Click OK to save. The Else statement is displayed in the Process window.

Adding an Endif Statement


About this task

The Endif statement (Eif) marks the end of the If statement and any statements
based on the If condition. The Endif statement is only valid when used in
combination with the If statement.

To use the Endif statement:

Procedure
1. Select Process > Insert > End If.
2. Optionally, type a comment for the Process.
3. Click OK to save. The Endif statement is displayed in the Process window.

82 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Adding or Modifying a Goto Statement
About this task

The Goto statement executes a jump to a specific statement that occurs later in a
Process. This statement cannot be used to loop to a statement earlier in the Process.
Use the Goto statement with the step label to define the location of the statement
in the Process.

To add or modify a Goto statement:

Procedure
1. Take one of the following actions:
v To create a new Goto statement, select Process > Insert > Goto and enter the
statement label in the Target Label field.
v To modify an existing statement, double-click the Goto statement in the
Process window.
2. To add or modify optional comments, click the Comments tab and type the
comment.
3. Click OK to save the Process. The Goto statement is displayed in the Process
window.

Add an Exit Statement


About this task

To add an Exit statement to a Process:

Procedure
1. Select Process > Insert > Exit.
2. Optionally, click the Comments tab and add a comment to the Process.
3. Click OK to save the Process and exit the Exit Statement dialog box. The Exit
statement is displayed in the Process window.

Process or Command Options


After you create a statement, you set Process options, including when the Process
is submitted, how the Process is handled in the TCQ, if a user is notified when a
task is complete, who has access to the Process, and any defining comments
associated with it.

You can use one or more of the following options in a Process or command:
v Control functions identify how tasks are managed and how resources are
allocated by defining default options once. Then these values are used as the
default values for each new command or Process you define.
v Security options identify user IDs and passwords needed to access the SNODE
and the PNODE.
v Variable values assign values to all symbolic variables before execution. The
values are then substituted during execution whenever the symbolic variable is
encountered.
v Accounting data as a free-form, user-defined field sets up accounting and
tracking information about Process execution and data transfers. You can track

Chapter 3. System Guide 83


data transfers by cost centers, department numbers, satellite locations, or any
other type of code or identification that would benefit the management of data
tracking.
v Comments about the statement explain the context of the statement. When you
view a Process in text format, the comments appear before the associated
statement.

Setting Security Options


About this task

Use the Security options to specify the user IDs and passwords needed to access
the PNODE and the SNODE.

To set security options in the Requester:

Procedure
1. Double-click the Process to open it and click the Security tab.
2. To set security for the PNODE, do the following:
a. Type the PNODE user ID in the PNODE Userid fields.
b. Type the PNODE password in the Password field.
3. To set security for the SNODE, do the following:
a. Type the SNODE user ID in the Snode Userid field.
b. Type the SNODE password in the Snode Password fields.
c. To change the password for the user ID on the SNODE, type the new
password in the New Password field.
d. Type the new password a second time in the Verify New Password field to
validate the change.
4. Click OK to close the dialog box or click one of the other tabs to continue
modifying Process options.

Setting Control Functions for a Command or Process


About this task

When you run a command or submit a Process, you can set many control
functions to use as the default values for each new command or Process you
define.

To set control functions for a Process from the Requester:

Procedure
1. Double-click the Process to open it and click the Control tab.
2. To specify a run date, select one of the following start dates:
v Today—If you want the program to run today.
v Date—To specify a date to run the Process. Click the selection arrow and
click a date on the calendar to specify the date.
v Day—If want to run the Process on a certain day; then select a day of the
week from the drop-down box.
3. To specify the time to run the task, select one of the following:

84 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


v Immediate—To run the Process immediately. This option is only available if
you selected Today or Date in the Start Date field.
v Time—To run the Process at a specific time on the start date you selected.
Type a time to start the Process in the format hh:mm:ss.
4. To place the Process in the Hold queue, select one of the following options in
the Hold field:
v Yes—To hold the Process in the queue in Held Initially status (HI) until
explicitly released.
v No—If you do not want to place the Process in the Hold queue. Process
executes as resources are available.
v Call—To hold the Process until a connection is established between the
PNODE and the SNODE. The Process executes if another Process
establishes connection between the nodes.
5. To place the Process in the Retain queue, select one of the following options in
the Retain field:
v Yes—To retain the Process in the Hold queue in Hold Retain status (HR)
after execution. You can release the Process later from the Process Monitor.
v No—If you do not want to retain the Process after execution.
v Initial—To retain the Process in the Hold queue in HR status for automatic
execution every time the Process Manager initializes. Do not specify a start
time with this option.

Note: If you select Yes for RETAIN and you specify a start time, HOLD status
takes precedence. If you set HOLD to No or Call, and set RETAIN to Yes,
HOLD is ignored.
6. If you are sending Processes to a location that supports CD Plexclass, type the
class value of the remote node, from 1 to 8 characters, in the Plexclass field.
7. In the CRC field, select one of the following options:
v Blank—To use the default value for the Process that was configured in the
Initparms and the Netmap entry for the remote node.
v OFF—To turn off CRC checking.
v ON—To turn on CRC checking.
8. To change the TCQ priority, type a value in the Priority field from 1 to 15,
where 15 is the highest priority.
9. To change the preferred session class, type the preferred session class in the
Class field, from 1 to the maximum local sessions defined in the network
map.
10. Type the user ID in the Notify Userid field.
11. Click OK to close the dialog box or click one of the other tabs to continue
modifying Process options.

Assigning Values to Symbolic Variables


About this task

Use symbolic variables to assign values to variables before execution. The values
are then substituted during execution whenever the symbolic variable is
encountered.

To assign values to symbolic variables in a Process, from the Requester:

Chapter 3. System Guide 85


Procedure
1. Double-click the Process to open it and click the Variables tab.
2. To create a new symbolic variable, type the symbolic variable name in the
Variable Name field. Symbolic variable names are case-sensitive. Enter the
symbolic variable exactly as used in the Process.
3. To change a symbolic variable, select the symbolic variable statement in the
Variable list. If necessary, edit the variable name.
4. Type the symbolic variable value or built-in variable enclosed in quotation
marks in the Variable Value field or edit the existing value.

Built-in Variable Value


%JDATE Specifies the date the Process was submitted in Julian format. The
variable is resolved as the submission date of the Process in the
format yyyyddd. Among other uses, the value returned is suitable
for constructing a file name on the node receiving the file.
Note: The value of the variable is resolved at Process submit time.
The value will correspond to the date on which the Process was
submitted, regardless of when or how many times the Process is
actually executed.
%NUM1 Specifies the submission time of the Process in a 6-digit
numeric-value format of minutes, seconds, and hundredths of
seconds.
%NUM2 Specifies the submitted time of a Process as 1 hex digit
%PNODE PNODE name where the submit occurs
%PRAND Pseudo-random number (6 hex digits)
%SUBDATE Specifies the date the Process was submitted in Gregorian format.
The variable is resolved as the submission date of the Process in the
format cyymmdd where c is the century indicator and is set to 0 for
year 19yy or 1 for year 20yy. The value returned can be used to
create a file name on the node receiving the file.
%SUBDATE1 Use this parameter to substitute the submitted date in the
yyyymmdd date format.
%SUBDATE2 Use this parameter to substitute the submitted date in the
yyyyddmm date format.
%SUBDATE3 Use this parameter to substitute the submitted date in the
mmddyyyy date format.
%SUBDATE4 Use this parameter to substitute the submitted date in the
ddmmyyyy date format.
%SUBTIME Specifies the time the Process was submitted. The variable is
resolved as the submission time of the Process in the format
hhmmss. The return value can be used to create a file name on the
node receiving the file.
Note: The value of the variable is resolved at Process submit time.
The value will correspond to the time at which the Process was
submitted, regardless of when or how many times the Process is
actually executed.
%USER Specifies a variable that resolves to the user submitting the Process

5. To remove a symbolic variable, select the variable and click Delete.


6. To save and add the variable to the Variable list, click Add.
7. Click OK to close the dialog box or click one of the other tabs to continue
modifying Process options.

86 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Specifying Accounting Data
About this task

Accounting Data is a free-form, user-defined field that sets up accounting and


tracking information about Process execution and data transfers. You can track
data transfers by cost center, department number, satellite location, or any other
type of code or identification that would benefit the management of data tracking.

To specify accounting data:

Procedure
1. Double-click the Process in the Requester and click the Accounting tab.
2. Type the information in the PNODE field to specify accounting data for the
PNODE. The maximum length of the string is 256 characters.
3. Type the information in the SNODE field to specify accounting data for the
SNODE. The maximum length of the string is 256 characters.
4. Click Reset to Defaults to reset to values specified in the Process Defaults page
of the Options dialog.
5. Click OK to close the dialog, or click one of the other tabs to continue
modifying Process options.

Add Comments
About this task

Use comments to explain the context of a statement. Adding comments is helpful


to explain what the statement does. This information is optional. When you view a
Process in text format, comments appear after the associated statement, except in
the case of the process statement, when the comment appears before the statement.

To add comments to a statement in a Process, from the Requester:

Procedure
1. In the Process window, select the statement about which you want to add
comments.
2. Select Process > Statement Properties.
3. Click the Comment tab.
4. Type the text in the Comment field.
5. Click OK to save the changes.

Validating Process Content


About this task

When you finish creating or modifying a Process, validate the content of the
Process.

Validating Process content checks the syntax for errors or missing information.
Validation does not check the content of the statements, only that they are
formatted correctly. The Process validation sends messages to the Output window.
A Validation Successful message means that the syntax is formatted correctly.

Chapter 3. System Guide 87


To validate the content of a Process:

Procedure
1. Open the Process file.
2. Select Process > Validate.
3. View the messages displayed in the Output window. If messages indicate
invalid statements, edit the statements and validate the content of the Process
again.

Saving a Process
About this task

When you have finished creating or editing a Process, save the Process for future
use. Processes are stored in the Process directory.

Procedure
1. Select File > Save.
2. Type a name for the Process including the .CDP extension.

Copying a Process
About this task

You can use a Process as a template by copying the Process, making changes to the
copy, and saving the copy to a new Process file.

To copy a Process:

Procedure
1. Open the Process file.
2. Select File > Save As.
3. Save the Process with a new file name.
4. Change the Process statements. To change the Process statement, press Enter to
access the Process Properties dialog box.
5. To save the Process file with the changes, from the File menu, select Save.

Changing a Submitted Process


About this task
You can change the following Process options once a Process is submitted:
v SNODE
v Hold
v Execution
v Class
v Priority

To change Process options:

88 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Procedure
1. Right-click the open Process Monitor window and select Change Process. The
Change Process dialog box is displayed.
2. Make the necessary changes.
3. Click OK.

Manage Processes Using a Work List


The Work List is a document containing a sequential list of Process submit
requests. It may contain any of the commands that you can submit to the TCQ:
send and receive file, submit a local or remote Process, submit a local or remote
program, and submit a remote batch job. When you create these Processes, you can
submit them directly to the TCQ or place them in a Work List for later submission.

You can use Work Lists in the following ways:


v Submit selected or all items in a Work List to the TCQ.
v Embed a Work List into another application and submit it using object linking
and embedding (OLE).
v Specify substitution variables at the time you submit the Work List.
v Create, update, monitor, edit, or validate a Work List.
v Cancel Work List operations.
v Insert a task into a Work List

Creating a Work List


About this task

Using Work Lists saves you time and effort by automating routine or repetitive
submission tasks. You can build a Work List to periodically submit related work as
a single work flow. Your Work List can serve as a library of related or unrelated
Processes.

To create a work list:

Procedure
1. From the Sterling Connect:Direct Requester Main Window, select File > New >
Work List.
2. Add Work List items as desired.
3. To establish an automatic status monitor for the Work List as it executes,
perform the following actions:
a. Select WorkList > Work List Properties.
b. Activate Auto Monitor.
c. If you want the selected units of work to execute serially, turn on Serial
Execution. This feature causes the Submit action to wait until each unit of
work is completed before submitting the next unit of work in the Work List.
Processes are considered successfully completed if they do not have a status
of HI, PE, or EX.
4. To define substitution variables for the Work List, click the Variables tab. Select
one of the following actions:
v To add a new variable, type a name and value in the appropriate boxes and
click Add.

Chapter 3. System Guide 89


v To modify a variable, double click the variable. Type a new name or value
and click Add.
v To delete a variable, highlight the variable and click Delete.
5. To add a comment describing the Work List, click the Comment tab and type
the information in the dialog box provided.
6. Click OK.

Updating a Work List


About this task

When you create a Process, a Send/Receive File Command, a Run Task Command,
or a Run Job Command, you can add the command to a Work List.

Use the Work List to define substitution variables, which you can set at submit
time. All the variables must have assigned or default values before the Work List is
submitted.

To update a work list:

Procedure
1. Add a command.
2. Select Add to Worklist from the command you are creating.

Submitting a Work List


About this task

You can submit all or selected items of a Work List to execute.

To submit a work list:

Procedure

Once you create a Work List, perform one of the following actions.
v To submit all items in the Work List, select WorkList > Submit.
v Highlight the items to submit and select WorkList > Submit Selected.
When you submit a Work List or a task from the Work List, the Work List or task
is submitted to the TCQ. If you activate Auto Monitor, a Work List status window
displays the work items as they are submitted.

Canceling Work List Operations


About this task

Although you cannot close a Work List until all of its tasks are executed, you can
cancel the execution of the tasks in a Work List.

To cancel work list operations:

90 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Procedure

Select Work List > Cancel Execution.


The system stops waiting on Processes or programs and will not submit any more
tasks. Any tasks that have already started executing will finish, but no other tasks
will execute.

Editing a Work List in Text Format


About this task

You can edit the text of a Work List to change command statements.

CAUTION:
Editing the text of a Work List is a task for experienced users.

To edit a work list in text format:

Procedure
1. Open the Work List that you want to edit.
2. Select Work List > Edit/View Text.
3. Edit the text as necessary using the following keyword and syntax rules. The
Work List Edit/View Text window enables you to see the full text of all tasks in
a Work List. You can edit the text directly if necessary. Put a keyword on a line
by itself.

Keyword Description
Set Work Task List
Submit Ad Hoc Process Task
Submit File= Submit Process Task
Run Local Program Task

The following table lists the syntax types and restrictions:

Syntax Type Restrictions


Work List Task Syntax Must have the SET keyword

May have AutoMonitor and Serial Execution

May have variables


Local Program Task Syntax Must have the RUN keyword

Must have the FILE keyword

Must have arguments or a working directory


Submit File Task Syntax A Submit File task must have SUBMIT
FILE= followed by the file name
Submit Run Task Syntax Must have PEND at the end of the Run Task
command

4. Close the window. The program displays a message asking if you want to save
your work.
5. Click Yes. Your Work List is validated and saved. Any errors found during
validation are displayed at the bottom of your screen.

Chapter 3. System Guide 91


Inserting a Task into a Work List
About this task

To insert a task into a Work List:

Procedure
1. Select Work List > Insert.
2. Select one of the following options to identify the task type to add to the Work
List:
v Submit from File
v Send/Receive
v Run Task
v Run Job
v Local Program
v Comment
3. Type any arguments in the box.
4. Enter the information for the Process in its dialog box.
5. Click OK. The Work List window is displayed.

Validating a Work List


About this task

To validate a Work List:

Procedure
1. Open the Work List that you want to validate.
2. Select the tasks you want to validate.
3. Select Work List > Validate. The validation information is displayed at the
bottom of your screen.

Manage Processes

SMTP Notification
Sterling Connect:Direct uses the SMTP notification method and exchanges e-mail
using TCP/IP and a message transfer agent (MTA).

The SMTP standard is one of the most widely used upper layer protocols in the
Internet Protocol stack. This protocol defines how to transmit messages (mail)
between two users. SMTP uses spooling to allow mail to be sent from a local
application to the SMTP application, which stores the mail in some device or
memory. Once the mail has arrived at the spool, it is queued. A server checks to
see if any messages are available and then attempts to deliver them. If the user is
not available for delivery, the server tries later. Eventually, if the mail cannot be
delivered, it will be discarded or returned to the sender.

92 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Manage Processes
Sterling Connect:Direct for Microsoft Windows provides the following tools to
manage Processes:
v Process Monitor—Enables you to view Processes in the TCQ, release held
Processes, change the status of a Process, and delete a Process. After you submit
a Process, it is placed in the Transmission Control Queue (TCQ).
v Process Notification Utility—Enables you to change the notification method. You
define the method of notifying users of Process execution when you install
Sterling Connect:Direct for Microsoft Windows.
v Microsoft Windows Event Logging—Logs informational, warning, and error
messages.
v Messages—If you need to troubleshoot the meaning of an error message, you
can view more information about an error message with the Message Lookup.
v SNMP—If you use Microsoft Windows SNMP to capture messages, you must
identify the messages you want to include and determine if messages are
trapped or logged to the event log.
v Activity Log—This document contains a list of Sterling Connect:Direct activities,
including every significant activity that you have requested from the time the
activity log is opened until it is closed. Each activity record logged is maintained
with the significant data associated with it. For example, when you save a file,
the Save activity record is stored, with the file name of the saved document.
The Activity Log is created at startup and is enabled by default. It can be
viewed in the Output window by clicking the Activity Log tab. You may create,
save, open, close, and print Activity logs. To save an activity log, you must
specify that you want the activity log written to a file. When you open a new
activity log, the currently active Log is inactivated. You must close Sterling
Connect:Direct Requester in order to open an activity log.

Understanding the TCQ


After you submit Sterling Connect:Direct Processes, they are stored in the TCQ.

The TCQ controls Sterling Connect:Direct Process execution. As sessions are


available, the TCQ releases Processes to begin execution according to the
scheduling parameter values and the class and priority of each Process. Use the
Process Monitor to manage and view the status of submitted Processes.

TCQ at Server Startup

The initialization parameter tcq.start determines what the TCQ does with existing
Processes. The default value is tcq.start=w (warm start), which specifies that all
existing Processes in the TCQ are retained. A warm start restarts any Processes
submitted with the Process statement parameter retain=initial as well as any
Process that was executing in the TCQ when the server was brought down. You
can change the parameter to tcq.start=c (cold start) to delete all existing Processes
in the TCQ when the server restarts.

TCQ Logical Queues


As Sterling Connect:Direct Processes are submitted, they are placed in one of the
four TCQ logical queues: Execution, Wait, Timer, and Hold.

Chapter 3. System Guide 93


As sessions are available, the TCQ releases Processes to begin execution according
to the Process class and priority, as shown in the following figure:

Each Process in the queue is assigned a status. The queues and status values are
identified in the following sections.

Execution Queue

Processes are placed in this queue after the connection to the SNODE occurs.
Processes typically come from the Wait queue, but also can be placed in the
Execution queue by a submit command with maxdelay= specified. After a Process
successfully finishes, it is automatically deleted from the Execution queue. When a
session is interrupted, the Process moves from the Execution queue to the Timer
queue, if retry values are specified. If connection is not made before the retry
values are exhausted or if retry values are not specified, the Process moves to the
Hold queue with a status of HE. The following table displays the status values
assigned in the Execution queue:

Status Comment
EX Process is executing between two Sterling Connect:Direct nodes.
PE Processes waiting for Process start messages to be exchanged between the
PNODE and the SNODE. This is the initial queue status when a Process is
submitted with maxdelay= specified.

Wait Queue

Processes are placed in the Wait queue while waiting for an available connection
between the PNODE and the SNODE. Processes can come to the Wait queue from
the Hold queue or the Timer queue. Processes also can be placed in the Wait queue
by a submit command with no parameters specified, submit with retain=no, or
submit with hold=no. After the connection is made, Processes automatically move
to the Execution queue. The following table displays the status values assigned in
the Wait queue:

94 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Status Comment
WC The Process is ready to execute, but no session is available. This Process runs
as soon as a new session is created or an existing session becomes available.
WR The Process is in retry status. The number of retries and intervals between
retries is specified in the network map for the remote node.
WA The initial queue status when a Process is submitted without HOLD or
RETAIN specified. This Process is ready to execute as soon as possible.

Hold Queue

Processes are placed in this queue while waiting for operator intervention before
progressing to the Wait queue. This queue enables operators of the PNODE and
SNODE to coordinate and control Process execution.

Processes are placed in the Hold queue by a submit command with retain=initial,
retain=yes, or hold=yes parameters specified. Processes submitted with hold=call
also are placed in the Hold queue. Processes are moved from the Timer queue to
the Hold queue by a change process command with hold=yes specified. Processes
are moved from the Hold queue to the Execution queue by a change process
command with the release parameter specified.

The following table displays the status values assigned in the Hold queue:

Status Comment
HC The Process was submitted with hold=call specified. A session started from the
remote node causes the Process to be moved to the Wait queue in WC status.
The Process is placed in the Execution queue when the Process is selected for
execution.
HI The Process was submitted with hold=yes. The Process can be released later by
a change process command with release or hold=no specified.
HE A session error or other abnormal condition occurred.
HO A change process command with hold=yes was specified.
HR The Process was submitted with retain=yes or retain=initial specified and has
already executed. The Process can be released later by a change process
command with release specified.
HS The Process was suspended due to a server shutdown.

Timer Queue

Processes are placed in this queue by a submit command with the startt parameter
specified. Processes in the Wait for Start Time (WS) status are waiting for the start
time to arrive before moving to the Wait queue. Processes also are placed in the
Timer queue in Retry (WR) status after an error, such as a line break or a lost
connection. Sterling Connect:Direct automatically tries to execute the Process again
based on the number of times to retry and the delay between retries as specified in
the submit command, Process statement, network map parameters, or initialization
parameters. Processes move from the Timer queue to the Wait queue. A change
process command with hold=yes specified moves the specified Process from the
Timer queue to the Hold queue.

The following table displays the status values assigned in the Timer queue:

Chapter 3. System Guide 95


Status Comment
RE The Process is in retry status. The number of retries and intervals between
retries is specified in the network map or initialization parameters.
WS The Process was submitted with a start time (startt) or date that has not
expired. When startt is reached, the Process is placed in the Wait queue for
scheduling for execution.

View Processes in the TCQ


To view the Processes in the TCQ, use a Process Monitor.

You can use more than one monitor to view different queues or to look at
Processes based on different criteria. You can arrange Process Monitors and save
the Workspace view so that when you enable that view, the Monitors are
automatically displayed. You can define how you want to display the Process
Monitor, what types of Processes you want to view, and what queues you want to
view.

Creating a Process Monitor


About this task

To create a Process Monitor:

Procedure
1. Select File > New > Process Monitor.
2. Do one of the following:
v To monitor all Processes, select All Processes.
v To monitor only those Processes that meet certain criteria, select Filter Using
Selection Criteria Pages. Define the criteria based on the options on the
remaining property pages.
v To refresh the monitor at specified intervals, select the Refresh every _
seconds option and enter the interval from 1-999 seconds.
v To monitor new data that was created since the Process Monitor was closed,
select Refresh on open.
3. Select the node on which to monitor Processes in the Node field.
4. Click OK.

Monitoring Processes Based on Selection Criteria


About this task

You can monitor Processes based on selection criteria.

Select the criteria to use to include in a Process Monitor. Select one or more of the
following filters: the status of a Process in the queue, the remote nodes included in
a Process, the user who submitted a Process, or a Process name or number.

To identify what Processes to include in a Process Monitor:

96 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Procedure
1. Open a Process Monitor window.
2. Select Filter Using Selection Criteria Pages.
3. To include Processes in a Process Monitor based on TCQ queue:
a. Click Status.
b. Select the status types you want to monitor. You are not limited to the
number of status types you can request. The status types are defined in the
following table:

Status Description
Execution Processes that are being serviced by the session manager.
Pending Execution The Process was submitted with the maximum delay option set
to zero.
Waiting Connection The Process is ready to execute as soon as a session is available.
Waiting Start Time The Process is waiting in the Timer Queue because it was
submitted with a start time or date that has not expired. When
the start time is reached, the Process is placed in the Wait queue
to schedule for execution.
Held Suspension The operator issued a delete process request with hold set to
Yes.
Timer Retry The Process is waiting for a retry attempt.
Held for Call The Process was submitted with the Hold option set to Call. A
session started from either node moves the Process to the Wait
queue in WC status. The Process is placed in the Execution
queue when the Process is selected for execution.
Held Due to Error A session error or other abnormal condition occurred.
Held Initially The Process was submitted with the Hold option set to Yes.
Held by Operator A change process request with hold set to Yes has been issued.
Held by Retain The Process was submitted with retention set to Yes or Initial.
Select All To monitor all status types.
Unselect All To deselect all status types.

4. To view Processes based on Process name:


a. Click the Process tab.
b. Select the Queue to search in the Queue(s) field.
c. To monitor a Process by name, click the New icon, type the name of the
Process, and press Enter. Repeat this step to add additional Process names.
d. To monitor a Process by number, click the New icon, type the Process
number, and press Enter. Repeat this step to add additional Process
numbers.
5. To view Processes based on a remote node:
a. Click the Nodes tab.
b. Choose one of the following:
v Select the network map node in the Netmap Nodes field.
v Click the right arrow or select All to select all network map nodes.
v To type a remote node name, click the New icon, type the remote node
name, and press Enter. Repeat this step to add remote node names.
6. To view Processes based on a user ID:

Chapter 3. System Guide 97


a. Click the Submitter tab.
b. Type the user ID or user proxy in the User field.
c. Type the node name in the Node field and click Add. Continue entering
node names and clicking Add until you have added all user IDs you want
to monitor.
7. Click OK.

Opening a Process Monitor File


About this task

To open a Process Monitor file:

Procedure
1. Select Files > Open.
2. From Files of Type, select Process Monitors (*.cdm) to display only Process
Monitor files.
3. Locate and select the Process Monitor file to open.

Saving a Process Monitor


About this task

Saving a Process Monitor to a file lets you use the same format and monitor
criteria again. When you save a Process Monitor, you are saving the criteria and
the format of the Process Window; not the Process information displayed at the
time you save the monitor.

Procedure
1. Select File > Save.
2. Type the name of the Process monitor with the extension .cdm.
3. Click OK.

The Process Monitor Output


Each line in a Process Monitor is a summary record of the current status of the
Process in the TCQ. Depending on the status of the Process or the step being
executed, some fields may be blank. The lines are numbered sequentially. A "W" to
the left of the sequence number indicates the Process has met the warning
conditions you established.

The following information is displayed:

Field Content
Name Process name.
Number Process number.
Step Name Process step name currently executing.
Status Current status of the Process.
Queue Logical queue where the Process is currently located (Execution, Hold,
Wait, or Timer).
Byte Count Number of data bytes read or written.

98 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Field Content
Submit Node Node name from which the Process was submitted.
Submitter User ID of the person who submitted the Process.
Pnode Primary node in the Process.
Snode Remote or partner node in the Process.
Message Message associated with the current Process step.
Source File Name of the source file.
Submit Date/Time Date and time the Process was submitted.
Schedule Date and time the Process was scheduled to be submitted.
Date/Time
Retain Identifies if the Process is to be retained in the TCQ for future
submission.
Function Type of Process statement currently executing (COPY, RUNJOB,
RUNTASK, SUBMIT).
CC Completion Code.

0—Success

4—Warning

8—Error

16—Severe error
FDBK Feedback code.
Message Text Message short text.
Message Data The substitution variables with their values for the short text.
Log Date/Time The date and time the Process record was created.
Hold The hold status of the Process.
Class Session class on which the Process is executing.
Priority TCQ priority of the Process.
Local Node Indicates whether the local node is the SNODE or the PNODE in the
Process.
From Node Indicates whether the local or remote node is the FROM node in a
COPY.
Compression Compression factor used in a copy step
Checkpoint Indicates use of checkpointing in a copy step.
Restart
Restart Indicates whether the Process was restarted.
Source Disp 1 Source file disposition parameters.
Source Disp 2 Source file disposition parameters.
Source Disp 3 Source file disposition parameters.
Record Count Number of data records read or written.
Xmit Bytes Number of data bytes plus RU bytes sent
Xmit RUs Number of request/response units sent.
Dest File Name of the destination file.
Dest Disp 1 Destination file disposition parameters.

Chapter 3. System Guide 99


Field Content
Dest Disp 2 Destination file disposition parameters.
Dest Disp 3 Destination file disposition parameters.

Using the Output Display


About this task

Through the output display, you can accomplish the following tasks:
v View details associated with a Process
v View the condition that caused a warning flag on a Process
v Change the order of fields displayed

To use the output display:

Procedure

Do one of the following:


v To view the detail fields associated with a Process, double click the Process
summary line
v To view the condition which caused the warning flag on a Process, select the
flagged Process. The condition is posted at the bottom of the display.

Note: You cannot change the size of the rows.


v To change the order of the fields in your display, select the heading of the field
you want to move, point the mouse at the heading, and drag and drop the
column to its new location. You may move any column. After you close the
reformatted display, that format becomes your default format.

Notification
When you install Sterling Connect:Direct for Microsoft Windows, you identify the
method used to notify a user of Process execution. If you want to change the
method used to notify selected users when a Process executes, use the Change
Notification utility. This application updates the Registry entries used by Sterling
Connect:Direct to perform the specified notification.

Notification Methods

Sterling Connect:Direct for Microsoft Windows provides two notification methods:


v NT Broadcast—NT Broadcast notification is performed using the Microsoft
Windows msg command.
v SMTP—E-Mail notification is performed using Simple Mail Transfer Protocol
(SMTP) notification, a simple ASCII protocol.

NT Broadcast
Sterling Connect:Direct for Microsoft Windows uses the msg command to
accomplish notification through NT Broadcast. The notification is sent to the
specified user or users attached to a particular computer or domain on behalf of
the user context that Sterling Connect:Direct is running in.

100 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


After the notification ID is specified from within the Process Control Options
category of the Process Definition dialog box, Sterling Connect:Direct supplies the
user as an argument in the msg command. If the specified recipient cannot be
located, or is not logged on, the notification fails and is not attempted again.

Changing Process Notification


About this task
To change the Process notification setup:

Procedure
1. Validate that the Sterling Connect:Direct service has been stopped by selecting
Start > Settings > Control Panel > Administrative Tools > Services and
making sure the Sterling Connect:Direct service is stopped. If not, select the
service and click Action > Stop.
2. Click Start > Programs > IBM Sterling Connect:Direct > v4.6.00 > CD Change
Notification Utility.
3. In the Node Name field, type or select the local node to configure. The current
notification for the node is displayed in the Transport field.
4. NT Broadcast is the default setting for the notification methods. If want to use
SMTP as the notification method, select SMTP in the Transport field and type
the following information in the fields provided:
v Host Address—SMTP server address, as the DNS name or IP address.
v Host Port—Port to connect to the SMTP server. Default=25.
v Sender—e-mail address uses for the sender.
v Turn on Authentication to enable it. Provide a user ID and password to sign
on to the SMTP server.
5. Click Save.
6. Click OK.

View Process Statistics


Sterling Connect:Direct records the history of a Process in a single relational
database. You can review this information to examine details about server
execution.

Sterling Connect:Direct for Microsoft Windows also uses the Microsoft Windows
Event Logging facility to log certain messages that the server generates during
execution. Sterling Connect:Direct selects specific record IDs or event types when
logging statistics. Sterling Connect:Direct assigns these record IDs severities and
passes them on to the Microsoft Windows Event Logging facility. The event.log
initialization parameter controls the statistics IDs that Sterling Connect:Direct sends
to the Microsoft Windows event log.

The statistics file stores information about all events that take place within the
Sterling Connect:Direct server for a specific period of time. The amount of time is
determined by the value specified for the stat.max.age initialization parameter.
Each record within the statistics file consists of fields that contain general
information about the record and a field that contains the statistics or audit
information to log.

In the fixed portion, the following fields are defined for the statistics files:

Chapter 3. System Guide 101


Field Description
EntryDateTime Date and time that the record was inserted into the statistics file. The
format is YYYYMMDD HHMMSSTTT.
SeqNum Sequence number.
RecID A 4-character ID that describes the type of record.
RecCat A 4-character ID that describes the category of record.
PrcName Name given to the Process when it is submitted.
PrcNumber Number assigned to the Process when it is submitted.
StartTime Start time of a Process step, if this is a Process step statistics record.
StopTime Stop time of a Process step, if this is a Process step statistics record.
SubmitterNode Node that the Process was submitted on.
SubmitterUserID User that submitted the Process.
RemoteNode Remote node for the Process.
ConditionCode Condition code for the statistics record.
AuditInfo Variable portion of the statistics record.

If the existing statistics file cannot be extended, the server issues a message to the
Microsoft Windows event log and terminates immediately. The server terminates
all activity as if issuing a stop command with the immediate parameter. Any
statistics records that are usually written during stop immediate processing are not
created in this situation.

The Statistics Monitor Window


The Statistics Monitor window displays the following information:

Field Definition
Log Specifies the date and time the statistics record was created.
Date/Time
Type Specifies whether the record is event or Process related.

CAEV indicates that the record is related to an event.

CAPR indicates that the record was related to a Process.


RecID Specifies the type of statistics record generated.
CC Specifies the completion code.
FDBK Specifies the feedback code for the module.
MSGID Specifies the Message ID.
PName Specifies the Process name.
PNum Specifies the Process number.
Step Name Name of the Process step.

Each row is a statistics record. Select the row to view statistics record details. You
can also modify the appearance of the Statistics Monitor window.

102 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Delete Statistics Records
The server deletes statistics records based on the value specified for the statistics
initialization parameter stat.max.age.

The stat.max.age parameter controls the amount of time that the server retains the
statistics record in the database. When statistics records reach the value specified
by the stat.max.age parameter, the server automatically deletes them. To retain all
of your records, back up your database regularly or set stat.max.age= to disable
automatic deletion.

Control Statistics File Content


Use the log.commands and log.select initialization parameters to control whether
the statistics file logs output from all commands and whether the file logs
commands that select Processes and select statistics.

See “Statistics Parameters” on page 146 for a description of the statistics


parameters.

Creating a Statistics Report


About this task

To create a statistics report:

Procedure
1. To open a new statistics monitor, select File > New > Statistics Monitor.
2. To modify an existing statistics monitor, select File > Open and select from the
Statistics Monitor directory.
3. To view statistics for all Processes executed over a specific period of time:
a. Select All Statistics for Last _ hrs.min.
b. Enter the time period in hours and minutes.
c. Click OK.
4. To view only those Processes that meet certain criteria:
a. Select Filter Using Selection Criteria Pages.
b. Define the criteria on the remaining property pages.
5. To view statistics based on step and Process completion only select Step and
Process Completion Statistics Only.
6. To refresh the monitor at specified intervals:
a. Select Refresh every _ minutes.
b. Type the interval in minutes (1–60).
7. To view new statistics that were created since the Statistics Monitor was
closed, select Refresh on open.
8. To view the last statistic as it occurs, select Autoscroll.
9. If necessary, select the node to monitor in the Node field.
10. Click OK.

Chapter 3. System Guide 103


Selecting Statistics Based on Process Name or Number
About this task

You can select statistics based on Process names or Process number.

The Process number is the number assigned by Sterling Connect:Direct when the
Process is submitted.

To select statistics based on Process name or number:

Procedure
1. Open or create a Statistics Monitor.
2. Select Filter Using Selection Criteria Pages.
3. Click Add.
4. To view statistics based on Process name:
a. Click the Process tab.
b. Click the New icon.
c. Type the Process name and press Enter.
d. Continue the previous two steps until you have added all Process names
to monitor.
5. To view Statistics based on Process number:
a. Click the New icon.
b. Type the Process number and press Enter.
c. Repeat this step until you have added all Process numbers to monitor.
6. To view statistics based on a user ID:
a. Click the Nodes tab.
b. Click the New icon.
c. Type the user ID or user proxy and press Enter.
d. Repeat the previous two steps until you have added all user IDs to
monitor.
7. To view statistics based on who submitted a Process:
a. Click the Submitter tab.
b. Type the user ID or user proxy.
c. Type the node on which the user is located.
d. Click Add.
e. Repeat the previous three steps until you have added all submitters to
monitor.
8. To view statistics based on a range of date or time:
a. Click the Ranges tab.
b. Activate the Date/Time Range option.
c. Select one of the following options:
v Range—Type the time range to monitor in hours and minutes.
v Start and Stop—Type the beginning and ending date and time range or
select the date from the calendar in the Start and the Stop fields. Type
the date in the format mmm/dd/yyyy and the time in the format
hh:mm:ss Xm.

104 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


v Start Only—Type the beginning date and time range or select the date
from the calendar in the Start field. Type the date in the format
mmm/dd/yyyy and the time in the format hh:mm:ss Xm.
v Stop Only—Type the ending date and time range or select the date from
the calendar in the Stop field. Type the date in the format
mmm/dd/yyyy and the time in the format hh:mm:ss Xm.
9. To select statistics based on a condition code, select the condition code on
which the condition is based and select a conditional operator as detailed in
the following table:

Option Description
Conditional To limit the statistics based on error code values, select the condition
Code Range code delimiters in the first drop-down box including:
Delimiters v Equal to
v Greater than or equal to
v Greater than
v Less than or equal to
v Less than
v Not equal to
Conditional To limit the statistics to selected error codes, select the error code value
Code Range from this drop-down box including:
Error Codes v 0
v 4
v 8
v 16
v Any

10. To generate statistics for specific source or destination files:


a. Click the Files tab.
b. Click the Add icon for the file type: either source or destination files.
c. Type the name of the file including the full path name.
d. Press Enter.
e. Repeat this procedure until all files to monitor are identified.
11. To generate statistics based on record types:
a. Click the Records tab.
b. Select a record category from the drop down menu for the Record
Category field.
c. Select a record from list. To remove a selection, click the item again.
d. To select all the records, click Select All.
e. To clear all selections, click Unselect All.
12. To generate statistics based on user-defined records:
a. From the Records tab, click Add in the User Defined Records dialog box.
b. Type the first four characters of the message ID.
c. Press Enter.
d. Repeat the three previous steps until you have added all records you want
to monitor.
13. Click OK.

Chapter 3. System Guide 105


Statistics Report Output
Each line in the Statistics report represents a statistics record. The following
information is displayed for each record type.

Field Description
Log Date/Time The date and time the statistics record was created.
Type The record category.

CAEV—Specifies that the record is related to an event, such as a Sterling


Connect:Direct shutdown.

CAPR—Specifies that the record is related to a Process.


Rec ID The type of statistics records, such as Copy Termination records or
Sterling Connect:Direct initialization event records.

Rec ID (Identifiers) are as follows:

Record ID Category
CHGP Event
COAC Event
CRHT Event
CSTP Event
CTRC Process
CTRM Event
CUKN Event
CXIT Event
DELP Event
FLSP Process
FMRV Process
FMSD Process
GPRC Process
IFED Process
LIEX Event
LIOK Event
LWEX Event
NAUH Event
NMOP Event
NUIC Event
NUTC Event
NUIS Event
NUTS Event
PERR Process
PFLS Process
PRED Process
PSAV Event

106 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Record ID Category
PSED Process
PSTR Process
RJED Process
RNCF Process
RTED Process
SBED Process
SELP Event
SELS Event
SEND Event
SERR Event
SHUD Event
SIGC Event
SSTR Event
STOP Event
SUBP Event
TRAC Event
UNKN Event
USEC Process
xxxx Event

Other fields displayed depend on the record type.

You can accomplish the following tasks through this display:


v To redefine the selection criteria, click the Criteria button.
v To see the detail fields associated with the Process, double-click on the Process
summary line.
v To change the size of a field in your display, point the mouse at the boundary
edge of the heading of the field you want to change. While holding down the
mouse button, move the mouse horizontally until the width of the field is as
desired.
v To change the width of a row, move the cursor to the line between any of the
line numbers. While holding down the mouse button, move the mouse vertically
until the width of the row is as desired.
v To change the order of the fields in the display, select the heading of the field
you want to move, press SHIFT, point the mouse at the heading, and drag and
drop the column to its new location. You can move any column.

After you close the reformatted display, that format becomes the default format.

Understand the Microsoft Windows Event Logging Facility


Sterling Connect:Direct for Microsoft Windows uses the Microsoft Windows Event
Logging facility to log informational, warning, and error messages that the server
generates during execution. A subset of the Sterling Connect:Direct statistics
records are also sent to the event log. The event.log initialization parameter
determines which of these records to log.

Chapter 3. System Guide 107


Merging this critical error information with the event log enables the system
administrator to have a single point of focus for error information from all
Microsoft Windows subsystems. The Event Logging facility also allows for easy
correlation of the various error messages that both Sterling Connect:Direct and
Microsoft Windows generate.

CAUTION: Sterling Connect:Direct can generate numerous event records. For


control purposes, define a large event log, use the event.log initialization parameter
to reduce the number of events Sterling Connect:Direct generates, or define the
event log to be wraparound.

The event log receives the following information from Sterling Connect:Direct for
Microsoft Windows:

Sterling Connect:Direct Microsoft Windows Event


Information Record IDs Type
Server initialization/ NUIC and NUTC Informational
termination
Communications session COAC and SEND Informational
start/end
Communications error SERR Error
Sterling Connect:Direct PSTR and PRED Informational
Process start/end
Sterling Connect:Direct CTRC, PSED, RJED, RTED, Informational
Process step information and SBED
Sterling Connect:Direct PERR and PFLS Warning
Process flush/error

Control Event Log Content


Use the event.log initialization parameter to control the Sterling Connect:Direct
statistics IDs that Sterling Connect:Direct sends to the event log. It specifies the
statistics IDs the system sends to the Microsoft Windows event log. You can specify
a list of Sterling Connect:Direct Statistics IDs or the keyword All. If you specify
more than one statistics ID, use a comma to separate IDs in a list. The default is
All.

The following sample uses the event.log initialization parameter to log Process
start and stop, Process flush, and Process errors to the event log.

event.log=PERR,PFLS,PRED,PSTR

Filter the Event Log


The Microsoft Windows Event Viewer utility also enables you to filter the event
log.

If you want to view a category of events in the log, you can sort the event log by
using the Filter Events option. You can filter the event log by specifying settings
that control a range of events by date and time. You can also filter the event log by
particular event types, application source and category, particular user, computer,

108 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


and Event IDs. See the Microsoft Windows documentation for more information on
the Event Viewer and the filter functionality.

Use the Sterling Connect:Direct Message Lookup Utility to assist you in


troubleshooting. Enter a message ID to access the short and long text explanations
for Sterling Connect:Direct messages.

Note: You can also view messages with the select message command from the CLI.

Viewing Messages
About this task

Use the Sterling Connect:Direct Message Lookup Utility to view the short and long
text explanations for error messages.

Procedure
1. Select Start > All Programs > IBM Sterling Connect:Direct > v4.6.0 > CD
Message Lookup.
2. Enter the message ID in the Message ID field.
3. Click Lookup to display the short and long message text.

Send Messages to an SNMP Management System


The Simple Network Management Protocol (SNMP) defines a set of protocols that
describe management data and the protocols for exchanging that data between
systems.

Sterling Connect:Direct for Microsoft Windows provides an extension agent that


works with Microsoft Windows SNMP Extensible Agent to send traps to a
configured Network Manager. See Microsoft documentation for details on
configuring the SNMP service to send traps.

Sterling Connect:Direct for Microsoft Windows enables messages to be written to


the event log. Traps are triggered by Sterling Connect:Direct for Microsoft
Windows messages. Certain messages are associated with trap events. However,
you can also define any message to be a trap event. When Sterling Connect:Direct
for Microsoft Windows starts, it processes the configuration file to create a table of
trap-event messages. When a trap-event message occurs, it is forwarded to the
extension agent. The extension agent works with the Microsoft Windows SNMP
Extensible Agent to forward the trap to all configured network managers. The
network managers who receive the messages are defined when you install
Microsoft SNMP.

To activate SNMP trapping, set the SNMP initialization parameter to Y. The default
is N.

When a trap-event message occurs, Sterling Connect:Direct for Microsoft Windows


writes the message to the application event log.

To activate event logging, set the initialization parameter called EVENTLOG to Y.


The default is N.

The configuration file is used by both SNMP and event logging. It is specified by
the SNMP.DSN initialization parameter and the default file name is:
Chapter 3. System Guide 109
installation directory/snmp/snmp.ini

where installation directory is the location where you installed Sterling


Connect:Direct for Microsoft Windows.

The configuration file enables you to customize the events that can be trapped. By
default, all events are enabled. If you want to disable some events or define other
messages to be trap events, edit this file with any standard editing tool.

Do one or more of the following to customize the configuration file:


v To turn off an event, set its value to N.
v To turn off all status traps, set sendStatusTraps=No.
v To turn off all alarm traps, set sendAlarmTraps=No.
v To define a list of Sterling Connect:Direct messages that will produce an alarm
trap, use the following: USERMESSAGEALARM = (message ID, message-list)
v To define a list of Sterling Connect:Direct messages that will produce a status
trap, use the following: USERMESSAGESTATUS = (message ID, message-list)

When the server is started, the SNMP and EVENTLOG initialization parameters
are checked. If the SNMP and EVENTLOG parameters are not specified, SNMP
and event logging are not activated.

Identify the Trap Variables


Traps are defined as alarm or status alerts that enable the network manager to
display the trap in the appropriate color on the network manager console.

Alarm trap variables signal events that are critical to the operation of Sterling
Connect:Direct for Microsoft Windows. Status trap variables signal events that are
not critical to the operation of Sterling Connect:Direct for Microsoft Windows but
show valuable information. The tables in the following sections describe the
predefined traps, the message that triggers the trap, and a description of the trap
and associated text.

The categories for trap variables are as follows:


v Type events
v Initialization events
v Shutdown events
v API events
v Execution events
v Miscellaneous events

Valid values for all events are YES (or Y) to enable and NO (or N) to disable.

This section identifies the Sterling Connect:Direct traps supported and identifies
the messages associated with the trap. Sterling Connect:Direct traps are defined in
two groups: status traps and alarm traps.
v Status traps are not critical to the operations of Sterling Connect:Direct for
Microsoft Windows but display important information.
v Alarm traps are more serious.

110 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Following are lists of Sterling Connect:Direct for Microsoft Windows specific or
predefined traps and the message that triggers the event. All traps are enabled by
default. If any of the traps need to be disabled, specify them in the SNMP.DSN
parameter with the following syntax:

Trap-name= Yes / No (YES=Enable and NO=Disable)

Initialization Events
The following table details status events that occur at initialization.

Trap Variable Description Trap Trigger


initializationComplete This node was initialized successfully. NUIC00I
snaNotAvailable The SNA support is temporarily unavailable LSNA003I
because the APPC/SNA feature could not be
initialized.
snaNowAvailable SNA/APPC has been successfully initialized. LSNA004I
tcpNotAvailable The TCP support is temporarily unavailable LTCP003I
because the TCP environment could not be
initiated.
tcpNowAvailable The connection to TCP/IP has been successful LTCP004I
and all TCP functions are supported.

Shutdown Events
The following table details status events that occur at shutdown.

Trap Variable Description Trap Trigger


shutdownRequested A Sterling Connect:Direct for Microsoft Windows Stop LSMG421I
command has been issued. Type can be QUIESCE, STEP,
IMMEDIATE, or FORCE.
normalShutdownComplete Sterling Connect:Direct for Microsoft Windows NUTC001I
termination has been completed successfully.

The following table details the alarm event that occurs at shutdown:

Trap Variable Description Trap Trigger


abnormalShutdown An abnormal termination of Sterling LSMG419I
Connect:Direct for Microsoft
Windows has occurred.

API Events
The following table details the status event that occurs from the API.

Trap Variable Description Trap Trigger


maxUserReached MAX.API.CONNECTS has been reached. LCOA009I

Chapter 3. System Guide 111


Execution Events
The following table details status events that occur when a Process executes.

Trap Variable Description Trap Trigger


processRetryExceeded The Process has exceeded the retry SVTM506I
threshold and has been placed in the
Hold queue.
tcqMovement A IBM Sterling Connect:Direct for LPMM001E
Microsoft Windows Process has been
moved to the Hold queue due to errors LSMG007E
during Process execution.
SVTM105I
userMessageStatus A user defined Sterling Connect:Direct Any Sterling
message has been issued. Connect:Direct message

The following table details alarm events that occur when a Process executes:

Trap Variable Description Trap Trigger


processFailure A Process failed with a return code greater LSMG420I
than 4 due to abnormal session termination,
network map check failure, or FM security
failure.
maxPnode The maximum number of PNODE Processes LPMM055E
has been reached.
processNot Started Process was not started because session LSMG418I
manager could not be initialized.
maxSnode The maximum number of SNODE Processes LSMI013E
has been reached.
userMessageAlarm A user-defined Sterling Connect:Direct message Any message ID
has been issued.

Miscellaneous Events
The following table details other status events.

Trap Variable Description Trap Trigger


tracesEnabled Sterling Connect:Direct traces enabled. STRA029I
netmapUpdate The Sterling Connect:Direct network map has been updated. SMUP192I
authFileUpdate Dynamic update of the Sterling Connect:Direct AUTH has SAFC006I
occurred.
initparmRefresh Dynamic update of the Sterling Connect:Direct INITPARM has SITA993I
occurred.
changeProcess A CHANGE PROCESS command has occurred. SOPB017I
deleteProcess A DELETE PROCESS command has occurred. SOPC011I

112 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Use the Activity Log
This Activity Log contains a list of Sterling Connect:Direct Requester activities,
including every significant activity you have requested from the time the activity
log is opened until it is closed. Each activity record logged is maintained with the
significant data associated with it.

For example, when you save a file, the Save activity record is stored, with the file
name of the saved document. The Activity Log is created at startup. It is
minimized and located in the lower left-hand corner. You may create, save, open,
close, and print Activity logs. When you open a new activity log, the active Log
that is already open is deactivated.

Opening an Activity Log


To open an activity log, click the Activity Log in the bottom pane of the Sterling
Connect:Direct Requester window.

Saving an Activity Log


About this task

The activity log information is lost when you close Sterling Connect:Direct
Requester unless you set the activity log information to write to a file.

Procedure
1. Select Tools > Options.
2. To display the activity log in the output window, check Enable the activity log
in the output window.
3. To write the activity log to a file:
a. Select Write the Activity Output to a File.
b. Type the name of the file.
c. To create a new activity log every time you start Requester, select Create
New File at Startup.
d. To append activity to the existing log file at start up, select Append to
Existing Activity File.
4. Click OK.

Type Events
Use the events in the following table to enable or disable all alarm or status events.

Trap Event Description Event


sendAlarmTraps NO—Disables all alarm trap variables regardless of Alarm
individual settings.

YES—Enables all alarm trap variables, allowing you


to disable individual alarm trap variables.
sendStatusTraps NO—Disables all status trap variables regardless of Status
individual settings.

YES—Enables all status trap variables, allowing you


to disable individual status trap variables.

Chapter 3. System Guide 113


Manage a Sterling Connect:Direct Server

Manage a Sterling Connect:Direct Server


The Sterling Connect:Direct Admin Tool enables you modify a Sterling
Connect:Direct server and databases. You configured the server when you installed
Sterling Connect:Direct for Microsoft Windows. If you want to change the server
configuration or start or stop a Sterling Connect:Direct server, use the Admin Tool
utility.

Starting the Admin Tool Utility


1. Click Start > All Programs.
2. Click IBM Sterling Connect:Direct > v4.7.0 > CD Admin Tool.

The main window contains an icon representing the local computer and a traffic
light icon for each Sterling Connect:Direct node on the computer. A running server
is represented by a green light, a stopped server is represented by a red light, and
a server in the process of starting or stopping is represented by a yellow light.

About the Toolbar


The Admin Tool toolbar provides icons to perform frequently performed actions.
The Admin Tool provides the following utility icons.

Select To
Start a server. The traffic light icon displays a green light when the server is starting
or running.
Stop a server. The traffic light icon displays a red light indicating the server is not
running.
Set general properties for a Sterling Connect:Direct for Microsoft Windows server.
Stop the server before setting general properties.
Display the About Admin Tool dialog box.

Click a menu bar or toolbar item, to access a description of its function. This action
does not work when a dialog box is open.

Starting and Stopping a Sterling Connect:Direct Server


About this task

Use the Admin Tool utility to start and stop a Sterling Connect:Direct server.

To start and stop a server:

Procedure
1. Select the server to start or stop.
2. Select Server > Start. If the server is already started, the server icon changes to
yellow and then changes to green. If the server is unable to start, the light
changes back to red.

114 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Configuring a Sterling Connect:Direct Server
About this task

To configure general, TCP/IP, SNA, and database properties for a server, use the
Properties dialog box.

CAUTION: You must stop the Sterling Connect:Direct service before you configure
properties. Stopping the service interrupts any Processes that are running.

To configure server properties:

Procedure
1. Click the server to configure.
2. If the server is running, click the stop icon to stop the server.
3. Select Server > Initialization Properties.
4. Select one of the following Service Startup methods from the pull-down
menu:
v Automatic to start Sterling Connect:Direct every time the system starts.
v Manual to start Sterling Connect:Direct manually.
v Disabled to prevent Sterling Connect:Direct from being started.
5. If necessary, change the settings on the General properties page. Refer to the
following table for a description of the fields:

Field Name Definition Valid Values


Max API Connections Specifies the maximum number of concurrent A numeric value from 1–255. The
client API connections permitted for the local node. default is 10.
It defines the maximum number of connections by
different userids. API connections by a single user
ID has no limit.
Max Pnode Sessions Specifies the maximum concurrent connections for A numeric value from 1–255 for the
all remote nodes where the local Sterling server version of Sterling
Connect:Direct for Microsoft Windows server node Connect:Direct for Microsoft
is the originator of the Process. Windows. The default is 1 for the
server version. The workstation
This field is limited to the lesser of the values version is limited to 1 PNODE
defined in the initialization parameters file and the session.
network map definition for a given node.
Max Snode Sessions Specifies the maximum concurrent connections, A numeric value from 1–255 for the
where the local Sterling Connect:Direct server node server version of Sterling
is the partner node cooperating with a remote Connect:Direct for Microsoft
Sterling Connect:Direct node to execute a Process. Windows. The default is 1 for the
server version. The workstation
This field is limited to the lesser of the values version of Sterling Connect:Direct for
defined in the initialization parameters file and the Microsoft Windows is limited to 2
network map definition for a given node. SNODE sessions.
TCQ Startup Specifies how the Sterling Connect:Direct server Warm to retain all existing Processes
program starts with respect to the TCQ. in the TCQ at server startup. If you
select a warm start, all Processes in
executing state when the server was
stopped will restart when the server
is restarted. Cold to delete all
existing Processes in the TCQ at
startup.

Chapter 3. System Guide 115


Field Name Definition Valid Values
TCQ Max Age Specifies the maximum number of days a Process A numeric value from 0–30. The
with Held due to Error (HE) status remains in the default is 30 days. Sterling
TCQ before it is automatically deleted. Connect:Direct does not
automatically delete Processes when
you specify 0.
Stat Max Age Specifies the maximum age (in days) that statistics A numeric value from 0–30. The
records are allowed to reach before the system default is 7 days. Sterling
automatically deletes them. Connect:Direct does not
automatically delete statistics records
when you specify 0.

6. Click the API tab. If necessary change the default values of API fields. Refer to
the following table for a description of the fields:

Field Name Definition Valid Values


Enable TCP/IP API Enables TCP/IP API support. enabled | disabled
Support
API IP Address Specifies the IP address that the Sterling A numeric value in the format
Connect:Direct Requester or user-written API nnn.nnn.nnn.nnn (IPv4) or
programs use to establish client sessions with the nnnn:nnnn:nnnn:nnnn:nnnn
Sterling Connect:Direct server. :nnnn:nnnn:nnnn (IPv6),
or the host name.
API Additional Addresses and Ports
API Port Specifies the port number that the Requester or A numeric value in the format nnnn,
user-written API programs use to establish client where nnnn is a positive integer from
sessions with this Sterling Connect:Direct server. 0 to 65535.

The default is 1363.


API Additional Specifies additional addresses and ports that the A numeric value in the format
Addresses and Ports Sterling Connect:Direct Requester or user-written nnn.nnn.nnn.nnn (IPv4) or
API programs use to establish client sessions with nnnn:nnnn:nnnn:nnnn:nnnn
this Sterling Connect:Direct server. Multiple :nnnn:nnnn:nnnn (IPv6),
address/host names (and combinations with port or the host name.
numbers) can be specified in this field. The port is
separated from its corresponding address/host For example, 10.20.9.175;2363,
name with a semi-colon (;), and each address/host fd00:0:0:2014::7; 2364
name and port combination is separated by a
comma (,). A space may be added after the comma This is an optional field.
for readability.
Host Additional Specifies additional IP addresses and ports for A numeric value in the format
Addresses and Ports incoming communications from remote Sterling nnn.nnn.nnn.nnn (IPv4) or
Connect:Direct nodes to this Sterling nnnn:nnnn:nnnn:nnnn:nnnn
Connect:Direct server node. :nnnn:nnnn:nnnn (IPv6),
or the host name.
Multiple address/host names (and combinations
with port numbers) can be specified in this field. For example, 10.20.9.175:2364,
The port is separated from its corresponding mdallas;1364
address/host name with a semi-colon (;), and each
address/host name and port combination is This is an optional field.
separated by a comma (,). A space may be added
after the comma for readability.
Enable Dynamic Enables dynamic addressing, so that the DHCP Disabled | Enabled
Addressing (DHCP) server will assign an IP address when it is
requested for the Sterling Connect:Direct server
node.

116 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


7. Click the TCP/IP tab. If necessary change the default values of TCP/IP fields.
Refer to the following table for a description of the fields:

Field Name Definition Valid Values


Enable TCP/IP Support Enables TCP/IP support. enabled | disabled
Host IP Address Specifies the IP address for incoming A numeric value in the format
communications from remote Sterling nnn.nnn.nnn.nnn (IPv4) or
Connect:Direct nodes to this Sterling nnnn:nnnn:nnnn:nnnn:nnnn
Connect:Direct server node. :nnnn:nnnn:nnnn (IPv6),
or the host name.
Host Port Specifies the port number for incoming A numeric value in the format nnnn,
communications from remote Sterling where nnnn is a positive integer from
Connect:Direct nodes to this Sterling 0 to 65535.
Connect:Direct server node.
The default is 1364.
Host Additional Specifies additional IP addresses and ports for A numeric value in the format
Addresses and Ports incoming communications from remote Sterling nnn.nnn.nnn.nnn (IPv4) or
Connect:Direct nodes to this Sterling nnnn:nnnn:nnnn:nnnn:nnnn
Connect:Direct server node. :nnnn:nnnn:nnnn (IPv6),
or the host name;nnnn
Multiple address/host names (and combinations
with port numbers) can be specified in this field. For example, 10.20.9.175:2364,
The port is separated from its corresponding mdallas;1364
address/host name with a semi-colon (;), and each
address/host name and port combination is This is an optional field.
separated by a comma (,). A space may be added
after the comma for readability.
Buffer Size Specifies the data buffer size for transmitting data A numeric value from 256–65536.
to and from a remote Sterling Connect:Direct node
if the value is not in the network map entry. The The default is 65535.
value entered in the Buffer Size field of the
network map TCP/IP Communication Mode
object overrides this value.
Enable Dynamic Enables dynamic addressing, so that the DHCP Disabled | Enabled
Addressing (DHCP) server will assign an IP address when it is
requested for the Sterling Connect:Direct server
node.

8. Click the UDT tab. If necessary change the default values of UDT fields. Refer
to the following table for a description of the fields:

Field Name Definition Valid Values


Enable UDT33 Support Enables UDT33 support. enabled | disabled
Host IP Address Specifies the IP address for incoming A numeric value in the format
communications from remote Sterling nnn.nnn.nnn.nnn (IPv4) or
Connect:Direct nodes to this Sterling nnnn:nnnn:nnnn:nnnn:nnnn
Connect:Direct server node. :nnnn:nnnn:nnnn (IPv6),
or the host name.
Host Port Specifies the port number for incoming A numeric value in the format nnnn,
communications from remote Sterling where nnnn is a positive integer from
Connect:Direct nodes to this Sterling 0 to 65535.
Connect:Direct server node.
The default is 1364.

Chapter 3. System Guide 117


Field Name Definition Valid Values
Host Additional Specifies additional IP addresses and ports for A numeric value in the format
Addresses and Ports incoming communications from remote Sterling nnn.nnn.nnn.nnn (IPv4) or
Connect:Direct nodes to this Sterling nnnn:nnnn:nnnn:nnnn:nnnn
Connect:Direct server node. :nnnn:nnnn:nnnn (IPv6),
or the host name;nnnn
Multiple address/host names (and combinations
with port numbers) can be specified in this field. For example, 10.20.9.175:2364,
The port is separated from its corresponding mdallas;1364
address/host name with a semi-colon (;), and each
address/host name and port combination is This is an optional field.
separated by a comma (,). A space may be added
after the comma for readability.
Buffer Size Specifies the data buffer size for transmitting data A numeric value from 256–65536.
to and from a remote Sterling Connect:Direct node
if the value is not in the network map entry. The The default is 65535.
value entered in the Buffer Size field of the
network map UDT Communication Mode object
overrides this value.
Enable Dynamic Enables dynamic addressing, so that the DHCP Disabled | Enabled
Addressing (DHCP) server will assign an IP address when it is
requested for the Sterling Connect:Direct server
node.

9. Click the SNA tab. If necessary, change SNA field values. Refer to the
following table for a description of the SNA fields:

Field Name Definition Valid Values


Enable SNA Support Enables SNA support. Enabled or Disabled

If SNA is activated at installation, the


default value is enabled.
Local LU Name Specifies the Local LU name for the Sterling Local LU Name
Connect:Direct server node.
If you want to monitor multiple LUs,
leave this field blank. The default
value is the local LU name.

10. Click the Database tab.


11. Click Modify Settings to invoke the Database Wizard utility. Use the utility to
configure the ODBC and database environments.
12. Select one of the following database types:
v Microsoft SQL Server
v MySQL
v IBM solidDB
13. If you selected Microsoft SQL server:
a. Identify the TCQ/Stats data source in the TCQ/Stats Datasource field.
b. Identify the data source for message in the Message Datasource field.
c. Identify the database name in the Database Name field.
d. To specify the SQL server, type or select the name of the SQL server or
click (...) to select a network SQL server.
14. When you validate the information, click Finish.
15. Click Yes to build the database.

118 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


16. Click OK.

Work with Active Directory


When you install Sterling Connect:Direct on a computer, you can add the node to
Active Directory during the installation. However, you can use the Admin Tool to
add or delete Active Directory entries after the initial installation.

You can also view or print a report that lists all nodes that are registered in Active
Directory. In order to add or delete a node from Active Directory, you must be a
member of the Enterprise Admins group.

Note: You can only add or delete Active Directory entries if Active Directory
services have been implemented in your environment.

Adding an Active Directory Entry


About this task

To add a node entry to Active Directory:

Procedure
1. Start the Admin Tool utility.
2. Select Active Directory > Create.
3. Select the node to add and click Add.

Deleting an Active Directory Entry


About this task

To delete a node entry from Active Directory:

Procedure
1. Start the Admin Tool utility.
2. Select Active Directory > Delete.
3. Select the node to delete and click Remove.

Creating an Active Directory Report


About this task

To create a report that identifies all nodes registered in Active Directory:

Procedure
1. Start the Admin Tool utility.
2. Select Active Directory > Report. The Active Directory Report is displayed.

Chapter 3. System Guide 119


Troubleshoot Sterling Connect:Direct

Diagnose a Server Problem Using Traces


If you have a problem with a server, you can start a trace. A trace provides
detailed information about Sterling Connect:Direct activity and assists in
diagnosing problems related to Sterling Connect:Direct operations. The trace
facility writes this information to a file. You can set the size of the output file and
specify a wrap if the file reaches its maximum size.

You can set a trace to one of the following levels:


v A basic trace to capture the function entry and exit only.
v An intermediate trace to capture the function argument and its start and stop.
v A full trace to capture internal control blocks and the function argument, start,
and stop.

The trace timestamp is specified in microseconds to pinpoint server activity with


greater precision.

You can create a trace using Requester or the CLI.

Refer to “Traceoff Command” on page 173 and Traceon Command for instructions
on using the CLI to define or turn off traces.

Defining a Trace
About this task

To define a Sterling Connect:Direct trace:

Procedure
1. Start Requester.
2. Select Admin > Tracing.
3. To set trace information for selected functions, turn on tracing for the specific
Sterling Connect:Direct events.
v CMGR—Capture the interaction between clients and the server.
v PMGR—Capture server Process changes.
v MAIN—Capture server initialization and termination.
v STAT—Capture statistics activity.
v SMGR—Capture the execution of Processes and the interaction of the server
with other nodes.
v COMM—Capture interactions with external communications facilities
invoked from Session Manager.
4. To set tracing for all available events, click Full Tracing.
5. Generate a configuration report is selected by default. If you do not want to
generate a configuration report, turn off this option.
6. To specify output file information:
a. Click the File tab.

120 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


b. Enter the output file name. Do not select the name of an active trace file. A
file can only be used for one trace at a time. The default file name is
CDTRACE.CDT.
c. Enter the maximum file size allowed in the Max Size field. Select Kilobytes
or Megabytes to specify the size unit.
d. Wrap tracing output when max file size is reached is selected by default. If
you do not want the tracing output to wrap when the maximum file size is
reached, turn off this option.
7. Click OK.

Stopping a Trace
About this task

To stop a trace:

Procedure
1. Select Admin > Tracing.
2. Set the trace that you want to stop to OFF.
3. Click All Off to turn off all tracing.
4. Click OK.

Chapter 3. System Guide 121


Trace Startup Parameters
The following startup parameters for Sterling Connect:Direct traces are all optional:

Parameter Description and Options


-ttyp= Specifies the type of trace to start during initialization. You must
provide this parameter in order to generate any trace output. Any
combination of the following options is valid.

c — Starts a Command Manager trace. This trace affects all Command


Managers started on behalf of users logging in to the Sterling
Connect:Direct for Microsoft Windows server. It shows both the
command processing flow and the interactions between the server
executable and the Sterling Connect:Direct for Microsoft Windows.

p — Starts a Process Manager trace. This trace shows all events related
to the Process Manager and to Session Manager startup by the main
server executable.

s — Starts a Session Manager trace. This trace shows all Session


Manager processing, including file and communications API access, but
does not display information that is sent across the communications line.
If you do not specify any further qualifying parameters, the system
traces all Session Managers.

o — Starts a Communications trace. This trace shows all the


communications data that flows across the network between the local
and remote Sterling Connect:Direct Session Managers.

m — Starts a trace of the main-line logic that includes initialization and


termination.

a — Starts a trace of the Statistics subsystem. This trace shows all


records sent to the Statistics thread.

x — Starts all trace types. Specifying a value of x is the same as


specifying cpsoma.
-tlvl= Specifies the trace level. The values are:

b — Starts a basic trace that includes only module entry and exit
records. This is the default.

i — Starts an intermediate trace that shows all trace data produced by b


plus function arguments.

f — Starts a full trace that shows all trace data produced by i plus
certain Sterling Connect:Direct control blocks and internal information.
-twrp Specifies that the trace file should wrap once it reaches its maximum
size.
-tfil=filespec Specifies the fully qualified name of the trace file that receives output.
The default is CDTRACE.CDT in the directory where the Sterling
Connect:Direct for Microsoft Windows server executable resides.
Microsoft Windows Services treats a backslash (\) as an escape character,
so type two backslashes for each backslash in the file path.

Example:

-tfil=c:\\users\\default\\trace.it

122 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Description and Options
-tfsz= Specifies the maximum file size the trace file can reach before it wraps if
-twrp is also specified. If -twrp is not specified, -tfsz indicates that the
trace file will terminate when it reaches this size.

The default is -tfsz=100K.

bytes: You can specify the file size in bytes.

bytesK: You can specify the file size by using the K (x1000) suffix.

bytesM: You can specify the file size by using the M (x1000000) suffix.

For Session Manager (s) or Communications (o) trace types, the following
parameters are also available:

Parameter Description and Options


-tpnum= Requests a trace of up to eight Process numbers upon the initiation of
the Process. If you specify -tpnum, Sterling Connect:Direct will only
trace the specified Processes.

pnum: Process number.

(pnum1,pnum2,...,pnum8): Trace of up to eight Process numbers.


-tpnam= Requests a trace of up to eight Process names upon the initiation of the
Process. If you specify -tpnam, Sterling Connect:Direct will only trace
the specified Processes. Arguments are:

pnam: Process name.

(pnam1,pnam2,...,pnam8): Trace of up to eight Process names.


-tdest= Requests a trace of up to eight Sterling Connect:Direct remote node
names that have interaction with this local node. This parameter
generates trace information when Sterling Connect:Direct submits a
Process that is destined for the specified remote node or when the
specified remote node establishes a sessionam with this local node. If
you specify -tdest, Sterling Connect:Direct will only trace the specified
remote node names.

dest: Destination node name.

(dest1,dest2,...,dest8): Trace of up to eight destination node names.


-tlnode= Requests a trace of initiating node sessions only. This parameter modifies
the effect of the -tpnam, -tpnum, and -tdest parameters by allowing only
or traces of Processes submitted on the local node.
Note: Sterling Connect:Direct for Microsoft Windows also supports
-tpnode= -tpnode in place of -tlnode.
-trnode= Requests a trace of remote node sessions only, that is, a session initiated
by a remote node. This parameter modifies the effect of the -tpnam,
or -tpnum, and -tdest parameters by allowing only traces of Processes
submitted on remote Sterling Connect:Direct nodes.
-tsnode= Note: Sterling Connect:Direct for Microsoft Windows also supports
-tsnode in place of -trnode.

Chapter 3. System Guide 123


Recover from a Problem
Sterling Connect:Direct provides several ways to recover from a system
malfunction, such as an abnormal termination of a connection between local and
remote Sterling Connect:Direct nodes. Process recovery enables you to resume
execution as quickly as possible and to minimize redundant data transmission after
a system failure.

Sterling Connect:Direct uses the following facilities to address errors for Process
recovery:
v Process step restart
v Automatic session retry
v Checkpoint/restart
v Run Task restart

Process Step Restart


As a Process executes, Sterling Connect:Direct records the step that is executing in
the TCQ. If Process execution is interrupted, the Process is held in the TCQ in retry
(RE) status, unless you explicitly delete the Process with the Hold parameter set to
No. After all attempts to restart have failed, the Process goes into Held due to
Error (HE) status. When a wildcard copy command restarts, it restarts at the file
that was being copied when the Process was interrupted.

When you release the Process for execution, Sterling Connect:Direct automatically
begins execution at the beginning of that statement. No user specification is
required for Process step restart. Sterling Connect:Direct always performs Process
step restart.

Automatic Session Retry


The network map remote node object has short-term and long-term connection
retry parameters. If no value is specified for these parameters, the default values
are taken from the initialization parameters file.

Short-term parameters allow a quick succession of retry attempts in the event of a


short-term connection failure. Long-term parameters are used after the number of
short-term attempts you specify has been reached. The assumption is that the
connection problem cannot be fixed quickly; therefore, Sterling Connect:Direct can
retry infrequently to save the overhead of connection retry attempts.

If a session error occurs, the Process moves to the Timer queue in retry (RE) status
and short-term and long-term wait times begin. After short-term and long-term
wait times expire, the Process is moved to the Hold queue.

The tcq.max.age initialization parameter specifies the maximum number of days a


Process with a Held due to Error (HE) status remains in the TCQ before it is
automatically deleted.

124 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Checkpoint/Restart
Checkpoint/restart is specific to the Process copy statement. Sterling
Connect:Direct records file positioning checkpoint information at specified intervals
during a copy operation. If a copy step is interrupted for any reason, it can be
restarted at the last checkpoint position.

Note: Sterling Connect:Direct must support checkpoint/restart on both the local


and the remote node.

The file sender provides positioning information to the receiver when a checkpoint
interval is reached. The receiver stores this information, along with its destination
file positioning information, in the checkpoint file. The last four sets of positioning
information are retained in the checkpoint file. At restart, each set of information is
used until the file is successfully repositioned. If repositioning fails, then the entire
file is retransmitted.

Checkpoint Parameter for the Copy Statement


The checkpoint parameter in the Process copy statement specifies the byte interval
at which checkpoints are taken.

Note: See the IBM Sterling Connect:Direct Process Language Reference Guide for use of
the checkpoint parameter in the copy statement.

A checkpoint value of No disables checkpointing. If you do not specify a


checkpoint value in the copy statement, the default is defined by the checkpoint
interval initialization parameter, ckpt.interval.

Restart During Run Task Operations


Sterling Connect:Direct for Microsoft Windows provides checkpoint/restart
capabilities with the run task Process statement. If a run task operation is executing
on the SNODE and a session failure occurs, the PNODE recognizes the session
failure and puts the Process in the Timer queue for retry. The SNODE, however, is
still running the run task operation and is not notified of the session failure until
the operation finishes. The checkpoint/restart feature for run task ensures that
when the Process restarts on the PNODE, the run task operation does not execute
a second time on the SNODE.

Restart Process Operations

If a run task Process step restarts, the node where the operation executes attempts
to find the checkpoint information in the TCQ header. If the run task step is still
executing, the Process that is running for the restart of the step waits for the run
task operation to finish the first task and proceed to the next step of the Process, if
there is one.

When the first Process finishes, it determines that the session under which it was
running has been lost and terminates without logging statistics records that
indicate a session failure. The second Process records how the run task step that
was still executing ended and proceeds to the next step in the Process.

Chapter 3. System Guide 125


Determine Reexecution of the Run Task Step

If Sterling Connect:Direct determines at restart that the run task operation ended
because it finished before the PNODE restarted the Process, then the run task step
does not execute again. However, if the run task operation did not finish and is not
currently running, then the value of the runtask.restart initialization parameter
determines whether to restart the Process.

If runtask.restart=yes, Sterling Connect:Direct executes the program again. If


runtask.restart=no, the Process skips the run task step.

Note: For a full description of all run task statement parameters, see the IBM
Sterling Connect:Direct Process Language Reference Guide.

Troubleshoot Sterling Connect:Direct Problems


Before calling IBM Support, gather information to help support personnel analyze
and troubleshoot your problem. Have the following information available when
you call:
v Network map parameter definitions
v Initialization parameter definitions
v Statistics report
v For SNA sites, gather the following:
– If you are using Microsoft SNA software, type snacfg/print>snacfg.dat from a
command prompt.
– If you are using IBM Communications Server SNA software, open
filename.acg, where filename is the name specified during Communications
Server installation.

If you are troubleshooting a Sterling Connect:Direct for z/OS server, gather the
following information:
v Network map parameter definitions
v Local Node source
v Remote Node source
v For SNA connectivity, provide the following:
– z/OS LU definition
– z/OS PU definition
– z/OS APPLID
– z/OS LOGMODE definition entry

Worksheets

Network Map Communications Mode Object Worksheet


The communications mode object defines the protocol and characteristics of
sessions that are established using this mode group. Use the information on this
worksheet when you create or modify a Communication Mode in your network
map.

126 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Note: See “Define and Manage the Sterling Connect:Direct Network” on page 55
for field content.
Make a copy of this worksheet for each communications mode in the network.

Communications Mode Information Needed


TCP/IP Communications Mode Name

Buffer Size

Pacing Send Count

Pacing Send Delay

CRC
UDT Communications Mode Name

Buffer Size

CRC
APPC Communications Mode Name

Max RU Size

Max Pacing Size

Max Sessions

Network Map Communications Path Object Worksheet


The communication path object defines the communications path between the local
node and one or more remote nodes. Use this worksheet when you create a
communications path in your network map.

Note: See “Define and Manage the Sterling Connect:Direct Network” on page 55
for field content.

Make a copy of this worksheet for each communications path in the network.

Communications
Path Information Needed
TCP/IP Communication Path Name

Communications Mode
UDT Communication Path Name

Communications Mode

Chapter 3. System Guide 127


Communications
Path Information Needed
APPC Communications Path Name

Communications Mode

Transport Type

Token Ring or Ethernet


v Adapter Number
– Primary
– Alternate
v Address

SDLC
v Local SNA Network
v LU Name

Network Map Remote Node Object Worksheet


The Remote Node object provides information about remote nodes to which the
local node establishes sessions or that establish sessions with the local node.

Use the information on this worksheet when you modify your network map. See
“Define and Manage the Sterling Connect:Direct Network” on page 55 for field
content.

Make a copy of this worksheet for each remote node.

Note: The components below correspond to the tabs on the Netmap Node
Properties dialog box.

Network Map
Component Information Needed
Main Options Node Name

Operating System

Maximum Concurrent Local Node Session

Maximum Concurrent Remote Node Session

Default Class

Short Term Number of Retries

Interval (Time Between Retries)

Long Term Number of Retries

Interval (Time Between Retries)

128 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Network Map
Component Information Needed
TCP/IP Information Host Name/IP Address

Port Number/Service Name

TCP/IP Communication Mode Name

Alt Comm Outbound (Alternate Outbound Addresses)

Alternate Comminfo (Alternate Netmap-Checked Addresses)


UDT Information Host Name/IP Address

Port Number/Service Name

UDT Communication Mode Name

Alt Comm Outbound (Alternate Outbound Addresses)

Alternate Comminfo (Alternate Netmap-Checked Addresses)


APPC Information Network Name

Partner LU Name

APPC Mode
Communications Communications Path Names
Path
Note: You must designate at least one path.
Description Contact Name
Information
Contact Phone Number

Comment

User Functional Authorization Worksheet


User Functional Authorizations control the user's right to issue various Sterling
Connect:Direct commands and statements or perform tasks through the Sterling
Connect:Direct Requester. Use this worksheet when making updates to the
functional user authorization object in the Registry.

See “Configuring the Sterling Connect:Direct Local Node” on page 45 for field
content. Make a copy of this worksheet for each Sterling Connect:Direct user.

Type of Authorization
Information Information Needed
Main Options Local User ID

Default User Type (choose one):


v General User
v Administrator

Chapter 3. System Guide 129


Type of Authorization
Information Information Needed
Administrative Indicate whether the administrator has the authority to update
the following:
v User Authorizations
v Upload
v Remote User Proxies
v Download
Directory Restrictions Specify the directory where you are allowed to perform the
specific tasks. If you do not specify a directory, you can
perform the specific task from any directory to which the
Microsoft Windows security enables access. This authority is
effective regardless of whether the request is submitted from
the local or remote system. However, the remote user proxy
can override the directory specification.
v Upload Directory
v Download Directory
v Process Directory
v Program Directory
Server Control Grants authority to perform the following tasks in Sterling
Connect:Direct:
v Stop (Sterling Connect:Direct)
v Refresh (initialization parameters)
v Trace
v Update Network Map
v Update Translation Table
Statements Authorization Grants authority to use the following statements in Sterling
Connect:Direct Processes:
v Trace
v Copy
v Run Job
v Run Task
v Submit
Process Control Submit Grants authority to manipulate and observe Processes in the
TCQ.
Overrides Authorization Grants authority to override the following Microsoft Windows
defaults:
v Execution Priority
v ACL Updates
v File Attributes
v Remote Node ID
v CRC

Remote User Proxy Worksheet


The Remote User Proxy object defines a relationship between a remote node and a
local user ID.

Note: See “Configuring the Sterling Connect:Direct Local Node” on page 45.

130 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Make a copy of this worksheet for each Sterling Connect:Direct Remote User Proxy
you want to define.

Type of Authorization
Information Information Needed
Main Options Remote Node Name

Remote User ID

Local User ID

Local User ID Password

Allow the remote user to:


v Upload
v Download
Directory Options Specify the directory where the remote user can perform tasks.
The directory properties allow you to restrict the Process
directory and data directories that remote users can access. If
you do not specify a directory, the directories specified in the
functional authorization for the local user account will apply. If
there are no directories specified in the local user functional
authorizations, the remote user can perform the specific task
from any directory that the server security enables access to.

Upload Directory

Download Directory

Process Directory

Program Directory

Change Sterling Connect:Direct Settings

Change Sterling Connect:Direct for Microsoft Windows


Settings
When you install Sterling Connect:Direct for Microsoft Windows, initialization
parameters are created in the Microsoft Windows registry and are used to
determine settings at initialization. Initialization parameters (also called initparms)
set the default values of Sterling Connect:Direct functions.

Initparms determine how Sterling Connect:Direct behaves during operation. You


can change the default Sterling Connect:Direct for Microsoft Windows settings by
changing the value of these parameters.

Initialization parameters are organized in the following groups:

Category Description
Miscellaneous Miscellaneous commands describe server path, download and
upload directories, dialup entries, and security exits.
Statistics Information Statistics settings determine the maximum age that statistics
records are kept and what commands are logged in the
statistics file.

Chapter 3. System Guide 131


Category Description
TCQ Information TCQ settings determine default values for the Process file
directory, remote node run task operations, the length of time
a Process is held in error, and how the TCQ handles Processes
during server startup.
Global Copy Parameters Global copy settings determine default checkpoint intervals,
translation tables and translation directories.
Local Node Characteristics Node settings define the name of the local node, and
determine default values for functions such as session class,
maximum connections, maximum API connections, buffer
sizes, and short- and long-term attempts and retries.

Sample Initialization Parameters Format


The following figures illustrate the format of the initialization parameters. The
initialization parameters are listed in groups that are labeled in brackets.

The example below shows the miscellaneous parameters:

[Miscellaneous Commands]
server.path=C:\Program Files\Sterling\Connect Direct v4.6.00\Server\
proc.prio.default=10
exec.prio.default=7
download.dir=C:\Program Files\Sterling\Connect Direct v4.6.00\Server\DOWNLOAD\
upload.dir=C:\Program Files\Sterling\Connect Direct v4.6.00\Server\UPLOAD\
program.dir=C:\Program Files\Sterling\Connect Direct v4.6.00\Server\PROGRAM\
restrict.cmd=N
security.exit=<None>
notify.level=A
file.exit=<None>
event.log=All
snmp=N
snmp.eventlog=N
snmp.trapstat=Nsnmp.dsn=C:\Program Files\Sterling\Connect Direct v4.6.00\Server\
snmp\snmp.ini
certificate.directory=C:\Program Files\Sterling Commerce\Connect Direct v4.6.00\
Server\Secure+\Certificates
s+cmd.enforce.secure.connection=Y

The example below shows the local node parameters:

132 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


[Local Node Characteristics]
max.api.connects=10
conn.retry.stwait=00:00:10
conn.retry.stattempts=10
conn.retry.ltwait=00:03:00
conn.retry.ltattempts=10
contact.name=not specified
contact.phone=not specified
descrip=no description specified
name=CDSWIFTNET-4500
sess.pnode.max=1
sess.snode.max=1
sess.default=1
netmap.check=Y
node.check=B
proxy.attempt=N
protocol=1
tcp.api.port=cdswiftnet;4463
tcp.host.port=cdswiftnet;4464
outgoing.address=<None>
tcp.src.ports=<None>
tcp.src.ports.list.iterations=1
comm.bufsize=65535
pacing.send.delay=00:00:00
pacing.send.count=0
tcp.crc=OFF
tcp.crc.override=N
tcp.max.time.to.wait=00:03:00
tcp.window.size=0
runstep.max.time.to.wait=00:00:00
active.directory.enabled=N
quiesce.resume=N

The example below shows the parameters related to the Transmission Control
Queue (TCQ):

[TCQ Information]
tcq.max.age=30
tcq.start=W
process.dir=C:\PROGRAM FILES\STERLING COMMERCE\CONNECT DIRECT V4.6.00\SERVER\
PROCESS\
runtask.restart=N

The example below shows the Global Copy parameters:

[Global Copy Parameters]


ckpt.interval=10240K
xlate.dir=C:\PROGRAM FILES\STERLING COMMERCE\CONNECT DIRECT V4.6.00\SERVER\XLATE\
xlate.send=XLATESND.CDX
xlate.recv=XLATERCV.CDX
disable.cache=N
continue.on.exception=N
ecz.cmprlevel=1
ecz.windowsize=13
ecz.memlevel=4
strip.blanks=I
record.wrap=N
retry.msgids=<None>
retry.codes=<None>

The example below shows the parameters related to statistical information:

Chapter 3. System Guide 133


[Statistics Information]
stat.max.age=7
log.select=N
log.commands=Y
stat.sort=Y

Changing Initialization Parameters


About this task

You can change theSterling Connect:Direct for Microsoft Windows initialization


settings by editing the initialization parameters.

Procedure
1. Click Start > All Programs > IBM Sterling Connect:Direct > v4.7.00 > CD
Requester.
2. In Sterling Connect:Direct Requester, select Admin > Initialization Parameters.
If you have not attached to Sterling Connect:Direct, the Connect:Direct Attach
dialog box is displayed.
3. Attach to the server.
4. In the initialization parameters file, place the cursor after the equal sign
following the parameter you want to change.
5. Type the new value. Refer to the parameters tables for the name, definition,
and valid values for each command parameter.
6. Select Initparms > Apply to update and save changes.
7. Close the Initparms dialog box by clicking the X in the upper-right-hand
corner.

Miscellaneous Parameters
The miscellaneous parameters determine the server path, default Process priority,
event log values, and various restricted directories.

The following table lists the miscellaneous commands parameters:

Parameter Name Description Valid Values


certificate.directory Default certificate directory for Sterling Directory path name
Connect:Direct Secure Plus commands issued
from the Sterling Connect:Direct client API. If
the directory is not configured, the default
directory created during installation is used.
s+cmd.enforce.secure.connection Determines if Sterling Connect:Direct Secure y|n
Plus commands are accepted from the Sterling
Connect:Direct client API on unsecure y=default. Commands from
connections. unsecure connections are not
accepted.

n=commands from unsecure


connections are accepted

134 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Name Description Valid Values
server.path Fully-qualified path to all Sterling Valid, fully-qualified path name.
Connect:Direct files. Terminate the path name
with a trailing backslash (\).

You cannot change the value of this parameter.


If you want to change the local node name,
you must reinstall Sterling Connect:Direct for
Microsoft Windows.
proc.prio.default The default Sterling Connect:Direct Process A numeric value from 1 to 15,
priority information to assign any time a where 15 is the highest priority.
Process is submitted without the selection
priority parameter (selprty) on the Process The default is 10.
statement.
exec.prio.default The priority of the Process. The execution A numeric value from 1 to 15,
priority parameter is used to influence the where 15 is the highest priority.
Microsoft Windows operating system priority
given to the Session Manager when it begins The default is 7.
execution of this Process. A Process with a
higher priority is assigned a higher operating These values are mapped to
system priority and receives more system Microsoft Windows Process
resources. priority classes and values.
Note: Scheduling Processes with a high
execution priority value can affect the
execution of other applications on the system.
download.dir The default directory to copy the destination Valid, fully-qualified path name.
file to if a copy statement does not specify a The default is X:\installation
fully-qualified path. directory\DOWNLOAD
upload.dir The default directory that source files are Valid, fully-qualified path name.
copied from if a copy statement does not The default is X:\installation
specify a fully-qualified path. directory\UPLOAD
program.dir The default working directory for a program Valid, fully-qualified path name.
started using a run task or run job statement The default is X:\installation
when a fully-qualified path is not specified. directory\PROGRAM
restrict.cmd Restricts the use of operating system Y|N
commands in run task or run job statements by
preventing the use of the CMD syntax in those The default is N.
statements. In addition, it prevents the use of
the special characters: “&”, “|”, and “>”.

To enable running of cmd tasks and the use of


special characters, specify N.

Only use restrict.cmd=Y when the controlling


group or user functional authority record
includes a directory restriction.
security.exit Specifies whether a security exit is Valid, fully-qualified path name
implemented as a user exit during Process to a user-defined DLL. The
execution. See the IBM Sterling Connect:Direct default is <NONE>.
for Microsoft Windows SDK Programmer Guide
for details as presented in the sample user exit
program userexit_samp.c.

Chapter 3. System Guide 135


Parameter Name Description Valid Values
notify.level The level of Process notification based on the A|W|E
Process step return code. If you want
notification to occur regardless of the return The default is A.
code, specify a value of A.

Specify a value of W for a warning-level return


code greater than 0. Specify a value of E for an
error-level return code greater than 4.
file.exit The name of a user-written dynamic link Valid, fully-qualified path name
library (DLL) file. The DLL file opens a source to a user-defined DLL. The
or destination file during processing of the default is <NONE>.
COPY statement and overrides the values
specified in the COPY statement. If the DLL
file is not in the search path, a fully qualified
path name must be specified.
event.log The statistics IDs the system sends to the statistics ID | All | (list)
Microsoft Windows event log. Either specify a
list of statistics IDs or select All to log all IDs The default is All.
to the event log. Use a comma to separate IDs
in a list.

Refer to View Process Statistics for a list of


statistics IDs.
snmp Causes the SNMP trap agent environment to N|Y
be initialized.
The default is N.
snmp.eventlog Initializes the SNMP event logging N |Y
environment.
The default is N.
snmp.dsn Defines the configuration file used to initialize configuration file
the default traps variables.
The default is installation
directory\snmp\snmp.ini.
snmp.trapstat Defines the configuration file used to N|Y
determine if the SNMP traps are written to the
statistics file. The default is N.

Local Node Parameters


The local node characteristics parameters define the name of the local node and
default information used to communicate with a remote node.

The following table identifies the local node characteristics parameters:

Parameter Name Description Valid Values


max.api.connects The maximum number of concurrent API A numeric value from 1 to 255. The
client connections permitted for the local node default is 10.
by different user IDS. There is no limit to the
number of API connections by a single user
ID.
conn.retry.stwait The time to wait between retries immediately A 24-hour time value formatted as
after a connection failure occurs. The value hh:mm:ss. The maximum value is
entered in the Short Term Retry Interval field 23:59:59. The default is 00:00:10, or 10
of the network map remote node object seconds.
overrides this value.

136 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Name Description Valid Values
conn.retry.stattempts The number of times to attempt connection A numeric value from 0–9999. The
after a connection failure occurs. The value default is 10.
entered in the Short Term Retry Count field of
the network map remote node object overrides
this value.
conn.retry.ltwait The time to wait between long-term retry A 24-hour time value formatted as
cycles. This parameter is a long-term hh:mm:ss. The maximum value is
connection retry parameter. The value entered 23:59:59. The default is 00:03:00, or 3
in the Long Term Retry Interval field of the minutes.
network map remote node object overrides
this value.
conn.retry.ltattempts The number of times to attempt connection A numeric value from 0–9999. The
after a connection failure occurs. This default is 10.
parameter is a long-term connection retry
parameter. The value entered in the Long Term
Retry Count field of the network map remote
node object overrides this value.
contact.name The name of a contact. Any name description.
contact.phone A phone number to use to contact the contact Any valid phone number.
name.
descrip The description of the local node. Any valid text string.
name The name of the local node used when A 1- to 16-character alphanumeric
identifying the local server to remote nodes string specified during installation.
and the server object name for which API
programs search when locating active Sterling
Connect:Direct servers. You cannot change the
value of this parameter. If you want to change
the local node name, you must reinstall
Sterling Connect:Direct for Microsoft
Windows.
sess.pnode.max The maximum concurrent connections for all A numeric value from 1 to 255. The
remote nodes where the local server node is default value is 1 or half of the
the originator of the Sterling Connect:Direct maximum sessions specified during
Process. installation. The workstation version
of the product is limited to a
This field is limited to the lesser of the values maximum of one PNODE session.
defined in the initialization parameters file and
the network map definition for a given node.
sess.snode.max The maximum concurrent connections for all A numeric value from 1 to 255. The
remote nodes where the local node is the default value is 1 or half of the
partner node of a Process. maximum sessions specified during
installation. The workstation version
This field is limited to the lesser of the values of the product is limited to a
defined in the initialization parameters file and maximum of two SNODE sessions.
the network map definition for a given node.
sess.default The default session class for starting session A numeric value from 1 to the value
managers. A Process executes on the specified specified for sess.pnode.max.
class or any higher session class. If the value
specified exceeds sess.pnode.max, a warning is The default is 1.
issued and the value is reset to the default
value. The value entered in the Default Class
field of the remote node object overrides this
value.

Chapter 3. System Guide 137


Parameter Name Description Valid Values
netmap.check The level of network map checking that occurs Y | L | R | N
for each node that you communicate with.
The default is Y.
v Y—Checks the network map for all nodes
that Sterling Connect:Direct will
communicate with to validate the node
name and the IP address.
v L—Checks the network map only for nodes
that the local Sterling Connect:Direct will
initiate sessions with.
v R—Checks the network map only for
remote nodes that will communicate with
this node.
v N—Does not validate any session
establishment requests in the network map.
node.check The level of node checking. B| C

B—Checks both the node address and the The default is B.


node name.

C—Checks the node name only.


proxy.attempt Enables the use of a proxy user ID for a Y|N
remote node. The use of a proxy user ID offers
improved security because neither the local The default is N.
system nor the remote system requires a real
user ID from the other side.
protocol The communications protocol or protocols to TCP | UDT33 | APPC
be used by the local node. If more than one,
separate entries with commas. TCP—Specifies TCP/IP. This is the
default.

UDT33—Specifies UDT protocol.

APPC—Specifies APPC protocol.


tcp.api.port One or more IP addresses (or host name) and [IP address | hostname][;port
optional port numbers used to establish client number]
sessions with this Sterling Connect:Direct
node. The default port number is 1363.

See “IP Addresses” on page 147.


tcp.host.port One or more IP addresses (or host name) and [IP address | hostname][;port
port numbers that remote Sterling number]
Connect:Direct nodes will connect to for
Process execution with this local Sterling The default port number is 1364.
Connect:Direct for Microsoft Windows node.
See “IP Addresses” on page 147.
One or more IP addresses (or host names)
and/or port numbers that remote Sterling
Connect:Direct nodes will connect to for
Process execution with this local Sterling
Connect:Direct for Microsoft Windows node.
You can specify IP address/hostname, IP
address/hostname and port, or just a port.

138 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Name Description Valid Values
udt.host.port One or more IP addresses (or host name) and [IP address | hostname][;port
port numbers that remote Sterling number]
Connect:Direct nodes will connect to for
Process execution with this local Sterling The default port number is 1364.
Connect:Direct for Microsoft Windows node.
See Sterling Connect:Direct.
outgoing.address A virtual IP address for adjacent nodes in a IP address | hostname
cluster (in a high-availability environment) to
use for netmap checking by the remote node. See “IP Addresses” on page 147.

In a Sterling Connect:Direct for Microsoft


Windows high-availability cluster, each
instance of Sterling Connect:Direct for
Microsoft Windows has a separate IP address
and a virtual IP address assigned to the
cluster. After all of the Sterling Connect:Direct
for Microsoft Windows high-availability nodes
are configured to bind to the virtual IP
address, remote nodes see the single virtual
address during a session. If a node in the
cluster fails, another high-availability node
takes over. Any remote system that is using
netmap checking will still allow
communications with the high-availability
system.

Be sure remote nodes specify this virtual IP


address in their netmap entries for each node
in the high-availability cluster.
tcp.src.ports An IP address or multiple addresses and the Valid IP address with an optional
ports permitted for the address when going mask for the upper boundary of the
through a packet-filtering firewall. IP address range and the associated
outgoing port number or range of
port numbers for the specified IP
address, for example:

(199.2.4.*, 1024), (fd00:0:0:2015:*::*,


2000-3000), (199.2.4.0/255.255.255.0,
4000-5000),(fd00:0:0:2015::0/48, 6000,
7000)

See “IP Addresses” on page 147.

A wildcard character (*) is supported


to define an IP address pattern. If the
wildcard character is used, the
optional mask is not valid.

Chapter 3. System Guide 139


Parameter Name Description Valid Values
udp.src.ports An IP address or multiple addresses and the Valid IP address with an optional
ports permitted for the address when going mask for the upper boundary of the
through a packet-filtering firewall. IP address range and the associated
outgoing port number or range of
port numbers for the specified IP
address, for example:

(199.2.4.*, 1024), (fd00:0:0:2015:*::*,


2000-3000), (199.2.4.0/255.255.255.0,
4000-5000),(fd00:0:0:2015::0/48, 6000,
7000)

See “IP Addresses” on page 147.

A wildcard character (*) is supported


to define an IP address pattern. If the
wildcard character is used, the
optional mask is not valid.
tcp.src.ports.list.iterations The number of times that Sterling A numeric value from 1–255. The
Connect:Direct scans the list of available ports default value is 1.
defined in tcp.src.ports to attempt a connection
before going into a retry state.

This parameter is automatically added to the


initialization parameter and is assigned a
value of 1. If desired, change this value.
udp.src.ports.list.iterations The number of times that Sterling A numeric value from 1–255. The
Connect:Direct scans the list of available ports default value is 1.
defined in udp.src.ports to attempt a
connection before going into a retry state.

This parameter is automatically added to the


initialization parameter and is assigned a
value of 1. If desired, change this value.
comm.bufsize The data buffer size for transmitting data to A numeric value from 256 to 65536.
and from a remote node. For TCP/IP, this
value will be overridden by the value in the The default is 65535.
Buffer Size field of the TCP/IP
Communications Mode Object.
pacing.send.delay The default time, in milliseconds, to wait A numeric value from 0–86,400,000
between send operations if the value is not in (one day in milliseconds).
the network map entry. The value entered in
the Pacing Send Delay field of the TCP/IP The default is 00.00.00.
Communication Mode object overrides this
value. A value of zero indicates that a data
buffer should be sent as soon as possible.
pacing.send.count The default number of send operations to A numeric value from 0 to 32768.
perform before automatically waiting for a
pacing response from the remote node if the The default is 0.
value is not in the network map entry. The
value entered in the Pacing Send Count field
of the TCP/IP Communication Mode object
overrides this value. Specify zero for no
pacing.
tcp.crc Globally turns on or off the CRC function for ON | OFF
TCP/IP processes.
The default is OFF.

140 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Name Description Valid Values
udp.crc Globally turns on or off the CRC function for ON | OFF
UDP processes.
The default is OFF.
tcp.crc.override Determines whether node and Process Y|N
statement overrides for CRC checking are
allowed. If this value is set to n, setting The default is N.
overrides for CRC checking will be ignored.
udp.crc.override Determines whether node and Process Y|N
statement overrides for CRC checking are
allowed. If this value is set to n, setting The default is N.
overrides for CRC checking will be ignored.
tcp.max.time.to.wait The maximum time to wait for each pending A 24-hour time value formatted as
TCP/IP Read on node to node hh:mm:ss. The maximum value is
communications. If the value is 0, Reads will 23:59:59. The default is 00:03:00.
not time out.
udp.max.time.to.wait The maximum time to wait for each pending A 24-hour time value formatted as
UDP Read on node to node communications. hh:mm:ss. The maximum value is
If the value is 0, Reads will not time out. 23:59:59. The default is 00:03:00.
tcp.window.size The maximum amount of data in bytes that A numeric value from 0 to
can be sent without receiving an 2147483646.
acknowledgement. After a window size of
data is sent without acknowledgement, no The default is 0.
more data can be sent until an
acknowledgement is received. When
tcp.window.size=0 (default), the system's
default value is used, which may be too low
for a high-latency, high-bandwidth connection,
causing slow data transfer rates. To improve
performance in this situation, the window size
configured for Sterling Connect:Direct for
Microsoft Windows must be large enough to
allow a packet to be sent and its
acknowledgement received without triggering
a wait for an acknowledgement. The optimum
window size is the smallest quantity of data
that does not trigger waits.

In order for this parameter to take effect,


ensure that the following criteria are met:
v RFC1323 support is enabled on the system.
v The system's maximum TCP window size is
larger than the configured value.

The formula for determining the optimum


window size is as follows:

BDP (bytes) = 125 x <bandwidth (Mb/s)> x


<roundtrip delay in ms>
Note: This system configuration must be done
on any Microsoft Windows system involved in
the transfer, regardless of whether it is a
PNODE or an SNODE.

Chapter 3. System Guide 141


Parameter Name Description Valid Values
runstep.max.time.to.wait The maximum time to wait for each pending A 24-hour time value formatted as
run task or run job on node-to-node hh:mm:ss. The maximum value is
communications on the remote node only. If 23:59:59. The default is 00:00:00.
the value is 0, the run task or run job will not
time out. This parameter prevents a task from
being terminated when the
tcp.max.time.to.wait value is reached. When
runstep.max.time.to.wait is set to 0, tasks
running on the remote node never terminate.
When this variable is set to a value, a task is
terminated if the remote task has not finished
the job at the time interval defined. When a
job is terminated, it is placed in the Hold (HE)
queue and no retry effort is attempted. The
statistics error reported is “FMH71 was not
received.”
active.directory.enabled Specifies whether Sterling Connect:Direct for Y|N
Microsoft Windows updates its Active
Directory entry at startup. This parameter is The default is N.
set automatically at installation. You do not
need to update this parameter unless a node is
inserted into or removed from the Active
Directory after installation.
quiesce.resume Specifies whether testing mode is enabled for Y | N
Sterling Connect:Direct for Microsoft Windows
. To enable the testing mode, you must specify The default is N.
Y for this parameter and have a valid
NDMPXTBL parameter table in the Server
directory where Sterling Connect:Direct for
Microsoft Windows is installed.

See “Use Sterling Connect:Direct in Test


Mode” on page 183.
tcp.api.inactivity.timeout The number of seconds of session inactivity to A numeric value from 0 to 32767.
wait before exiting a session. This helps
prevent maximum connections The default is 0.
(api.max.connects) being reached because of
abrupt disconnections that do not free up
resources in an orderly manner.

If you are using IBM Sterling Control Centerto


monitor your Sterling Connect:Direct for
Microsoft Windows server, set this value to at
least twice the value of the Monitor Rest Time
setting in Sterling Control Center.

Transmission Control Queue Parameters


The Sterling Connect:Direct Transmission Control Queue (TCQ) holds submitted
Processes. The TCQ information parameters define information about the TCQ,
such as the default Process directory.

See Manage Processes.

The following table identifies the TCQ information parameters:

142 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Name Description Valid Values
tcq.max.age The maximum number of days a A numeric value from 0
Process with Held due to Error to 999.
(HE) status remains in the TCQ
before it is automatically deleted. The default is 30 days.
Processes are not automatically
deleted when you specify 0.
tcq.start Specifies how to start the Sterling W|C
Connect:Direct node with respect
to the TCQ. w (warm)—Retain all
existing Processes in the
TCQ at startup. This is
the default.

c (cold)—Delete all
existing Processes in the
TCQ at startup.
process.dir The default directory a Process Valid, fully qualified path
runs from if a submit statement name.
does not specify a fully-qualified
path. The default is
X:\installation
directory\PROCESS.
runtask.restart Specifies whether a run task Y|N
operation executes on a remote
Windows node after a session The default is N.
failure. If a run task operation is
executing on the remote node and
a session failure occurs, the local
node recognizes the session failure
and puts the Process in the Timer
queue for retry. The remote node
is not aware of the session failure
until the Process completes. The
checkpoint/restart feature for run
task ensures that when the Process
restarts on the local node, the run
task operation does not execute
again on the remote node.
conn.retry.exhaust.action Action to take after the specified Hold | Delete
short and long-term retries have v Hold - Places Processes
been used. in the hold queue in
"Held in Error” status
after all retry attempts
are used.
v Delete - Causes the
Processes to be deleted
from the TCQ.

The default is Hold.

Global Copy Parameters


The global copy parameters define default information for the copy operation, such
as the number of bytes transmitted in a copy operation before a checkpoint is
taken.

Chapter 3. System Guide 143


See the IBM Sterling Connect:DirectProcess Language Reference Guide for a description
of the copy Process statement.

Parameter Name Description Valid Values


ckpt.interval The default checkpoint interval used. The no | bytesK | bytesM
interval is the number of bytes transmitted
before a checkpoint is taken. The maximum The default is 10240K bytes.
possible value is gigabytes.
xlate.dir The default directory containing the Valid, fully qualified path name. The
translation table. The default is the XLATE default is X:\installation
subdirectory where Sterling Connect:Direct directory\XLATE.
is installed.
xlate.send The name of the default translation table to Valid name for the send translation
use when sending data to a remote node. table. The default is XLATESND.CDX
xlate.recv The name of the default translation table to Valid name for the receive translation
use when copying data from a remote node. table. The default is XLATERCV.CDX
disable.cache Enables or disables the Microsoft Windows Y|N
file cache.
The default is N.
continue.on.exception Specifies whether a Process attempts to Y|N
continue processing or goes into HOLD
status if an abnormal termination occurs The default is N.
during a Sterling Connect:Direct session.

Y—Attempt to continue processing.

N—Go into HOLD status.


ecz.cmprlevel The compression level to use. Level 1 is the 1|2|3|4|5|6|7|8|9
fastest method and offers the least degree of
compression. Level 9 provides the greatest The default is 1.
degree of compression and is the slowest
method.
ecz.windowsize The size of the compression window or 9 | 10 | 11 | 12 | 13 | 14 | 15
history buffer. The greater the window size,
the greater the degree of compression, and The default is 13.
the greater the amount of virtual memory
used.
ecz.memlevel The amount of virtual memory allocated to 1|2|3|4|5|6|7|8|9
maintain the internal compression rate.
Memory level 1 uses the least amount of The default is 4.
memory, but slows processing and reduces
the degree of compression.
strip.blanks Determines whether trailing blank characters Y | N | I
at the end of each record are removed from
a line of text before it is written to the The default is I.
Microsoft Windows text file or ignored (I).
The strip.blanks parameter is ignored when
datatype(binary) is specified.

144 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Name Description Valid Values
record.wrap Note: This parameter is needed only in Y|N
certain circumstances because it restructures
the data. The default is N.

Influences the way that a sending copy step


works when a logical record size (LRECL) is
specified for the remote platform.

If record.wrap is set to N, and a record


length greater than LRECL is encountered in
the source file, Sterling Connect:Direct for
Microsoft Windows reports an error. This is
the desired behavior in most cases.

If record.wrap is set to Y, and a record


length greater than LRECL is encountered in
the source file, the record is broken into
records of length at most LRECLs before
being sent to the remote node.
retry.msgids The message IDs to use to support a file Any of the valid file allocation retry
allocation retry attempt. messages.

Since error codes can vary from one


operating system to another and the same
error code can have different meanings, use
message IDs to identify retry conditions
when communicating between two different
platforms. When a file allocation or open
error occurs on either the local or remote
node, the PNODE searches for the message
ID in the retry.msgids parameters. If the
message ID is found, the Process is retried.

You can perform retry attempts based on


codes only, message IDs only, or a
combination of the two.

When a retry condition is detected, the


session is terminated cleanly and the Process
is placed in the Timer queue.

Chapter 3. System Guide 145


Parameter Name Description Valid Values
retry.codes The codes to recognize as a file allocation Any valid error code
retry attempt. File allocation retry enables a
Process with a file allocation or open error
on either the local or remote node to run the
Process again, beginning at the copy step
where the error occurred. This feature
supports the ability to retry a Process that
failed when a file is already in use.

When a file allocation or open error occurs


on either the local or remote node, the
PNODE searches for the error or message ID
in the retry.codes and retry.msgids
parameters. If the error code or message ID
is found, the Process is retried.

Since error codes can vary from one


operating system to another and the same
error code can have different meanings, use
message IDs to identify retry conditions
when communicating between two different
platforms.

You can perform retry attempts based on


codes only, IDs only, or a combination of the
two.

When a retry condition is detected, the


session is terminated cleanly and the Process
is placed in the Timer queue.

Statistics Parameters
The Sterling Connect:Direct statistics facility logs information about Sterling
Connect:Direct operations. The statistics information parameters define the
characteristics of the statistics facility, such as the maximum age of a statistics
record.

The following table identifies the statistics information parameters.

Parameter Name Description Valid Values


stat.max.age How many days to store statistics A numeric value from 0 to
before automatically deleting them. If 365. The default is 7 days.
you set this value to zero, no statistics
records are deleted.
log.select Specifies whether Sterling Y|N
Connect:Direct logs the select process
and select statistics commands to the The default is N.
statistics file. This specification does
not affect the logging of other Sterling
Connect:Direct commands.
stat.sort Determines whether statistics are Y|N
sorted by timestamp date.
The default is Y.

146 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Name Description Valid Values
log.commands Specifies whether Sterling Y|N
Connect:Direct logs all commands
issued from Sterling Connect:Direct The default is Y.
for Microsoft Windows to the statistics
file. This capability enables you to
review the statistics file and determine
who issued specific commands and
what the responses to those
commands were. You can override
this parameter for the commands that
select Processes and statistics with the
log.select parameter.

Specify an IP Address

Specify IP Addresses, Host Names, and Ports


Sterling Connect:Direct for Microsoft Windows accepts both Internet Protocol
version 4 (IPv4) and Internet Protocol version 6 (IPv6) as well as host names.

You can enter IP addresses/host names and ports in several ways depending on
the field you are specifying:
v Address or host name only
v Port number only
v Address/host name with a port number
v Multiple address/host name and port combinations

IP Addresses
Sterling Connect:Direct for Microsoft Windows accepts both IPv4 and IPv6
addresses. Wherever an IP address is specified in Sterling Connect:Direct for
Microsoft Windows, you can use either IPv4 or an IPv6 addresses.

IPv4 Addresses

IPv4 supports 232 addresses written as 4 groups of dot-separated 3 decimal


numbers (0 through 9), for example, 10.23.107.5.

IPv6

IPv6 supports 2128 addresses written as 8 groups of colon-separated 4 hexadecimal


digits, for example, 1001:0dc8:0:0:0:ff10:143e:57ab. The following guidelines apply
to IPv6 addresses:
v If a four-digit group contains zeros (0000), the zeros may be omitted and
replaced with two colons (::), for example:

2001:0db8:85a3:0000:1319:8a2e:0370:1337

can be shortened as

2001:0db8:85a3::1319:8a2e:0370:1337

Chapter 3. System Guide 147


v Any number of successive 0000 groups may be replaced with two colons (::), but
only one set of double colons (::) can be used in an address. For example:

001:0db8:0000:0000:0000:0000:1319:58ab

can be shortened as:

2001:0db8:0000:0000::1319:58ab

v Leading zeros in a four-zero group can be left out (0000 can be shortened to 0).
For example:

2001:0db8:0000:0000::1319:58ab

can be shortened as:

2001:0db8:0:0:0:0:1319:58ab

v You can write a sequence of 4 bytes that occur at the end of an IPv6 address in
decimal format using dots as separators. For example:

::ffff:102:304

or

0000:0000:0000:0000:0000:ffff:0102:0304

Can be written as:

::ffff:1.2.3.4

This notation is useful for compatibility addresses.

Host Names
When you specify a host name rather than an IP address, Sterling Connect:Direct
for Microsoft Windows does a DNS lookup to get the IP address from the
operating system. The first IP address returned in the DNS lookup is used
regardless of whether it is in IPv4 or IPv6 format.

A host name (net, host, gateway, or domain name) is a text string of up to 24


characters comprised of the alphabet (a-z and A–Z), digits (0–9), minus sign (-),
and period (.), for example, msdallas-dt.

The following guidelines also apply:


v No blank or space characters are permitted as part of the name.
v Periods are allowed only when they are used to delimit components of
domain-style names.
v Host names are not case sensitive.
v The first and last character must be a letter or digit.
v Single-character names or nicknames are not allowed.

148 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Port Numbers
Port numbers can be appended to the end of IP/host addresses when they are
preceded by a semicolon (;), for example, 10.23.107.5;1364. This convention is
specific to Sterling Connect:Direct for Microsoft Windows and is not an industry
standard.

A port number must be in the range of 0 through 65535. Port numbers lower than
1024 are designated as reserved and should not be used. The following examples
show port numbers appended to IP/host addresses using these conventions:

10.23.107.5;1364
fe00:0:0:2014::7;1364
msdallas-dt;1364

Multiple Addresses, Host Names, and Ports


You can specify multiple IPv4 and IPv6 addresses and host names by separating
them with a comma (,).

A space can be added after the comma for readability. For example:

10.23.107.5, fe00:0:0:2014::7, msdallas-dt

You can also specify a port number for each address or host name. The port is
separated from its corresponding address/host name with a semicolon (;), and
each address/host name and port combination is separated by a comma (,). A
space may be added after the comma for readability. The following example shows
multiple address/host name and port combinations:

10.23.107.5;1364, fe00:0:0:2014::7;1364, msdallas-dt;1364

Multiple address/host names (and combinations with port numbers) are limited to
1024 characters.

Use Masks for IP Address Ranges


When you specify a value for the tcp.src.ports parameter in the initialization
parameters file, you can use masks to specify the upper boundary of a range of IP
addresses that use a specific port, multiple ports, or a range of ports.

Sterling Connect:Direct for Microsoft Windows supports masks for both IPv4 and
IPv6 addresses, as shown in the following sample entry from the initparms.cfg file:

tcp.src.ports=(199.2.4.*, 1000), (fd00:0:0:2015:*::*, 2000-3000),


(199.2.4.0/255.255.255.0, 4000-5000),(fd00:0:0:2015::0/48, 6000, 7000)

These sample addresses specify the following information:

(199.2.4.*, 1000)—Any IPv4 address that falls in the range from 199.2.4.0 through
199.2.4.255 and uses only port 1000.

Chapter 3. System Guide 149


(fd00:0:0:2015:*::*, 2000-3000)—Any IPv6 address that falls in the range from
fd00:0:0:2015:0:0:0:0 through fd00:0:0:2015:ffff:ffff:ffff:ffff and uses a port in the
range of 2000 through 3000.

(199.2.4.0/255.255.255.0, 4000-5000)—Any IPv4 address that falls in the range from


199.2.4.0 through 199.2.255.255 and uses a port in the range of 4000 through 5000.

(fd00:0:0:2015::0/48, 6000, 7000)—Any IPv6 address that falls in the range from
fd00:0:0:2015:0:0:0:0 through fd00:0:0:ffff:ffff:ffff:ffff:ffff and uses port 6000 or port
7000.

As shown in the sample entry above, the wildcard character (*) is supported to
define an IP address pattern. You can specify up to 255 unique IP address patterns
or up to 1024 characters in length, each with its own list of valid source ports. If
the wildcard character is used, the optional mask is not valid.

Restriction: Masks in hexadecimal format are not supported in Sterling


Connect:Direct for Microsoft Windows.

Submit a Process Using the Command Line Interface

Submit Processes Using the CLI Command


The Command Line Interface (CLI) provides another tool to submit Process
statements and commands to the Sterling Connect:Direct server.

See “Creating a Process” on page 76 for instructions on using the Sterling


Connect:Direct Requester to submit Process statements.

If you prefer to use a command line interface, use the CLI to issue requests
interactively, or you can submit them automatically from batch files or command
files. The CLI enables you to perform the following tasks:
v Connect to the Sterling Connect:Direct server
v Issue Sterling Connect:Direct commands
v Submit a Process
v Change a Process
v Delete a Process
v Retrieve Process status information
v Retrieve Process statistics records

Creating a Configuration File to Connect to a Server


About this task

If you want to connect to a Sterling Connect:Direct server using the CLI, use the
Logon Connection utility.

This utility can be used to run batch-oriented jobs. It enables you to identify the
parameters necessary to connect to a server. It then saves this information to a
configuration file. If you do not identify a directory, the file is saved in the root
directory.

150 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


After you create the configuration file, invoke the CLI and include the -f
parameter, to identify the location and file name for the configuration file. Then
define a user ID and password in the Microsoft Windows setup utility.

To create the configuration file:

Procedure
1. Type the following command to run the LCU batch file:

LCU -fx:\directory\filename

where x:\directory is the location to save the configuration file and file name is
the name of the configuration file.
2. Enter the following information to identify the connection parameters for the
server:
v IP Address of the Sterling Connect:Direct server
v Port number of the Sterling Connect:Direct server
v User ID to use to connect to the server
v User password of the user ID used to connect to the server.
The information is automatically saved to the file you identified with the
x:\directory\filename variable. If you do not enter this variable, the
configuration file is saved in the root directory to the file called cddef.bin.

Invoke the CLI


About this task

To run the command line client:

Procedure
1. From a command prompt, navigate to the Common Utilities directory where
the CLI is installed or define the CLI location in the user's path.
2. To start the CLI, type the following command, including any of the parameters
you wish to specify:

direct -nNodeName -uUserId -pPassword -mScrollLineCount -l -x -fLogonFile-zfilename

Below is an explanation of the parameters:

Parameters Description
-fLogonFile File to use to automatically connect to a Sterling
Connect:Direct server.
-nNodeName Node name or IP address.
-uUserId User ID to use to connect to the node.
-pPassword Password to use connect to the Sterling Connect:Direct node.
-l By default, the CLI limits output to 128 characters per line.
Include this switch to display longer lines, such as file names
or sysopts strings.

Chapter 3. System Guide 151


Parameters Description
-mScrollLineCount The number of lines to display before pausing the statistics
and Process output. Value is calculated automatically if
parameter is not defined.

Do not use this option if the output is piped to a file because


it will be paused with no evidence on the screen.
-x Echoes the command input on the display. Writes the
command immediately before the output.
-zfilename Copies command output to the specified file as well as
displaying the output.
-? Provides help for the command line interface.

Terminating the CLI


Procedure
To terminate the CLI, use the quit command followed by a semicolon as shown in
the following example:

quit;

CLI Commands
The following table provides a summary of all available commands that can be
used with the CLI.

Command Abbreviations Description


submit sub Submits a Process to the Sterling
Connect:Direct node.
change process cha, chg, c Modifies the specified parameters for a
nonexecuting Process.
delete process del, d Deletes the specified Process from the TCQ.

pro, proc, procs, p


select process sel Retrieves status information about the
specified Process.
pro, proc, procs, p
select message sel Retrieves the text explanation of any
message Sterling Connect:Direct issues.
mes, msg, m
select statistics sel Retrieves statistics records for the specified
Process.
sta, stat, stats, st
traceoff tof, troff Disables the trace facility.
traceon ton, tron Enables the trace facility.
help Lists the supported Sterling Connect:Direct
commands.
quit qui, q Stops the Sterling Connect:Direct CLI.
stop sto Stops the Sterling Connect:Direct server.

152 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Command Syntax
The following information describes the general conventions used in the command
syntax:
v All commands must be followed by a semicolon.
v User names, passwords, and parameters are case sensitive.
v Command keywords are not case sensitive.
v File names, group names, user IDs, and passwords are defined as variable-length
strings. Names referring to objects on other nodes can be subject to restrictions
imposed by the other node type.
v Length restrictions for Sterling Connect:Direct node names are specific to type of
field and data.
v If a parameter specifies the word generic as a parameter value, you can type a
string that includes an asterisk (*) or a question mark (?) to provide pattern
matching or wildcard matching for parameter values. The asterisk matches zero
or more characters, and the question mark matches any single character.
v When list is a parameter value in the syntax definition, you can specify multiple
parameter values by enclosing the group in parentheses and separating values
with commas. A list can also include generic values. An example follows:

pname=(payproc,arproc,ivproc,a?prod5*)

v Most CLI commands can be entered using abbreviations. When abbreviations


can be used in place of a command, these abbreviations are identified in the
command description table.

Piping Conventions
The Sterling Connect:Direct for Microsoft Windows CLI supports the following
piping conventions:
v <filename.ext uses the file for input
v >filename.ext uses the file for output

The following example demonstrates the Sterling Connect:Direct piping convention


being used on a COMMANDS.TXT file containing the Sterling Connect:Direct
commands you want to issue.

submit
test process snode=dsd.unix
cp copy from (file=testfile.dat pnode)
to (file=test.dat snode)
pend;
select statistics;
select process;
quit;

By typing the following command, you can execute all of the commands in the
COMMANDS.TXT file.

direct < commands.txt

Chapter 3. System Guide 153


Note: A batch file can also be created containing the direct < commands.txt line if
you want to execute these commands from a batch file.

Submit Process Command


Use the submit command to request that Sterling Connect:Direct execute the
operations specified in the Process being submitted.

Parameters override the same parameters specified in the Process statement. The
submit command also enables you to resolve symbolic parameters found in the
Process.

Parameter Description
file=filename The name of the Process file, up to 256 characters. If you specify the file
parameter, you must specify it before any other parameter. If you do not
specify this parameter, then the text of the Process must follow the submit
command.
class=nn| session number The node-to-node session on which a Process can execute. A Process can
execute in the class specified or any higher session class.
execprty=nn The operating system execution priority, from 1 to 15, of the Process. The
execution priority parameter is used to influence the priority given to the
Session Manager when it starts this Process. The higher the priority, the
higher the Session Manager priority and, therefore, the more system
resources. Scheduling Processes to run in the High priority class can have an
adverse effect on the execution of other applications in the system.

The values for the execution priority range from 1 to 15 and are mapped to
Microsoft Windows Process priority classes and values. The highest priority
is 15.

Only Sterling Connect:Direct for Microsoft Windows supports the execution


priority option.
hold=yes | no | call The TCQ hold status of the Process.

yes—Places the Process in the Hold queue in HI (Held Initial) status until
you explicitly release it by a change process command. When you specify
both hold=yes and a startt value, the hold specification takes precedence. A
Process with hold=yes is placed in the Hold queue even if you specify a
start time.

no—Does not place the Process in the Hold queue. The Process executes as
soon as resources are available.

call—Holds the Process until the SNODE connects to the PNODE. At that
time, the software releases the Process for execution. It also releases the
Process when another Process on the PNODE connects to the SNODE.
pacct=“pnode accounting data” A string, up to 256 characters, to be used as accounting data for the
PNODE. Enclose the string in double quotation marks.
pnodeid=(id , pswd) Security user IDs and passwords at the PNODE. The subparameters can
contain 1 to 48 alphanumeric characters. You must specify both the ID and
the password.

154 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Description
maxdelay=unlimited | hh:mm:ss | 0 Causes the command processor to wait until the submitted Process
completes execution or the specified time interval expires.

If the time interval expires, the command processor returns a warning status
code and message ID. The Process is not affected by the time interval
expiration and executes normally.

unlimited—Specifies that the submit command processor is to wait until the


Process completes execution.

hh:mm:ss—Specifies that the submit command is to wait for an interval no


longer than the specified hours (hh), minutes (mm), and seconds (ss).

0—Specifies that the submitted Process must begin execution immediately. If


the submitted Process cannot begin execution immediately, the submit
operation fails.
newname=new process name Specifies a new Process name, 1 to 8 alphanumeric characters long, to
override the name within the submitted Process.
notify=userid The user to receive Process completion messages.
sacct=“snode accounting data” Accounting data, from 1 to 256 characters, for the SNODE. Enclose the
string in double quotation marks.
retain=yes | no | initial Determines whether a copy of the Process is retained in the TCQ for
re-execution after the Process executes.

yes—Specifies that the software retains the Process in the Hold queue in HR
status after execution. Issue a change process command to release the
Process for execution.

no—Specifies that the Process is deleted after execution.

initial—Specifies that the software is to retain the Process in the Hold queue
in HR status for automatic execution every time Sterling Connect:Direct
initializes.

If startt is set, you must set retain=yes to execute the Process at regular
intervals based on the value of startt.

If retain=initial, do not use the startt parameter. This causes the submit
command to fail.

Chapter 3. System Guide 155


Parameter Description
snode=[nodename] | [hostname | Identifies the SNODE. The SNODE name is a 1- to 16-character
IPaddress ; portnumber | alphanumeric string. Specify the node either on the submit command or
servicename] Process statement. If you specify the node in this submit command, it
overrides the node specified in the Process statement.

nodename—Identifies the remote node object in the Sterling Connect:Direct


network map.

hostname | IPaddress ; portnumber | servicename—Specifies an IP address


for the SNODE. This is used for TCP/IP connectivity only.

Specify the host name or IP address, a semicolon, and the port number or
service name. For more information on specifying valid IPv4 and IPv6
addresses and ports, see Specifying IP Addresses, Host Names, and Ports.

If you specify an IP address, you must also specify netmap.check=r or


netmap.check=n in your initialization parameters.

If you use IPv6 temporary addresses for outbound connections, the


connection will fail unless you configure a well-known address for the
PNODE server or you disable temporary addresses for the SNODE.
snodeid=(id [,pswd [,newpswd]]) The security user IDs and security passwords on the SNODE. The
subparameters can contain one or more alphanumeric characters.

newpswd—Specifies a new password value. This subparameter is not


supported by all types of Sterling Connect:Direct nodes. On z/OS systems
only, the user password changes to the new value on the SNODE if the
userid and old password are correct. If the SNODE is a UNIX node, the
password does not change.

If you specify the password, you must also specify the ID. If you specify a
new password, you must also specify the existing password.
prty=nn The selection priority of the Process for execution. This priority parameter is
used for Process selection. A Process with a higher priority is selected for
execution before a Process with a lower priority. The priority value does not
affect the priority during transmission.

Values range from 0 to 15, where 15 is the highest priority.

156 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Description
startt=([date | day | daily] [,time]) Identifies the specified date, day, or time to execute the Process. The Process
is placed in the Timer queue in WS status. The date, day, daily, and time are
positional parameters. If you do not specify date or day, type a comma
before the time.

date—Specifies the day, month, and year, that you can code as
mm/dd/yyyy or mm-dd-yyyy. You can code month and day as one or two
digits and year as two or four digits. If you only specify date, the time
defaults to 00:00:00. The current date is the default.

day—Specifies the day of the week. Values are today, tomorrow, Monday,
Tuesday, Wednesday, Thursday, Friday, Saturday, and Sunday.

daily—Runs the Process daily.

time—Specifies the time of day in hh:mm[:ss] [am | pm] where hh is hours,


mm is minutes, and ss is seconds. Seconds are optional. You can specify the
hour in either 12- or 24-hour format. If you use the 12-hour format, then
you must specify am or pm. The default format is the 24-hour format.

If the time you specify has already passed, Sterling Connect:Direct schedules
the Process for the next valid date and time. For example, if you set the
Process to start daily at 5:00 PM, or startt=(, 17:00), and the Process submits
at 5:30 PM, Sterling Connect:Direct schedules the Process to run the next
day.

If you specify only the day value, the time defaults to midnight (00:00:00).
This means that if you submit a Process on Monday, with Monday as the
only startt parameter, the Process does not run until the following Monday
at midnight.

Do not set the startt parameter if retain=initial. This causes the submit
command to fail.
&symbolic name n=“variable string A symbolic parameter assigned a value. The value is substituted within the
n” Process when the software encounters the symbolic parameter. The symbolic
within the Process must be enclosed within quotes.

Examples

The following command submits the Process named payroll.cdp. Because the
command specifies retain=yes, the Process is retained in the TCQ after execution.
The Process starts the next Monday at 00:00:00. The command specifies Process
accounting data for the PNODE.

submit file=payroll.cdp retain=yes startt=monday pacct="2003,dept-27";

The following command submits the Process named copyfil.cdp. Because the
command specifies startt, the Process executes on the first day of January 2003 at
11:45 a.m.

submit file=copyfil.cdp snode=vmcent startt=(01/01/2003, 11:45:00 am);

Chapter 3. System Guide 157


Change Process Command
Use the change process command to modify specified parameters for a
nonexecuting Process or Processes in the TCQ.

Select the Processes to change by Process name, Process number, SNODE name,
submitter ID, or a combination of these.

Note: All changes affect the Process in the TCQ, not the original text of the Process
as submitted.

The change process command performs the following functions:


v Changes the class, SNODE name, destination node, or priority of a Process
v Places a Process in the Hold queue or releases a Process from the Hold queue

The format for the change process command follows:

Command Parameters
change process /* Search Criteria */
[pname=Process name | generic | (list)]
[pnumber=Process number | (list)]
[snode=snode name | generic | (list)]
[submitter=(node name, userid) | generic | (list)]
/* The following parameters specify the characteristics of Sterling
Connect:Direct Processes that you can modify. */
class= | session number
execprty=nn
hold=yes | no | call
newsnode=new snode name
release
prty=nn

Search Parameters

Specify at least one of the following search criteria parameters:

Parameter Description
pname=Process name | generic | The name of the Process or Processes. The name can
(list) be 1 to 8 alphanumeric characters long.
pnumber=Process number | (list) The Process number of the Process. The Process
numbers are assigned when you submit the Process.
Valid Process numbers range from 1 to 999999.
snode=snode name | generic | Searches for a Process or Processes by the SNODE
(list) (partner) name. The SNODE name can contain 1 to 16
alphanumeric characters. You can use the IP address
of the SNODE as your SNODE name.
submitter=(node name, userid) | Searches for a Process or Processes by the node
generic | (list) specification and userid of the Process owner. The
maximum combined length, including the node name
and userid for this parameter, is 66 characters.

158 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Change Parameters

You can change one or more of the following characteristics of a Sterling


Connect:Direct Process:

Parameter Description
class=nn | session number Changes the node-to-node session on which the
Process can execute. A Process can execute on the
specified class or any higher session class.
execprty=nn The execution priority of the Process. The values for
the execution priority range from 1 to 15 and are
mapped to Microsoft Windows Process priority
classes and values. The highest priority is 15.

Only Sterling Connect:Direct for Microsoft Windows


supports the execution priority option.
hold=yes | no | call Moves the Process to the Hold or Wait queue.

yes—Places the Process in the Hold queue in HO


(Held by Operator) status until another change
process command explicitly releases it.

no—Places the Process in the Wait queue in WC


(Waiting for Connection) status. The Process executes
as soon as resources are available.

call—Places the Process in the Hold queue in HC


(Held for Call) status until the SNODE connects to
the PNODE or another Process is submitted. At that
time, Sterling Connect:Direct releases the Process for
execution.
newsnode=new snode name Specifies a new SNODE name to assign to the
Process.
release Releases the Process from a held state. This parameter
is equivalent to Hold=no.
prty=nn The selection priority in the TCQ. This priority
parameter is used for Process selection. A Process
with a higher priority is selected for execution before
a Process with a lower priority. The priority value
does not affect the priority during transmission.

Values range from 0 to 15 inclusive, where 15 is the


highest priority.

Example
The following command changes the SNODE name for any nonexecuting Process
named cdproc to a new SNODE name, paris.

change process pname=cdproc newsnode=paris;

Delete Process Command


Use the delete process command to remove a Process from the TCQ.

Chapter 3. System Guide 159


You can select the Processes to delete by Process name, Process number, SNODE
name, submitter, or a combination of these. The format for the delete process
command follows:

Command Parameters
delete process /* Search Criteria */
[pname=Process name | generic | (list)]
[pnumber=Process number | (list)]
[snode=snode name | generic | (list)]
[submitter=(node name, userid) | generic | (list)]
/* Processing Parameters */
[force=yes | no]
[hold=yes | no]

Search Parameters

Use the parameters to identify the Processes you want to delete. You can delete
Processes by name, number, node, or a combination of the criteria.

Parameter Description
pname=Process name | generic | The name of the Processes, from 1–8 alphanumeric
(list) characters, to delete.
pnumber=Process number | (list) The number of the Process to delete. The Process
number is assigned when the Process is submitted.
snode=snode name | generic | The SNODE name of the Processes to delete. The
(list) SNODE name can be 1 to 16 alphanumeric characters
long.
submitter=(node name, userid) | The submitter node name and user ID of the
generic | (list) Processes to delete. The maximum combined length,
including the node name and user ID, is 66
characters.

Processing Parameters

Define one or more of the following parameters to identify how the deleted
Processes are managed:

Parameter Description
force=yes | no Forcibly terminate an executing Process. Use this
parameter if a Process is in the executing state and is
waiting for unavailable resources.

yes—Forcibly and immediately terminates the Process


or Processes.

no—Notifies the partner node of the intent to


terminate and terminates the Processes. This is the
default.

160 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Description
hold=yes | no Specifies whether the terminated Process is placed in
the Hold queue.

yes—Places the Process in the Hold queue in HS


(Held Due to Execution Suspension) status after
termination.

no—Deletes the Process from the TCQ after


termination. This is the default.

Examples

The following command deletes all Processes submitted by userid cduser on node
dallas. If the Processes are executing, it stops and removes them from the TCQ.

delete process submitter=(dallas, cduser);

The following command deletes all Processes named rome from the TCQ. If the
Processes are executing, the command forcibly terminates them.

delete process pname=rome force=yes;

Select Process Command


Use the select process command to display information about Processes in the
TCQ. Select Processes by name, number, queue, SNODE, status, submitter, or a
combination of these.

Format

The format for the select process command follows:

Command Parameters
select process /* Selection Criteria */
[pname=Process name | generic | (list)]
[pnumber=Process number | (list)]
[queue=all | exec | hold | wait | timer]
[snode=snode name | generic | (list)]
[status=ex | hc | he | hi | ho | hr | hs | pe | re | wa | wc | ws
| (list)]
[submitter=(node name, userid) | generic | (list)]
/* Display option */
[detail=yes | no]

Selection Parameters
Specify one or more of the following selection parameters. If you do not specify
one of the following selection parameters, all Processes in the TCQ you are
authorized to access are selected.

Chapter 3. System Guide 161


Parameter Description
pname=Process name | generic | Identifies the Process name, up to 8 alphanumeric
(list) characters long.
pnumber=Process number | (list) Identifies Processes numbers to select. The Process
number is assigned when you submit the Process.
Valid Process numbers range from 1–99999.
queue=all | exec | hold | wait | Identifies queue names to select.
timer
all—Selects all queues. This is the default.

exec—Selects Processes from the Execution queue.

hold—Selects Processes from the Hold queue.

timer—Selects Processes from the Timer queue.

wait—Selects Processes from the Wait queue.


snode=snode name | generic | Identifies the SNODE name, from 1 to 16
(list) alphanumeric characters, to select.
status=ex | hc | he | hi | ho | hr Selects a Process status to select. If you do not specify
| hs | pe | re | wa | wc | ws | a status value, information is generated for all status
(list) values.

ex—Selects Processes from the Execution queue.

hc—Selects Processes submitted with hold=call.

he—Selects Processes held due to a connection error.

hi—Selects Processes submitted with hold=yes.

ho—Selects Processes held by a change process


command issued with hold=yes.

hr—Selects Processes submitted with retain=yes.

hs—Selects Processes suspended by a delete process


command issued with hold=yes.

pe—Selects submitted Processes that are awaiting the


Session Manager. After the Session Manager
initializes, it places the Process in the Execution
queue and changes the status to EX.

re—Selects Processes that are waiting for restart after


session failure.

wa—Selects Processes that are eligible for execution


but not yet selected or running.

wc—Selects Processes that are ready for execution


and awaiting an available connection to the SNODE.

ws—Selects Processes waiting in the Timer Queue for


a start time.
submitter=(node name, userid) | Selects Processes by node name and user ID of the
generic |(list) submitter of each Process. The maximum combined
length, including the node name and userid, is 66
characters.

162 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Display Parameter

The following display parameter generates a detailed report of the select process
command.

Parameter Description
detail=yes | no Specifies the type of report generated for the selected Process or
Processes. The default is no.

yes—Generates a detailed report

no—Generates a short report

Examples

The following example shows the report information returned when specifying
detail=yes.

==================================================================
SELECT PROCESS
==================================================================
Process Name =>SAMPLE Class =>
Process Number =>38 Priority =>
Submitter Node =>CSDPUBS Pnode CSGPUBS
Submitter user1 Snode CSGPUBS
Retain Process =>N
Submit Time =>09:54:33 Schedule Time =>
Submit Date =>10/30/2002 Schedule Date =>
Queue =>HOLD
Process Status =>HI
Message Text =>
--------------------------------------------------
Process Name =>SAMPLE Class =>
Process Number =>39 Priority =>0
Submitter Node =>CSGPUBS Pnode =>CSGPUBS
Submitter user Snode =>CSGPUBS
Retain Process =>N
Submit Date =>09:54:35 Schedule Time =>
Submit Date =>10/30/2002 Schedule Date =>
Queue =>HOLD
Process Status =>HI
Message Text =>
--------------------------------------------------

The following example shows the report information returned when specifying
detail=no or omitting the detail parameter.

Chapter 3. System Guide 163


==================================================================
SELECT PROCESS
==================================================================
PROCESS NAME NUMBER USER SUBMITTER NODE QUEUE STATUS
----------------------------------------------------------------
SAMPLE 39 user CSGPUBS HOLD HI
SAMPLE 39 user CSGPUBS HOLD HI

The following command returns status information for Process number 9.

select process pnumber=9;

Select Message Command


Use select message to retrieve the text of any Sterling Connect:Direct message.

Format

The format for the select message command follows:

Command Parameters
select message Selection Criteria
msgid=message ID

The following parameter specifies the message IDs to display:

Parameter Description
msgid=message id The Sterling Connect:Direct message ID of
the message request. Do not use generic
specifications. This parameter is required.

Example

Type the following command at the CLI prompt to retrieve the text of Sterling
Connect:Direct message LCCC00I:
select message msgid=LCCC00I;

Select Statistics Command


Issue the select statistics command to examine records in the Sterling
Connect:Direct statistics database. The type of information in the output from this
command includes such data as copy status and execution events. The search
criteria provide flexibility in selecting information you want to retrieve. Additional
parameters determine the form in which the information is presented.

When using the select statistics command, specify your selection criteria carefully
to avoid displaying excessive volumes of records. If you do not provide selection
criteria, all records for the day are retrieved.

164 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Format

The format for the select statistics command follows.

Command Parameters
select statistics /* Selection Criteria */
[ccode=(operator, code)]
[dfile=destination filename | (list)]
[pname=Process name | generic | (list)]
[pnumber=Process number | (list)]
[reccat=caev | capr | (caev,capr)]
[recids=record id | (list)]
[snode=snode name | generic | (list)]
[sfile=source filename | (list)]
[startt=([date | day][, hh:mm:ss[am|pm]])]
[stopt=([date | day][, hh:mm:ss[am|pm]])]
[submitter=(node name, userid) | generic | (list)]
Note: To use a wildcard within the submitter parameter, you must
have administrator access.
/* Display option */
[detail=yes | no]

Parameters

Provide one or more of the following parameters to determine what statistics are
returned:

Chapter 3. System Guide 165


Parameter Description
ccode=(operator, code) Select statistics records based on the completion code
operator and return code values associated with step
termination. The condition code operator default is
eq. You must specify the return code.

Following are the valid completion code operators:

eq | = | == Equal (This is the default.)

ge | >= | => Greater than or equal

gt | > Greater than

le | <= | =< Less than or equal

lt | < Less than

ne | != Not equal

Following are the valid completion codes:

0—Successful execution of the Process.

4—A warning level error was encountered. The


statement probably completed normally but you
should verify the execution results.

8—An error occurred during Process execution.

16—A Severe error occurred during Process


execution.
dfile=destination filename | (list) Enables you to search all copy termination records
(CAPR category, CTRC record ID) to find those with
a destination file name matching the filename or list
of filenames specified.

This parameter is not supported by Sterling


Connect:Direct for UNIX.
pname=Process name | generic | Selects Process statistics by Process name, a generic
(list) name, or a list of names. The name can be 1 to 8
alphanumeric characters long.
pnumber=Process number | (list) Selects statistics by Process number or a list of
Process numbers. The Process number is assigned
when the Process is submitted.

166 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Description
reccat=caev | capr | (caev , capr) Selects statistics based on whether the record category
is related to events or to a Process.

The default for this keyword depends on the other


search criteria specified. If you specify Process
characteristics, such as Process name, Process number,
or Submitter, the default is capr. If you perform a
general search using startt or stopt, the default is
caev and capr.

caev—Specifies that the retrieved statistics file records


should include those related to Sterling
Connect:Direct events, such as a Sterling
Connect:Direct shutdown.

capr—Specifies that the retrieved statistics file records


should include those related to one or more Sterling
Connect:Direct Processes.
recids=record id | (list) Specifies selection by record ID or a list of record IDs.
This parameter identifies particular types of statistics
records, such as a copy termination records or
initialization event records. Following is a list of the
record IDs:

AUPR—Authorization file processing

CHGP—Change Process command issued

COAC—Communication activated

CMLT—CMGR listen thread terminated

CRHT—Sterling Connect:Direct copyright

CSTP—Child Process stopped

CTRC—Copy control record written

CTRM—Child Process terminated

CUKN—Child process unknown status

CXIT—Child process exited

DELP—Delete Process command issued

FLSP—Flush Process command issued

FMRV—Formatted Header (FMH) received

FMSD—Formatted Header (FMH) sent

Chapter 3. System Guide 167


Parameter Description
GPRC—Get Process issued

IFED—If statement ended

IPPR—Initialization parameter processing

LIOK—Listen okay

LSST—The record ID of a step on the local node

NAUH—Node Authorization check issued

NMOP—Network map file opened

NMPR—The network map is updated through


Sterling Connect:Direct Browser User Interface,
Sterling Control Center, or KQV Interface.

NUIC—Sterling Connect:Direct initialization complete

NUIS—Sterling Connect:Direct start initialization

NUT1—Sterling Connect:Direct phase one


termination complete status

NUT1—Sterling Connect:Direct phase two


termination complete status

NUTC—Sterling Connect:Direct termination complete

NUTR—Sterling Connect:Direct termination


requested

PERR—Process error was detected

PFLS—Process was flushed

PMED—Process Manager ended


recids=record id | (list) PMIP—Process Manager Initprocs thread initialized

(continued) PMMX—Process Manager Max Age thread initialized

PMRC—Process Manager release cell thread


initialized

PMST—Process Manager started

PPER—Pipe error

PRED—Process ended

PRIN—Process interrupted

PSAV—Process was saved

PSED—Process step was detected

PSTR—Process has started

168 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Description
QCEX—A Process moved from another queue to the
EXEC queue

QCHO—A Process moved from another queue to the


HOLD queue

QCWA—A Process moved from another queue to the


WAIT queue

QCTI—A Process moved from another queue to the


TIMER queue

QCHO—A Process moved from another queue to the


HOLD queue

RJED—Run Job command completed

RNCF—Remote Sterling Connect:Direct server call


failed

RSST—The record ID of a step on the remote node

RTED—Run Task command completed

SBED—Submit complete

SELP—Select Process command issued

SELS—Select Statistics command issued

SEND—Session end issued

SERR—System error

SFSZ—Size of the file submitted

SHUD—Sterling Connect:Direct shutdown

Chapter 3. System Guide 169


Parameter Description
SIGC—System error

SMED—Session Manager ended

SMST—Session Manager started

SNMP—SNMP

SSTR—Session start issued

STOP—Stop Sterling Connect:Direct command issued

SUBP—Submit command issued

TCPI—TCP started

TRAC—Trace command issued

TZDI—Time zone of the local node represented as the


difference in seconds between the time at the local
node and the Coordinated Universal Time

UNKN—Unknown command issued

USEC—User Security check issued

xxxx—Record types identified by the first four


characters of the message ID
snode=snode name | generic | Selects statistics file records by SNODE name, a
(list) generic node name, or a list of node names. The
SNODE name can be 1 to 16 alphanumeric characters
long.
sfile=filename| (list) Enables you to search all copy termination records
(CAPR category, CTRC record ID) to find those with
a destination file name matching the file name or list
of the file names specified.

This parameter is not supported by Sterling


Connect:Direct for UNIX.

170 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Parameter Description
startt=([date | day] [, time]) Selects statistics starting with records logged since the
specified date, day, or time. The date, day, and time
are positional parameters. If you do not specify a
date or day, type a comma before the time.

date—Specifies the day (dd), month (mm), and year


(yy), which you can code as mm/dd/yyyy or
mm-dd-yyyy. If you only specify date, the time
defaults to 00:00:00. The current date is the default.

day—Specifies the day of the week. Values are today,


yesterday, Monday, Tuesday, Wednesday, Thursday,
Friday, Saturday, and Sunday. If you specify a day of
the week, Sterling Connect:Direct uses the previous
matching day.

time—Specifies the time of day coded as


hh:mm:ss[am | pm] where hh is hours, mm is
minutes, and ss is seconds. You can specify the hour
in either 12- or 24-hour format. If you use the 12-hour
format, then you must specify am or pm. The default
format is the 24-hour format. The default value is
00:00:00, which indicates midnight. If you specify
only the day value, the time defaults to 00:00:00.
stopt=([date | day] [, time]) Retrieves statistics including records logged up to
and including the specified date, day, or time. The
date, day, and time are positional parameters. If you
do not specify a date or a day, type a comma before
the time.

date—Specifies the day (dd), month (mm), and year


(yy), that you can code as mm/dd/yyyy or
mm-dd-yyyy. If you only specify date, the time
defaults to 00:00:00. The current date is the default.

day—Specifies the day of the week. Values are today,


yesterday, Monday, Tuesday, Wednesday, Thursday,
Friday, Saturday, and Sunday. If you specify a day of
the week, Sterling Connect:Direct uses the previous
matching day.

time—Specifies the time of day coded as


hh:mm:ss[am | pm] where hh is hours, mm is
minutes, and ss is seconds. You can specify the hour
in either 12- or 24-hour format. If you use the 12-hour
format, then you must specify am or pm. The default
is the 24-hour format. The default value is 00:00:00,
which indicates midnight. If you specify only the day
value, the time defaults to 00:00:00.
submitter=(node name, userid) | Selects statistics by the node name and userid of the
generic | (list) Process owner (submitter). You can also specify a
generic name and userid or a list of names and
userids. The maximum combined length, including
the node name and userid, is 66 characters for this
parameter.

Chapter 3. System Guide 171


Display Parameter

Provide this optional parameter if you want to generate a report of the statistics
that are generated:

Parameter Description
detail=yes | no Specifies the type of report generated for the selected Processes.
The default is no.

yes—Generates a detailed report.

no—Generates a short report.

Example

The following example shows the report information returned when specifying
detail=yes.

==================================================================
SELECT STATISTICS
==================================================================
PROCESS RECORD Record Id=>SUBP
Process Name =>SAMPLE Stat Log Time =>09:54:33
Process Number =>38 Stat Log Time =>07/30/2003
Submitter Id =>user1
Snode =>CSGPUBS
Completion Code =>0
Message Id =>
Short Text =>
---------------------------------------------------------
PROCESS RECORD Record Id=>SUBp
Process Name =>SAMPLE Stat Log Time =>09:54:33
Process Number =>39 Stat Log Time =>07/30/2003
Submitter Id =>user1
Snode =>CSGPUBS
Completion Code =>0
Message Id =>
Short Text =>

---------------------------------------------------------

The following example shows the report information returned when specifying
detail=no or omitting the detail parameter.

172 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


==================================================================
SELECT STATISTICS
==================================================================
P RECID LOG TIME PNAME PNUMBER STEPNAME CCOD FDBK MSGID
P RECID LOG TIME MESSAGE TEXT
-----------------------------------------------------------------
P SUBP 07/30/2003 09:54:33 SAMPLE 38 0 0
P SUBP 07/30/2003 09:54:35 SAMPLE 39 0 0

The following command generates statistics output for Process number 7. The
output consists of all records for that Process starting with those generated on July
11, 2003.

select statistics pnumber=7 startt=(07/11/2003);

Traceoff Command
The Sterling Connect:Direct server provides a comprehensive trace facility that
assists in the diagnosis of problems relating to any facet of the operation of the
server. Use the traceoff command to disable a trace started with the traceon
command.

Format

The format for the traceoff command follows.

Command Parameter
traceoff [file=filename]
[type=cmgr | pmgr | smgr | comm | (list)]
[dest=destination | (list)]
[pnode | snode]
[pname=process name | (list)]
[pnum=process number | (list)]

Note: The dest, pnode, pname, and pnum parameters are valid for smgr and
comm traces only.

Specify one or more of the following parameters to identify the trace to turn off
including the output file of the trace, the type of trace, the destination, the node,
and the Process name or number.

Parameter Description
file=filename The name of the trace output file. The
default is CDTRACE.CDT.

Chapter 3. System Guide 173


Parameter Description
type=cmgr | pmgr | smgr | comm | (list) Disables traces by type.

cmgr—Traces events relating to the


interaction of the server with connected
workstations and with the server console.

pmgr—Traces events relating to the


manipulation of Sterling Connect:Direct
Processes.

smgr—Traces events relating to the


execution of Sterling Connect:Direct
Processes and the server's interaction with
other Sterling Connect:Direct nodes.

comm—Traces only interactions with


external communications facilities invoked
from Session Manager threads and used to
communicate with other Sterling
Connect:Direct nodes.

Additional Session Manager and Communications Trace


Parameters

The following parameters are valid for SMGR and COMM trace types only. The
dest, pnode, snode, pname, and pnum parameters are mutually exclusive.

Parameter Description
dest=destination | (list) The destination node name of the Process you want to stop
tracing or a list of up to four node names.
pnode | snode The PNODE or SNODE session managers.

pnode—Disables the trace of all PNODE session managers.

snode—Disables the trace of all SNODE session managers.


pname=process name | The name of the Process or up to four names you want to stop
(list) tracing.
pnum=process number The Process number, up to four Processes, you want to stop
| (list) tracing.

Example

The following command turns off the full SMGR trace for the Process named
payroll.

traceoff type=smgr pname=payroll;

Traceon Command
Use the traceon command to enable the trace facility. The trace facility enables you
to capture information to assist in the diagnosis of Sterling Connect:Direct
problems.

174 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Format

The format for the traceon command follows:

Command Parameters
traceon [file=filename]
[filesize=nnK | nnM | 0]
[level=basic | intermediate | full]
[type=cmgr | pmgr | smgr | comm | (list)]
[wrap=yes | no]
[dest=destination | (list)]
[pnode | snode]
[pname=process name | (list)]
[pnum=process number | (list)]

Note: The dest, pnode, pname, and pnum parameters are valid for smgr and
comm traces only.

Parameters

Specify one or more of the following parameters to define the traces:

Parameter Description
file=filename The name of the output file if you want to
write the trace information to a file. The size
of the name can range from 1 to 256
characters. The default is CDTRACE.CDT in
the Sterling Connect:Direct directory.
filesize=nnnK | nnnM | 0 The maximum file size as a number of
kilobytes (K) or megabytes (M). A value of 0
indicates that the file can grow indefinitely.
level=basic | intermediate | full The level of trace detail.

basic—Produces a trace of function entry


and exit.

intermediate—Produces a trace of function


entry and exit, plus arguments to functions.

full—Produces a trace with function


entry/exit, function argument display, plus
display of selected internal control blocks.

Chapter 3. System Guide 175


Parameter Description
type=cmgr | pmgr | smgr | comm | (list) The type of event or a list of events to be
traced.

cmgr—Traces events relating to the


interaction of the server with connected
workstations and the server console.

pmgr—Traces events relating to the


manipulation of Sterling Connect:Direct
Processes. This trace type provides
information about the submission, update,
deletion, selection for processing, and
termination of Sterling Connect:Direct
Processes.

smgr—Traces events relating to the


execution of Sterling Connect:Direct
Processes and the server's interaction with
other Sterling Connect:Direct nodes. Traces
can be started for specific Process numbers
or names, for specific destinations, or for all
PNODE or SNODE Session Managers.

comm—Traces only interactions with


external communications facilities invoked
from Session Manager threads and used to
communicate with other Sterling
Connect:Direct nodes. You can start traces
for specific Process numbers or names, for
specific destinations, or for all PNODE or
SNODE Session Managers.
wrap=yes | no Specifies whether you want your trace
output to be a wraparound file.

no—Requests a linear file that grows until


either the user–specified space restriction is
reached or you run out of disk space. Linear
traces are useful when you can qualify the
trace criteria sufficiently or when it is
important to not miss any trace events.

yes—Requests a wraparound file that, when


the user–specified space restriction is
reached, wraps back to the beginning and
overwrites the oldest records. Wraparound
traces are useful when the problem you are
trying to trace occurs intermittently or is
very difficult to reproduce.

Help Command
Use the help command to receive a list of the commands supported by the Sterling
Connect:Direct CLI.

Any command with a –? or /? will display the syntax for the command's usage.

176 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


command /?;
or
command -?;

Stop Sterling Connect:Direct


Use the stop command to initiate an orderly Sterling Connect:Direct server
shutdown sequence or forcibly terminate the software. Sterling Connect:Direct will
not run new Processes and will not establish new connections with remote
systems. You can issue commands and users can sign on until the server
terminates. You must identify the type of stop or an error message is generated.

Format

The format for the stop command follows.

Command Parameters
stop [force | immediate | step| quiesce]

Parameters

Choose one of the following options listed in order of severity:

Parameter Description
force Forcibly terminates the Sterling
Connect:Direct server with no attempt to
terminate executing Processes in an orderly
fashion or write statistics to disk. Sterling
Connect:Direct releases all server resources,
including connections, LU 6.2 sessions,
memory, and semaphores. It retains all
active Processes in the TCQ and restarts
them when you restart the Sterling
Connect:Direct server.
immediate Begins an immediate, but orderly, shutdown
of all activity and terminates Sterling
Connect:Direct. The software terminates
connections, writes statistics records, closes
files, and shuts down. It retains all active
Processes in the TCQ and restarts them
when you restart the Sterling Connect:Direct
server.
step Shuts down Sterling Connect:Direct after all
currently executing Process steps complete.
The software writes statistics records, closes
files, and shuts down. To restart Processes at
the next step the next time you start Sterling
Connect:Direct, set the tcq.start initialization
parameter to require a warm start.
quiesce Runs all executing Processes to completion.
Sterling Connect:Direct starts no new
Processes.

Chapter 3. System Guide 177


Example

The following command forcibly terminates Sterling Connect:Direct and returns


control to the operating system.

stop force;

Modify Translation Tables

Translation Tables
Sterling Connect:Direct translates data from one character set to a different
character set, such as from ASCII to EBCDIC, using character translation tables.
These translation tables provide greater flexibility in the translation of data when
copying data to or from a Sterling Connect:Direct node.

Default translation tables are defined in the initialization parameters for the
Sterling Connect:Direct node. You also have the ability to specify a different
translation table in the sysopts parameter with each Copy statement. Sterling
Connect:Direct provides two standard translation tables for use when sending or
receiving data to or from a remote Sterling Connect:Direct node:
v XLATERCV translates data from EBCDIC to ASCII.
v XLATESND translates data from ASCII to EBCDIC.

Translation is only performed when the data type is text. No translation is done if
the data type is binary.

Modify a Translation Table Using Sterling Connect:Direct


Requester
About this task

Translation is performed if a data type of text is specified in the sysopts parameter


of a copy statement.

Procedure
1. Select Admin > Translation Table.
2. Type the name of the translation table file, or select one of the following default
translation tables from the drop-down list:
v XLATERCR.CDX
v XLATESND.CDX
3. Click OK.
Each cell stores the character value for the target character set. The source
character set is used as an index into the table. For example, an ASCII blank
(Hex 0) would fetch the byte at offset Hex 0 in the translation table. If the byte
at location Hex 0 contains Hex code 40, that would translate to an EBCDIC
code indicating a blank character.
4. To view the shortcut menu, right-click in the Translation Table dialog box.
5. Select one of the following representations for the table element:
v Hex
v Dec

178 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


v Oct
6. Select the elements in the table you want to modify and type in the new
values.
7. Right-click to see the shortcut menu and click Apply to save your changes.
8. Click OK to save your changes to the selected Sterling Connect:Direct node.

Edit Connection Settings

About the Client Connection Utility


Before you begin using the SDK to create your own programs or use Sterling
Connect:Direct for Microsoft Windows to transfer files, you can use the Client
Connection Utility to create connection settings for each user.

To use Sterling Connect:Direct Requester, refer to “Define and Manage the Sterling
Connect:Direct Network” on page 55 for instructions.

The Sterling Connect:Direct for Microsoft Windows client software uses the
Microsoft Windows Registry to store its configuration information. The Client
Connection Utility allows you to update the connection settings within the
Registry.

CAUTION: Use the Client Connection Utility to update any Registry settings
rather than editing them directly.

You can view, edit, and update Sterling Connect:Direct for Microsoft
Windowsconnection settings in the Microsoft Windows Registry with the Client
Connection Utility. These settings enable communication between the user
interfaces and the Sterling Connect:Direct server. You can set up and update
connection settings in the following ways:
v Add and delete a node
v Add and delete a user
v Configure node and user properties
v Define a default node or user

To facilitate updating connection settings on multiple servers, you can import and
export connection settings using the Client Connection Utility. After you configure
the connection for a server, you can export the server's settings for use on other
servers. You can then import the settings into the target server's Registry. You can
also print connection settings.

Start the Client Connection Utility


About this task

To start the Client Connection Utility:

Procedure
1. Click Start > All Programs.
2. Click IBM Sterling Connect Direct > v4.7.00 > CD Client Connection Utility.
The Client Connection Utility main window is displayed.

Chapter 3. System Guide 179


Add a Node
About this task

The Client Connection Utility lets you add new Sterling Connect:Direct nodes and
identify the properties of the nodes, such as node name, TCP/IP address, and port
number. These properties establish a node so you can access it from Sterling
Connect:Direct Requester or the Command Line Interface (CLI).

Procedure
1. Select File > New Node.
2. To add a node registered in the Active Directory, follow these steps:
a. Select Windows in the Operating System field.
b. Select the node to add from Active Directory Nodes.

Note: Click Refresh to update the address and port stored on the local
computer with the values from the Active Directory listing.
3. To add a node that is not registered in the Active Directory, follow these steps:
a. In the Name field, type the name of the Sterling Connect:Direct node you
want to add.
b. If necessary, change the operating system value in the Operating System
field.
c. In the Address field, type the TCP/IP address of the new node.
d. The Port field automatically defaults to 1363; if necessary, type in a different
port number.
4. To specify the new node as the default node, click Set as the default node.
5. Click OK to save your settings and close Node Properties.
6. Select File > Save to save the new settings.
Attention: Changes made to the node settings are not written to the Registry
until you select Save.

Deleting a Node
About this task

To delete a node:

Procedure
1. In the Client Connection Utility main window, select the node you want to
delete.
2. Select Edit > Delete.
3. Select File > Save to delete the node.
Attention: Changes made to the node settings are not written to the Registry
until you select Save.

Adding a User with Client Connection Utility


About this task

To add a new Sterling Connect:Direct user from the Client Connection Utility:

180 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Procedure
1. In the Client Connection Utility main window, select the node where you want
to add a new user.
2. From the File menu, select New User. The User Properties dialog box is
displayed.
3. Type information in the following fields:
v Name—Type the name of the new user. Either type the user name as defined
in the Windows setup, such as lmore or type a fully qualified user name in
the UPN format, such as [email protected]
v Password—Type the password defined for the user.
v Verify Password—Retype the password defined for the user.
4. Click the Remember password check box to automatically reload the password
when you attach as this user.
5. Click the Set as the default user check box if you want the new user to be the
default user for the node.
6. Click OK.
7. If the verification password you typed does not match the initial password, you
receive a message indicating the passwords do not match when you click OK.
Retype the verification password and click OK.
8. From the File menu, select Save to save the settings.

Note: Changes made to the node settings are not written to the Registry until
you select Save.

Deleting a User with the Client Connection Utility


About this task

To delete a user from the node using the Client Connection Utility:

Procedure
1. Click the plus (+) sign next to the node containing the user you want to delete.
2. Select the user you want to delete.
3. From the Edit menu, select Delete.
4. From the File menu, select Save to delete the user.

Note: Changes made to the node settings are not written to the Registry until
you select Save.

Updating a Node or User


About this task

To update node or user properties:

Procedure
1. Do one of the following:
v To update a node, highlight the node you want to configure.
v To update a user, highlight the user you want to configure.
2. Select File > Properties.

Chapter 3. System Guide 181


3. Select the fields you want to edit and make the appropriate changes.
4. Click OK to save your settings and return to Node Properties.
5. Select File > Save to save the settings.
Attention: Changes made to the node and user settings are not written to the
Registry until you select Save.

Defining a Default Node or User


About this task

The Client Connection Utility allows you to define a default node or default user.
The default node and user will be used by the Sterling Connect:Direct Requester
and the CLI.

Procedure
1. Do one of the following:
v To define a default node, highlight the node you want to designate as the
default.
v To define a default user, highlight the user you want to designate as the
default.
2. Select File > Save to save the settings.
Attention: Changes made to the node and user settings are not written to the
Registry until you select Save.

Importing Registry Settings


About this task

The Sterling Connect:Direct Client Connection Utility allows you to import and
export connection settings to a file. These settings can be saved and used on
another computer or node.

Procedure
1. Select the node to which to import the Registry settings.
2. Select File > Import.
CAUTION:
Importing a Registry settings file causes all current changes to the selected
node to be lost if they have not been saved.
3. Select the Registry settings file you want to import (.REX extension) and click
OK.
4. Select File > Save to save the settings.
Attention: Changes made to the node settings are not written to the Registry
until you select Save.

Exporting Registry Settings


About this task

To export Registry settings:

182 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Procedure
1. From the Client Connection Utility main window, select the node containing
the Registry settings you want to export.
2. Select File > Export.
3. Name the exported Registry file with a REX extension and click OK. The
Registry settings in the file can now be imported to another computer or node.

Printing Registry Settings


About this task

To print a report of Registry settings:

Procedure
1. Select File > Print.
2. Configure the print settings and click OK. A report of all Registry settings is
generated.
3. Select File > Print Preview to preview the Registry settings report.
4. Click Zoom In to enlarge the text and read the report.
5. Click Print to print the report, or click Close to close without printing the
report.

Note: Additional node detail is provided if the node has been used at least
once by the client software.

Use Sterling Connect:Direct for Microsoft Windows in a Test Mode

Use Sterling Connect:Direct in Test Mode


While testing is being conducted, only Processes, particularly file transfers,
involved with the testing activity are executed. No production data is transferred
to applications being tested while at the same time no test data is transferred to
production applications.

You can enable test mode for production instances of Sterling Connect:Direct for
Microsoft Windows to perform the following functions:
v Test new applications and customer connections
v Prevent future production work from executing until testing is complete after
you have terminated all active production work using the Flush Process
command
v Resume regular production work after testing
v Control individual file transfers by application
v Enable and disable individual nodes and applications

Processing Flow of the Test Mode


You enable the testing mode using the quiesce.resume initialization parameter and
specify which Sterling Connect:Direct Processes to run and not run by storing your
preferences as text records in a parameter table named NDMPXTBL. A sample
parameters file, NDMPXTBL.sample, is located in the /Server/samples directory.

Chapter 3. System Guide 183


Note: You can modify the quiesce.resume initialization parameter while the server
is active.

You can specify the following criteria that are used to find matches for one or more
Processes to include (using the “I” command code) or exclude (“X” command
code) from execution:
v A partial or full Process name
v A partial or full remote node name
v A partial or full Sterling Connect:Direct submitter ID and submitter node
combination

In addition to telling Sterling Connect:Direct which Processes to run, you tell the
system what to do with the Processes which do not get executed. You can specify
the following dispositions for Processes not permitted to run:
v Place the Process in the Hold queue
v Place the Process in the Timer queue for session retry
v Flush the Process from the queue

For more information on how the testing mode can be used, see “Sample Test
Scenarios” on page 186 in this section.

When the testing mode is enabled, Sterling Connect:Direct for Microsoft Windows
performs a syntax check on the parameter table and fails initialization if the table
is invalid. If the table is valid, Sterling Connect:Direct for Microsoft Windows scans
it looking for a pattern that matches the Process that is about to execute. If a match
is found, the Process is permitted to execute if the “I” (Include) command code is
in effect. If command code “X” (Exclude) is in effect, the process is not permitted
to execute. If a match is not found in the table, the opposite processing occurs from
the case where a match is found, that is, if no match is found and command code
“I” is in effect, the Process is not permitted to execute, whereas if command code
“X” is in effect, the Process is permitted to execute.

If a Process is not permitted to execute, the disposition specified in the


NDMPXTBL parameter table to either hold, retry, or flush the Process is
implemented and a non-zero return code is returned. When a Process is prevented
from executing in testing mode, appropriate messages are issued and can be
viewed in the statistics log.

Note: For Processes initiated on remote nodes, the testing mode functions in the
same manner as it does for Processes submitted on the local Sterling
Connect:Direct node except that the remote node is the PNODE (Process owner)
for that Process, and the local node is the SNODE (secondary node). The
NDMPXTBL Parameter Table is searched for a matching entry, and the
remotely-initiated Process is either permitted to execute or is excluded from
execution. Because the local node is the SNODE for this type of transfer, it cannot
enforce the Process disposition setting in the NDMPXTBL parameter table. The
remote PNODE determines how the Process is handled. Typically, the remote node
places the Process in the Hold queue with a status of “HE” (Held in Error).

184 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Preparing the NDMPXTBL Parameter Table
About this task

You can create or update the parameter table file while the server is active. Any
changes made to the file take effect for sessions that begin after the changes are
made.

Procedure
1. To modify the sample NDMPXTBL parameter table supplied with Sterling
Connect:Direct for Microsoft Windows, open any text editor.
2. Change the table using the following commands.

Note: Each table entry or record consists of a single-character command code


in column one. Most command codes have a parameter which begins in
column two and varies according to the command code function.

Command Code Description Subparameters/Examples


* Comment Line * Only run the following Processes.
E Enables execution of Processes based on table The second column in this entry must
entries. Either “E” or “D” must be the first contain one of the following values
non-comment entry in the table. which indicates the disposition of a
PNODE Process if it is not allowed to
run.

H—Places the Process in the Hold


queue

R—Places the Process in the Timer


queue in session retry

F—Flushes the Process from the


queue
D Disables the execution of all Processes regardless of The parameter for command code
the contents of the parameter table and fails “E” can also be specified in column
Process execution with a non-zero (error) return two. This is a convenience to make it
code and message LPRX003E. Either “E” or “D” easier to change from “E” to “D” and
must be the first non-comment entry in the table vice versa without having to change
column two to a blank for command
code “D.”
P Matches Processes based on a full or partial Process PCOPY—Matches a single Process
name. Supports the wild card trailing asterisk (*).
Can be used to enable or disable Process execution PACH*—Matches all Processes
for a particular application by using naming beginning with “ACH”
conventions to match an application.
P*—Matches all Processes
N Matches Processes based on a full or partial remote NCD.NODE1—Matches a single
node name. Supports the wild card trailing asterisk remote node name
(*).
NCD.NODEA*—Matches all remote
node names beginning with
“CD.NODEA” N*—Matches all
remote node names

Chapter 3. System Guide 185


Command Code Description Subparameters/Examples
S Matches Processes based on a full or wild card SACTQ0ACD@TPM002—Matches a
Sterling Connect:Direct submitter ID and submitter specific ID and node combination.
node combination. The format is <id>@<node>.
S*@TPM002—Matches all IDs from
node TPM002

SACTQ0ACD@*—Matches ID
ACTQ0ACD from all nodes

S*@*—Matches all IDs from any


node. This is another way to match
all Processes.
I Includes Processes for execution that match the ER
patterns in the table which follow this command
code. Either “I” or “X” must be the second I
non-comment entry in the table. Processes which
do not match a pattern in the table are not NCD.BOSTON
executed.
Includes Processes for execution on
Note: To choose which command code to use to
the CD.BOSTON node only. Processes
select Processes, determine which group is smaller
destined for all other remote nodes
and use the corresponding command Code. For
are placed in the Timer queue in
example, if the number of Processes to be executed
session retry.
is smaller than the number of Processes to exclude
from execution, specify “I” as the command code
and add patterns to match that group of Processes.
X Excludes from execution those Processes that match EH
the patterns in the table which follow this
command code. Either “X” or “I” must be the X
second non-comment entry in the table. Processes
which do not match a pattern in the table are DALLASOPS@*
executed.
Excludes Processes for execution
submitted by the ID SDALLASOPS
from any node.
L Last entry in table.

3. When you update the parameter table, name it NDMPXTBL and save it to the
Server directory of the installation.

Sample Test Scenarios


The following examples show different applications of the test mode using the
NDMPXTBL parameter table to define which Sterling Connect:Direct Processes to
run and not run.

Specify Which Processes Run

In this example, Sterling Connect:Direct executes all Processes that start with ACH
or are named DITEST01 or DITEST02. All other Processes are placed in the Hold
queue.

186 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


* Enable processing. Only permit processes matching one of the patterns
* to execute. Hold processes that don’t execute.
EH
I
PACH*
PDITEST01
PDITEST02
L

Specify Which Processes to Exclude

In this example, Sterling Connect:Direct does not execute any Process that starts
with ACH or is named DITEST01 or DITEST02. All other Processes are executed.

* Exclude matching processes. Permit all others to execute.


EH
X
PACH*
PDITEST01
PDITEST02
L

Permit Process Execution by Secondary Node and Submitter


User ID/Node

In this example, Sterling Connect:Direct executes all Processes that match one of
the following criteria:
v The specific secondary node (SNODE) name is DI.NODE1
v An SNODE whose name starts with DI0017
v Any Sterling Connect:Direct submitter ID from node DI0049
v The specific Sterling Connect:Direct submitter ID SACHAPP from any node

All Processes not matching one of the above criteria are flushed from the queue.

* Only permit matching processes to execute. Flush those that do not.


EF
I
NDI.NODE1
NDI0017*
S*@DI0049
SACHAPP@*
L

Stop the Test Mode

In this example, no Processes will not be executed, and a non-zero return code will
be displayed, which signifies an error along with message ID LPRX003E. The
remainder of the table is ignored (including the “F” code to flush Processes from
the queue), and all Processes are placed in the Hold queue.

To resume testing, change the “D” command code to an “E.”

Chapter 3. System Guide 187


* Execute no processes at all. Put them in the hold queue and return.
DF
I
PACH*
PDITEST01
PDITEST02
L

188 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Chapter 4. Using FASP with IBM Aspera High-Speed Add-on
for Sterling Connect:Direct for Microsoft Windows (V4.7.0.4 or
later)
IBM Aspera High-Speed Add-on for Sterling Connect:Direct for Microsoft
Windows uses FASP (Fast and Secure Protocol) network transport to transfer files
over high bandwidth and high latency network connections.

At low latency it performs similarly to TCP/IP. However, as latency and packet


loss increase, unlike TCP/IP, its performance does not degrade, and FASP
continues to take advantage of all the available bandwidth.

IBM Aspera High-Speed Add-on for Sterling Connect:Direct for Microsoft


Windows supports interoperability with Sterling Connect:Direct for UNIX (V4.2.0.4
or later) and Sterling Secure Proxy (V3.4.3.0 or later).

Note: Secure+ is used to secure FASP transfers exactly the same way it is used for
TCP/IP transfers.
Related concepts:
“Using Sterling Connect:Direct for Microsoft Windows with IBM Aspera
High-Speed Add-on and Sterling Secure Proxy” on page 190
You can send files using IBM Aspera High-Speed Add-on through Sterling Secure
Proxy using Sterling Connect:Direct for Microsoft Windows.

Activating FASP
By default, IBM Aspera High-Speed Add-on for Connect:Direct is not enabled. To
enable it, you must download a license key and install Sterling Connect:Direct for
Microsoft Windows V4.7.0, Fix Pack 4 or later.

Before you begin

You must have Sterling Connect:Direct for Microsoft Windows V4.7.0 or later
installed.

Procedure
1. Download and install Sterling Connect:Direct for Microsoft Windows V4.7.0, Fix
Pack 7 or later from IBM Fix Central.
2. Download the IBM Aspera High-Speed Add-on for Connect:Direct license key
for your Connect:Direct node from Passport Advantage.
3. Rename the file aspera-license.
4. Save the renamed file to the <install_dir>\ConnectDirectvx.x.x\Server
directory.

What to do next

Important: The Connect:Direct install package includes the IBM Aspera


High-Speed Add-on for Connect:Direct configuration file (aspera.conf). It contains
the minimum necessary basic configuration statements to use FASP on
Connect:Direct. It is always installed even if you do not purchase IBM Aspera
High-Speed Add-on for Connect:Direct. Do NOT make any changes to this file.
© Copyright IBM Corp. 1982, 2016 189
Licensed bandwidth for FASP transactions
The bandwidth available to a file transfer is limited by, among other things, the
bandwidths specified in the sender’s and receiver’s Aspera license keys.

There are two types of available license keys:


v Datacenter licenses (available in 10gbps, 1gbps, 300mbps and 100mbps) - can
send and receive files using FASP when connected to a node that has an
Endpoint or DataCenter license.
v Endpoint license - can send and receive files using FASP when connected to a
node that has a DataCenter license.

When both sender and receiver only have Endpoint licenses, file transfer over
FASP is not supported. When either the sender or receiver has an Endpoint license
and the other has a Datacenter license, the available bandwidth is limited to the
value in the Datacenter license. When both sender and receiver have Datacenter
licenses, the bandwidth is limited to the smaller of the two values in the
Datacenter licenses.

Using Sterling Connect:Direct for Microsoft Windows with IBM Aspera


High-Speed Add-on and Sterling Secure Proxy
You can send files using IBM Aspera High-Speed Add-on through Sterling Secure
Proxy using Sterling Connect:Direct for Microsoft Windows.

FASP is supported in Sterling Secure Proxy V3.4.3 or later. If you send a file from
your local Sterling Connect:Direct for Microsoft Windows node configured for
FASP, it passes through your Sterling Secure Proxy instance using FASP, and is sent
to the remote node.

In addition to the FASP parameter values outlined in Configuring FASP, the


following parameter should be used when using Sterling Secure Proxy between
Connect:Direct nodes:
fasp=(yes|no|ssp,yes|no|ssp)

The first parameter is the default for Connect:Direct as the PNODE. The second
parameter is the default for Connect:Direct as the SNODE.

This parameter can now be used in the netmap local node record and remote node
trading partner record in Connect:Direct for Windows.

The following table shows results when Connect:Direct FASP protocol is used
between two Connect:Direct nodes with no Sterling Secure Proxy involved.

PNODE fasp= Protocol SNODE fasp=


N TCP N
N TCP Y
N TCP SSP
Y TCP N
Y C:D FASP Y
Y TCP SSP
SSP TCP N

190 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


SSP TCP Y
SSP TCP SSP

The following table shows results when Connect:Direct FASP protocol is used with
two Connect:Direct nodes going through a single instance of Sterling Secure Proxy.

PNODE fasp= Protocol SSP Protocol SNODE fasp=


N TCP SSP TCP N
N TCP SSP TCP Y
N TCP SSP TCP SSP
Y TCP SSP TCP N
Y C:D FASP SSP C:D FASP Y
Y C:D FASP SSP TCP SSP
SSP TCP SSP TCP N
SSP TCP SSP C:D FASP Y
SSP TCP SSP TCP SSP

The following table shows results when Connect:Direct FASP protocol is used with
two Connect:Direct nodes going through two instances of Sterling Secure Proxy.

PNODE Protocol SSP Protocol SSP Protocol SNODE


fasp= fasp=
N TCP SSP TCP SSP TCP N
N TCP SSP TCP SSP TCP Y
N TCP SSP TCP SSP TCP SSP
Y TCP TCP TCP SSP TCP N
Y C:D FASP SSP C:D FASP SSP C:D FASP Y
Y C:D FASP SSP C:D FASP SSP TCP SSP
SSP TCP SSP TCP SSP TCP N
SSP TCP SSP C:D FASP SSP C:D FASP Y
SSP TCP SSP C:D FASP SSP TCP SSP

For more information on using Sterling Secure Proxy with FASP, see Using FASP
with IBM Sterling Secure Proxy (V3.4.3 or later).

Configuring FASP
About this task

To enable IBM Aspera High-Speed Add-on for Sterling Connect:Direct for


Microsoft Windows, you must update the local node (initialization parameters)
with FASP parameters.

Procedure
1. From the Admin Tool initialization parameters, click the TCP/IP tab.
2. In the Configure FASP section, click Properties.

Chapter 4. Using FASP with IBM Aspera High-Speed Add-on for Sterling Connect:Direct for Microsoft Windows (V4.7.0.4 or
later) 191
3. Configure the values for the Local Node by completing the following fields:

Field Value
FASP Listen Ports Type the port numbers you want to use for
FASP. Only valid for SNode configuration.
PNode FASP Flag Use when this is PNode. Valid values are:
v If set to Yes, use FASP on PNode
v If set to No, don't use FASP
v If set to SSP , use FASP with SSP bridging
v If set to Blank, use the default value of
No.
SNode FASP Flag Use when this is SNode. Valid values are:
v If set to Yes, use FASP on SNode
v If set to No, don't use FASP
v If set to SSP , use FASP with SSP bridging
v If set to Blank, use the default value of
No.
File Size Threshold Optional. Used to restrict small files from
being sent using FASP.
v If the file is greater than or equal to the
stated value, the Connect:Direct server
sends the file using FASP. Otherwise, it is
sent using TCP/IP.
v Default is 1GB.
v You can use KB, MB, or GB designators. If
no designator is included, the system uses
bits.
v This setting can be overridden by the
remote node record or process parameters.
Target Bandwidth Optional. Default is as stipulated in the
FASP license key. Specifies how much
bandwidth each transfer can use.
v Default value can be changed, but cannot
exceed the bandwidth specified in the
license key.
v You can use KB, MB, or GB designators. If
no designator is included, the system uses
bits per second.
v This setting can be overridden by the
remote node record or process parameters,
but cannot exceed the bandwidth
specified in the license key.

192 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Field Value
Policy Optional. Specifies the fairness of each
transfer. Default is fair.
v This setting can be overridden by the
remote node record or process parameters.
v Valid values are:
– Fixed - FASP attempts to transfer at the
specified target rate, regardless of the
actual network capacity. This policy
transfers at a constant rate and finishes
in a guaranteed amount of time. This
policy typically occupies a majority of
the network's bandwidth, and is not
recommended in most file transfer
scenarios.
– Fair - FASP monitors the network and
adjusts the transfer rate to fully utilize
the available bandwidth up to the
maximum rate. When other types of
traffic build up and congestion occurs,
FASP shares bandwidth with other
traffic fairly by transferring at an even
rate. This is the best option for most
file transfer scenarios.
– High - FASP monitors the network and
adjusts the transfer rate to fully utilize
the available bandwidth up to the
maximum rate. When congestion
occurs, a FASP session with high policy
transfers at a rate twice of a session
with fair policy.
– Low - Similar to Fair mode, the Low
(or Trickle) policy uses the available
bandwidth up to the maximum rate as
set in the Aspera license file. When
congestion occurs, the transfer rate is
decreased all the way down to the
minimum rate as set in the Aspera
license file.

4. (Optional) Using Sterling Connect:Direct Requester, select Netmap and specify


the values for the remote node using the following chart. Configure the remote
node if you need to override your local node settings. For example, if you want
to exclude a trading partner from using FASP. You can also configure the
remote node record later.

Field Value
Pnode FASP flag Use when this is PNode. Valid values are:
v If set to Yes, use FASP on PNode
v If set to No, don't use FASP
v If set to SSP , use FASP with SSP bridging
v If set to Blank, use the default value of
No.

Chapter 4. Using FASP with IBM Aspera High-Speed Add-on for Sterling Connect:Direct for Microsoft Windows (V4.7.0.4 or
later) 193
Field Value
SNode FASP Flag Use when this is SNode. Valid values are:
v If set to Yes, use FASP on SNode
v If set to No, don't use FASP
v If set to SSP , use FASP with SSP bridging
v If set to Blank, use the default value of
No.
File Size Threshold Optional. Used to restrict small files from
being sent using FASP.
v If the file is greater than or equal to the
stated value, the Connect:Direct server
sends the file using FASP. Otherwise, it is
sent using TCP/IP.
v Default is 1GB.
v You can use KB, MB, or GB designators. If
no designator is included, the system uses
bits.
v This setting can be overridden by the
process parameters.
Target Bandwidth Optional. Default is as stipulated in the
FASP license key. Specifies how much
bandwidth each transfer can use.
v Default value can be changed, but cannot
exceed the bandwidth specified in the
license key.
v You can use KB, MB, or GB designators. If
no designator is included, the system uses
bits per second.
v This setting can be overridden by the
process parameters, but cannot exceed the
bandwidth specified in the license key.

194 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Field Value
Policy Optional. Specifies the fairness of each
transfer. Default is fair.
v This setting can be overridden by the
process parameters.
v Valid values are:
– Fixed - FASP attempts to transfer at the
specified target rate, regardless of the
actual network capacity. This policy
transfers at a constant rate and finishes
in a guaranteed amount of time. This
policy typically occupies a majority of
the network's bandwidth, and is not
recommended in most file transfer
scenarios.
– Fair - FASP monitors the network and
adjusts the transfer rate to fully utilize
the available bandwidth up to the
maximum rate. When other types of
traffic build up and congestion occurs,
FASP shares bandwidth with other
traffic fairly by transferring at an even
rate. This is the best option for most
file transfer scenarios.
– High - FASP monitors the network and
adjusts the transfer rate to fully utilize
the available bandwidth up to the
maximum rate. When congestion
occurs, a FASP session with high policy
transfers at a rate twice of a session
with fair policy.
– Low - Similar to Fair mode, the Low
(or Trickle) policy uses the available
bandwidth up to the maximum rate as
set in the Aspera license file. When
congestion occurs, the transfer rate is
decreased all the way down to the
minimum rate as set in the Aspera
license file.

FASP Process Language


Once the FASP parameters for both trading partners have been configured, you can
override the default settings on a process by process basis to perform exception
processing.

Optional Parameters

FASP Parameters:
v FASP (Yes | No)
v FASP POLICY (Values are the same as the FASP Local and Remote node record
parameters)
v FASP.FILESIZE.THRESHOLD (Values are the same as the FASP Local and
Remote node record parameters)

Chapter 4. Using FASP with IBM Aspera High-Speed Add-on for Sterling Connect:Direct for Microsoft Windows (V4.7.0.4 or
later) 195
v FASP.BANDWIDTH (Values are the same as the FASP Local and Remote node
record parameters)
FASP Parameters are applicable in three different contexts:
v COPY statement - The four FASP parameters may be used individually or as a
group within a COPY statement. This will set FASP values for the duration of
the COPY statement and will not have any effect on statements within the
submitted Process.
v PROCESS statement - The four FASP parameters may be used individually or as
a group at the end of a PROCESS statement. This will set the FASP parameters
for all of the COPY statements in the process
v SUBMIT command - The four FASP parameters may be set individually or as a
group at the end of a SUBMIT command. This will set the FASP parameters for
all COPY statements in the process being submitted These settings will set FASP
information for their relevant part of the scope, potentially overriding the Local
Node settings, Remote Node settings and each other.

Examples

Copy statement example:


step01 copy
from
(
file = \tmp\exampleout
pnode
)
ckpt = 2M
compress extended
to
(
file = \tmp\examplein
snode
disp = rpl
)
fasp=yes
fasp.policy=fair
fasp.bandwidth=500M
fasp.filesize.threshold=10G

Process statement example:


SAMPLE PROCESS SNODE=WINVM-470
fasp=yes
fasp.policy=fair
fasp.bandwidth=500M
fasp.filesize.threshold=10G
step01 copy
from
(
file = \tmp\exampleout
pnode
)
ckpt = 2M
compress extended
to
(
file = \tmp\examplein
snode
disp = rpl
)
PEND

196 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Hierarchy Settings

The system uses the following hierarchy to process overrides:


1. Remote node record overrides Local node (initialization parameters) values.
2. Process parameters override remote node record.
3. Submit statement overrides the process parameters.
4. Each Copy statement overrides the effective settings of the session established
by the node settings, Process, or Submit statements. The Copy statement
override is effective only for the duration of the Copy step.

FASP Messages
Use the following table to obtain FASP error message information.

Note: Long text message files for these message IDs can be viewed using the
Connect:Direct Requester Message Lookup utility.

Non-Detailed Statistics Mode (Message ID


only) Detailed Statistics Mode
FASP001E FASP001E: FASP server session creation
failed.
FASP002E FASP002E: FASP client session creation
failed.
FASP003E FASP003E: FASP could not be initialized.
FASP004E FASP004E: Lock timeout.
FASP005E FASP005E: Memory allocation failure.
FASP006E FASP006E: Condition wait timed out.
FASP007E FASP007E: No FASP listen ports available.
FASP008E FASP008E: FASP disabled due to file size
&FILESIZE < threshold &THRESHOLD
FASP009E FASP009E: FASP session terminated
unexpectedly.
FASP010E FASP010E: SNODE refused FASP, FASP
disabled.
FASP011E FASP011E: FASP CRC verification failed.
FASP012E FASP012E: FASP disabled due to conflict
with UDT33.
FASP020E FASP020E: Session Manager received invalid
FASP control message.
FASP021E FASP021E: FASP control message
fragmented or invalid.
FASP022E FASP022E: Session Manager failed to receive
FASP control message.
FASP023E FASP023E: The FASP control message to
send exceeds the buffer size.
FASP024E FASP024E: Session Manager failed to send
FASP control message.
FASP030E FASP030E: FASP license file not found.
FASP031E FASP031E: FASP license file expired.

Chapter 4. Using FASP with IBM Aspera High-Speed Add-on for Sterling Connect:Direct for Microsoft Windows (V4.7.0.4 or
later) 197
Non-Detailed Statistics Mode (Message ID
only) Detailed Statistics Mode
FASP032E FASP032E: FASP license in error.
FASP033E FASP033E: FASP license is malformed.
FASP034E FASP034E: FASP license is malformed.
FASP035E FASP035E: FASP License file at
&LOCATION will expire in &VALUE day(s).
FASP040E FASP040E: FASP initialization failed - remote
&TYPE &NODE. Error=&ERROR.
FASP041E FASP041E: FASP initialization failed - local
&TYPE &NODE. Error=&ERROR.
FASP042E FASP042E: FASP initialization failed.

Monitoring FASP transactions


You can view the FASP parameters for a particular message in the Copy
Termination Record (CTRC) using the Connect:Direct Requestor Statistics Details
grid. For example, you can verify that FASP was used and which port number was
used for the FASP transfer.

In the example below, note the following explanations:


v FASP - Y indicates that FASP was used for the copy step. N indicates FASP was
not used. TCP/IP was used.
v FASP Listen Port - indicates which port number was used for FASP transfer. It is
taken from Remote node FASP listen port settings.
v FASP Filesize Threshold - indicates the filesize threshold setting
v FASP Chunk Buffer size - size of the FASP buffers

Note: Some values might not be available. See “Known Limitations” for more
information.

FASP Y
FASP Listen Port 20014
FASP Filesize Threshold 1073741824
FASP Chunk Buffer size 16777216

Known Limitations
The following features cannot be used with FASP and Sterling Connect:Direct for
Microsoft Windows:
v Firewall navigation source ports should not be used with FASP
v Fasp bandwidth and policy negotiated values can be found in the
'aspera-stream-transfer.log' file. Submit a process and let the session complete. In
the aspera-stream-transfer.log file located in the <d_dir>\Server folder, search
for 'LOG FASP Session Parms':
2016-07-01 07:46:44 [2470-00001a70] LOG LOG FASP Session Params
uuid=1ea5dc66-4cca-4b3c-bf27-cd82eba733a3 userid=0 user="-"
targetrate=1000000000 minrate=0 rate_policy=fair
cipher=none resume=0 create=0 ovr=0 times=0 precalc=no mf=0 mf_path=- mf_suffix=-
partial_file_suffix= files_encrypt=no files_decrypt=no file_csum=none dgram_sz=0 prepostcmd=-

198 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


tcp_mode=no rtt_auto=yes cookie="-" vl_proto_ver=1 peer_vl_proto_ver=1 vl_local=0
vlink_remote=0 vl_sess_id=3924 srcbase=- rd_sz=0 wr_sz=0 cluster_num_nodes=1 cluster_node_
cluster_multi_session_threshold=-1 range=0-0 keepalive=no test_login=no proxy_ip=-
net_rc_alg=alg_queue exclude_older/newer_than=0/0

Chapter 4. Using FASP with IBM Aspera High-Speed Add-on for Sterling Connect:Direct for Microsoft Windows (V4.7.0.4 or
later) 199
200 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation
Chapter 5. Secure Plus Option Implementation Guide
Overview

About Sterling Connect:Direct Secure Plus


IBM Sterling Connect:Direct Secure Plus for Microsoft Windows provides enhanced
security for Sterling Connect:Direct. It is available as a separate component.
Sterling Connect:Direct Secure Plus uses cryptography to secure data during
transmission. You select the security protocol to use.

Secure Plus Microsoft Windows Video Tutorials


You can view video tutorials about the installation, configuration, troubleshooting,
and other technical features of Sterling Connect:Direct Secure Plus for Microsoft
Windows.

The Sterling Connect:Direct Secure Plus videos are useful for Sterling
Connect:Direct administrators. These tutorials provide a quicker way to access
information and remove the need to reference the Sterling Connect:Direct Secure
Plus documentation library.

Click the link below to access the Sterling Connect:Direct Secure Plus for Microsoft
Windows video channel to view tutorials about the following topics:
v Installation
v Configuration
v Troubleshooting

The Sterling Connect:Direct Secure Plus Microsoft Windows video channel can be
found at this link:Sterling Connect:Direct Secure Plus for Microsoft Windows Video
Channel.

Security Concepts
Cryptography is the science of keeping messages private. A cryptographic system
uses encryption keys between two trusted communication partners. These keys
encrypt and decrypt information so that the information is known only to those
who have the keys.

There are two kinds of cryptographic systems: symmetric-key and asymmetric-key.


Symmetric-key (or secret-key) systems use the same secret key to encrypt and
decrypt a message. Asymmetric-key (or public-key) systems use one key (public) to
encrypt a message and a different key (private) to decrypt it. Symmetric-key
systems are simpler and faster, but two parties must somehow exchange the key in
a secure way because if the secret key is discovered by outside parties, security is
compromised. Asymmetric-key systems, commonly known as public-key systems,
avoid this problem because the public key may be freely exchanged, but the
private key is never transmitted.

Cryptography provides information security as follows:


v Authentication verifies that the entity on the other end of a communications link
is the intended recipient of a transmission.

© Copyright IBM Corp. 1982, 2016 201


v Non-repudiation provides undeniable proof of origin of transmitted data.
v Data integrity ensures that information is not altered during transmission.
v Data confidentiality ensures that data remains private during transmission.

Sterling Connect:Direct Secure Plus enables you to select the security protocol to
use to secure data during electronic transmission: Transport Layer Security (TLS) or
Secure Sockets Layer protocol (SSL). Depending on the security needs of your
environment, you can also validate certificates using the IBM Sterling External
Authentication Server application.

Sterling Connect:Direct Secure Plus provides alternative cryptographic solutions


depending upon the protocol enabled. The following table identifies the protocols
available in Sterling Connect:Direct Secure Plus and the encryption algorithms
available for each protocol:

Protocol Encryption Algorithms


RC4 DES Triple DES AES
Sterling Connect:Direct Secure SSL x x x x
Plus V4.7 or later
TLS x x

Secure Sockets Layer Protocol (SSL) and Transport Layer


Security Protocol (TLS)
The SSL and the TLS protocols use certificates to exchange a key between the node
that initiates the data transfer (the primary node, or PNODE) and the node that
receives the data (the secondary node, or the SNODE). A certificate is an electronic
document that associates a public key with an individual or other entity. It enables
you to verify the claim that a given public key belongs to a given entity. A
certificate authority (CA) is the entity responsible for issuing and revoking these
certificates. The CA validates an applicant's identity, creates a certificate, and then
signs the certificate, thus vouching for an entity's identity.

The SSL and TLS protocols provide three levels of security:


v The first level of security is activated when a trading partner connects to a
Sterling Connect:Direct server. After the initial handshake, the Sterling
Connect:Direct server sends its digital certificate to the trading partner. The
trading partner checks that it has not expired and that it has been issued by a
certificate authority the trading partner trusts. The trading partner must have a
trusted root file that identifies the certificate authority.
If the security fails on any one of these checks, the trading partner is notified
that the site is not secure and the connection fails.
v The second level of security, called client authentication, requires that the trading
partner send its own certificate. If enabled, the Sterling Connect:Direct server
requests certificate information from the trading partner, after it returns its
certificate information. If the client certificate is signed by a trusted source, the
connection is established.
In order to perform this security check, the trading partner must have a key
certificate file available at its site and the Sterling Connect:Direct server must
have a trusted root file that validates the identity of the Certificate Authority
(CA) who issued the key certificate.
v The third level of security requires that a certificate common name be verified.
The Sterling Connect:Direct Secure Plus server searches the certificate file it

202 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


receives from the trading partner and looks for a matching certificate common
name. If the server cannot find the certificate common name, communication
fails.

To communicate using the SSL or TLS protocol, you must have both an X.509
certificate and a private key. The SSL and TLS protocols provide data security in
the following areas:
v Strong authentication—Because the CA went through an established procedure
to validate an applicant's identity, users who trust the CA can be sure the key is
held by the owner. The CA prevents impersonation, and provides a framework
of trust in associating an entity with its public and private keys.
v Proof of data origin and data integrity validation—The certificate provides proof
of origin of electronic transmission and encryption validates data integrity.
Encrypting the private key ensures that the data is not altered.
v Data confidentiality—Cipher suites encrypt data and ensure that the data
remains confidential. Sensitive information is converted to an unreadable format
(encryption) by the PNODE before being sent to the SNODE. The SNODE then
converts the information back into a readable format (decryption).

Both the SSL protocol and the TLS protocol manage secure communication in a
similar way. However, TLS provides a more secure method for managing
authentication and exchanging messages, using the following features:
v While SSL provides keyed message authentication, TLS uses the more secure
Key-Hashing for Message Authentication Code (HMAC) to ensure that a record
cannot be altered during transmission over an open network such as the
Internet.
v TLS defines the Enhanced Pseudorandom Function (PRF), which uses two hash
algorithms to generate key data with the HMAC. Two algorithms increase
security by preventing the data from being changed if only one algorithm is
compromised. The data remains secure as long as the second algorithm is not
compromised.
v While SSL and TLS both provide a message to each node to authenticate that the
exchanged messages were not altered, TLS uses PRF and HMAC values in the
message to provide a more secure authentication method.
v To provide more consistency, the TLS protocol specifies the type of certificate
that must be exchanged between nodes.
v TLS provides more specific alerts about problems with a session and documents
when certain alerts are sent.

The Sterling External Authentication Server application enables you to validate


certificates that are passed during an SSL or TLS session. Using the Sterling
External Authentication Server application, you can configure certificate chain
validation, including the option to validate certificates against one or more
Certificate Revocation Lists (CRLs) that are stored on an LDAP server. You can also
configure the Sterling External Authentication Server application to return
attributes associated with the incoming certificate, such as group information, that
are stored on an LDAP server. See the Release Notes for installation information.

For more information on configuring Sterling Connect:Direct Secure Plus for


external authentication, see the related links in the Help.
Related tasks:
“Enable or Disable External Authentication for a Remote Node” on page 218

Chapter 5. Secure Plus Option Implementation Guide 203


“Configure External Authentication in the .SEAServer Record” on page 219

NIST SP800-131a and Suite B support


Sterling Connect:Direct supports a new standard from The National Institute of
Standards and Technology (NIST), SP800-131a to extend the current FIPS
standards, as well as Suite B cryptographic algorithms as specified by the National
Institute of Standards and Technology (NIST).

The government of the Unites States of America produces technical advice on IT


systems and security, including data encryption and has issued Special Publication
SP800-131a that requires agencies from the Unites States of America to transition
the currently-in-use cryptographic algorithms and key lengths to new, higher levels
to strengthen security.

Applications must use strengthened security by defining specific algorithms that


can be used and what their minimum strengths are. These standards specifies the
cryptographic algorithms and key lengths that are required in order to remain
compliant with NIST security standards.

To comply with the new requirements, IBM products with cryptographic


functionality must:
v Enable TLS 1.2 and be prepared to disable protocols less than TLS 1.2
v Cryptographic keys adhere to a minimum key strength of 112 bits
v Digital signatures are a minimum of SHA-2

The following is included in Secure Plus for NIST SP800-131a and Suite B support:
v Support TLS 1.1 and 1.2 with SHA-2 cipher suites
v Support for SP800-131a transition and strict modes
v Support for NSA Suite B 128 and 192 bit cipher suites and modes
v Support for IBM CMS Keystore
v Support migrating existing Secure+ certificates to the IBM CMS Keystore
v Support for JRE 1.7 SR1 iKeyman/iKeycmd utilities for certificate management.

For more information on NIST security standards, see http://csrc.nist.gov/


publications/nistpubs/800-131A/sp800-131A.pdf.

For more information on Suite B security standards, see http://www.nsa.gov/ia/


programs/suiteb_cryptography/index.shtml

Sterling Connect:Direct Secure Plus Tools


Sterling Connect:Direct Secure Plus consists of five components: the Administration
Tool (Secure+ Admin Tool), the parameters file, the access file, the Strong Password
Encryption parameters file, and the Command Line Interface (Secure+ CLI). The
following sections describe these components and their function.

Note: Only one instance of the Secure+ Admin Tool or the Secure+ CLI may be
used at a time because they access the same configuration file. Do not open these
tools at the same time or multiple copies of the same tool at the same time (two
instances of Secure+ Admin or two instances of Secure+ CLI). Only the user who
accessed the configuration file first will be able to save updates.

204 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Administration Tool

The Secure+ Admin Tool enables you to configure and maintain the Sterling
Connect:Direct Secure Plus environment. The Admin Tool is the only interface for
creating and maintaining the Sterling Connect:Direct Secure Plus parameters file;
operating system utilities and editing tools do not work.

Parameters File

The Sterling Connect:Direct Secure Plus parameters file contains information that
determines the protocol and encryption method used during security-enabled
Sterling Connect:Direct operations. To configure Sterling Connect:Direct Secure
Plus, each site must have a parameters file that contains one local node record and
at least one remote node record. The local node record defines the most commonly
used security and protocol settings for the node at the site. Each remote node
record defines the specific security and protocol used by a trading partner. You
create a remote node record in the Sterling Connect:Direct Secure Plus parameters
file for each Sterling Connect:Direct node that you communicate with.

At installation, a record named .SEAServer is created in the parameters file, which


enables Sterling Connect:Direct to interface with Sterling External Authentication
ServerSterling External Authentication Server during SSL/TLS sessions. External
authentication is configured in this record and enabled/disabled in the local and
remote node records.

For additional security, the parameters file is stored in an encrypted format. The
information used for encrypting and decrypting the parameters file (and private
keys) is stored in the Sterling Connect:Direct Secure Plus access file.

Access File

The Sterling Connect:Direct Secure Plus access file is generated automatically when
you create the Sterling Connect:Direct parameters file for the first time. You type a
passphrase when you first initialize Sterling Connect:Direct. This passphrase
encrypts and decrypts the private keys in the parameters file. Your administrator
must secure the access file. This file can be secured with any available file access
restriction tools. Availability of the access file to unauthorized personnel can
compromise the security of data exchange.

Strong Password Encryption Parameters File

Strong password encryption protects Sterling Connect:Direct passwords at rest on


the Sterling Connect:Direct server using strong encryption. Strong password
encryption parameters are stored in the parameters file (<CD installation
directory>\Server\Secure+\Nodes\.Password). This feature is enabled by default.

Sterling Connect:Direct Command Line Interface

The Java-based Sterling Connect:Direct Command Line Interface (Secure+ CLI) is


provided to enable you to create customized scripts that automate implementing
Sterling Connect:Direct Secure Plus. Sample Microsoft Windows scripts are
provided as models for your customized scripts. You can save these scripts with
another name, modify them to reflect your environment, and distribute them
throughout your enterprise. For more information about using the Secure+ CLI,
commands and parameter descriptions, and the scripts, see “Start and Set Up the
Sterling Connect:Direct Secure Plus CLI” on page 219.

Chapter 5. Secure Plus Option Implementation Guide 205


Plan the Sterling Connect:Direct Secure Plus Configuration
Before you configure the Sterling Connect:Direct environment for secure
operations, first plan how you will use Sterling Connect:Direct Secure Plus.
Configure the Sterling Connect:Direct Secure Plus environment, based on company
needs or preferences.

General Planning for Sterling Connect:Direct Secure Plus


Since all remote nodes are automatically enabled with the protocol defined in the
local node record, determine which protocol will be used by most trading partners.
Then configure the local node with this protocol. If a trading partner is not using
the protocol defined in the local node record, you must configure the remote node
record for that trading partner with the protocol.

Sterling Connect:Direct Secure Plus uses two files to initiate TLS or SSL sessions: a
trusted root certificate file and a key certificate file.

Note: Sterling Connect:Direct Secure Plus does not support server gated crypto
(SGC) certificates.
v The trusted root certificate file verifies the identity of trusted sources who issue
certificates. To use Sterling Connect:Direct Secure Plus communication with a
trading partner, exchange trusted root file with the trading partner. The trading
partner must identify the trusted root file used to validate trusted sources in a
certificate when it configures its Sterling Connect:Direct Secure Plus parameters
file.
v A key certificate file is required at all sending locations and describes the
identity of the secure node. This file includes information about the certificate
being exchanged and the private key that defines the server.
When a trading partner attempts to establish communications with a Sterling
Connect:Direct node, the node sends the public key certificate to the trading
partner to verify its identity. The location of the key certificate file is configured
in the Sterling Connect:Direct Secure Plus parameters file. The private key in the
key certificate file is never sent (disclosed) by Sterling Connect:Direct.

The following list summarizes the tasks to configure Sterling Connect:Direct Secure
Plus:
v Populate the parameters file at your site by importing the Sterling
Connect:Direct network map. This task creates a local node record and remote
node records.
v Enable the TLS or SSL protocol in the local node record. Enabling the local node
record configures remote nodes to default to the settings in the local node
record. To enable TLS or SSL, activate the following options:
– Identify the trusted root certificate file that authenticates the trusted
authorities.
– Identify the key certificate file.
If you identify the trusted root file and the key certificate file to use for secure
communications in the local node record, the trusted root file must define the
identity of all CAs for all trading partners, and the root certificate associated
with the key certificate file must include certificate and private key
information for all certificates.
– Identify a cipher suite to use to encrypt data in both the sending and
receiving node. After secure communication is established, Sterling
Connect:Direct Secure Plus determines what cipher has been defined at both

206 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


the sending and the receiving node and uses this cipher to encrypt data
before sending it. If more than one cipher is enabled, the preferences defined
in the server parameters file determine the cipher suite used for the SSL
protocol and the preferences defined in the client parameters file determine
the cipher suite used for the TLS protocol.
v If you want to enable a second level of security, activate client authentication.
v If you want to enable common name checking, you must enable this feature in
the remote node record.
v For remote nodes that are using the protocol defined in the local node record,
configure the remote nodes to implement any of the following additional
security features:
– Activate client authentication.
– Configure the remote node record of trading partners with the same cipher
suites enabled by the trading partner because trading partners must use the
same cipher suite to enable data encryption.
v If a trading partner uses a protocol that is different from the protocol defined in
the local node record, define the protocol in the remote node record. The remote
node record must identify the same protocol as that used by the trading partner.
Otherwise, Sterling Connect:Direct Secure Plus fails.
v If a trading partner does not use Sterling Connect:Direct Secure Plus, disable it
in that remote node record.

Summary of Processing Using Sterling Connect:Direct Secure


Plus
After you configure Sterling Connect:Direct Secure Plus, you are ready to exchange
data securely with other security-enabled Sterling Connect:Direct nodes. Your node
must also be defined in the parameters file of trading partners. Data is securely
exchanged between two nodes using the protocol defined in the parameters file.

TLS and SSL Sterling Connect:Direct Secure Plus Data Exchange


Data exchange consists of three steps: authentication, sending data, and receiving
data. The TLS or SSL protocol data exchange process is described in the following
sections. The primary node initiates the data transmission, and the secondary node
receives the data. The following description of processing depicts the PNODE as
sending data and the SNODE as receiving data.

Authentication

The following steps occur during authentication:


1. The PNODE sends a control block to the SNODE. The SNODE confirms that it
has a record defined in the Sterling Connect:Direct Secure Plus parameters file
for the PNODE and determines the cipher suite to use for secure
communication. If the SNODE finds a record for the PNODE and a common
cipher suite can be negotiated, the session continues.
2. The SNODE sends its certificate back to the PNODE. Information for creating
an encryption key is included. If client authentication is enabled, the SNODE
also requests a certificate from the PNODE.
3. The PNODE verifies that the certificate of the SNODE is in its parameters file
and generates a session key. If requested, it sends a client certificate to the
SNODE for verification.

Chapter 5. Secure Plus Option Implementation Guide 207


4. The SNODE confirms that a secure environment is established and returns a
secure channel message.
5. The PNODE authenticates the SNODE and establishes communications.

Sending Customer Data

After communication is authenticated, the PNODE begins transmitting data.


v Information for encrypting data is exchanged in the control blocks.
v If data compression is enabled, the PNODE compresses the data.
v The PNODE encrypts the data with a cipher suite recognized by both
communications nodes.

Receiving Customer Data

The SNODE receives the data.


v The SNODE decrypts the data using a cipher suite available for both the
PNODE and the SNODE.
v If the data is compressed, the receiving node decompresses it.

IBM Sterling Connect:Direct Secure Plus for Microsoft


Windows Documentation
The IBM Sterling Connect:Direct Secure Plus for Microsoft Windows Implementation
Guide describes how to implement point-to-point security into Sterling
Connect:Direct operations with Sterling Connect:Direct Secure Plus. This document
includes information to plan, install, configure, and use Sterling Connect:Direct.

This guide assumes knowledge of the Sterling Connect:Direct system, including its
applications, network, and environment. If you are not familiar with Sterling
Connect:Direct, refer to the Sterling Connect:Direct library of manuals.

Task Overview

The following table directs you to the information required to perform the tasks
documented in the Sterling Connect:Direct documentation:

Task For More Information See


Understanding Sterling Connect:Direct “About Sterling Connect:Direct Secure Plus”
Secure Plus on page 201
Setting up Sterling Connect:Direct Secure “Set Up Sterling Connect:Direct Secure Plus”
Plus on page 209
Automating the Set up of Sterling “Start and Set Up the Sterling
Connect:Direct Secure Plus Connect:Direct Secure Plus CLI” on page 219
Maintenance tasks such as viewing all nodes “Sterling Connect:Direct Secure Plus Node
and their attributes List” on page 230
Viewing Sterling Connect:Direct Secure Plus “View Statistics” on page 233
statistics
Understanding error messages and resolving “Troubleshooting” on page 239
errors

208 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Set Up Sterling Connect:Direct Secure Plus

Set Up Sterling Connect:Direct Secure Plus


Before you begin using Sterling Connect:Direct Secure Plus, you must configure
nodes for secure operations.

You can install Sterling Connect:Direct Secure Plus using theSterling Connect:Direct
for Microsoft Windows installation script. For more information on installing
Sterling Connect:Direct Secure Plus, see the IBM Sterling Connect:Direct for Microsoft
Windows Getting Started Guide.

CAUTION:
After Sterling Connect:Direct Secure Plus is installed, the system administrator
is responsible for securing access to the Sterling Connect:Direct Secure Plus
Administration Tool, Sterling Connect:Direct Secure Plus CLI, and parameters
files. The Sterling Connect:Direct Secure Plus administrator and Sterling
Connect:Direct server need full access to the Sterling Connect:Direct Secure Plus
directory. No other users require access.

Start Secure+ Admin Tool


About this task

Use the Secure+ Admin Tool to set up and maintain a Sterling Connect:Direct
Secure Plus operation.

You can also use the Sterling Connect:Direct Secure Plus Command Line Interface
(Secure+ CLI) to set up and manage Sterling Connect:Direct Secure Plus
operations. See “Start and Set Up the Sterling Connect:Direct Secure Plus CLI” on
page 219.

Note: The parameters file is not dynamically updated. When multiple users
update the parameters file, each user must close and reopen the file to display new
records added by all sources.

Procedure
1. Click Start > All Programs.
2. Select IBM Sterling Connect Direct v4.6.0 > CD Secure+ Admin Tool. The
Secure+ Admin Tool Main Window is displayed.
The Secure+ Admin Tool starts and opens the Sterling Connect:Direct Secure
Plus parameters file for the associated Sterling Connect:Direct node.

Prepare to Set Up Sterling Connect:Direct Secure Plus


Before you configure the Sterling Connect:Direct Secure Plus environment, perform
the following setup procedures.
v Complete a worksheet for the local node record and a worksheet for each
trading partner for whom you plan to enable Sterling Connect:Direct Secure
Plus. Use the Local Node Security Feature Definition Worksheet to record the
settings you plan to enable for the local node. For each trading partner, complete
a Remote Node Security Feature Definition Worksheet and record the settings to
enable Sterling Connect:Direct Secure Plus for the trading partner.

Chapter 5. Secure Plus Option Implementation Guide 209


v A keystore is used to help create and manage certificates using the IBM utility,
iKeyman. You can use iKeyman to:
– Create and manage key databases.
– Create self-signed digital certificates for testing.
– Add certificate authority (CA) and intermediate certificates.
– Transfer certificates between key databases.
– Create certificate requests and receive a digital certificate issued by a CA in
response to a request.
– For additional information on how to use iKeyman, see http://www-
01.ibm.com/support/knowledgecenter/SSYKE2_6.0.0/
com.ibm.java.security.component.60.doc/security-component/
ikeyman_overview.html?lang=en.
v Populate the Sterling Connect:Direct Secure Plus parameters file to include a
record for each node running Sterling Connect:Direct Secure Plus. To
communicate with a node running Sterling Connect:Direct Secure Plus, the node
must have a record in the Sterling Connect:Direct network map and the Sterling
Connect:Direct Secure Plus parameters file.

Populate the Sterling Connect:Direct Secure Plus Parameters


File
About this task

To communicate with a trading partner using Sterling Connect:Direct Secure Plus,


you define a node record for that partner in both the Sterling Connect:Direct
network map and the Sterling Connect:Direct Secure Plus parameters file. To set up
the Sterling Connect:Direct Secure Plus environment, you can populate the Sterling
Connect:Direct Secure Plus parameters file from entries defined in an existing
network map.

When you populate the parameters file from the network map, a record is
automatically created in the parameters file for each node entry in the network
map. Initially, Sterling Connect:Direct Secure Plus is disabled for each of the
records created. You configure the local node record to activate Sterling
Connect:Direct Secure Plus for all nodes in the parameters file.

Procedure
1. From the Secure+ Admin Tool Main Window, click File > Sync with Netmap.
The Available Netmaps dialog box is displayed.
2. Select the netmap to open and click Sync. The Select Netmap Entries to Add
dialog box is displayed.
3. Click Add All. The Select Parameters File Entries to Delete dialog box is
displayed.
4. Click Skip to close the parameters file without deleting any entries. The
Sterling Connect:Direct Secure Plus parameters file is populated and the
Secure+ Admin Tool Main Window displays remote node records in the
parameters file including the records you added from the network map.

210 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Configure Nodes

Node Configuration Overview


When you import the network map records into the Sterling Connect:Direct Secure
Plus parameters file, Sterling Connect:Direct Secure Plus parameters are disabled
and you will need to configure the .Local node record.

To configure the nodes, complete the following procedures:


v Import existing Certificates.
v Configure or create a new CMS Key Store through the Key Management menu
on the Secure+ Admin Tool.
v Configure the Sterling Connect:Direct Secure Plus .Local node record.
Define the security options for the local node. Because TLS and SSL provide the
strongest authentication with easy-to-maintain keys, configure the local node for
one of these protocols. Determine which protocol is used by most trading
partners and configure the local node with this protocol.
v Disable remote nodes that do not use Sterling Connect:Direct Secure Plus
v Customize a remote node for the following configurations:
– To use a unique certificate file to authenticate a trading partner
– To use a different self-signed certificate for client or server authentication
– To identify a unique cipher suite used by a trading partner
– To activate common name validation
– To activate client authentication
– To activate external authentication
v Configure all remote nodes that use a protocol that is not defined in the local
node
When you configure the local node, all remote nodes are automatically
configured to the protocol defined in the local node. If a trading partner uses a
different protocol, you must turn on the protocol in the remote node record. For
example, if you activate the TLS protocol in the .Local node record and a trading
partner uses the SSL protocol, configure the SSL protocol in the remote node
record for the trading partner.
v If you want to use Sterling External Authentication Server to validate certificates:
– Update the .SEAServer record with the Sterling External Authentication
Server host name and port
– Enable TLS or SSL
– Enable external authentication
– Specify the certificate validation definition to use
v If you want to prevent non-secure API connections from communicating with a
Sterling Connect:Direct Secure Plus enabled server:
– Define a remote node called .Client
– Enable TLS or SSL
– Disable override

Chapter 5. Secure Plus Option Implementation Guide 211


Import Existing Certificates
About this task

Before performing your .Local node configuration, you need to import existing
certificates.

To import existing certificates:

Procedure
1. Import existing certificates, either keycerts or trusted root files from trading
partners into the Key Store. On the Secure+ Admin Tool main window, from
the Key Management menu, select Configure Key Store. The Key Store
Manager window appears.
2. Verify the CMS Key Store path. If incorrect, click browseto locate the Key Store
path. The Browse CMS KeyStore File window appears.
3. The default Key Store name is: cdkeystore.kdb To locate the default Key Store
path, navigate to the Key Store file.
Windows path: <cdinstalldir>\Server\Secure+\Certificates\cdkeystore.kdb
Unix path: <cdinstalldir>/ndm/secure+/certificates/cdkeystore.kdb
4. Click Import. On the Import PEM KeyStore File window, navigate to and select
the certificate file you want to use and click OK.
5. If a key certificate file is being imported, the password must be entered. The
KeyStore Password window appears. Type your password and click OK.
6. The PEM Certificate Viewer displays to allow a review of the certificate file.
Verify the certificate is valid and click the Import button. Import Results
window displays with status of imported certificate. Click Close.
7. The certificate is imported and given a Label based on the certificate Common
Name, (CN=). Note the serial number to identify the correct certificate after
import.

Note: A common name is used for Label and identification which means that
multiple certificates can have the same common name and therefore, can be
overwritten depending on the setting of the Default Mode. Additionally, the
Default Mode of Import is Add or Replace Certificates.
8. Click OK to create the new CMS KeyStore file. Key Store Manager will display
contents of the new keystore.

Create CMS Key Store


About this task
Before performing your .Local node configuration, you may need to create a new
CMS Key Store file.

To create a new CMS Key Store file:

Procedure
1. On the Key Store Manager window, click New. The Create new CMS KeyStore
File dialog box appears.
2. Enter the Directory location (you can also Browse to the location desired), the
KeyStore file name, and the password for the new KeyStore file. You can also

212 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


choose to Populate with standard certificate authorities. This will import all
standard public CA Root certificates into the new KeyStore file.
3. Click OK to create the new CMS KeyStore file. Key Store Manager will display
contents of the new keystore.
4. Click Import. On the Import PEM KeyStore File window, navigate to and select
the certificate file you want to use and click OK.
5. If a key certificate file is being imported, the password must be entered. The
KeyStore Password window appears. Type your password and click OK.
6. The PEM Certificate Viewer displays to allow a review of the certificate file.
Verify the certificate is valid and click the Import button. Import Results
window displays with status of imported certificate. Click Close.
7. The certificate is imported and given a Label based on the certificate Common
Name, (CN=). Note the serial number to identify the correct certificate after
import.

Note: A common name is used for Label and identification therefore multiple
certificates can have the same common name and therefore, can be overwritten
depending on the setting of the Default Mode. Additionally, the Default Mode
of Import is Add or Replace Certificates.

Configure the Sterling Connect:Direct Secure Plus .Local


Node Record
About this task

Before you can configure the .Local node record, you must either import your
existing certificates or create and configure a CMS Key Store. For additional
information, see Import Existing Certificates or Create CMS Key Store in the
documentation library.

It is recommended that you configure the .Local node record with the protocol
used by most of your trading partners. Because remote node records can use the
attributes defined in the .Local node record, defining the .Local node record with
the most commonly used protocol saves time. After you define the protocol in the
.Local node record, all remote nodes default to that protocol. Also, identify the
trusted root file to be used to authenticate trading partners.

To configure the local node, refer to the Local Node Security Feature Definition
Worksheet that you completed for the .Local node record security settings and
complete the following procedure:

Procedure
1. From the Secure+ Admin Tool Main Window, double-click the .Local record.
The Edit Record dialog box displays the Security Options tab, the node name,
and the type of node.
2. Set the Security Options for the local or remote node entry you are configuring
and if necessary, modify the time-out value in Authentication Timeout.
Refer to the following table for an explanation of the Security Options boxes:

Field Name Field Definition Valid Values


Node Name Specifies the node record name. .Local

This is not an editable field.

Chapter 5. Secure Plus Option Implementation Guide 213


Field Name Field Definition Valid Values
Base Record Specifies the name of the base Name of the local Sterling
record. If an alias record is Connect:Direct node.
selected, the base record name is
displayed in this box.
Type Specifies the current record type. Local for a local record and
Remote for a remote record.

This is not an editable field.


Disable Secure+ Disables Sterling Connect:Direct Default value is Disable Secure+.
Secure Plus.
Note: If this option is selected,
override is enabled, and no
remote node definition exists for
the remote node in the Sterling
Connect:Direct Secure Plus
parameters file, Sterling
Connect:Direct Secure Plus is
bypassed.
Enable SSL 3.0 Enables SSL protocol to ensure that The default value is Disable
Protocol data is securely transmitted. Secure+.
Enable TLS 1.0 Enables TLS protocol to ensure that The default value is Disable
Protocol data is securely transmitted. Secure+.
Enable TLS 1.1 Enables TLS protocol to ensure that The default value is Disable
Protocol data is securely transmitted. Secure+.
Enable TLS 1.2 Enables TLS protocol to ensure that The default value is Disable
Protocol data is securely transmitted. Secure+.
Disable Disables the ability to override The default value is Disable.
values in the .Local node record
with values in the remote node
record.
FIPS 140-2 Enables FIPS 140-2 security. The default value is Disable.
SP800-131A Enables NIST SP800-131a security The default value is Disable.
Transition in transition mode.
SP800-131A Enables NIST SP800-131a security The default value is Disable.
mode.
Suite B 128 bit Enables Suite B 128 bit security. The default value is Disable.
Suite B 192 bit Enables Suite B 192 bit security. The default value is Disable.
Node or Copy The default value is No.
Statement Override

214 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Field Name Field Definition Valid Values
Authentication Specifies maximum time, in A numeric value equal to or
Timeout seconds, that the system waits to greater than 0, ranging from 0 to
receive the Sterling Connect:Direct 3600.
Secure Plus blocks exchanged
during the Sterling Connect:Direct The default is 120 seconds.
Secure Plus authentication process.

If you specify a value of 0, Sterling


Connect:Direct waits indefinitely to
receive the next message.

Specify a time to prevent malicious


entry from taking as much time as
necessary to attack the
authentication process.

3. Click the TLS/SSL Options tab. The TLS/SSL Options dialog box is displayed.
4. Select an existing Key Certificate from the key store. To select a Key Certificate
from the keystore, click Browse next to Key Certificate Label. The CMS
KeyStore Certificate Viewer appears.

Note: You must add or import the key certificate into your key store prior to
configuring your node. For additional information, see Import Existing
Certificates or Create CMS Key Store in the documentation library. For
additional information on how to use iKeyman, see http://www-01.ibm.com/
support/knowledgecenter/SSYKE2_6.0.0/
com.ibm.java.security.component.60.doc/security-component/
ikeyman_overview.html?lang=en.
5. In the Key Certificates area, select the key certificate you want to use and click
OK box.
6. Click the External Authentication tab. The External Authentication dialog box
is displayed.
7. Choose one of the following options:
v To enable external authentication on the remote node, click Yes in the Enable
External Authentication box.
v To disable external authentication on the remote node, click No.
8. Type the Certificate Validation Definition character string defined in Sterling
External Authentication Server.
9. Click OK to close the Edit Record dialog box and update the parameters file.

Configure Sterling Connect:Direct Secure Plus Remote Node


Record
About this task

Before you can configure the .Remote node record, you must either import your
existing certificates or create and configure a CMS Key Store. For additional
information, see Import Existing Certificates or Create CMS Key Store in the
documentation library.

Configure the Remote node record with the protocol used by most of your trading
partners. Because remote node records can use the attributes defined in the Remote
node record, defining the Remote node record with the most commonly used

Chapter 5. Secure Plus Option Implementation Guide 215


protocol saves time. After you define the protocol in the Remote node record, all
remote nodes default to that protocol. Also, identify the trusted root file to be used
to authenticate trading partners.

To configure the local node, refer to the Local Node Security Feature Definition
Worksheet that you completed for the Remote node record security settings and
complete the following procedure:

Procedure
1. From the Secure+ Admin Tool Main Window, double-click the .Remote record.
The Edit Record dialog box displays the Security Options tab, the node name,
and the type of node.
2. Set the Security Options for the local or remote node entry you are configuring
and if necessary, modify the time-out value in Authentication Timeout.
Refer to the following table for an explanation of the Security Options boxes:

Field Name Field Definition Valid Values


Node Name Specifies the node record name. .Remote

This is not an editable field.


Base Record Specifies the name of the base Name of the local Sterling
record. If an alias record is Connect:Direct node.
selected, the base record name is
displayed in this box.
Type Specifies the current record type. Local for a local record and
Remote for a remote record.

This is not an editable field.


Disable Secure+ Disables Sterling Connect:Direct Default value is Disable Secure+.
Secure Plus.
Note: If this option is selected,
override is enabled, and no
remote node definition exists for
the remote node in the Sterling
Connect:Direct Secure Plus
parameters file, Sterling
Connect:Direct Secure Plus is
bypassed.
Enable SSL 3.0 Enables SSL protocol to ensure that The default value is Disable
Protocol data is securely transmitted. Secure+.
Enable TLS 1.0 Enables TLS protocol to ensure that The default value is Disable
Protocol data is securely transmitted. Secure+.
Enable TLS 1.1 Enables TLS protocol to ensure that The default value is Disable
Protocol data is securely transmitted. Secure+.
Enable TLS 1.2 Enables TLS protocol to ensure that The default value is Disable
Protocol data is securely transmitted. Secure+.
Disable Disables the ability to override The default value is Disable.
values in the .Remote node record
with values in the remote node
record.
FIPS 140-2 Enables FIPS 140-2 security. The default value is Disable.
SP800-131A Enables NIST SP800-131a security The default value is Disable.
Transition in transition mode.

216 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Field Name Field Definition Valid Values
SP800-131A Enables NIST SP800-131a security The default value is Disable.
mode.
Suite B 128 bit Enables Suite B 128 bit security. The default value is Disable.
Suite B 192 bit Enables Suite B 192 bit security. The default value is Disable.
Node or Copy The default value is No.
Statement Override
Authentication Specifies maximum time, in A numeric value equal to or
Timeout seconds, that the system waits to greater than 0, ranging from 0 to
receive the Sterling Connect:Direct 3600.
Secure Plus blocks exchanged
during the Sterling Connect:Direct The default is 120 seconds.
Secure Plus authentication process.

If you specify a value of 0, Sterling


Connect:Direct waits indefinitely to
receive the next message.

Specify a time to prevent malicious


entry from taking as much time as
necessary to attack the
authentication process.

3. Click the TLS/SSL Options tab. The TLS/SSL Options dialog box is displayed.
4. Select an existing Key Certificate from the key store. To select a Key Certificate
from the keystore, click Browse next to Key Certificate Label. The CMS
KeyStore Certificate Viewer appears.

Note: You must add or import the key certificate into your key store prior to
configuring your node. For additional information, see Import Existing
Certificates or Create CMS Key Store in the documentation library. For
additional information on how to use iKeyman, see http://www-01.ibm.com/
support/knowledgecenter/SSYKE2_6.0.0/
com.ibm.java.security.component.60.doc/security-component/
ikeyman_overview.html?lang=en.
5. In the Key Certificates area, select the key certificate you want to use and click
OK box.
6. Click the External Authentication tab. The External Authentication dialog box
is displayed.
7. Choose one of the following options:
v To enable external authentication on the remote node, click Yes in the Enable
External Authentication box.
v To disable external authentication on the remote node, click No.
8. Type the Certificate Validation Definition character string defined in Sterling
External Authentication Server.
9. Click OK to close the Edit Record dialog box and update the parameters file.

Chapter 5. Secure Plus Option Implementation Guide 217


Validate the Configuration
About this task

Perform this procedure to ensure that the nodes have been properly configured.
The validation process checks each node to ensure that all necessary options have
been defined and keys have been exchanged.

To validate the parameters file:

Procedure
1. In the Secure+ Admin Tool, click File > Validate Secure+. The Secure+ Admin
Tool - Validation Results window is displayed.
If the parameters file is not correctly configured, warning and error messages
are displayed.
2. Read each warning message. To correct each warning or error reported, go back
to the parameters file and make changes as needed.

Note: Warning messages do not always mean that the parameters file is
incorrectly configured. Some warning messages are informational only.
3. Click Close to close the Validation Results window.

Enable or Disable External Authentication for a Remote Node


About this task

On a node-by-node basis, you can specify whether a remote node uses external
authentication or if that remote node defaults to the external authentication setting
in the .Local node record.

Complete the following procedure to configure a remote node for external


authentication:

Procedure
1. If necessary, open the remote node record. The Edit Record dialog box is
displayed.
2. Click the External Authentication tab.
3. Choose one of the following options:
v To enable external authentication on the remote node, click Yes in the Enable
External Authentication box.
v To disable external authentication on the remote node, click No.
v To default to the external authentication setting defined in the .Local node
record, click Default to Local Node.

Note: If external authentication is enabled in the .Local node record, it is


automatically enabled in all remote node records.
4. Type the Certificate Validation Definition character string defined in Sterling
External Authentication Server.
5. Click OK to close the Edit Record dialog box and update the parameters file.
Related concepts:
“Secure Sockets Layer Protocol (SSL) and Transport Layer Security Protocol (TLS)”
on page 202

218 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Configure External Authentication in the .SEAServer Record
About this task

At installation, a record named .SEAServer is created in the parameters file, which


enables Sterling Connect:Direct Secure Plus to interface with Sterling External
Authentication Server during SSL/TLS sessions to validate certificates. Sterling
External Authentication Server properties are configured in this record and
enabled/disabled in the local and remote node records.

Complete the following procedure to configure the server properties that will allow
Sterling Connect:Direct for Microsoft Windows to interface with Sterling External
Authentication Server:

Note: The values specified for this procedure must match the values specified in
Sterling External Authentication Server.

Procedure
1. Double-click the record called .SEAServer.
2. Type the Host Name for Sterling External Authentication Server.
3. Type the Port Number where Sterling External Authentication Server is
listening. The default is 61366.
4. Click OK to update the record.
Related concepts:
“Secure Sockets Layer Protocol (SSL) and Transport Layer Security Protocol (TLS)”
on page 202

Automate Setup Using the CLI

Start and Set Up the Sterling Connect:Direct Secure Plus CLI


The following sections describe the commands and parameters used to start and
set up the command line environment.

Start the Sterling Connect:Direct Secure Plus CLI


To start the Sterling Connect:Direct Secure Plus Command Line Interface:
1. Change to the following directory: C:\Program Files\Sterling
Commerce\Connect Direct v4.6.00\Server\Secure+.
2. Enter the following command:
spcli.cmd

Control the Display of Commands


Set the following parameters to define how error messages are captured:

Parameter Definition Values


-li Switch to enable the display of commands to the terminal. y|n
-lo Switch to enable the display of output and error messages to the y|n
terminal.
-le Switch to enable the display of errors to STDERR. y|n

Chapter 5. Secure Plus Option Implementation Guide 219


Parameter Definition Values
-e Switch to tell the Sterling Connect:Direct Secure Plus CLI to exit 0|4|
when the return code is higher than the specified number. 8 | 16

If you do not include this parameter, Sterling Connect:Direct


Secure Plus CLI runs even after an error occurs.
-p Full path of the default parameters file directory. The file in this
directory is opened automatically.
-h Switch to display the usage of the Sterling Connect:Direct Secure
Plus CLl.

Control Help

The Help command determines what help information is displayed. You can list all
the Sterling Connect:Direct Secure Plus CLI commands and display help for
individual commands.

Command Description
help Displays all the Sterling Connect:Direct Secure Plus CLI commands.
help <command> Displays help for the specified command.

Specify Delimiter Characters

Define the following commands to determine how error messages are captured:

Command Definition Values


Set begdelim= Defines beginning and ending Any character
character to use to enclose keywords
enddelim= that use blanks and other special The default value is "
characters. (double quotes).

Use LCU Files to Encrypt Passwords for Use with the Sterling
Connect:Direct Secure Plus CLI
The Sterling Connect:Direct Secure Plus CLI displays passwords in plain text. If
you are required to use encrypted passwords, use the Local Connection Utility
(LCU) to create an LCU file that contains non-encrypted information for encrypting
the password.

For more information on creating and using LCU files, see “Configure Encrypted
Passwords Using the LCU” on page 247.

Sample Scripts
The following script is provided as a model for creating custom scripts to define
your Sterling Connect:Direct Secure Plus environment and automate the
implementation of it. To prevent any loss of data, you cannot run the script, but
you can save it with a different name and modify it to suit your needs. The sample
script is available in Model Automation Scripts. The script is designed to assist you
as follows:
spcust_sample1.sh

220 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


An example of configuring Sterling Connect:Direct to use the SSL or TLS
protocol with the Secure+ CLI. The example demonstrates the
configuration of Sterling Connect:Direct with the trusted root file, key
certificates, and ciphers.

Manage the Parameters File


The commands in the following table describe how to maintain the Secure+
parameters file from the command line interface.

Command Description Parameter Values


Init Creates the localnode=Name of the local local node name
Parmfile Secure+ node where the Secure+
parameters file. parameters file will be created.
Must be initialized
path=Location where the Secure+ directory location
before you can
parameters file will be created.
define nodes. For example,
d_dir\Server\
Secure+\Nodes
passphrase=Arbitrary set of a string at least 32
characters that encrypts the characters long
Secure+ parameters file.
Open Opens a Secure+ path=Location where the Secure+ directory location
Parmfile parameters file so parameters file will be created.
that you can For example,
configure it. d_dir\Server\
Secure+\Nodes
Close Closes the Secure+ None None
Parmfile parameters file.
After this
command is
issued, no more
updates can be
performed on the
Secure+
parameters file.
Refresh Refreshes the None None
Parmfile Secure+
parameters file.
This will close the
current parameters
file and reopen it,
bringing in any
changes since last
opened.
Validate Validates the None None
Parmfile Secure+
parameters file and
ensures that it is a
valid file.
Rekey Recreates the passphrase=Arbitrary set of passphrase, up to 32
Parmfile Secure+ characters that encrypts the characters long
parameters file if it Secure+ parameters file.
becomes corrupted.

Chapter 5. Secure Plus Option Implementation Guide 221


Command Description Parameter Values
Sync Imports remote path=Location and name of the location of network
Netmap node records network map file. map file
defined in the
name=Name of the node in the node name or
Sterling
network map. Use wildcard wildcard
Connect:Direct
characters to resync more than
network map. Wildcard values are:
one node at a time.
Asterisk (*)—any
number of characters.
Example: kps.* syncs
up all nodes with a
name that starts with
kps.

Question mark (?)—a


single character.
Example: k?s.* syncs
up kas.* and kbs.*.

Displaying Information

The following commands are available to display information:

Command Description Parameter


display info Displays information about when the None
parameters file was last updated.
display all Displays all nodes in the parameters None
file.
display localnode Displays the values defined in the None
.Local node record.
display remotenode Displays the values defined in remote name—The name of the node
node records. to display information about.

Use wildcard characters to


display information about a
group of remote node
records. The options are:

Asterisk (*)—Indicates any


number of characters. For
example, kps.* displays all
nodes with a name that starts
with kps.

Question mark (?)—Indicates


a single character. For
example: k?s.* displays kas.*
and kbs.*.
display client Displays the values defined in the None
.Client node record.
display seaserver Displays the values defined in the None
.SEAServer record.

222 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Manage CMS Keystore
The commands in the following table describe how to create and maintain the
CMS keystore file from the command line interface.

Command Description Parameter Values


create keystore Will create a new CMS File=While a default <path to CMS KeyStore file (*.kdb)>
Key Store file. keystore file is created at
installation and can be Default path is in:
used, you may need to
create a new CMS d_dir\Server\Secure+\Certificates\
KeyStore File. ndm\secure+\certificates\
cdkeystore.kdb
Passphrase=The A string with a minimum of three
password for the new characters and a maximum of eighty
KeyStore file. characters.

*This password must be retained; it will


be required to administer the Secure+
KeyStore.
PopulateRoots=Populate y|n
with standard certificate
authorities. This will
import all standard
public CA Root
certificates into the new
KeyStore file.
update keystore Updates the CMS File=Path to existing <path to CMS KeyStore file (*.kdb)>
KeyStore CMS KeyStore and
filename. Default path is in:

d_dir\Server\Secure+\Certificates\
ndm\secure+\certificates\
cdkeystore.kdb
Passphrase=The The retained password which was given
password for the at the creation of the keystore.
KeyStore file.
import keycert Imports existing File=Existing key Full path and filename to key certificate
keycerts into the certificate file. file to be imported.
keystore file.
*This file contains the
private key*
Passphrase=Password of Pre-defined password of key certificate
key certificate file to be file.
imported.
Label=(optional) Name A string of characters which can be an
of imported key alias name but if it is not defined, the
certificate file. Common Name of the certificate will be
the label used.
SyncNodes=Update y|n
node/certificate
references
ImportMode=Type of Add | Replace | AddOrReplace
import to be used.
import trustedcert Imports public File=Trusted public file Full path and filename to trusted
certificate files from from trading partner. certificate file to be imported.
trading partners.

Chapter 5. Secure Plus Option Implementation Guide 223


Command Description Parameter Values
ImportMode=Type of Add | Replace | AddOrReplace
import to be used.
delete keystoreentry Deletes certificates File=Can be either key Full path and filename to certificate file.
from CMS keystore. certificate file or trusted
public trading partner
file.
Label=Specified label of Label which was defined at time of
imported certificate file. import of the certificate file.
DeleteChain=Defines y|n
whether to delete the
entire chain, if it exists.
SyncNodes=Reset y|n
node/certificate
references

Update the .Local Node Record


The update localnode command configures the protocol for the .Local node record.
The command has the following parameters:

Command Parameter Values


update protocol=Specifies a comma Disable | SSL,TLS,TLS1.1,TLS 1.2
localnode delimited list of Protocols to use in
the .Local node record. (See Display Protocols)
SecurityMode Disable | FIPS140-2 |
SP800-131A_TRANSITION |
SP800-131A_STRICT |
SUITE_B-128 | SUITE_B-192

(See Display SecurityModes)


override=Identifies if values in the y|n
remote node can override values
defined in the .Local node record.
AuthTimeout=Specifies the maximum 0–3600
time, in seconds, that the system
waits to receive the Sterling The default is 120 seconds.
Connect:Direct control blocks
exchanged during the Sterling
Connect:Direct authentication
process.
KeyCertLabel=Identifies the label of keycert label | null
the key certificate. Note: If no keycert label is
specified, the following should be
noted:

Pnode sessions will fail if the


remote node requires client
authentication.

Snode sessions will fail.

224 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Command Parameter Values
EncryptData=If no is specified, y|n
Encrypt Only Control Block
Information; data is sent
unencrypted. Default is Yes - data
and control block information are
encrypted.
ClientAuth = Enables client y|n
authentication in a .Client node
record.
CipherSuites= Specifies the cipher comma delimited list of cipher
suites enabled. suites | all | null

Note: Only certain cipher suites are all—Enables all ciphers.


supported in FIPS-mode. For a list of
the FIPS-approved cipher suites, see null—Clears any existing values
Special Considerations in the IBM from the node definition.
Sterling Connect:Direct for UNIX
Release Notes.
SeaEnable=Enables certificate y|n
validation by Sterling External
Authentication Server
SeaCertValDef=Character string character string | null
defined in Sterling External
Authentication Server (SEAS). null—Clears any existing values
from the node definition.

Manage Remote Node Records


This section contains the commands and parameters used to create, update,
display, and delete remote node records.

Create a Remote Node Record

The create remotenode command creates a remote node record and configures the
protocol settings. The command has the following parameters:

Command Parameter Values


create remotenode model=Name of an existing node to use as name of a valid remote node
a model to copy from.
Name=Identifies name of the remote node name
record.
protocol=Specifies a comma delimited list Disable | SSL,TLS,TLS1.1,TLS 1.2
of Protocols to use in the remote node |DefaultToLN
record.
(See Display Protocols)
SecurityMode Disable | FIPS140-2 |
SP800-131A_TRANSITION |
SP800-131A_STRICT | SUITE_B-128 |
SUITE_B-192 | DefaultToLN

(See Display SecurityModes)

Chapter 5. Secure Plus Option Implementation Guide 225


Command Parameter Values
override=Identifies if values in the copy y | n | DefaultToLN
statement can override values defined in
the remote node record.
AuthTimeout=Specifies the maximum time, 0–3600
in seconds, that the system waits to receive
the Sterling Connect:Direct control blocks The default is 120 seconds.
exchanged during the Sterling
Connect:Direct authentication process.
KeyCertLabel=Identifies the label of the keycert label | null
key certificate.
EncryptData=If no is specified, Encrypt y | n | DefaulttoLN
Only Control Block Information; data is
sent unencrypted. Default is Yes - data and
control block information are encrypted.
ClientAuth = Enables client authentication y | n | DefaultToLN
with a remote trading partner.
CertCommonName=The certificate name | null
common name defined in the certificate.
null—Clears any existing values from the
node definition.
CipherSuites= Specifies the cipher suites comma delimited list of cipher suites | All
enabled. | null
SeaCertValDef=Character string defined in character string | null
Sterling External Authentication Server
(SEAS). null—Clears any existing values from the
node definition.

Update the Remote Node Record

The update remotenode command creates a remote node record and configures the
protocol settings. The command has the following parameters:

Command Parameter Values


update remotenode Name=Specifies name for the remote node remote node name | wildcard
record.
Use wildcard characters to update a group
of remote node records. The options are:

Asterisk (*)—Any number of characters.


Example: kps.* displays remote nodes with
a name that starts with kps.

Question mark (?)—Single character.


Example: k?s.* displays kas.* and kbs.*.
protocol=Specifies a comma delimited list of Disable | SSL,TLS,TLS1.1,TLS 1.2 |
Protocols to use in the remote node record. DefaultToLN

(See Display Protocols)


SecurityMode Disable | FIPS140-2 | SP800-
131A_TRANSITION | SP800-131A_STRICT
| SUITE_B-128 | SUITE_B-192 |
DefaultToLN

226 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Command Parameter Values
override=Identifies if values in the copy y | n | DefaultToLN
statement can override values defined in the
remote node record.
AuthTimeout=Specifies the maximum time, 0–3600
in seconds, that the system waits to receive
the Sterling Connect:Direct control blocks The default is 120 seconds.
exchanged during the Sterling
Connect:Direct authentication process.
KeyCertLabel=Identifies the label of the key keycert label | null
certificate.
EncryptData=If no is specified, Encrypt y | n | DefaulttoLN
Only Control Block Information; data is sent
unencrypted. Default is Yes - data and
control block information are encrypted.
ClientAuth = Enables client authentication y | n | DefaultToLN
with a remote trading partner.
CertCommonName=The certificate common name | null
name defined in the certificate.
null—Clears any existing values from the
node definition.
CipherSuites= Specifies the cipher suites comma delimited list of cipher suites | All
enabled. | null

Note: Only certain cipher suites are


supported in FIPS-mode. For a list of the
FIPS-approved cipher suites, see Special
Considerations in the IBM Sterling
Connect:Direct for UNIX Release Notes.
SeaEnable=Enables certificate validation by y | n | DefaultToLN
Sterling External Authentication Server.
DefaultToLN—Defaults to the setting
specified in the .Local node record
SeaCertValDef=Character string defined in character string | null
Sterling External Authentication Server
(SEAS). null—Clears any existing values from the
node definition.

Display a Remote Node Record

The display remotenode command displays information about one or more remote
node records. The command has the following parameter:

Chapter 5. Secure Plus Option Implementation Guide 227


Parameter Values
name=Name of the remote node name | wildcard value
node record to display
information about. To display information about more than one remote node
record, use wildcard characters.

Use wildcard characters to display information about a


group of remote node records. The options are:

Asterisk (*)—Any number of characters. Example: kps.*


displays remote nodes with a name that starts with kps.

Question mark (?)—A single character. Example: k?s.*


displays kas.* and kbs.*.

Manage Remote Node Records

Create Alias

The create alias command will create an alias record for an existing node record in
the Secure+ parmfile. The command has the following parameter:

Command Parameter Value


create alias name=The alias name to be An alias name for an existing node
used. name record.
basename=The name of the The existing node name
existing node record.

Delete a Remote Node Record

The delete remotenode command deletes one or more remote node records. The
command has the following parameter:

Parameter Values
name=Name of the remote node remote node name | wildcard value
record to display information about.
To display information about more than one
Use wildcard characters to delete a remote node record, use wildcard characters.
group of remote node records.
Use wildcard characters to display information
about a group of remote node records. The options
are:

Asterisk (*)—Any number of characters. Example:


kps.* displays remote nodes with a name that
starts with kps.

Question mark (?)—A single character. Example:


k?s.* displays kas.* and kbs.*.

Update the .Client Node Record


The update client command creates a .Client node record and configures the
protocol settings. The command has the following parameters:

228 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Command Parameter Values
update client protocol=Specifies a comma delimited Disable | SSL,TLS,TLS1.1,TLS 1.2
list of Protocols to use in the .Client | DefaultToLN
record
(See Display Protocols)
SecurityMode Disable | FIPS140-2 |
SP800-131A_TRANSITION |
SP800-131A_STRICT |
SUITE_B-128 | SUITE_B-192 |
DefaultToLN

(See Display SecurityModes)


override=Enforces secure connection y | n | DefaultToLN
between a Connect:Direct client and the
Connect:Direct server
AuthTimeout=Specifies the maximum 0–3600
time, in seconds, that the system waits to
receive the Sterling Connect:Direct The default is 120 seconds.
control blocks exchanged during the
Sterling Connect:Direct authentication
process.
KeyCertLabel=Identifies the label of the keycert label | null
key certificate
EncryptData=If no is specified, Encrypt y | n | DefaulttoLN
Only Control Block Information; data is
sent unencrypted. Default is Yes - data
and control block information are
encrypted.
CipherSuites= Specifies the cipher suites comma delimited list of cipher
enabled. suites | All | null

Manage the Sterling External Authentication ServerRecord


This section contains the commands and parameters used to update and display
the .SEAServer record.

Update the Sterling External Authentication Server Record

The update seaserver command configures properties for Sterling External


Authentication Server (SEAS) in the .SEAServer record that is created at
installation. The command has the following parameters:

Command Parameter Values


update seaserver Protocol=Specifies a comma Disable | SSL,TLS,TLS1.1,TLS 1.2
delimited list of Protocols to use in | DefaultToLN
the .SEAServer record.
(See Display Protocols)
SeaHost=External authentication host name | null
host name defined in SEAS.
null—Clears any existing values
from the node definition

Chapter 5. Secure Plus Option Implementation Guide 229


Command Parameter Values
AuthTimeout=Specifies the 0–3600
maximum time, in seconds, that the
system waits to receive the Sterling The default is 120 seconds.
Connect:Direct control blocks
exchanged during the Sterling
Connect:Direct authentication
process.
SeaPort=External authentication port number | 61366
server port number (listening)
defined in SEAS.

Display the Sterling External Authentication Server Record

The display SEAServer command displays information about the .SEAServer


record.

Maintain the .Password File (Strong Password Encryption)


This section contains the commands and parameters used to update and display
the .Password file through the CLI.

Update the .Password File

The Update Password command enables or disables strong password encryption.


The update goes into effect after you start the Sterling Connect:Direct server. The
command has one parameter, SpeEnable, which can be set to Y or N to enable or
disable strong password encryption. Following is an example:

Update Password
SpeEnable=<Y>
;

If you enable or disable strong password encryption, the server displays the
following warning:

The Connect:Direct Server must be restarted to update Strong


Password Encryption.

Display the .Password File

The Display Password command displays the strong password encryption setting.

Maintain Sterling Connect:Direct Secure Plus

Sterling Connect:Direct Secure Plus Node List


After you set up node records in Sterling Connect:Direct Secure Plus, you can view
all of the nodes and their attributes from the Secure+ Admin Tool Main Window.
From the Node Name list, you can view the record of an individual node by
double-clicking on a node name.

The following table shows all the fields in the Node Name List:

230 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Field Name Description Valid Values
Node Name Displays the node record name. .Local

remote node name

.client
Type Displays the current record type. L—Local record

R—Remote record
Secure+ Displays the status of N—Disabled

TLS—TLS protocol

SSL—SSL protocol

*—Default to local node


Override Displays the status of override. Enable Y—Enabled
override in the local node to allow
remote node records to override the N—Disabled
settings in the local node record.
*—Default to local node
CipherSuites Displays the TLS or SSL cipher suites Varies, based on the cipher
that are enabled for the node record. suites enabled.
ClientAuth Displays the status of client Y—enabled
authentication. If the TLS or SSL
protocol is used, enabling client N—Disabled
authentication means the SNODE
verifies the identity of the PNODE. *—Default to local node

LimExpr Identifies if the Limited Export version Y—Enabled


is being used by a remote node.
N—Disabled

*—Default to local node


AutoUpdate Indicates if the option to automatically Y—enabled
update key values during
communication is enabled. N—disable

*—default to local node


Base Record Displays the name of the base record for
the alias records.

View Sterling Connect:Direct Secure Plus Parameters File


Information
About this task

To view information about the parameters file:

Procedure
1. Open the Secure+ Admin Tool.
2. Click File > Info. The following fields are displayed in the File Information
dialog box.

Field Name Description


Current File The name of the parameters file opened.

Chapter 5. Secure Plus Option Implementation Guide 231


Field Name Description
Number of Records The number of nodes defined in the parameters file.
Number of Updates How many times the parameters file has been updated.
Last 3 Updates The name of the last three nodes updated.

View Sterling Connect:Direct Secure Plus Node Record


Change History
To view the history of changes to a node record:

Procedure
1. From the Secure+ Admin Tool Main Window, double-click the node record
name.
2. Click the Security Options tab.
The history of changes is displayed in the Update History field.

Disable Sterling Connect:Direct Secure Plus


About this task

You can use this procedure to disable all nodes in a configuration or one remote
node.

Procedure
1. Do one of the following:
v To disable all nodes in a configuration, open the local node record.
v To disable one node, open the remote node record for that node.
2. Click the Security Options tab.
3. Click Disable Secure+.
4. Click OK to update the node record.

Note: In order to continue Sterling Connect:Direct operations with Sterling


Connect:Direct Secure Plus disabled, both trading partners must disable
Sterling Connect:Direct Secure Plus.

Delete a Sterling Connect:Direct Secure Plus Remote Node


Record
About this task

If a remote node record is no longer defined in the network map, you can remove
it from the parameters file. The following procedure deletes nodes that are defined
in the Sterling Connect:Direct Secure Plus parameters file but not in the selected
network map.

CAUTION:
Do not delete the remote node record that is named for the Sterling
Connect:Direct node. It is the base record for the .Local node record. You cannot
delete the .Local node record.

232 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Procedure
1. From the Secure+ Admin Tool Main Window, click File > Sync with Netmap.
2. Click the network map to use from the pulldown list.
3. Click OK.
4. Click Skip to move through the Select Netmap Entries to the Add dialog box.
5. To delete node records, do one of the following:
v To delete selected node records, highlight the remote nodes to delete and
click Delete Selection.
v To delete all remote node records not found in the network map, click Delete
All.

Resecure Sterling Connect:Direct Secure Plus Parameters and


Access Files
About this task

Routinely, or if your access file is compromised, perform the following steps to


resecure Sterling Connect:Direct Secure Plus:

CAUTION:
Do not type a new passphrase if an error occurs. If an error occurs while you are
resecuring the files, restore the node records from the ACFSave directory. This
directory is created after the Rekey Secure+ feature is executed.

Procedure
1. From the Secure+ Admin Tool Main Window, click File > Rekey Secure+. The
Rekey Secure+ dialog box is displayed.
2. Type an alphanumeric string of at least 32 characters in the Passphrase field.
uses the passphrase to re-encrypt the Sterling Connect:Direct Secure Plus
parameters and access files. You do not have to remember this passphrase
value.
3. Click OK to accept the new passphrase. Sterling Connect:Direct Secure Plus
decrypts and re-encrypts the parameters file and access file.

View Statistics

View Statistics
Sterling Connect:Direct logs statistics for Sterling Connect:Direct Process activity.
The Sterling Connect:Direct statistics include Sterling Connect:Direct Secure Plus
information for a Process. Sterling Connect:Direct information is included in the
Process statistics information only when you attach to a Sterling Connect:Direct
server.

Sterling Connect:Direct Requester Select Statistics


Use the Select Statistics function of Sterling Connect:Direct Requester to view the
information about a Sterling Connect:Direct Process, including statistics
information about a particular Process. If Sterling Connect:Direct Secure Plus is
enabled, view Sterling Connect:Direct Secure Plus by scrolling to the bottom of the
Statistics Detail dialog box, in the Session Start Record (SSTR) and Copy
Termination Record (CTRC).

Chapter 5. Secure Plus Option Implementation Guide 233


For more information on using Sterling Connect:Direct Requester to view statistics
information, see the Sterling Connect:Direct for Microsoft Windows Help or the
IBM Sterling Connect:Direct for Microsoft Windows System Guide.

The Sterling Connect:Direct Secure Plus fields and valid values available using the
Select Statistics function of the Sterling Connect:Direct Requester are shown in the
following table:

Field Name Description Valid Values


Secure+ Enabled Specifies whether Sterling Connect:Direct Secure Plus Y | N
is enabled.
Secure+ Protocol Which protocol is enabled. SSL 3.0 | TLS 1.0
Cipher Suite Displays the cipher suite used during a session. SSL_RSA_EXPORT_WITH_RC4_40_MD5
cipher suite name, for example:
PNode Cipher Specifies the encryption algorithms available for the
List PNODE during the session.
PNode Cipher Specifies the preferred data encryption as specified in Y | N
the Sterling Connect:Direct Secure Plus parameters
file of the PNODE.
SNode Cipher Specifies the encryption algorithms available for the
List SNODE during the session as specified in the
Sterling Connect:Direct Secure Plus parameters file of
the SNODE.
SNode Cipher Specifies the preferred data encryption algorithm as Y|N
defined in the Sterling Connect:Direct Secure Plus
parameters file of the SNODE.

Sterling Connect:Direct CLI Select Statistics Detail

When you use the CLI Select Statistics function to view the information about a
Sterling Connect:Direct Process, you see statistics information about a particular
Process. The Sterling Connect:Direct fields are shown in bold in the following
samples.

Session Start (SSTR) Record

The following sample Session Start Record (SSTR) displays the output of an SSL
session:

Record Id => SSTR


Process Name => Stat Log Time => 15:23:21
Process Number => 0 Stat Log Date => 10/16/2009
Submitter Id =>
Start Time => 15:23:20 Start Date => 10/16/2009
Stop Time => 15:23:21 Stop Date => 10/16/2009
SNODE => JKTIB8100
Completion Code => 0
Message Id => LSMI004I
Message Text => PNODE session started - remote node &NODE
Secure+ Protocol => SSL 3.0
SSL Cipher Suites => SSL_RSA_WITH_RC4_128_MD5
---------------------------------------------------------------------

234 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Copy Termination (CTRC) Record

The Copy Termination Record (CTRC) sample below uses the SSL protocol:

Record Id => CTRC


Process Name => XX Stat Log Time => 15:26:32
Process Number => 195 Stat Log Date => 10/16/2009
Submitter Id => user1
Start Time => 15:23:47 Start Date => 10/16/2009
Stop Time => 15:26:32 Stop Date => 10/16/2009
SNODE => DLAS8100
Completion Code => 0
Message Id => SCPA000I
Message Text => Copy operation successful.
COPY DETAILS: Ckpt=> Y Lkfl=> N Rstr=> N XLat=> N Scmp=> N Ecmp=> N
From node => S
Src File => D:\long path
Dest File => D:\long path
Src CCode => 0 Dest CCode => 0
Src Msgid => SCPA000I Dest Msgid => SCPA000I
Bytes Read => 23592960 Bytes Written => 23592960
Records Read => 1024 Records Written => 1024
Bytes Sent => 23791420 Bytes Received => 23791420
RUs Sent => 30721 RUs Received => 30721
Secure+ Protocol =>SSL 3.0
SSL Cipher Suites =>SSL_RSA_WITH_RC4_128_MD5
---------------------------------------------------------------------

Sterling Connect:Direct CLI Select Process Detail

When you use the CLI select process command to view information about a
Sterling Connect:Direct Process, you see statistics about a Process. If Sterling
Connect:Direct Secure Plus is not enabled, no Sterling Connect:Direct Secure Plus
information is displayed:

Process Name => XX Class => 32


Process Number => 197 Priority => 10
Submitter Node => DALLAS PNode => DALLAS
Submitter => user1 SNode => DALLAS
Retain Process => N
Submit Time => 15:55:55 ScheduleTime =>
Submit Date => 10/19/2009 ScheduleDate =>
Queue => EXEC
Process Status => EX
Message Text =>
Function => COPY
Step Name => TWO
Type => Send
File Bytes => 3202560 File Recs => 0
Xmit Bytes => 3247926 Xmit Buffers => 0
Signature Enabled => Y
---------------------------------------------------------------------

Audits

Sterling Connect:Direct Secure Plus Parameters File Auditing


The Secure+ Admin Tool and the Sterling Connect:Direct Secure Plus Command
Line Interface log changes made to the parameters file.

Chapter 5. Secure Plus Option Implementation Guide 235


The following events are logged:
v Application Startup
v Init Parmfile
v Open Parmfile
v Sync Netmap
v Rekey Parmfile
v Create Node
v Update Node
v Delete Node

The parameters file logging feature has the following operational characteristics:
v The logging feature is always enabled and cannot be disabled.
v If errors occur when the log is being updated, the application terminates.
v Each log entry contains a timestamp, user ID, and a description of the
action/event.
v When an existing node is updated, any changed fields are reported.
v When a node is created or deleted, the values of all non-empty fields are
reported.
v Any commands that modify a node are logged.

Note: The certificates used by Sterling Connect:Direct Secure Plus are individual
files that can be stored anywhere on the system. As a result, the logging feature
cannot detect when existing certificate files are modified. Sterling Connect:Direct
Secure Plus only stores the certificate path name and detects changes to this field
only.

Accessing Parameters File Audit Logs

The parameters file audit logs are stored in a dedicated directory, ..\secure+\log.
The log file naming convention is SP[YYYY][MM][DD].001 (using local time), and
the contents of a log file are limited to a single calendar date. You can view these
log files using any text editor. Log files are not deleted by Sterling Connect:Direct
Secure Plus.

Parameters File Audit Log Entries

Each audit log has the following header:

[YYYYMMDD][HH:MM:SS:mmm][userid]

When a parameter file is created or opened, an ID is generated that associates the


change with the node being updated, as shown in the following:

[YYYYMMDD][HH:MM:SS:mmm][userid][ParmFileID]

The following fields may appear in a create, update, or delete audit record.

Field Name Description


Name Name of the node
BaseRecord Name of the base record
Type Record type of local, remote, or alias

236 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Field Name Description
Protocol Enables Sterling Connect:Direct Secure Plus protocol
Override Enables overriding the current node
AuthTimeOut Authentication timeout
SslTlsTrustedRootCertFile Pathname to trusted roots file
SslTlsCertFile Pathname to key certificate file
SslTlsCertPassphrase Key certificate passphrase (masked)
SslTlsEnableClientAuth Enable client authentication
SslTlsCertCommonName Common name of the remote certificate to verify
SslTlsEnableCipher List of SSL/TLS cipher suites
SslTlsSeaEnable Enable external authentication
SeaCertValDef External authentication validation definition
SeaHost External authentication host name
SeaPort External Authentication port number

Parameters File Audit Log Error Reporting

Errors are reported for the following logging functions: open log, write log, and
lock log. If an error occurs during one of these functions, an error message is
displayed and the application is terminated. The lock function times out after 30
seconds. Typically, Secure+ Admin Tool or the CLI hold the lock for less than one
second per update.

Sterling Connect:Direct Secure Plus Certificate Auditing


In an SSL/TLS session, audit information about the identity certificate and its
signing certificate is logged in the statistics log in the Session Start (SSTR) and
Copy Termination (CTRC) records. The audit information is included in the
response data from a Select Statistics command in the SSTR and CTRC records.

In an SSL/TLS session, the PNODE (client) always logs the audit information. The
SNODE (server) only logs the information when client authentication is enabled.
For logging to occur, the session handshake must succeed and progress to the
point of logging the SSTR and CTRC records.

Certificate Audit Log Entries

The audit consists of the subject name and serial number of the identity and its
signing certificate. The identity certificate also contains an issuer attribute, which is
identical to the signing certificate subject name. Although many signing certificates
may exist between the identity and final root certificate, the audit includes only the
last two certificates in a chain: an intermediate certificate and an end certificate.

In the SSTR and CTRC records, the CERT contains the common name and serial
number of the key certificate, and the CERI contains the common name of the
issuer and the serial number of an intermediate or root CA. They may also contain
the certificate serial number, for example:

CERT=(/C=US/ST=MA/L=Marshfield/O=test.org/OU=Dev/CN=Test ID/SN=99c0ce01382e6c83)|
CERI=(/C=US/ST=MA/L=Marshfield/O=test.org/CN=root CA/SN=da870666bbfb5538)

Chapter 5. Secure Plus Option Implementation Guide 237


Sterling Connect:Direct Secure Plus certificate audits may contain the following
fields:

Field Name Abbreviation Max Lengths (RFC 2459)


Common Name CN 64
Country C 2
Locality L 128
State ST 128
Organization O 64
Organization Unit OU 64
Email Address emailAddress 128
Serial Number SN 128 (estimated)

Accessing Certificate Audit Logs

Certificate audit information located in the SSTR and CTRC records cannot be
accessed directly using Sterling Connect:Direct Requester or Sterling Connect:Direct
Browser User Interface. To access certificate information, you can issue a query
directly to the database or use an SDK-based or JAI-based program to issue a
Select Statistics command. The response to the Select Statistics command contains
the AuditInfo field of the statistics records, including the SSTR and CTRC records.
This field contains certificate audit information.

The following example was generated using a database query.

’2009-05-21 14:50:27’, 2, ’SSTR’, ’CAEV’, ’’, 0, ’2009-05-21 14:50:26’, ’2009-05-21


14:50:27’, ’’, ’’, ’JLYON-XP.4500’, 0,
’MSGI=LSMI004I|SBST=(&NODE=JLYON-XP.4500)|PNOD=JLYON-XP.4500|CSPE=Y|CSPP=TLSv1|CSPS=
TLS_RSA_WITH_AES_256_CBC_SHA|
CERT=(/C=US/ST=MA/L=Marshfield/O=test.org/OU=Dev/
CN=Example Test ID/SN=a9febbeb4f59d446)|
CERI=(/C=US/ST=MA/L=Marshfield/O=test.org/OU=Dev/CN=Example
IntermediateCA/SN=a69634a8a7830268)|STSD=2|TZDI=-14400|’
’2009-05-21 14:50:28’, 2, ’CTRC’, ’CAPR’, ’SAMPLE’, 1, ’2009-05-21 14:50:27’,
’2009-05-21 14:50:28’, ’JLYON-XP.4500’, ’jlyon’, ’JLYON-XP.4500’, 0,
’MSGI=SCPA000I|LCCD=0|LMSG=SCPA000I|OCCD=0|OMSG=SCPA000I|PNAM=SAMPLE|PNUM=1|SNAM=STE
P1|SBND=JLYON-XP.4500|SBID=jlyon|PNOD=JLYON-XP.4500|SNOD=JLYON-XP.4500|LNOD=P|FROM=P
XLAT=N|ECZI=N|ECMP=N|SCMP=N|OERR=N|CKPT=Y|LKFL=N|RSTR=N|RUSZ=65535|PACC=|SACC=|PPMN
=|SFIL=C:\Program Files\Sterling Commerce\Connect Direct
v4.6.00\Server\Process\Sample.html|SDS1= |SDS2= |SDS3=
|SFSZ=0|SBYR=861|SRCR=1|SBYX=863|SRUX=1|SNVL=-1|SVOL=|DFIL=C:\Program Files\Sterling
Commerce\Connect Direct v4.5.00\Server\Process\Verify.html|PPMN=|DDS1=R|DDS2= |DDS3=
|DBYW=861|DRCW=1|DBYX=863|DRUX=1|DNVL=0|DVOL=|CSPE=Y|CSPP=TLSv1|CSPS=TLS_RSA_WITH_AE
S_256_CBC_SHA|CERT=(/C=US/ST=MA/L=Marshfield/O=test.org/OU=Dev/CN=Example Test
ID/SN=a9febbeb4f59d446)|CERI=(/C=US/ST=MA/L=Marshfield/O=test.org/OU=Dev/
CN=Example Intermediate CA/SN=a69634a8a7830268)
|PCRC=N|ETMC=60|ETMK=10|ETMU=0|STSD=2|TZDI=-14400|’

Certificate Audit Log Error Reporting


If an error occurs when the subject name is extracted from the identity (CERT) or
issuer's (CERI) certificates, the following message ID is logged:

CERT=(MSGI=CSPA310E)|CERI=(MSGI=CSPA310E)

238 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Only the message ID is displayed with the CERT or CERI tokens; the standard
Sterling Connect:Direct error function is not used. After the error occurs, the
session continues.

Troubleshoot Sterling Connect:Direct Secure Plus

Troubleshooting
Use the following table to help troubleshoot problems with Sterling Connect:Direct
Secure Plus.

Problem Possible Cause Solution


Sterling Connect:Direct The Sterling Connect:Direct Verify that the netmap
Secure Plus features are network maps do not contain entries for both the PNODE
enabled in the parameters entries for the PNODE and and the SNODE exist.
file, but the statistics record SNODE.
indicates that the functions
are disabled.
Running a Process with a Unique public/private key Change the .Local node
remote node fails with an pairs are generated for the record to Enable Override=Y.
authentication error. remote node record and the
.Local node record is set to
Enable Override=N.
The Sterling Connect:Direct The algorithm name used in Verify that the algorithm
Secure Plus parameter, the COPY statement is not in name in the COPY statement
ENCRYPT.DATA, specified the supported algorithm list is in the supported algorithm
from the COPY statement for both nodes. list for both nodes.
causes the copy step to fail
with error message
CSPA080E.
Sterling Connect:Direct Remote node records do not v A remote node record
Secure Plus is installed, but exist. must exist for every node
error message CSPA001E in the netmap. Use the
occurs on non-Sterling Sync with Netmap feature
Connect:Direct Secure Plus to create any missing
transfers. nodes.
v Disable Sterling
Connect:Direct Secure Plus
by clicking Disable
Secure+ in the .Local node
record.
Signature verification fails Configuration settings v If this is a non-secure
with error message missing or incorrect. node, make sure the
CSPA002E. remote node record has
Disable Secure+ selected.
v Check the Sterling
Connect:Direct Secure Plus
settings for the node.
Strong authentication fails v The time allowed for v Increase the timeout value.
with the error, CSPA010E. strong authentication v Execute standard
expired. operating procedure for
v A security attack in investigating security
progress. violation.

Chapter 5. Secure Plus Option Implementation Guide 239


Problem Possible Cause Solution
Sterling Connect:Direct An illegal attempt to v Turn on Enable Override
Secure Plus session fails with override Sterling in the remote node record
the error, CSPA011E. Connect:Direct Secure Plus to allow the COPY
parameters. statement to override the
node settings.
v Check the COPY statement
and remove the override
statements.
Sterling Connect:Direct Sterling Connect:Direct Check the remote node
Secure Plus session fails with Secure Plus cannot read the definition settings.
the error, CSPA014E. remote node definition.
Sterling Connect:Direct Sterling Connect:Direct Make sure Sterling
Secure Plus session fails with Secure Plus is not enabled in Connect:Direct Secure Plus is
the error, CSPA016E. the local node definition. enabled for the local node.
Sterling Connect:Direct Error generating digital v Resubmit the Process.
Secure Plus session fails with signature.
v Call IBM Support.
the error, CSPA019E.
Sterling Connect:Direct The COPY statement Remove the SECURE=
Secure Plus session fails with requested Sterling parameter from the COPY
the error, CSPA077E. Connect:Direct Secure Plus statement.
parameters but Sterling
Connect:Direct Secure Plus is
not configured.
Sterling Connect:Direct Invalid encryption algorithm Change the ENC.DATA
Secure Plus session fails with identified in COPY parameter and specify one of
the error, CSPA079E. statement. the following values: Y, N,
IDEACBC128, TDESCBC112,
or DESCBC56 and resubmit
the Process.
Sterling Connect:Direct No common algorithms are Verify the algorithm list for
Secure Plus session fails with available for both nodes. both nodes contains at least
the error, CSPA080E. one common algorithm
name.
Sterling Connect:Direct Session attempted but remote Make sure both nodes are
Secure Plus session fails with node is not configured. defined for the remote node
the error, CSPA091E. record.
Sterling Connect:Direct Both nodes are not v Check the protocol setting
Secure Plus session fails with configured for the same at both sites and verify
the error, CSPA200E. protocol. that the same protocol is
configured at each site.
v If necessary, edit the
remote node record.
Sterling Connect:Direct SSL or TLS protocol Edit the cipher suite list and
Secure Plus session fails with handshake failed. add a cipher suite used by
the error, CSPA202E. the trading partner.
Sterling Connect:Direct The SSL or TLS protocol Make sure the certificate
Secure Plus session fails with could not validate the information is typed into the
the error, CSPA203E or server's certificate. node record.
CSPA204E.
Sterling Connect:Direct A trading partner is not Make sure that both ends of
Secure Plus session fails with using TCP/IP for the communication use
the error, CSPA205E. communication. TCP/IP.

240 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Problem Possible Cause Solution
Sterling Connect:Direct The SSL or TLS protocol Make sure the certificate
Secure Plus session fails with could not validate the information is entered into
the error, CSPA206E. server's certificate. the node record.
Sterling Connect:Direct The common name in the Make sure the certificate
Secure Plus session fails with certificate received does not common name is spelled
the error, CSPA208E. match the Sterling correctly and uses the same
Connect:Direct Secure Plus case as that in the certificate.
configuration.
Sterling Connect:Direct The certificate has expired or Obtain a new certificate and
Secure Plus session fails with is invalid. reconfigure the node record.
the error, CSPA209E.
Sterling Connect:Direct The remote trading partner Notify the trading partner
Secure Plus session fails with failed to send a certificate. that a certificate is required.
the error, CSPA211E.
Sterling Connect:Direct The trusted root certificate Check the local node
Secure Plus session fails with could not be loaded. configuration and make sure
the error, CSPA280E. the location of the trusted
root certificate is correctly
identified.
Sterling Connect:Direct The trusted root certificate is Check the local node
Secure Plus session fails with empty. configuration and make sure
the error, CSPA281E. the location of the trusted
root certificate is correctly
identified.
Sterling Connect:Direct The user certificate file Check the local node
Secure Plus session fails with cannot be loaded. configuration and make sure
the error, CSPA282E. the location of the user
certificate file is correctly
identified.
Sterling Connect:Direct The parameters files have Run the Admin Tool to
Secure Plus session fails with not been initialized. initialize the parameters files.
the error, CSPA303E.
Sterling Connect:Direct The SSL library failed during Examine all related errors to
Secure Plus session fails with the handshake. determine the cause of the
the error, CSPA309E. failure.
Sterling Connect:Direct Certificate validation failed. Verify that the root certificate
Secure Plus session fails with is properly configured. An
the error, CSPA311E. alternate certificate may be
required.

Configuration Worksheets

Local Node Security Feature Definition Worksheet


Record the security definitions for the local Sterling Connect:Direct node.

Local Node Name

Chapter 5. Secure Plus Option Implementation Guide 241


Configured Security Functions
v Enable TLS protocol (Yes | No)
v Enable SSL protocol (Yes | No)
v Authorization timeout
v Key store location. The default is
...\Secure+\certicficates\cdkeystore.kdb.
v Certificate label
v Certificate passphrase
v Cipher suite(s) enabled
External Authentication
v Enable external authentication (Yes | No)
v Certificate validation definition

Remote Node Security Feature Definition Worksheet


Make a copy of this worksheet for each remote node defined in the parameters file
that you are configuring for Sterling Connect:Direct Secure Plus operations. Record
the security feature definitions for a remote node record on this worksheet.

Remote Node Name


Security Options
v Protocol defined in the .Local node record (TLS | SSL)
v Is the remote node using the protocol defined in the .Local
node record? ( Y | N)
– If you answered No to the question, identify the protocol
to use for the remote node (TLS | SSL)
– Enable TLS protocol (Y | N)
– Enable SSL protocol (Y | N)
– To use the same protocol defined in the local node, select
Default to Local Node.
– Enable override (Y | N)
– Authorization timeout
TLS or SSL Protocol Functions
v Key store location. The default is ...\Secure+\certicficates\
cdkeystore.kdb.
v Certificate label
v Certificate passphrase
v Cipher suite(s) enabled
v Enable client authentication (Y | N | Default to local node)
v Certificate common name
Note: If you want to add a second level of security, enable
client authentication for the remote node and type the
certificate common name.
External Authentication
v Enable external authentication (Y | N | Default to local
node)
v Certificate validation definition

242 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Certificate File Layout

Certificate File Layout


The SSL and TLS security protocols use a secure server RSA X.509V3 certificate to
authenticate your site to any client that accesses the server and provides a way for
the client to initiate a secure session. When you obtain a certificate from a
certificate authority or create a self-signed certificate, it is stored in a key store.

When you obtain a key certificate from a certificate authority, you have to add it to
a local key store file. To configure Sterling Connect:Direct Secure Plus, you have to
import a key certificate from the key store. Add the certificate label and common
name to the node record using the Secure Plus Admin Tool.

Use the IBM Key Management tool to add or delete certificate information in the
key store. In simple configurations, only one key store is used, but the key store
can contain multiple key certificates. The key store might also contain multiple
trusted root and intermediate certificates. Each certificate has a unique label to
differentiate them from one another. In more sophisticated configurations, you can
associate individual key certificate labels with one or more node records.

When you use a certificate signing request (CSR) tool, such as iKeyman, you do
not need to change the contents of the key certificate. This is created for you by
iKeyman.

Certificate Format

A certificate is encoded as a general object with the identifier string CERTIFICATE


or X.509 CERTIFICATE. The base64 data encodes a Bit Error Rate (BER)-encoded
X.509 certificate. This is the same format used for PEM. Anyone who provides or
understands PEM-format certificates can accommodate the certificate format. For
example, VeriSign commonly fulfills certificate requests with certificates in this
format, SSLeay supports them, and SSL servers understand them. Most browsers
support this format for importing root CA certificates.

Validate the Configuration


About this task
Perform this procedure to ensure that the nodes have been properly configured.
The validation process checks each node to ensure that all necessary options have
been defined and keys have been exchanged.

To validate the parameters file:

Procedure
1. In the Secure+ Admin Tool, click File > Validate Secure+. The Secure+ Admin
Tool - Validation Results window is displayed.
If the parameters file is not correctly configured, warning and error messages
are displayed.
2. Read each warning message. To correct each warning or error reported, go back
to the parameters file and make changes as needed.

Chapter 5. Secure Plus Option Implementation Guide 243


Note: Warning messages do not always mean that the parameters file is
incorrectly configured. Some warning messages are informational only.
3. Click Close to close the Validation Results window.

Exchange Data and Verify Results


To exchange data and verify the results, submit the sample Process that is
provided with Sterling Connect:Direct.

To verify the success of the sample Process and review the Sterling Connect:Direct
Secure Plus statistics for the session, refer to Sterling Connect:Direct for Microsoft
WindowsGetting Started Guide.

Automation Scripts

Configure Sterling Connect:Direct Secure Plus to Use the SSL


or TLS Protocol
The spcust_sample1 script demonstrates using the CLI to import certificates to
configure Sterling Connect:Direct Secure Plus and the SSL or TLS protocol.

244 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


@echo off

REM
REM spcust_sample1.sh contains an example of configuring
REM Secure+ to use SSL or TLS protocols with the Secure+ CLI.
REM The example demonstrates the configuration of Secure+
REM with the trusted root and key certificates and ciphers
REM

REM
REM Variables
REM

REM The return code.


REM spcli.sh returns the highest return code of the commands
REM it executed. Possible return codes and their meanings are
REM 0 success
REM 4 warning
REM 8 error
REM 16 fatal error

set cdInstallDir=C:\Program Files (x86)\Sterling Commerce\Connect Direct v4.7.0


set spDir=%cdInstallDir%\Server\Secure+

pushd "%spDir%"

REM
REM Main script
REM

echo.
echo This script has been prevented from running because it will alter
echo The configuration of Secure+. Before removing this warning and its
echo exit call, please modify the script so that it carries out only
echo desired modifications to the configuration of Secure+.
echo.
goto :EOFc

all :initCustom

call :invokeCLI

call :terminateCustom

REM End of main script


goto :EOF

REM
REM Functions
REM

Chapter 5. Secure Plus Option Implementation Guide 245


REM
REM Custom initialization logic written by customer.
REM

:initCustom

REM Customer adds custom initialization code here.

echo Init custom...


echo.

REM del /F "%spDir%\Nodes"

REM End ofinitCustom


goto :EOF

REM
REM Invoke CLI to configure Secure+.
REM

:invokeCLI
set tempFile=clicmds.txt

echo ; >>%tempFile%
echo display info >>%tempFile%
echo ; >>%tempFile%
echo ; >>%tempFile%
echo ; -- Synch with netmap >>%tempFile%
echo ; >>%tempFile%
echo sync netmap >>%tempFile%
echo path=v4.7.0\JLYON-LT >>%tempFile%
echo name=* >>%tempFile%
echo ; >>%tempFile%
echo ; >>%tempFile%
echo ; -- Import keycert and trusted cert files. >>%tempFile%
echo ; >>%tempFile%
echo import keycert >>%tempFile%
echo file="%spDir%\Certificates\keycert.txt" >>%tempFile%
echo passphrase=password >>%tempFile%
echo Label="My KeyCert"; >>%tempFile%
echo ; >>%tempFile%
echo import trustedcert >>%tempFile%
echo file="%spDir%\Certificates\trusted.txt" >>%tempFile%
echo ; >>%tempFile%
echo update localnode >>%tempFile%
echo override=n >>%tempFile%
echo protocol=(tls,tls1.1,tls1.2) >>%tempFile%
echo securitymode=FIPS140-2 >>%tempFile%
echokeycertlabel="My KeyCert" >>%tempFile%
echociphersuites=(TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA)
>>%tempFile%
echo ; >>%tempFile%
echo ; >>%tempFile%
echo ; -- Display localnode >>%tempFile%
echo ; >>%tempFile%
echo display localnode >>%tempFile%
echo ; >>%tempFile%
echo validate parmfile >>%tempFile%
echo ; >>%tempFile%
echo quit; >>%tempFIle%

246 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


call "%spDir%\spcli.cmd" -e 8 -li y < %tempFile%
set RC=%ERRORLEVEL%
del %tempFile%

REM End of invokeCLI


goto :EOF

REM
REM Custom termination logic written by customer.
REM
:terminateCustom

REM Customer adds custom termination code here.


REM For example, E-mail standard out log for review.
REM Send error messages to system monitoring facility.
echo.
echo Custom Terminating with errorlevel of %RC%
echo.REM End of terminateCustom
goto :EOF

popd

Use LCU to Configure Encrypted Passwords

Configure Encrypted Passwords Using the LCU


The Sterling Connect:Direct Secure Plus CLI displays passwords in plain text. If
you need to encrypt passwords for use with the Sterling Connect:Direct Secure
Plus CLI, use the Local Connection Utility (LCU) to create an LCU file that
contains non-encrypted information used to encrypt the password and the
encrypted password, such as a keycert passphrase. You can then refer to this file
when prompted for passwords.

LCU Files

The following example shows how to specify when an LCU file is used in place of
a plain-text password:

Chapter 5. Secure Plus Option Implementation Guide 247


C:\...\...\Connect Direct v4.6.00\Common Utilities>lcu -f C:\SomeDir\MyLCU.dat
**************************************************************
* Connect:Direct Java Client Connection Utility *
* Version 4.6.00 *
*------------------------------------------------------------*
* Copyright (c) 1983, 2011 *
* All Rights Reserved. *
**************************************************************
Node:
>JLYON-XP.4600
API Address: <Enter> = ’JLYON-XP’
>
API Port: <Enter> = ’1363’
>
User Name:
>SomeValue
Password:
> Confirm Password:
>
Saving file: C:\SomeDir\MyLCU.dat
C:\...\...\Connect Direct v4.6.00\Server\Secure+>SPCli
...
SPCLI> Create STSKeyPair
KeyPairFile=C:\SomeDir\StsKeyPairFile.dat
Passphrase=LCU:C:\SomeDir\MyLCU.dat;
SPCG670I rc=0 Create stskeypair command successful.
SPCLI> Update RemoteNode
Name=JLYON-XP.4600
StsAuthLocalKey=set
StsAuthKeyPairFile=C:\SomeDir\StsKeyPairFile.dat
StsAuthKeyPairFilePassphrase=LCU:C:\SomeDir\MyLCU.dat
SPCG470I rc=0 Update remote node "JLYON-XP.4600" command successful.

The use of the LCU syntax “LCU:” indicates that what follows is an LCU filename
and not a passphrase. The pathname of the LCU file can be a relative path, a
relative path to the bin directory, or a full path. If LCU:filename contains spaces, it
must be enclosed in quotation marks: “LCU:filename”. The default name of the
LCU file is cddef.bin. After the cddef.bin file is created, you can rename it as
needed.

LCU files can be used to provide encrypted passwords for the following
commands and parameters:

Command Parameter
Update LocalNode StsAuthKeyPairFilePassphrase

StsSigKeyPairFilePassphrase

SslTlsCertPassphrase
Create RemoteNode StsAuthKeyPairFilePassphrase

StsSigKeyPairFilePassphrase

SslTlsCertPassphrase
Update RemoteNode StsAuthKeyPairFilePassphrase

StsSigKeyPairFilePassphrase

SslTlsCertPassphrase
Create STSKeyPair Passphrase

248 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Command Parameter
Update Client SslTlsCertPassphrase
Update SEAServer SslTlsCertPassphrase

Create an LCU File


About this task

To create an LCU file:

Procedure
1. Type the following command to run the LCU utility:

lcu.bat

2. As you are prompted, enter values for the following parameters:


v Node
v API Address
v API Port
v User Name
v Password
v Confirm Password
3. The cddef.bin file is created.

Chapter 5. Secure Plus Option Implementation Guide 249


250 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation
Chapter 6. SDK Programmers Guide
Overview

Sterling Connect:Direct for Microsoft Windows SDK Overview


Use the IBM Sterling Connect:Direct for Microsoft Windows Software Development
Kit (SDK) to extend an application to include the automated file transfer
capabilities of Sterling Connect:Direct for Microsoft Windows. SDK uses a 32-bit
interface for C and C++ as well as an OLE automation server for Visual Basic
applications. SDK also provides ActiveX controls for Submit Process and Select
Statistics commands.
v C API functions—Standard and registry API functions. The standard functions
allow you to connect to a Sterling Connect:Direct node, execute Sterling
Connect:Direct commands, manage command response data, and retrieve error
information. The Registry API functions store and retrieve client connection
information to and from the Registry. The C API is implemented using the C++
Classes.
v C++ Class interface—Provides the foundation for the other Sterling
Connect:Direct interfaces and provides Visual C++ programmers an
object-oriented interface to Sterling Connect:Direct.
v ActiveX control interface—Uses the CDSubmit and CDStatistics functions to
submit Processes to the server and display statistics from the statistics database.
v Direct Automation Servers—Provides an automation wrapper around the
Sterling Connect:Direct SDK C++ classes. They provide direct automation
support for languages like Visual Basic. The Sterling Connect:Direct Automation
Servers provide the following primary classes that map directly to the CDNode,
CDProcess, and CDStatistics classes in the SDK C++ classes:
v User exits—Provides a way to customize Sterling Connect:Direct operations.
User exits are user-defined dynamic link libraries (DLLs) that are loaded and
called when the user exit is enabled through an initialization parameter. Two
user exits are provided: one for enhanced security and one for automated file
opening.

Before you can use the SDK tools, you can run the Client Connection Utility to
configure server access information, such as TCP/IP information. Alternatively, you
can let your SDK application specify the access information. Some SDK languages
also support the Logon Configuration Utility (LCU files).

Distribute an Application

The following SDK files are required to be included when distributing an


application developed with this SDK.
v For C++ applications:
– CdCore.dll
v For C applications:
– CdCore.dll
– CdCapi.dll ("C" wrapper for cdcore.dll)
v For VB - Automation Server

© Copyright IBM Corp. 1982, 2016 251


– CdCore.dll
– CDAuto.dll
– CdAuto.tbl
v For VB - Active X
– CdCore.dll
– CDStats.ocx
– CDSubmit.ocx

DLL files are loaded by using the following algorithm:


1. The directory containing the .exe that is loading the .dll
2. The current directory
3. The system directory (system32)
4. The Microsoft Windows directory
5. The directories list in the PATH environment variable.

Also, the OCX files must registered in the following manner:


v regsvr32 "C:\Program Files\Sterling Commerce\Connect Direct
v4.7.0\SDK\CDSubmit.ocx"
v regsvr32 "C:\Program Files\Sterling Commerce\Connect Direct
v4.7.0\SDK\CDStats.ocx"

Or you may use the "/s" option to do so without bringing up a dialog box:
v regsvr32 /s "C:\Program Files\Sterling Commerce\Connect Direct
v4.7.0\SDK\CDSubmit.ocx"
v regsvr32 /s "C:\Program Files\Sterling Commerce\Connect Direct
v4.7.0\SDK\CDStats.ocx"

In addition, when using the automation server, you also need to register
CDAuto.dll. For example:
regsvr32 "C:\Program Files\Sterling Commerce\Connect Direct v4.7.0\SDK\CDAuto.dll"

If you are using the automation server, you must also register your Type Library
files (.TLB) using regtlib.exe. Regtlib.exe is distributed with Visual Studio 6 and
above and has updates available in the service packs or in other Microsoft
Windows Library updates.

Note: CDCoreD.dll and CDCapiD.dll are debug versions and do not need to be
distributed with the application.

Applications may also require the Microsoft Visual Studio Redistributable


Runtimes. Not every system has this installed by default.

For checking about required DLLs, Microsoft's Dependency Walker (depends.exe)


is the tool to use. It lists in detail all DLLs required by an application. The tool is
included in the Resource Kit, Microsoft Windows 2000 Support Tools, Visual Studio
and other packages.

252 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Edit Connection Settings

Edit Connection Settings with the Client Connection Utility


To use the SDK to create your own programs, you must create connection settings
for each user.

Two methods are available to create local node definitions. You can use either
Sterling Connect:Direct Requester or the Client Connection Utility. If you want to
use Sterling Connect:Direct Requester, refer to the IBM Sterling Connect:Direct for
Microsoft Windows System Guide for instructions.

The Sterling Connect:Direct for Microsoft Windows client software uses the
Microsoft Windows Registry to store its configuration information. The Sterling
Connect:Direct Client Connection Utility allows you to update the connection
settings within the Registry.

CAUTION: Use the Sterling Connect:Direct Client Connection Utility to update


Registry settings for Sterling Connect:Direct API connections, rather than editing
them directly.

You can view, edit, and update Sterling Connect:Direct for Microsoft Windows
connection settings in the Windows Registry with the Client Connection Utility.
The connection settings enable communication between the user interfaces and the
Sterling Connect:Direct server. You can set up and update connection settings by:
v Adding a node
v Deleting a node
v Adding a user
v Deleting a user
v Updating node properties
v Defining a default node or user

To facilitate updating connection settings on multiple servers, you can import and
export connection settings using the Client Connection Utility. After you configure
the connection for a server, you can export the server's settings for use on other
servers. You can then import the settings into the target server's Registry. You can
also print connection settings.

Start the Client Connection Utility


About this task
To start the Client Connection Utility:

Procedure
1. Click Start > All Programs > IBM Sterling Connect:Direct > v4.7.0.
2. Select CD Client Connection Utility. The Client Connection Utility main
window is displayed.

Chapter 6. SDK Programmers Guide 253


Add and Delete Node Connection Definitions
Use the Client Connection Utility to add new nodes, look at node properties, and
delete existing nodes.

The Sterling Connect:Direct Client Connection Utility enables you to add new
nodes and identify their properties, such as node name, TCP/IP address, and port
number. These properties establish a node so you can access it from Sterling
Connect:Direct Requester or the Command Line Interface (CLI).

You can also use the Client Connection Utility to delete existing nodes.

Add a Node
About this task

To add a Sterling Connect:Direct node:

Procedure
1. Select File > New Node. The Node Properties dialog box displays:

2. To add a node that is registered in the Active Directory:


a. In Operating System, select Windows.

254 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


b. Select the node to add from Active Directory Nodes. The name, address,
and port fields are automatically updated with information from the Active
Directory list.
3. To add a node that is not registered in the Active Directory:
a. In the Name field, type the name of the Sterling Connect:Direct node you
want to add.
b. If necessary, change the value in Operating System.
c. In Address, type the TCP/IP address of the new node.
d. The Port field automatically defaults to 1363; if necessary, type in a different
port number.
4. To specify the new node as the default node, click Set as the Default Node.
5. Click OK to save your settings and close Node Properties.
6. Select File > Save to save the new settings.

Note: Changes made to node settings are not written to the Registry until you
select Save.

Delete a Node
About this task

To delete a Sterling Connect:Direct node:

Procedure
1. In the Client Connection Utility main window, select the node you want to
delete.
2. Select Edit > Delete.
3. Click Yes to confirm the deletion.
4. Select File > Save to delete the node.

Note: Changes made to the node settings are not written to the Registry until
you select Save.
The node is no longer displayed in the Client Connection Utility window.

Add a User
About this task

To add a new Sterling Connect:Direct user:

Procedure
1. In the Client Connection Utility main window, select the node where you want
to add a new user.
2. Select File > New User to display the User Properties dialog box.

Chapter 6. SDK Programmers Guide 255


3. Type information into the following fields:
v Name—type the name of the new user. Either type the user name as defined
in the Microsoft Windows setup, such as lmore, or type a fully qualified user
name in the UPN format, such as [email protected]
v Password— type the password defined for the user.
v Verify Password—retype the password defined for the user.
4. Click Remember Password to automatically reload the password when you
attach as this user.
5. Click Set as the Default User if you want the new user to be the default user
for the node.
6. Click OK to save the settings and close User Properties.
7. If the verification password you typed does not match the initial password, you
receive a message indicating that the passwords do not match. Retype the
verification password and click OK.
8. Select File > Save to save the settings.

Note: Changes made to node settings are not written to the Registry until you
select Save.

Delete a User
Procedure
1. If the user names are not displayed, click the plus (+) sign next to the node
containing the user you want to delete.
2. Select the user you want to delete.
3. Select Edit > Delete.
4. Click Yes to confirm the deletion.
5. Select File > Save to save the new configuration.

Note: Changes made to node settings are not written to the Registry until you
select Save.

Update Node Properties


About this task

To update node and user properties:

256 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Procedure
1. Do one of the following:
v To update a node, highlight the node you want to configure.
v To update user properties, highlight the user you want to configure.
2. Select File > Properties.

3. Make the appropriate changes.


4. Click OK to save your settings and return to Node Properties.
5. Select File > Save to save the settings.

Note: Changes made to node settings are not written to the Registry until you
select Save.

Define a Default Node or Default User


About this task

To define a default node or default user:

Procedure
1. Take one of the following actions:
v To define a default node, highlight the node.
v To define a default user, highlight the user.
2. Select Options > Set as Default to set the default node or user.
3. Select File > Save to save the settings. The default node or user is displayed in
the main Client Connection Utility window as bold text.

Note: Changes made to node settings are not written to the Registry until you
select Save.

Import Registry Settings


About this task

To import registry settings from a file:

Procedure
1. Select the node in which to import the Registry settings.

Chapter 6. SDK Programmers Guide 257


2. Select File > Import. A message displays informing you that all settings will be
lost.
3. Click Yes. The Open dialog box displays.

Note: Importing a Registry settings file causes all current changes to the
selected node to be lost if they have not been saved.
4. Select the Registry settings file you want to import (.REX extension) and click
OK. The imported Registry settings are applied to the node you selected.
5. Select File > Save to save the settings.

Note: Changes made to node settings are not written to the Registry until you
select Save.

Export Registry Settings


About this task

To export Registry settings to a file:

Procedure
1. From the Client Connection Utility main window, select the node containing
the Registry settings you want to export.
2. Click File > Export.
3. Name the exported Registry file with a REX extension and click OK. The
Registry settings in the file can now be imported into another computer or
node.

Print Registry Settings Report


About this task
To generate and print the registry settings report:

Procedure
1. To preview the Registry settings report before printing it:
a. Select File > Print Preview.
b. Click Zoom In to enlarge the text and read the report.
2. To print the report:
a. Select File > Print.
b. If necessary, select a printer.
c. Click OK. A report of all Registry settings is generated.

Note: Additional node detail is provided if the node has been used at least
once by the client software.

Apply the C API

The C Applications Programming Interface


The Sterling Connect:Direct C applications programming interface consists of
Standard and Registry API functions. The Standard API functions connect to a

258 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Sterling Connect:Direct node, execute Sterling Connect:Direct commands, manage
command response data, and retrieve error information. The Registry API
functions store and retrieve client connection information to and from the Registry.
The C API is implemented using the C++ Classes. This interface is used by C
programmers.

Compile and Debug


When you are ready to compile the program created with the API, include the
CDCAPI.H header file. Including the CDCAPI.H file in your project automatically
links a program with the appropriate import library. Debug configurations link
with the CDCAPID.LIB and release configurations link with the CDCAPI.LIB.

The CDCAPI.LIB and CDCAPID.LIB files contain the following information:


v Name of the DLL to dynamically load at run time.
v Definitions of all exported functions. This is used by the linker to resolve all
calls to the CDCAPI.DLL.

When the program runs or the DLL is loaded, the appropriate CDCAPI.DLL is
loaded. The CDCAPI.DLL is dynamically loaded when a release configuration is
executed, and the CDCAPID.DLL is dynamically loaded to support debug
configurations.

The C APIs are based on the core C++ APIs. This required API layer is contained
in CDCORE.DLL (or CDCORED.DLL if compiling for debug mode). The
appropriate core DLL must be in your path for the C APIs to work properly.

Activate Tracing
The Output window of the Microsoft Visual Studio displays trace messages.

The following table describes the tracing parameters. Use the trace parameters to
activate tracing.

Parameter Description
CdGetTraceFlags(unsigned int* Retrieves the current trace settings for the Sterling
pgrfTrace); Connect:Direct API.
CdSetTraceFlags(unsigned int Sets new trace settings for the Sterling Connect:Direct
grfTrace); API.
CdSetTraceFile(LPCTSTR Provides a file name to the tracing facility. If a file is
pszFilename); defined, trace messages are written to the Output
window and specified file.

Standard C API
Overview

Use the Standard API functions to connect to a Sterling Connect:Direct node,


execute Sterling Connect:Direct commands, manage command response data, and
retrieve error information.

The C API is implemented using the C++ Classes. This interface is used by C
programmers.

Chapter 6. SDK Programmers Guide 259


Handles

Handles simplify object and memory management by referencing a particular


object. Pass a handle to an API to uniquely identify an object. The Sterling
Connect:Direct C API uses the following types of object handles to return node,
Process, statistics, message, and trace information:
v Node Handles—Represent the Sterling Connect:Direct node that is the target of
the operation. It is a virtual connection to a Sterling Connect:Direct node. The
node handle is a special type of object handle; it holds information about the
node but does not return data from the node.
A node handle is created by calling the CdConnect() function and passing it the
node name, user ID, password, and protocol within a NODE_STRUCT structure.
After you finish with a node handle, you call the CdCloseHandle() to close it.
Closing the handle releases the virtual connection and any internal resources
associated with it. The node handle is no longer valid on subsequent operations.

Note: You are responsible for closing the node handle and for releasing any
resources that you allocate.
v Process Handles—Handles returned from a submit command or from a Process
object, which is created when a select process, change process, or delete process
command is executed. The following example demonstrates the select process
command returning a Process:

if (CdExecuteCommand (hNode, “SELECT PROCESS”, &hProc))


{
if (CdGetProcRec(hProc, &Proc))
{
printf("%d %s/n", Proc.ProcessNumber, Proc.ProcessName);
}
}

v Statistic Handles—Statistics objects that are returned after a select statistics


command is executed.
v Message Handles—Message objects that are returned when a select message
command is executed.
v Trace Handles—Trace objects that are returned when a traceon or traceoff
command is executed.

Block the Calling Thread

CdWaitOnProcess()—Use this function to serialize Sterling Connect:Direct Process


execution. This function blocks the calling thread until the specified Process is no
longer in the TCQ. It takes a Process handle that contains references to the target
Process object. Any Process object handle can enable you to specify Processes to
wait on. Use this method to wait on a Process returned from a submit command
and any Process returned by the select process command.

Retrieve Error Text


v CdGetErrorText()—Call this function to translate return code values into
messages that explain the error. This helps the user understand the error
message and provides a method for logging meaningful trace messages within
an application.
v CdGetDetailedError()—Use this function to retrieve messages one at a time until
CD_ENDOFDATA is returned. This call fills in the MESSAGE_STRUCT structure

260 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


with a detailed error message for node, parser, and connection errors. The
messages are erased upon entry to any other API to prepare for other potential
errors.

Blocking

The C Application Programming Interface is synchronous; when an API that


performs a complex function (such as the CdConnect() or CdExecuteCmd()
functions) is called, the caller's thread is blocked until the request is completed or
until a failure occurs. The caller's thread blocks while waiting for other threads to
finish the request.

If the CdConnect() function is called from a Microsoft Windows application, it


should not be called from the primary user interface (UI) thread. Calling the
function from the UI thread causes the user interface of the program to run slowly.

View Sample Programs


Sample programs are available for viewing.

Refer to the documentation CD directory, SDK\Samples for the C, C++, and Visual
Basic sample code. The sample code contains the following:
v The CSample1.C sample program demonstrates how to connect to a node,
execute a command, and view the data returned by the node.
v The CSample2.C sample program demonstrates a more complex transaction of
connecting to a node, submitting a Process, waiting for completion, and
requesting statistics for the Process.
v CPPSamp1
v CPPSamp2
v VBAuto
v VBStat
v VBSubmit
v VBSubmit2

Apply the C++ Class Interface

Compile and Debug


Include the CDSDK.H header file to use the C++ interface. CDSDK.H
automatically links the program with the appropriate import library. Debug
configurations link with the CDCORED.LIB, and the release configurations link
with the CDCORE.LIB.

Note: You do not need to add the LIB to the LINK section of the project or
makefile.

The CDCORED.lib and CDCORE.lib files contain the name of the DLL to
dynamically load at run time and class definitions for the linker to resolve the
Sterling Connect:Direct SDK symbols included in the CDSDK.H file. When a
program executes or a DLL is loaded, the appropriate CDCORE.DLL is loaded.
Applying.DLL is dynamically loaded when a debug configuration is executed and
to support a release configuration.

Chapter 6. SDK Programmers Guide 261


Manipulate Nodes
Component Group classes provide methods to make changes on a Sterling
Connect:Direct node.

The Component Group classes represent Sterling Connect:Direct entities and


provide methods to manipulate an object to generate changes on the Sterling
Connect:Direct node. Use the following classes to manipulate nodes:

Class Description
CDNode Contains the high-level Sterling Connect:Direct functionality.
It returns network map, initialization parameters, and
translation table information as well as User and Proxy
objects that maintain node information and execute command
objects.
CDUser Contains the user functional authority information. Use to
add, delete, and update functional authorities on the Sterling
Connect:Direct node, including Network map Access Flags,
Command Access Flags, Control Flags, Process Statement
Flags, and default directories.
CDProxy Contains the Sterling Connect:Direct proxy information. Use
to add, delete, and update proxy information on the Sterling
Connect:Direct node. The remote user proxy contains
information for operations initiated from a remote Sterling
Connect:Direct node and defines relationships between a
remote node and local user IDs.
CDTranslationTable Contains and maintains the translation table information that
translates data being sent to other nodes and provides
methods for setting and retrieving translation information.
CDTrace Holds the trace criteria. It contains all the fields returned
from the node with the TRACEON command, with no
parameters and provides access methods for all of the Trace
fields.
CDNetmapNode Contains the network map node information.
CDNetmapDesc Contains the description for a network map node.
CDNetmapPath Contains the network map path information.
CDNetmapMode Contains the network map mode information.

When using the C++ Class interface, no sequence must be followed when using
the C++ classes. All objects are self-contained and are not dependent on any other
classes when fully constructed. Each object's constructor is different and some of
the objects require another object to be built successfully.

The first and most important class is the CDNode class. This class is the first one
to use when interacting with any Sterling Connect:Direct node.

While the only prerequisite for constructing a class is the creation of the objects
needed by the constructor, the following example shows a possible sample
execution sequence:

262 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


CDNode creation
CDSelectProcCommand creation
CDProcIterator creation
(Use the data)
CDProcIterator destruction
CDSelectProcCommand destruction
CDNode destruction

The Sterling Connect:Direct CDNode class serves as the virtual Sterling


Connect:Direct node. It enables you to manipulate and send commands to the
actual Sterling Connect:Direct node. You manipulate this object through the use of
the CDNode methods and issue commands to the node using Command objects.
Calling these methods and using the objects sends KQV streams to the physical
Sterling Connect:Direct node. See the C++ API Reference Guide for more
information.

Create an Object to Connect to a Node


The name of the Sterling Connect:Direct node and the connection information is set
at object creation time using the CDNode constructor. If a parameter is not
supplied (NULL pointer), the default value for that parameter is read from the
Registry. During construction, the CDNode object attempts to connect to the
physical Sterling Connect:Direct node using the protocol information contained in
the Registry. If the connection fails, the CDConnectionException is returned. If the
connection is successful but the logon is denied by the server, a CDLogonException
is returned.

The CDNode object creates and removes the connection to the Sterling
Connect:Direct node as needed. Connections are shared and reused as different
requests are made. The following section of the class definition displays the
methods to construct a CDNode object and methods to retrieve node information:

// Constructor for CDNode


CDNode(LPCTSTR szName=NULL, LPCTSTR szUserid=NULL, LPCTSTR szPassword=NULL,
int nProtocol=CD_PROTOCOL_TCPIP);
CDNode(LPCTSTR szFilename);
CDNode(const CDNode &Node);
~CDNode();
//Node Information Methods
const CString GetName() const;
LPCTSTR GetCDName() const;
LPCTSTR GetUserid() const;
LPCTSTR GetServer() const;
int GetProtocol();

The following two examples illustrate two different methods for creating a
CDNode object. The first method creates the CDNode object locally on the stack.
The second example creates a dynamic allocation of a CDNode object from the
stack. Both methods then execute a SELECT PROCESS command using the
CDNode object.

Chapter 6. SDK Programmers Guide 263


{
CDNode MyNode("MYNODE", "MYUSERID", "MYPASSWORD");
CDSelectProcCmd cmd;
//Execute the "SELECT PROCESS" command
CDProcIterator it = cmd.Execute(MyNode);
}
{
CDNode *pNode = new CDNode("MYNODE", "MYUSERID", "MYPASSWORD");
CDSelectProcCmd cmd;
//Execute the "SELECT PROCESS" command
CDProcIterator it = cmd.Execute(pNode);
delete pNode;
}

Manage Connections
Use the CDNode class to manage Sterling Connect:Direct connections. The
CDNode class creates and deletes connections to the Sterling Connect:Direct node
as needed and deletes the connections if they are idle for a specified period of
time.

The connections are stored in an array and are created and assigned by the
CDNode object when a command requests a connection to the physical node.
Connections are reused when they are idle and are deleted if they remain idle for
an extended period of time. Because each connection consumes resources on both
the client and the server, use them as efficiently as possible. The DisconnectAll
member function is used to disconnect all connections to all nodes.

View Information
Record Group classes allow you to view information about processes, statistics,
messages, and users.

Use the following classes to obtain information:

Class Description
CDProcess Contains all of the Process criteria information returned from a SUBMIT or
SELECT PROCESS command after a Process is submitted. You can submit a
Process for execution using one of the following methods:

Create a CDSubmitCmd object and initialize the parameters. Next, call the
CDSubmitCmd::Execute() method and specify the CDNode object to run on.
Call the CDNode::Submit() method and specify the text of the Process. This
method internally creates the CDSubmitCmd object and calls the Execute()
method.
CDStatistic Provides two methods for holding statistics information.

GetAuditField() Method—Because audit data is optional, and different


records have different KQV keys, use a single method to access the data. To
retrieve a value, call GetAuditField(), passing the KQV key for the desired
field.

The GetAuditMap() function retrieves all audit fields defined in the current
record. An MFC CMapStringToString object maps from KQV keywords to
the corresponding values. This method enables you to view each association
in the map to determine what audit fields are available and to ask the map
for the value of the given field.

264 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Class Description
CDMessage Holds information about a specific message that is retrieved from the
Sterling Connect:Direct node.
CDUser Holds the user functional authority information to add, delete, and update
functional authority information on the Sterling Connect:Direct node.

Control the Return of Information


Use iterators to enumerate through multiple returned objects.

Commands and methods store multiple items in an iterator. The iterator provides
methods to enumerate through each returned object.

Iterators

Commands that retrieve a single record from the server block the calling thread in
the Execute() method until the data arrives. The data is then put into a record
object and returned. Other commands, like select statistics, can potentially return
hundreds of records. If the Execute() method blocks until all records are returned,
it can take longer to receive any feedback. If the records are all returned in one
large block instead of being consumed one at a time, the computer slows down.

To solve these problems, commands that potentially retrieve multiple records


return an iterator object as soon as the first record arrives. As data is returned, a
background thread automatically appends to the iterator. The iterator has a
connection to the server and the command object is not involved. This method
allows you to process records as they arrive. The following example demonstrates
the select process command returning a process iterator:

CDSelectProcCmd cmd;
CDProcIterator it = cmd.Execute(node):

Accessing Iterator Records

The iterator keeps an internal list of all records returned from the server. Use the
following commands to control iterator records:
v HasMore()—Call this method to determine if any records are available in the list.

Note: You must always call HasMore() before calling GetNext(). It is not legal to
call GetNext() if there are no records.
v GetNext()—If HasMore() returns TRUE, obtain the next record in the list using
this command. It removes the next record from the list and returns it.

When all records are received from the server, the server notifies the iterator that
the command is complete. After all records are removed using GetNext(),
HasMore() returns FALSE.

If the iterator's list is empty, but the server has not notified the iterator that the
command is complete, the iterator cannot determine whether there are more
records. In this case, HasMore() blocks until more records are received from the
server or a completion notification is received. Only then can the iterator return
TRUE or FALSE.

Chapter 6. SDK Programmers Guide 265


The following is an example of accessing statistics records using an iterator:

CDSelectStatCmd cmd;
CDStatIterator it = node.Execute (cmd);
while (it.HasMore()) {
CDStatistic stat = it.GetNext();
// use the statistics object }

Execute Sterling Connect:Direct Commands


Command Group classes execute Sterling Connect:Direct commands against
Sterling Connect:Direct nodes.

Class Description
CDCommand The base class for all Sterling Connect:Direct command objects.
It wraps the parser within a class and enables methods for data
manipulation. Each derived class provides an Execute() method
to execute the command and return the resulting data or object.

If the result is several items, the command object returns a


iterator object that holds the data. The following CDCommand
class definition shows the type of methods available in this
class:
Class
CDCommand
{
public:
// Constructor for CDCommand
CDCommand(LPCTSTR pCommand=NULL);
virtual ~CDCommand();
virtual void ClearParms();
void SetCommand(const CString& strCmd);
virtual CString GetCommand() const;
virtual CString GetKQC() const;
// Execute() methods are provided by each
// derived command class.
CDSelectStatCmd Derived from the CDCommand base class, it enables you to set
the SELECT STATISTICS parameters. When you call the
Execute() method, an iterator data object is dynamically created
and attached to the connection assigned by the CDNode object
to execute the command.
CDSelectProcCmd Derived from the CDCommand base class, it enables you to set
the SELECT PROCESS parameters. When you call the Execute()
method, the CDProcIterator object is created dynamically and
attached to the connection assigned to execute the command.

The following example demonstrates the CDSelectProcCmd


class:
CDSelectProcCmd cmd;
CDProcIterator it = node.Execute(cmd);
while (it.HasMore()) {
CDProcess proc = it.GetNext();
// use the process }
CDChangeProcCmd Derived from the CDCommand base class, it enables you to set
the CHANGE PROCESS parameters. When the Execute()
method is called, an iterator data object is dynamically created
and attached to the connection assigned to execute the
command. A CDProcIterator is attached to the iterator data and
returned from the Execute() method.

266 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Class Description
CDDeleteProcCmd Derived from the CDCommand base class, it enables you to set
the DELETE PROCESS parameters. When the Execute() method
is called, a CDProcData object is dynamically created and
attached to the connection assigned to execute the command. A
CDProcIterator is attached to the iterator data and returned
from the Execute() method.
CDSelectMsgCmd Derived from the CDCommand base class, it enables you to set
the SELECT MESSAGE parameters. When you call the Execute()
method, the command is executed and the resulting message
text is stored in the internal CDMessage object
CDStopCmd Derived from the CDCommand base class, it enables you to set
the STOP parameter. When you call the Execute() method, the
command is executed.
CDSubmitCmd Used for submitting a Process object for execution on a node. It
enables you to set the options of the SUBMIT command and
then execute the command on a node. When you call the
Execute() method, a CDProcess object is dynamically created
and attached to the connection assigned to execute the
command. The following example demonstrates the
CDSubmitCmd class:
.
.
.
CDSubmitCmd cmd;
cmd.SetFile ("myproc.cdp");
CDProcess proc = node.Execute(cmd);
proc.WaitForCompletion();
.
.
.
CDTraceOnCmd Derived from the CDCommand base class, it enables you to set
and retrieve trace options from the Sterling Connect:Direct
node. The TraceOnCmd class handles all the options available
from the TRACEON command. The Execute() method returns a
CDTrace object that contains the current trace state.
CDTraceOffCmd Derived from the CDCommand base class, it enables you to
clear trace options from the Sterling Connect:Direct node. The
CDTraceOffCmd class handles all of the options available from
the TRACEOFF command. You call methods to clear the desired
trace parameters and then call the Execute() method. The
Execute() method returns a CDTrace object that contains the
current trace state.

Manage Exception Conditions


Exception Group classes manage exception conditions. Sterling Connect:Direct
generates Exception Group classes if an exception condition is encountered while a
request is being processed. Following is an exception scenario where a message is
pushed into the exception before the initial throw.

Function A calls Function B, and Function B calls Function C. Function C is a


helper routine called by many routines so it does not include information specific
to a task. Since the exception occurred in C, it throws the exception. A message
describing the error is added and flagged as a technical message.

Chapter 6. SDK Programmers Guide 267


Function B traps the exception. A message describing the error is added and
flagged as a user message. User messages are displayed in dialog boxes. For
example, a user message reads: Communication with the server has been lost.

The CDMsgException class stores the messages as an array of strings. The


messages are stored in a last-in first-out (LIFO) order because messages added later
are more general as the exception moves up the call stack.

Following is a description of the Exception Group classes:

Class Description
CDMsgException The base exception class for all Sterling Connect:Direct
exception objects. It provides a message stack for
troubleshooting.
CDConnectionException This exception is generated when communication with the
node is lost or cannot be established.
CDCommandException Generated when an object cannot be executed because
parameters are invalid, including a submitted Process
containing errors.
CDLogonException Generated if the Sterling Connect:Direct node rejects the
user ID and password supplied in the logon attempt. You
can respond to this exception by prompting the user for
the correct logon information.

Manage Administrative Functions


Helper Group classes provide common functionality, such as dialog boxes and
thread creation and termination.

268 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Manage Administrative Functions
Class Description
CDLogonDlg The Sterling Connect:Direct common logon dialog box enables you to
write your own logon applications. The CDLogon dialog box enables
you to change the node, the user ID and password to connect to the
Sterling Connect:Direct node as well as enable the Remember
Password check box, click the Configure button to save new server
logon information and change the title.

Below are the components of the CDLogonDlg class:

Node—Specifies the Sterling Connect:Direct node to which the user


wants to logon.

userid—Specifies the user ID for the Sterling Connect:Direct node.

Password—Specifies the password defined for the user ID.

Remember Password—Specifies whether the user wants the


password to persist after the user logs off. If the check box is
enabled, the password is retrieved to set the password field of the
dialog box when the logon dialog is displayed. This prevents the
user from having to re-type the password information for the
session. Enabling the check box also specifies whether or not to write
the password information as nonvolatile data. Nonvolatile keys
persist after the user logs off. If the user does not enable the
Remember Password check box, the password only persists until the
user logs off.

The Sterling Connect:Direct Logon dialog box does not perform the
logon. It captures the entries and returns them to the calling
program.

Normally, the programmer creates a CDLogon dialog box, sets the


parameters, and calls the DoModal() function to display and run the
dialog box. If the user clicks the OK button, then the CDLogonDlg
class returns IDOK and a logon is attempted using the supplied
connection information. If the user clicks the Cancel button, the
CDLogonDlg class returns IDCANCEL and the logon is cancelled.

After a user successfully logs on to the Sterling Connect:Direct node,


the connection information is written to the Registry under the
HKEY_CURRENT_USER key.
CDExceptionDlg Displays the exception dialog box. The dialog box displays the
information in the exception object
CDThread Coordinates the clean termination of threads and provides a thread
class that can unblock object
CDBeginThread Creates a worker thread for use with API objects.
Return Values A pointer to the newly created thread object.

Chapter 6. SDK Programmers Guide 269


Create A Thread Example

The following example illustrates how to create a thread:

void SomeFunc()
{
CDThread* pThread = CDBeginThread(ThreadFunc);
} void ThreadFunc(LPARAM lParam)
{
CSomeCmd cmd(...);
CDProcess proc = cmd.Execute(...);
DWORD dwId = proc.GetId();
SetDlgItemInt(IDC_SOMECONTROL, (int)dwId);
}

Terminate A Thread

In the preceding sample code, the only blocking that takes place is in the Execute()
function. Execute() blocks until the Process information returns from the server. To
terminate the thread without waiting, call CDThread::Exit, which signals any
blocking CD objects in the thread to stop blocking and throw a thread exit
exception. In the previous example, if CDThread::Exit is called, an exception is
thrown, and no return object is returned from the Execute() function.

Note: It is not possible for one thread to throw an exception in another.


CDThread::Exit sets flags in the CDThread object that other CD objects use.

When CDThread::Exit is called, CDThread::IsExiting returns TRUE. You can use


this method in loops to determine when to exit because CD objects only throw the
exception when they are blocking.

CAUTION:
Do not call the Win32 TerminateThread. TerminateThread does not give the
thread a chance to shut down gracefully. Calling TerminateThread can corrupt
the state of the CD objects. CD objects use critical sections and other resources
that must be managed carefully.

Catch the Exception

It is not necessary to catch the CDThreadDeath exception. If not caught, the


exception unwinds the stack, destroying all objects on the stack, and the CDThread
object itself handles the exception. To provide clean-up for heap allocated items,
the exception can be caught. Rethrowing the exception is not required.

Multithreaded Access and Blocking


Because the Sterling Connect:Direct C++ Class API uses multiple threads, the API
objects are thread safe. The API objects provide efficient blocking for use in
multithreaded programs.

Objects On The Stack


Use the stack to ensure efficiency and reduce complexity.

C++ programs that make good use of exceptions move as much data from the
heap to the stack as possible. This ensures that destructors run and memory is

270 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


released when an exception occurs. It also reduces the complexity of the program
by eliminating many pointers, reducing the chances of memory leaks, and letting
the compiler ensure that objects are valid (as opposed to pointers that could be
NULL or bad).

To ensure objects are used on the stack efficiently, most CD objects store their data
externally. The following example is of an iterator object that holds 500 statistics
records:

When the iterator is created, an iterator data object is also created to hold the
records. The data object also has a reference count that indicates how many objects
are using the data. When an object is copied, the new object (the copy) is linked to
the data and the reference count of the data object is incremented. There are still
only 500 records (not 1000), and the reference count is now 2.

When connected objects are destroyed, they decrement the reference count in the
data object. When the reference count reaches 0, the data object is also destroyed.
The following figure provides an example of the efficiency possible when shared
data is copied:

1. void Func()
2. (
3. Iterator itFinal = CreateIterator();
4. }
5.
6. Iterator CreateIterator()
7. {
8. CSomeCmd cmd(...);
9. Iterator itLocal = node.Execute(cmd);
10. return itLocal;
11. }

On line 3 the sample code calls the CreateIterator() function. The CreateIterator()
function returns an iterator, called itLocal. This iterator is created on line 9 and
returned on line 10.

At line 11 the C++ compiler creates a temporary copy of itLocal before destroying
it. As part of the copy, the iterator data reference count is incremented to 2. When
itLocal is destroyed, the reference count drops to 1 so that the records are not
deleted.

Next, the C++ compiler constructs itLocal on line 3 by passing the temporary to its
copy constructor. The reference count is again incremented to 2 because both
iterators are pointing to it. The temporary is then destroyed, reducing the reference
count to 1.

The result is that an unlimited number of records are passed to the stack with little
more than the copying of two pointers and some reference counting.

Apply the ActiveX Control Interface

Submit Process
The Sterling Connect:Direct CDSubmit control is a command line control that
submits Processes to the server. Because submitting a Process can be a lengthy
procedure, the Execute command returns immediately. When a Process is

Chapter 6. SDK Programmers Guide 271


submitted and the server responds, or a time-out occurs, the client is notified
through the SubmitStatus event. Additionally, the client can request notification
when the Process has completed on the server. Properties for the CDSubmit control
follow:

Property Description
Node=nodename The name of the node that you want to connect to. The node name
must be valid in the Microsoft Windows system Registry.
User=userid The user ID used to log on to the Sterling Connect:Direct node.
Password=password The password used by the user ID to log on to the node.
Text=text The text of the Process.

Methods

Use the following methods to submit a process:

Method Description
Execute(BOOL bWait) Submits the Process to the server. An event is fired when the
server responds to notify the client of the status of the
submit. If bWait is TRUE, another event is fired when the
Process completes on the server.
SetSymbolic(symbolic, Sets the symbolic value for symbolic. Call for each symbolic
value) in the Process.
ClearSymbolics Clears all symbolics. Call before submitting a Process to clear
the previous values.

Events

The following events are activated by the CDSubmit control:

Events Description
Submitted Describes whether the Process is accepted by the server.
Completed The ProcessComplete event is sent when the Process is no longer
in the server's queue. Because more resources are required to wait
on a Process, this event is only fired if requested in the call to
Execute.
Error The standard error event. Possible codes are:

CTL_E_PERMISSIONDENIED—cannot log onto the node.

CTL_E_DEVICEUNAVAILABLE—cannot connect to the node.

CTL_E_OUTOFMEMORY—out of memory.

CTL_E_ILLEGALFUNCTIONCALL—an unknown error. The error


message describes the error.

Display Select Statistics Results


The CDStatistics control is a multi-column list that displays SELECT STATISTICS
command results. The CDStatistics control properties determine the node that you

272 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


are connected to, logon information, and selection criteria. The following figure
shows the CDStatistics control where only the message ID and message text are
selected.

Properties

The following table lists the CDStatistics control properties:

Property Description
ColCount=nnnnn The number of columns to display. The range for the
ColCount value is 1–32,000.
Col=nnnnn The current column. The range for the Col value is 1–32,000.
ColWidth=nnnnn The width of the current column (Col) in pixels. The range
for the ColWidth value is 0–32,000.
Header The column header text for the current column. Provide text
for the value or leave it blank.
Row=nnnnn... The current row. If set to 0, the current row is the header.
The range for the Row value is 0–Infinity, where the number
of rows is limited only by memory.
RowCount=positive integer The number of rows in the list, not including the header.
This field is read-only and is determined by the number of
records returned by the server.
Node=node name The name of the node to which you want to connect. The
node name must be valid in the MicrosoftWindows NT
system Registry.
User=userid The user ID used to log on to the Sterling Connect:Direct
node.
Password=password The password defined to allow the user ID to log onto the
node.
Field The statistics structure field the current column is displaying.
Valid values are Process Name, Process Number, Condition
Code, Feedback, MsgId, MsgText, MsgData, LogDateTime,
StartDateTime, StopDateTime, Submitter, SNode, RecCat, and
RecId.
ccode=(operator, code) Selects statistics records based on the completion code
operator and return code values associated with step
termination. The condition code operator default is eq. You
must specify the return code. Refer to dfile=destination
filename | (list) below for valid operators and values.

Chapter 6. SDK Programmers Guide 273


Property Description
dfile=destination filename | Searches all copy termination records (CAPR category, CTRC
(list) record ID) to find those with a destination file name
matching the file name or list of file names specified.

This parameter is not supported in a UNIX environment.


pname=Process name | Selects Process statistics by Process name, a generic name, or
generic | (list) a list of names. The name can be 1–8 alphanumeric
characters long.
pnumber=Process number | Selects statistics by Process number or a list of Process
(list) numbers. Sterling Connect:Direct assigns the Process number
when the Process is submitted.
reccat=caev | capr | (caev , Selects statistics based on whether the record category is
capr) related to events or to a Sterling Connect:Direct Process.

The default for this keyword depends on the other search


criteria specified. If you specify Process characteristics, such
as Process name, Process number, or Submitter, the default is
capr. If you perform a general search using startt or stopt,
the default is caev and capr.

caev specifies that the retrieved statistics file records include


those related to Sterling Connect:Direct events, such as a
Sterling Connect:Direct shutdown.

capr specifies that the retrieved statistics file records include


those related to one or more Sterling Connect:Direct
Processes.
rnode=remote node name | Selects statistics file records by remote node name, a generic
generic | (list) node name, or a list of node names. The range for the
remote node name is 1–16 alphanumeric characters long.
sfile=filename | (list) Searches all copy Process Termination records (CAPR
category, CTRC record ID) to find those with a source file
name matching the name or list of names you specify.
startt=([date | day] [, time]) Selects statistics starting with records logged since the
specified date, day, or time. The date, day, and time are
positional parameters. If you do not specify a date or day,
type a comma before the time.

date specifies the day (dd), month (mm), and year (yy),
which you can code as mm/dd/yyyy or mm-dd-yyyy. If
you only specify date, the time defaults to 00:00:00. The
current date is the default.

day specifies the day of the week. Values are today,


yesterday, Monday, Tuesday, Wednesday, Thursday, Friday,
Saturday, and Sunday. If you specify a day of the week,
Sterling Connect:Direct uses the previous matching day.

time specifies the time of day coded as hh:mm:ss[am | pm]


where hh is hours, mm is minutes, and ss is seconds. You
can specify the hour in either 12- or 24-hour format. If you
use the 12-hour format, then you must specify am or pm.
The default format is the 24-hour format. The default value
is 00:00:00, which indicates midnight. If you specify only the
day value, the time defaults to 00:00:00.

274 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Property Description
stopt=([date | day] [, time]) Retrieves statistics including records logged up to and
including the specified date, day, or time. The date, day, and
time are positional parameters. If you do not specify a date
or a day, type a comma before the time.

date specifies the day (dd), month (mm), and year (yy),
which you can code as mm/dd/yyyy or mm-dd-yyyy. If
you only specify date, the time defaults to 00:00:00. The
current date is the default.

day specifies the day of the week. Values are today,


yesterday, Monday, Tuesday, Wednesday, Thursday, Friday,
Saturday, and Sunday. If you specify a day of the week,
Sterling Connect:Direct uses the previous matching day.

time specifies the time of day coded as hh:mm:ss[am | pm]


where hh is hours, mm is minutes, and ss is seconds. You
can specify the hour in either 12- or 24-hour format. If you
use the 12-hour format, then you must specify am or pm.
The default is the 24-hour format. The default value is
00:00:00, which indicates midnight. If you specify only the
day value, the time defaults to 00:00:00.
submitter=(node name, Selects statistics by the node name and user ID of the
userid) | generic | (list) Process owner (submitter). You can also specify a generic
name and user ID or a list of names and user IDs. The
maximum combined length, including the node name and
user ID, is 66 characters.

Valid completion code operators for the ccode property are


listed below:

eq | = | == Equal (default)

ge | >= | => Greater than or equal

gt | > Greater than

le | <= | =< Less than or equal

lt | < Less than

ne | != Not equal

Valid completion codes for the ccode property are listed


below:

0 — Successful execution of the Process.

4 — A warning-level error was encountered. The statement


probably completed normally, but verify the execution
results.

8— An error occurred during Process execution.

16 —A severe error occurred during Process execution.

Chapter 6. SDK Programmers Guide 275


Property Description
recids=record id | (list) Specifies selection by record ID or a list of record IDs. This
parameter identifies particular types of statistics records,
such as a copy termination records or initialization event
records.

AUPR — Authorization file processing

CHGP — Change Process command issued

COAC — Communication activated

CMLT — CMGR listen thread terminated

CRHT — Sterling Connect:Direct copyright

CSTP — Child Process stopped

CTRC — Copy control record written

CTRM — Child Process terminated

CUKN — Child Process unknown status

CXIT — Child Process exited

DELP — Delete Process command issued

FLSP — Flush Process command issued

FMRV — Formatted Header (FMH) received

FMSD — Formatted Header (FMH) sent

GPRC — Get Process issued

IFED — If statement ended

IPPR — Initialization parameter processing

LIOK — Listen okay

NAUH — Node Authorization check issued

NMOP — Network map file opened

NMPR — Network map processing

NUIC — Sterling Connect:Direct Initialization complete

NUIS — Sterling Connect:Direct start initialization

NUT1 — Sterling Connect:Direct phase one termination


complete status

NUT2 — Sterling Connect:Direct phase two termination


complete status

NUTC — Sterling Connect:Direct termination complete

NUTR — Sterling Connect:Direct termination requested

NUTS — Sterling Connect:Direct termination started

276 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Property Description
recids=record id | (list) PERR — Process error detected
(Continued)
PFLS — Process flushed

PMED — Process Manager ended

PMIP — Process Manager Initprocs thread initialized

PMMX — Process Manager Max Age thread initialized

PMRC — Process Manager release cell thread initialized

PMST — Process Manager started

PPER — Pipe error

PRED — Process ended

PSAV — Process saved

PSED — Process step detected

PSTR — Process started

RNCF — Remote server call failed

RTED — Run Task command completed

RJED — Run Job command completed

RFIP — Refresh command issued

SBED — Submit complete

SELP — Select Process command issued

SELS — Select Statistics command issued

SEND — Session end issued

SERR — System error

SHUD — Sterling Connect:Direct shutdown

SIGC — Signal caught

SMED — Session Manager ended

SMST — Session Manager started

SNHI — APPC started

SNMP — SNMP

STOP — Stop Sterling Connect:Direct command issued

SUBP — Submit command issued

Chapter 6. SDK Programmers Guide 277


Property Description
recids=record id | (list) TCPI — TCP started
(Continued)
TRAC — Trace command issued

UNKN — Unknown command issued

USEC — User Security check issued

xxxx — Record types identified by the first four characters


of the message ID

Methods

The CDStatistics control provides the following methods:

Method Description
BOOL Execute() Executes the SELECT STATISTICS command and stores the returned
records in the control. If the control was already retrieving records,
the previous command is stopped and the old records are removed
from the control.
Clear Clears the existing records from the display. The Clear method does
not stop retrieval.

Events

The following events are controlled by CDStatistics.

Method Description
Complete Sent after all records are retrieved.
Error The standard error event. Possible codes are:

CTL_E_PERMISSIONDENIED—cannot log onto the node.

CTL_E_DEVICEUNAVALIABLE—cannot connect to the node.

CTL_E_OUTOFMEMORY—out of memory.

CTL_E_ILLEGALFUNCTIONCALL—an unknown error.

Apply Automation Servers

Apply Automation Servers


The Sterling Connect:Direct Automation Servers provide an automation wrapper
around the Sterling Connect:Direct SDK C++ classes.

The Automation Servers provide direct automation support for languages like
Visual Basic. This section provides a reference for the automation objects and
information about applying them.

278 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Create Virtual Servers Using the Node Factory
The node factory creates node objects, which act as virtual servers. Virtual servers
represent a Sterling Connect:Direct server (a node). The Automation Server Node
Factory provides the following properties:

Property Description
Node Name The name of the node to connect to. The node name is set using the
Sterling Connect:Direct Client Connection Utility.
Userid The user ID to use when connecting to the node.
Password The password for the user ID to connect to the node.

The Sterling Connect:Direct Automation Server Node provides the following


methods:

Method Description
SelectStats(criteria) Criteria specifies the complete SELECT STATISTICS string.
SelectProc(criteria) Criteria specifies the complete SELECT PROCESS string.
Submit(text) The text specifies the Process to SUBMIT.

Identify Active Processes

The Process object represents a Process running on the node. The records are
returned as Process objects, stored in a ProcCollection container. The Sterling
Connect:Direct Automation Server Process object provides the following properties:

Property Type Description


ProcessName String The Process name.
ProcessNumber Long The Process number assigned by Sterling
Connect:Direct when the Process is placed in the
TCQ.
ConditionCode Long The return code.
Feedback Long Provides additional return code information.
MsgId String The message identifier.
MsgText String The message text field.
MsgData String Message substitution fields.
LogDateTime Date The logged time stamp.
SchedDateTime Date The date and time the Process is scheduled to be
submitted.
SubmitNode String The name of the node from which the Process was
submitted.
Submitter String The user ID of the person submitting the Process.
PNode String The primary or controlling node in the Process.
SNode String The secondary or partner node in the Process.
Status String The status of the Process in the queue.
Retain String Specifies whether the Process is to be retained in
the TCQ for future submission.

Chapter 6. SDK Programmers Guide 279


Property Type Description
Hold String The TCQ hold status of the Process.
Class Long The session class on which the Process is
executing.
Priority Long The TCQ selection priority of the Process.
ExecPriority Long The operating system execution priority of the
Process.
Queue String The logical queue where the Process is currently
located (Execution, Hold, Wait, or Timer).
Step Name String The currently executing step of the Process.
LocalNode String Specifies whether the primary or secondary node
is the local node and has primary control.
FromNode String Specifies whether the primary or secondary node
is the source node in a copy.
SimpleCompress Boolean Specifies whether to perform repetitive character
compression.
ExtendedCompression Boolean Specifies whether to perform repetitive string
compression.
Checkpoint Boolean Specifies the use of checkpointing in a copy step.
Restart Boolean Specifies whether the Process is restarted.
SourceFile String The name of the source file.
TotalBytes Long The number of data bytes read or written.
TotalRecs Long The number of data records read or written.
SentBytes Long The number of data bytes sent.
Sent RUs Long The number of RU bytes sent.
DestFile String The name of the destination file.

Identify Statistic Records

The Statistic object represents the records in the statistics database. They are
returned from a SELECT STATISTICS query. The Sterling Connect:Direct
Automation Server Statistic object provides the following properties:

Property Data Type Description


ProcessName String The Process name.
ProcessNumber Long The Process number assigned by Sterling Connect:Direct
when the Process is placed in the TCQ.
Feedback Long Provides additional return code information.
MsgId String Message identifier.
MsgText String Message text.
MsgData String Message substitution fields.
LogDateTime Date The logged time stamp.
StartDateTime Date The start time stamp.
StopDateTime Date The stop time stamp.
Submitter String The submitter's user ID.
SNode String The secondary node name.

280 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Property Data Type Description
RecCat String The record category.
RecId String The record identifier tag.
GetAuditField String Returns the audit field value.

The GetAuditField() function supports the following audit


information field names:
"Step Name"
"Primary Node Name"
"Secondary Node Name"
"Link Fail"
"Translation"
"Status"
"Function"
"Member Name"
"Sysopts"
"Bytes Read"
"Records Read"
"Bytes Sent"
"RUs Sent"
"Bytes Written"
"Records Written"
"Bytes Received"
"RUs Received"
"RU Size"
"Local Condition Code"
"Local Message ID"
"Other Condition Code"
"Other Message ID"
"PNode Accounting Info"
"SNode Accounting Info"
"Local Node"
"Retain"
"Class"
"Priority"
"Execution"
"Standard Compression"
"Extended Compression"
"Checkpoint"
"Scheduled Date/Time"
"Start Date/Time"
"Stop Date/Time"
"Submit Date/Time"
"From Node"
"Queue"
"Restart"
"Function"

Chapter 6. SDK Programmers Guide 281


Property Data Type Description
GetAuditField String Returns the audit field value.
(Continued)
The GetAuditField() function supports the following audit
information field names:
"Source File"
"Source Disposition #1"
"Source Disposition #2"
"Source Disposition #3"
"Destination File"
"Destination Disposition #1"
"Destination Disposition #2"
"Destination Disposition #3"
"Hold"
"Substitution String"
"Submitter Node"

Use Automation Objects


Create node objects, select processes, and select statistics using automation objects.

This topic explains how to use the node factory and nodes, select statistics, and
select Processes. The Sterling Connect:Direct automation objects use late binding,
so you must dimension your variables as type Object.

Create Node Objects


The Sterling Connect:Direct node factory creates node objects. These node objects
serve as virtual servers and represent a connection to a Sterling Connect:Direct
server (node).

To obtain a connection (and therefore a node), you must use the node factory.
Create the node factory using the ProgID CD.NodeFactory:

Dim factory as Object


Set factory = CreateObject (“CD.NodeFactory”)

To determine the node you want to connect to, set the properties of the factory
object. Next, call CreateNode to connect to the node. If the connection is successful,
a node object returns. Otherwise, an error is thrown indicating the cause of the
problem.

factory.NodeName = “CD.Node1"
factory.UserId = “user1"
factory.Password = “password”
{
Dim node as Object
Set node = factory.CreateNode()

The node name refers to the name used by the Client Connection Utility. You must
set up the nodes that you want to connect to using the Client Connection Utility
prior to using the Sterling Connect:Direct SDK.

282 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Node Usage

The node object represents the connection to a Sterling Connect:Direct node. Using
the node enables you to select statistics or Processes.

Select Processes

To select Processes, you must first format a select Process command and pass it to
the SelectProc method. The records return as Process objects and are stored in the
ProcCollection container. Because a background thread populates the collection, it
is returned to the caller before it is completely filled. Therefore, the only access
method available is using the For Each construct.

Note: The usual Count property is not available because the count is not known
until all records are returned.

Dim procs as Object ; the process collection


Dim proc as Object ; each process record
Set procs = node.SelectProc ("SELECT PROCESS ")
For Each proc in procs
Debug.Print proc.ProcessName
Next proc

Select Statistics

To select statistics records, you must format a select statistics command and pass it
on to the SelectStats method of the node. The records return as Statistic objects
stored in a StatCollection container. Because a background thread populates the
collection, it returns to the caller before it is completely filled. Therefore, the only
access method available is using the For Each construct.

Note: The usual Count property is not available because the count is not known
until all records are returned.

Dim stats as object ; the Statistics collection


Dim stat as Object ; each statistic record
Set stats = node.SelectStats ("SELECT STATISTICS")
For Each stat in stats
Debug.Print stat.RecId
Next stat

Because the server can send records slowly, the interface can be jerky while
reading records. Because records are read using a background thread, it useful to
select the statistics before time-consuming tasks like constructing windows. This
method enables the server to send records in background.

Automation Class Errors

The automation classes use the standard Visual Basic error-handling mechanism.
When an error is raised in an automation object, no real value is returned from the
function. For example, if an error is raised in the node factory example in the
Create an Object to connect to a Node topic (see related link below), the node does
not have a value (it has the default value of nothing) because CreateNode has not
returned anything.

Chapter 6. SDK Programmers Guide 283


When the Sterling Connect:Direct automation objects raise an error, they set the
error number to a Sterling Connect:Direct SDK error value and store a description
in the error text.

Enhance Security and Automate File Opening with User Exits

User Exits
You can customize Sterling Connect:Direct operations with user exits. User exits
are user-defined dynamic link libraries (DLLs) that are loaded and called when the
user exit is enabled through an initialization parameter. Two user exits are
provided: one for enhanced security and one for automated file opening.

Apply Enhanced Security


Apply Passticket Support

Use passtickets to implement enhanced security. A passticket is a one-time


password generated on the primary node and passed to the secondary node within
10 minutes, where it is validated before further processing is performed. Sterling
Connect:Direct passticket support is implemented by the user as a user exit called
from the Sterling Connect:Direct session manager during Process execution. To
enable the security exit, specify the name or path name of the security exit DLL in
the value of the security.exit parameter.

See Changing Sterling Connect:Direct for Microsoft Windows Settings in the IBM
Sterling Connect:Direct for Microsoft Windows System Guide orIBM Sterling
Connect:Direct for Microsoft Windows Help for a description of the security.exit
parameter. If the DLL is not in the search path of the server, then you must specify
the fully qualified file name of the DLL.

The user's security exit must contain the GeneratePassticket() and


ValidatePassticket() functions. The parameters for these functions are defined in the
userexit.h header file. The userexit.h header file is in the Sterling Connect:Direct
samples directory. If the security exit cannot be found or loaded, or if the
addresses of the two required functions cannot be resolved successfully, an error
message is generated and Process execution terminates.
v The passticket is only valid for 10 minutes after it is generated. As a result, the
system clocks on the two nodes should be synchronized.
v When generating passtickets, Sterling Connect:Direct for Microsoft Windows fills
in the GENMSG_T structure fields and passes the structure to the security exit.
The security exit should generate the passticket, fill in the GENMSG_REPLY_T
structure fields, and return an appropriate return code to Sterling
Connect:Direct.
v When validating a passticket, Sterling Connect:Direct for Microsoft Windows fills
in the VALMSG_T structure fields and passes the structure to the security exit.
The security exit validates the passticket, fills in the VALMSG_REPLY_T
structure fields, and returns an appropriate return code to Sterling
Connect:Direct. If the passticket is successfully validated, Sterling Connect:Direct
for Microsoft Windows continues as if the Process is using a remote user proxy.
A proxy must be defined on the remote node for the effective ID being used on
the SNODE for the Process.

284 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Security Exit Structure

Following is a list of the security exit structures:


v GENMSG_T—Sends a message to the local node to allow the security exit to
determine the user ID and security token (passticket) to use for remote node
authentication. The GENMSG_T contains:
– Submitter ID
– Local node ID and password
– Remote node ID and password
– Local node name
– Remote node name
v GENMSG_REPLY_T—The user exit GeneratePassticket() function fills the
GENMSG_REPLY_T structure. The GENMSG_REPLY_T contains:
– Status value of GOOD_RC (0) for success, or ERROR_RC (8) for failure.
– Status text message. If the status value is failure, then status text message is
included in the error message.
– ID to be used for security context on the remote node.
– Passticket to use in conjunction with the ID for security on the remote node.
v VALMSG_T—The message sent to the remote node to allow the security exit to
validate the user ID and passticket. The VALMSG_T contains:
– Submitter ID
– Local node ID and password
– Remote node ID and password
– Local node name
– Remote node name
– ID to be used for security checking from the local node
– Passticket generated on the local node
v VALMSG_REPLY_T—The user ValidatePassticket0 function fills the
VALMSG_REPLY_T structure. The VALMSG_REPLY_T contains:
– GOOD_RC (0) if the reply was a success or ERROR_RC (8) for failure.
– Status text message. If the status value is failure, the status text message is
included in the error message.
– ID to be used for security context the remote node side. This value may or
may not be the same ID as in the generate message.
– Passticket to use in conjunction with ID for security on the remote node.

Security Exit Sample Code

The following header file and sample code files for passticket implementation are
copied to X:\installation directory\Server\samples during the installation. You can
use them as examples to follow in implementing your real-life security exit.
v userexit.h—Contains defined constants used for passtickets, the structures that
are passed to the passticket functions, and the function prototypes.
v usersamp_skel.c—Consists of the GeneratePassticket() and ValidatePassticket()
functions. The GeneratePassticket() function replies with a hard-coded ticket, fills
in the structure, and returns a valid return code. It demonstrates what should be
input and output by the exit. The ValidatePassticket() function returns a good
return code indicating that the passticket passed in is valid. There is no real
checking done in this routine.

Chapter 6. SDK Programmers Guide 285


v userexit_samp.c—Demonstrates a sample implementation of passticket support.
It works if the same exit is on both sides. The GeneratePassticket() and
ValidatePassticket() functions call the Passtk() function which performs the
actual generation, or validation of the passticket.

The sample user exit can be compiled and linked into a DLL using Microsoft
Visual C++. The userexit_samp.sln and userexit_skel.sln files can be found in the
same samples directory where userexit_samp.c and userexit_skel.c is found.The
exit was tested using Microsoft Visual Studio 2008.

Apply Automated File Opening


Use the file open exit feature to override the values specified in the COPY
statement. The file open exit is an initialization parameter (file.exit) that you can
set to point to a user-written DLL. You can customize Sterling Connect:Direct
COPY operations by defining values in the file open exit DLL that override the
COPY statement parameters.

Apply the File Open Exit

Sterling Connect:Direct file open support is implemented as a user exit called from
the Sterling Connect:Direct session manager during Sterling Connect:Direct COPY
statement execution. To enable the file open exit, change the value of the file.exit
initialization parameter to the name or path name of the file open exit DLL.

Refer to Changing Sterling Connect:Direct for Microsoft Windows Settings in the


IBM Sterling Connect:Direct for Microsoft Windows System Guide or IBM Sterling
Connect:Direct for Microsoft Windows Help for a description of the file.exit
parameter. If the DLL is not in the search path of the server, then you must specify
the fully qualified file name of the DLL.

The user's file open exit must contain the FileOpen() function. The parameters for
this function are File_Open and File_Open_Reply. These parameters are pointers to
corresponding structures in the userexit.h header file. The userexit.h header file is
in the Connect:Direct samples directory.

File Open Exit Structures

The file open exit contains the following types of structures:


v FILE_OPEN: The FILE_OPEN structure contains the information that
implements the file open user exit. The FILE_OPEN structure contains the
following components:
– int oflag—Flags that Sterling Connect:Direct uses to open the file.
– int srcdstflag—Specifies whether the file is a source file (the file to read) or a
destination file (the file to write to).
– char user_name[MAX_USER_NAME]—Specifies the name of the user that
submitted the Process.
– COPY_T copy_ctl—Points to the Sterling Connect:Direct Copy Control Block
data structure that contains information concerning the COPY operation about
to be performed.
– COPY_SYSOPTS_T cp_sysopts—Points to the Sysopts data structure that
contains a representation of all of the COPY operation sysopts that Sterling
Connect:Direct supports. Refer to the Sterling Connect:Direct Process Language
Reference Guide for more information about COPY sysopts.

286 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


v FILE_OPEN_REPLY: The FILE_OPEN_REPLY structure contains information that
specifies whether the file exit operation succeeded. The FILE_OPEN structure
contains the following components:
– HANDLE hFile—Contains a valid file handle if the file was opened
successfully.
– char filename[MAX_FILE_NAME_LEN]—Contains the actual name of the file
opened by the file open exit.

Access Sample Code

The following header file and sample code files for file open exit implementation
are copied to X:\installation directory\Samples during Sterling Connect:Direct for
Microsoft Windows installation.
v userexit.h
v FileOpenDLL.CPP

Structure Types

Structure Types
Following is a list of the common C and C++ Class interface structures, constants,
and their descriptions.
v NETMAP_DESC_STRUCT Structure
v USER_STRUCT Structure
v MESSAGE_STRUCT Structure
v NETMAP_MODE_SNA Structure
v NETMAP_MODE_TCP Structure
v NETMAP_NODE_STRUCT Structure
v NETMAP_PATH_STRUCT Structure
v PROCESS_STRUCT Structure
v NODE_STRUCT Structure
v STATISTICS_STRUCT Structure
v TRACE_STRUCT Structure
v TRANSLATE_STRUCT Structure

All of the common C and C++ Class API structures are contained within the
CONNDIR.H header file.

NETMAP_DESC_STRUCT Structure
The NETMAP_DESC_STRUCT structure contains the Netmap Node Description
information. Use this structure to retrieve and set the Netmap Node Description
information.

Chapter 6. SDK Programmers Guide 287


Structure
struct Netmap_Desc_Struct
{
TCHAR Name[MAX_NODE_NAME_LEN+1];
TCHAR ContactPhone[MAX_PHONE_NUMBER+1];
TCHAR ContactName[MAX_CONTACT_NAME+1];
TCHAR Description[MAX_DESCRIPTION+1];
};
typedef struct Netmap_Desc_Struct NETMAP_DESC_STRUCT;

Members
Member Description
Name [MAX_NODE_NAME_LEN+1] The node name.
ContactPhone [MAX_PHONE_NUMBER+1] The phone number of the person responsible
for this node.
ContactName [MAX_CONTACT_NAME+1] The name of the person responsible for this
node.
Description [MAX_DESCRIPTION+1] Node description information.

USER_STRUCT Structure
The USER_STRUCT structure contains the User Functional Authority information.
Use this structure to retrieve and set user functional authorities.

288 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Structure
struct User_Struct
{
TCHAR Name [MAX_OBJECT_NAME+1];
TCHAR UpdateNetmap;
TCHAR UpdateUser;
TCHAR UpdateProxy;
TCHAR ChangeProcess;
TCHAR DeleteProcess;
TCHAR SelectProcess;
TCHAR SubmitProcess;
TCHAR SelectStats;
TCHAR SecureRead;
TCHAR SecureWrite;
TCHAR Stop;
TCHAR Trace;
TCHAR SelectNetmap;
TCHAR SelectMessage;
TCHAR Refresh;
TCHAR ProcessCopy;
TCHAR ProcessRunJob;
TCHAR ProcessRunTask;
TCHAR ProcessSubmit;
TCHAR InheritRights;
TCHAR TrusteeAssign;
TCHAR UpdateACL;
TCHAR FileAttributes;
TCHAR SNodeId;
TCHAR ExecutionPriority;
TCHAR ProcessSend;
TCHAR ProcessReceive;
TCHAR UpdateTranslation;
TCHAR DownloadDirectory[MAX_DIRECTORY_NAME+1];
TCHAR UploadDirectory[MAX_DIRECTORY_NAME+1];
TCHAR ProcessDirectory[MAX_DIRECTORY_NAME+1];
TCHAR ProgramDirectory[MAX_DIRECTORY_NAME+1];
};
typedef struct User_Struct USER_STRUCT;

Members
Member Description
UpdateUser Specifies permission to update other user functional
authority.
UpdateProxy Specifies permission to update proxy user
information.
ChangeProcess Gives a user permission to issue CHANGE PROCESS.
DeleteProcess Gives a user permission to issue DELETE PROCESS.
SelectProcess Gives a user permission to issue SELECT PROCESS.
SubmitProcess Gives a user permission to issue SUBMIT PROCESS.
SelectStats Gives a user permission to issue SELECT
STATISTICS.
SecureRead Gives a user permission to read Sterling
Connect:DirectSecure Plus network map fields.
SecureWrite Gives a user permission to modify Sterling
Connect:Direct Secure Plus network map fields.

Chapter 6. SDK Programmers Guide 289


Member Description
Stop Gives a user permission to issue the STOP Sterling
Connect:Direct server command.
Trace Gives a user permission to start and stop Sterling
Connect:Direct tracing.
SelectNetmap Gives a user permission to get the network map
objects from the Sterling Connect:Direct server.
SelectMessage Gives a user permission to get Sterling Connect:Direct
message information from the Sterling Connect:Direct
server.
Refresh Gives a user permission to execute the REFRESH
INITPARMS commands.
ProcessCopy Gives a user permission to issue a COPY command
within a Process.
ProcessRunJob Gives a user permission to issue a RUN JOB
command within a Process.
ProcessRunTask Gives a user permission to issue a RUN TASK
command within a Process.
ProcessSubmit Gives a user permission to issue a SUBMIT command
within a Process.
Inherit Rights The Inherit Rights flag.
TrusteeAssign The Trustee Assign flag.
UpdateACL The Update ACL flag.
FileAttributes The File Attribute flag.
SNodeId The Remote Node ID flag.
ExecutionPriority Gives a user permission to change execution priority.
ProcessSend The Process Send flag.
ProcessReceive The Process Receive flag.
UpdateTranslation Gives a user permission to update the translation
table information.
DownloadDirectory The default download directory.
[MAX_DIRECTORY_NAME+1]
UploadDirectory The default upload directory.
[MAX_DIRECTORY_NAME+1]
ProcessDirectory The default Process file directory.
[MAX_DIRECTORY_NAME+1
ProgramDirectory The default program file directory.
[MAX_DIRECTORY_NAME+1]

MESSAGE_STRUCT Structure
The MESSAGE_STRUCT structure contains the Sterling Connect:Direct message
information. Use this structure to retrieve the message information. It contains the
unique message identifier.

290 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Structure
struct Message_Struct
{
TCHAR MsgId[MAX_MESSAGE_ID+1];
int ConditionCode;
int Feedback;
TCHAR MsgText[MAX_MESSAGE_TEXT+1];
TCHAR MsgData[MAX_MESSAGE_DATA+1];
};
typedef struct Message_Struct MESSAGE_STRUCT;

Members
Member Description
MsgId [MAX_MESSAGE_ID+1] The message identifier that uniquely identifies this
message.
ConditionCode The return code accompanying the message.
Feedback Additional return code information.
MsgText The message text.
[MAX_MESSAGE_TEXT+1]
MsgData Message substitution fields.
[MAX_MESSAGE_DATA+1]

NETMAP_MODE_SNA Structure
The NETMAP_MODE_SNA structure contains the Netmap SNA Mode information.
This structure is part of the NETMAP_MODE_STRUCT for SNA modes.

Structure
struct Netmap_Mode_Sna
{
long lMaxRUSize;
short MaxPacingSize;
short MaxNetSessLimit;
};
typedef struct Netmap_Mode_Sna NETMAP_MODE_SNA;

Members
Member Description
lMaxRUSize The maximum RU size.
MaxPacingSize The maximum pacing size.
MaxNetSessLimit The maximum net session limit.

NETMAP_MODE_TCP Structure
The NETMAP_MODE_TCP structure contains the Netmap TCP/IP Mode
information. This structure is part of the NETMAP_MODE_STRUCT for TCP/IP
modes.

Chapter 6. SDK Programmers Guide 291


Structure
struct Netmap_Mode_Tcp
{
long lBufferSize;
long lPacingSendCount;
long lPacingSendDelay;
char tcp_crc[4];
};
typedef struct Netmap_Mode_Tcp NETMAP_MODE_TCP;

Members
Member Description
lBufferSize The buffer size.
lPacingSendCount Pacing send count.
lPacingSendDelay Pacing send delay.
char tcp_crc[4] Whether TCP CRC checking is on.

NETMAP_NODE_STRUCT Structure
The NETMAP_NODE_STRUCT structure contains the Netmap node information.
Use this structure to retrieve and set the Netmap node information.

Structure
struct Netmap_Node_Struct
{
TCHAR Name[MAX_OBJECT_NAME_LEN+1];
BOOL bDetail;
int LongTermRetry;
long lLongTermWait;
int ShortTermRetry;
long lShortTermWait;
int MaxPNode;
int MaxSNode;
int DefaultClass;
int RemoteOSType;
TCHAR TcpModeName[MAX_OBJECT_NAME+1];
TCHAR TcpAddress[MAX_TCP_ADDRESS+1];
TCHAR SnaModeName[MAX_OBJECT_NAME+1];
TCHAR SnaNetName[MAX_NET_NAME+1];
TCHAR SnaPartnerName[MAX_PARTNER_NAME+1];
TCHAR SnaTPName[MAX_TPNAME+1];
};
typedef struct Netmap_Node_Struct NETMAP_NODE_STRUCT;

Members
Member Description
Name [MAX_OBJECT_NAME_LEN+1] The node name.
bDetail Specifies detail-included flag.
LongTermRetry Long-term retry interval.
lLongTermWait Long-term wait interval.
ShortTermRetry Short-term retry interval.

292 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Member Description
lShortTermWait Short-term wait interval.
MaxPNode The maximum number of local nodes.
MaxSNode The maximum number of remote nodes.
DefaultClass The default class.
RemoteOSType Remote node operating system type.
TcpModeName [MAX_OBJECT_NAME+1] The TCP/IP communications mode name.
TcpAddress [MAX_TCP_ADDRESS+1] The node's TCP/IP address.
SnaModeName [MAX_OBJECT_NAME+1] The SNA communications mode name.
SnaNetName [MAX_NET_NAME+1] The SNA net name.
SnaPartnerName SNA partner name.
[MAX_PARTNER_NAME+1]
SnaTPName [MAX_TPNAME+1] The TP name.

NETMAP_PATH_STRUCT Structure
The NETMAP_PATH_STRUCT structure contains the Netmap path information.
Use this structure to retrieve and set the Netmap path information.

Structure
struct Netmap_Path_Struct
{
TCHAR Name[MAX_OBJECT_NAME+1];
BOOL bDetail;
int Transport;
int Adapter;
BYTE Address[MAX_ADDRESS];
char CustomQLLC[MAX_CUSTOM_ADDRESS+1];
int Protocol;
TCHAR SnaProfileName[MAX_PROFILE_NAME+1];
TCHAR SnaLocalNetId[MAX_LOCALNETID+1];
TCHAR SnaPUName[MAX_PUNAME+1];
TCHAR SnaLUName[MAX_LUNAME+1];
int SnaLULocAddr;
int SnaLUSessLimit;
int TCPMaxTimeToWait;
int DialupHangon;
char DialupEntry[MAX_DIALUP_ENTRY+1];
char DialupUserid[MAX_OBJECT_NAME+1];
char DialupPassword[MAX_OBJECT_NAME+1];
TCHAR ModeName[MAX_OBJECT_NAME+1];
};
typedef struct Netmap_Path_Struct NETMAP_PATH_STRUCT;

Members
Member Description
Name [MAX_OBJECT_NAME+1] The path name.
bDetail The detail flag.
Transport Transport type.
Adapter Specifies the adapter.

Chapter 6. SDK Programmers Guide 293


Member Description
Address [MAX_ADDRESS] The adapter address.
CustomQLLC[MAX_CUSTOM_ADDRESS+1] The custom or QLLC adapter address.
Protocol The protocol type.
SnaProfileName[MAX_PROFILE_NAME+1] The SNA profile name.
SnaLocalNetId [MAX_LOCALNETID+1] The SNA local net ID.
SnaPUName [MAX_PUNAME+1] The SNA PU name.
SnaLUName [MAX_LUNAME+1] The SNA LU name.
SnaLULocAddr The SNA LU local address.
SnaLUSessLimit The SNA LU session limit.
TCPMaxTimeToWait TCP maximum time to wait.
DialupHangon Number of seconds to stay connected after
dialup hangon completes.
DialupEntry[MAX_DIALUP_ENTRY+1] Dialup entry name.
DialupUserid[MAX_OBJECT_NAME+1] Dialup user ID.
DialupPassword[MAX_OBJECT_NAME+1] Dialup password.
ModeName [MAX_OBJECT_NAME+1] The mode name used by this path.

PROCESS_STRUCT Structure
The PROCESS_STRUCT structure contains the Sterling Connect:Direct Process
information. This structure is sent to the client from the Sterling Connect:Direct
server upon accepting a Process for execution. It is also sent in response to a
SELECT PROCESS command. It contains the Process name, Process number, and
queue.

294 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Structure
struct Process_Struct
{
TCHAR ProcessName[MAX_PROCESS_NAME+1];
DWORD ProcessNumber;
int ConditionCode;
int Feedback;
TCHAR MsgId[MAX_MESSAGE_ID+1];
TCHAR MsgText[MAX_MESSAGE_TEXT+1];
TCHAR MsgData[MAX_MESSAGE_DATA+1];
time_t LogDateTime;
time_t SchedDateTime;
TCHAR SubmitNode[17];
TCHAR Submitter[65];
TCHAR PNode[17];
TCHAR SNode[17];
TCHAR Status[3];
TCHAR Retain;
TCHAR Hold;
int Class;
int Priority;
int ExecPriority;
TCHAR Queue[5];
TCHAR Function[6];
TCHAR StepName[9];
TCHAR LocalNode;
TCHAR FromNode;
BOOL bStandardCompression;
BOOL bExtendedCompression;
BOOL bCheckpoint;
BOOL bRestart;
TCHAR SourceFile[MAX_FILENAME+1];
TCHAR SourceDisp1;
TCHAR SourceDisp2;
TCHAR SourceDisp3;
__int64 ByteCount;
__int64 RecordCount;
__int64 XmitBytes;
long XmitRUs;
TCHAR DestFile[MAX_FILENAME+1];
TCHAR DestDisp1;
TCHAR DestDisp2;
TCHAR DestDisp3;
//SECURE_PLUS
BOOL bSecurePlusEnabled;
TCHAR EncAlgName[MAX_OBJECT_NAME];
BOOL bSignature;
};
typedef struct Process_Struct PROCESS_STRUCT;

Members
Member Description
ProcessName The Process name.
[MAX_PROCESS_NAME+1]
ProcessNumber The Process number.
ConditionCode The return code.
Feedback Specifies additional return code information.
MsgId [MAX_MESSAGE_ID+1] The message identifier field.
MsgData [MAX_MESSAGE_TEXT+1] The message text field.

Chapter 6. SDK Programmers Guide 295


Member Description
MsgData [MAX_MESSAGE_DATA+1] The message substitution data.
LogDateTime The logged time stamp.
SchedDateTime The scheduled time stamp.
SubmitNode [17] The submitter's node.
Submitter [65] The submitter's user name.
PNode [17] The primary node.
SNode [17] The secondary node.
Status [3] The current status.
Retain The retain flag.
Hold The hold flag.
Class The class.
Priority The current priority.
ExecPriority The current execution priority.
Queue [5] The current queue that contains this Process.
Function[6] The function executing in the Process.
StepName [9] The current step name.
LocalNode The local node flag.
FromNode The from node flag.
bStandardCompression The standard compression indicator.
bExtendedCompression The extended compression indicator.
bCheckpoint The checkpointing enabled indicator.
bRestart Restart indicator.
SourceFile [MAX_FILENAME+1] The source file name.
SourceDisp1 The source displacement 1.
SourceDisp2 The source displacement 2.
SourceDisp3 The source displacement 3.
ByteCount The total byte count.
RecordCount The total record count.
XmitBytes The sent byte count.
XmitRUs The sent RU count.
DestFile[MAX_FILENAME+1] The destination file name.
DestDisp1 The destination displacement 1.
DestDisp2 The destination displacement 2.
DestDisp3 The destination displacement 3.
bSecurePlusEnabled The Secure+ enabled flag.
EncAlgName[MAX_OBJECT_NAME] The effective encryption algorithm.
bSignature Specifies the effective signature setting.

296 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


NODE_STRUCT Structure
The NODE_STRUCT structure contains the Sterling Connect:Direct node
information. This structure contains the node name, the login information,
operating system information, and protocol information. This information is stored
in the Registry and is sent to the client after successfully logging on.

Structure
struct Node_Struct
{
TCHAR Name[MAX_NODE_NAME_LEN+1];
TCHAR CDName[MAX_NODE_NAME_LEN+1];
TCHAR Server[MAX_OBJECT_NAME+1];
long ApiVersion;
long SecurePlusVersion;
int CompLevel;
int SelectedOSType;
int OSType
int SubType
TCHAR Userid[MAX_OBJECT_NAME+1];
TCHAR Password[MAX_OBJECT_NAME+1];
BOOL bTemporary;
BOOL bRememberPW;
int Protocol TCHAR TcpAddress[MAX_TCP_ADDRESS+1]
};
typedef struct Node_Struct NODE_STRUCT;

Members
Member Description
Name [MAX_NODE_NAME_LEN+1] The Sterling Connect:Direct node alias name.
CDName [MAX_NODE_NAME_LEN+1] The Sterling Connect:Direct node name.
Server [MAX_OBJECT_NAME+1] The file server name.
ApiVersion The API version.
SecurePlusVersion The Secure+ version; value is 0 if Secure+ is
not supported.
CompLevel The KQV Communications Compatibility
Level.
SelectedOSType The user-selected operating system type.
OSType The operating system type.
SubType Specifies subtype information.
Userid [MAX_OBJECT_NAME+1] The user name.
Password [MAX_OBJECT_NAME+1] The user-defined password.
bTemporary Specifies to hold the user information
temporary.
bRememberPW Specifies to save the password in the
Registry.
Protocol Protocol type.

Chapter 6. SDK Programmers Guide 297


STATISTICS_STRUCT Structure
The STATISTICS_STRUCT structure contains the Sterling Connect:Direct statistics
information for a Process. This structure is sent to the client as a result of a
SELECT STATISTICS command.

Structure
struct Statistic_Struct
{
TCHAR ProcessName[MAX_PROCESS_NAME+1];
DWORD ProcessNumber;
int ConditionCode;
int Feedback;
TCHAR MsgId[MAX_MESSAGE_ID+1];
TCHAR MsgText[MAX_MESSAGE_TEXT+1];
TCHAR MsgData[MAX_MESSAGE_DATA+1];
time_t LogDateTime;
time_t StartDateTime;
time_t StopDateTime;
TCHAR Submitter[65];
TCHAR SNode[17];
TCHAR RecCat[5];
TCHAR RecId[5];
};
typedef struct Statistic_Struct STATISTIC_STRUCT;

Members
Member Description
ProcessName The Process name.
[MAX_PROCESS_NAME+1]
ProcessNumber The Process number.
ConditionCode The return code.
Feedback Additional return code information.
MsgId [MAX_MESSAGE_ID+1] The message identifier field.
MsgText [MAX_MESSAGE_TEXT+1] The message text field.
MsgData [MAX_MESSAGE_DATA+1] Message substitution data.
LogDateTime The logged time stamp.
StartDateTime The start time stamp.
StopDateTime The stop time stamp.
Submitter [65] The submitter's user ID.
SNode [17] The secondary node name.
RecCat [5] The record category.
RecId [5] The record identifier tag.

TRACE_STRUCT Structure
The TRACE_STRUCT structure contains the trace information. Use this structure to
retrieve the trace information.

298 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Structure
struct Trace_Struct
{
TCHAR cMainLevel;
TCHAR cCommLevel;
TCHAR cCMgrLevel;
TCHAR cPMgrLevel;
TCHAR cSMgrLevel;
TCHAR cStatLevel;
TCHAR szFilesize[MAX_FILENAME+1];
long cbFilesize;
BOOL bWrap;
BOOL bPNode;
BOOL bSNode;
int PNums[4];
TCHAR PNames[4] [MAX_PROCESS_NAME+1];
TCHAR DestNodes[4] [17];
};
typedef struct Trace_Struct TRACE_STRUCT;

Members
Member Description
cMainLevel MAIN trace level.
cCommLevel The COMM trace level.
cCMgrLevel CMGR trace level.
cPMgrLevel PMGR trace level.
cSMgrLevel The SMGR trace level.
cStatLevel STAT trace level.
szFilename[MAX_FILENAME+1] The trace file name.
cbFilesize The size of the trace file.
bWrap Specifies whether to wrap when cbFile is reached.
bPNode The PNODE trace flag.
bSNode The SNode trace flag.
PNums[8] Specifies an integer array of up to four Process
numbers.
PNames[8] [MAX_PROCESS_NAME+1] The string array of Process names.
DestNodes[8] [17] The string array of destination node names.

TRANSLATE_STRUCT Structure
The TRANSLATE_STRUCT structure contains the translation table information.
Use this structure to retrieve and set the translation table information.

Chapter 6. SDK Programmers Guide 299


Structure
struct Translate_Struct
{
TCHAR Filename[MAX_OBJECT_NAME+1];
BYTE Table[256];
TCHAR MsgId[MAX_MESSAGE_ID+1];
int ConditionCode;
int Feedback;
TCHAR MsgText[MAX_MESSAGE_TEXT+1];
TCHAR MsgData[MAX_MESSAGE_DATA+1];
};
typedef struct Translate_Struct TRANSLATE_STRUCT;

Members
Member Description
FileName [MAX_OBJECT_NAME+1] The name of the file where the translation
information is stored.
Table [256] The actual translation table information.
MsgId[MAX_MESSAGE_ID+1] The message identifier that uniquely
identifies a message.
ConditionCode The return code that accompanies a
message.
Feedback Additional return code information.
MsgText[MAX_MESSAGE_TEXT+1 The message text.
MsgData[MAX_MESSAGE_DATA+1] The message substitution field.

Return Codes

C++ Class and the C API Functions Return Codes


CDAPI.H Return Code Values

This table describes the return code values defined in CDAPI.H.

Name Description
CD_NO_ERROR No error detected.
CD_ENDOFDATA No more data available.
CD_PARM_ERROR Invalid parameter detected.
CD_INITIALIZE_ERROR Initialization failed or initialization has not been
performed.
CD_CONNECT_ERROR Error occurred during attach processing.
CD_CONNECT_CANCELLED Attach operation cancelled by the user.
CD_CONNECTED_ERROR Invalid Sterling Connect:Direct server name.
CD_DISCONNECT_ERROR Sterling Connect:Direct server disconnected from the
client.
CD_NODENAME_ERROR The Name field not set and the default not found.
CD_USERID_ERROR Invalid user ID specified.
CD_ADDRESS_ERROR Invalid TCP/IP address.

300 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Name Description
CD_PROTOCOL_ERROR Invalid or unsupported protocol specified.
CD_HANDLE_ERROR Invalid handle.
CD_HANDLE_TYPE_ERROR The wrong handle type specified.
CD_LOGON_ERROR Error while logging on to the Sterling Connect:Direct
server. The user ID or password may be invalid.
CD_DIALOG_ERROR Dialog box not created correctly.
CD_CANCEL An error occurred creating the dialog box or
retrieving the entered information.
CD_BUSY_ERROR Operation failed. Connection is currently busy.
CD_IDLE_ERROR Operation failed. Connection is currently idle.
CD_KQV_ERROR Invalid KQV stream detected.
CD_NOT_FOUND Object not found.
CD_ALREADY_EXISTS Object already exists.
CD_ALLOCATE_ERROR Allocation error occurred.
CD_NODE_ERROR Invalid network map node.
CD_PARSER_ERROR Parser detected an error.
CD_ACCESS_DENIED Object access denied.
CD_SEND_ERROR Error while sending error.
CD_RECEIVE_ERROR Error while receiving error.
CD_CONNECTION_ERROR A connection error occurred.
CD_REGISTRY_ERROR An error occurred while opening the Registry.
CD_TIMEOUT_ERROR Time-out value was reached.
CD_BUFFER_ERROR The buffer is not big enough to hold all of the items
in the list.
CD_COMMAND_ERROR The command was not recognized.
CD_PROCESS_ERROR The Process status is HE, held in error.
CD_UNDEFINED_ERROR An unknown exception.
CD_NOT_SUPPORTED An unknown exception.

Chapter 6. SDK Programmers Guide 301


302 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation
Chapter 7. .Net SDK User Guide
Sterling Connect:Direct for Microsoft Windows .Net SDK Overview
The IBM Sterling Connect:Direct for Microsoft Windows .Net SDK allows system
programmers to extend the capabilities of the Sterling Connect:Direct for Microsoft
Windows environment. It supports any version of the .Net framework from
Microsoft using any .Net supported programming language, including C#, VB.Net
and J#.

Sterling Connect:Direct for Microsoft Windows .Net SDK uses preconfigured


connection settings. For information, see Editing Connections Settings in the IBM
Sterling Connect:Direct for Microsoft Windows SDK Programmer Guide.

The following files are provided:


v ConnectDirectSdk.dll is a managed dll that interfaces the .Net managed program
to the Sterling Connect:Direct for Microsoft Windows CdCore.dll. Copy this file
to a folder in your executable path.
v CdCore.dll interfaces to the Sterling Connect:Direct for Microsoft Windows
server. Copy this file to a folder in your executable path.
v ConnectDirectSdk.xml is the help file that provides autocompletion and
parameter help.

Sample Programs
Sample source code projects help you understand how to use the .Net SDK. To run
the samples, place the CdCore.dll and ConnectDirectSdk.dll in your executable
path. You can copy these files to the same directory as the sample executables.

The sample programs include:

Sample Program Name Description


Type
VB.Net VbDotNetSample1 Console program that connects to a node, submits a
Process from a file, and displays statistics for the
Process.

Change the $todo tags in Module1.vb to valid


variables for your Sterling Connect:Direct for
Microsoft Windows node.
C#.Net DotNetSample1 Change the $todo tags in the SDKInterface.cs files for
each sample to valid values for the Sterling
DotNetSample2 Connect:Direct for Microsoft Windows node.

DotNetSample1 connects to a node, issues a select


process, then displays the Process information
returned.

DotNetSample2 – Connects to a node, submits a


Process and displays the Process and statistics
information.

© Copyright IBM Corp. 1982, 2016 303


Add the .Net Class Interface
About this task

To use the Sterling Connect:Direct .Net SDK, add the ConnectDirectSdk.dll as a


reference in your Visual Studio project.

To add the dll:

Procedure
1. Select Project >Add Reference from the menu.
2. Select Browse and search for the ConnectDirectSdk.dll file. Browse to the
C:\Program Files\Sterling Commerce\Connect Direct v4.7.0\SDK.Net\
Sdk_Files\Release location.
3. Highlight ConnectDirectSdk.dll and click OK.
4. Do one of the following to import the ConnectDirectSdk namespace:
v In Vb.Net, add the following command to your source modules:
Imports ConnectDirectSdk
v In C#.Net, add the following to your source modules:
Using ConnectDirectSdk

About Classes
Classes are provided to help configure your environment.

The Node class is the main interface to the Sterling Connect:Direct for Microsoft
Windows server. It contains the high-level Sterling Connect:Direct functions. Use it
to connect to a Node, submit Processes, and select statistics. Most access to the
Sterling Connect:Direct for Microsoft Windows server is through the Node object.
The Node object creates and removes the connection to the Sterling Connect:Direct
for Microsoft Windows server. Connections are shared and reused as different
requests are made.

The Process class allows you to retrieve information about Processes you submit or
that are in the TCQ. It contains all of the criteria returned from a Submit or
SelectProc method call.

The Statistic class allows you to retrieve statistic records from the TCQ. It
represents a group of records in the statistics database. They are returned from a
SelectStat method call.

Connect to a Sterling Connect:Direct for Microsoft Windows Node


The Sterling Connect:Direct node name and connection information is set at object
creation using the Node constructor. If a parameter is not supplied (NULL pointer),
the default value is read from the Registry.

During construction, the Node object tries to connect to the physical Sterling
Connect:Direct node, using the protocol information in the Registry. If the
connection fails, an exception is generated

In the following constructor, stNode is required. stUser and stPass are optional.
stPass is ignored if stUser is not provided.

304 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Node(String stNode, String stUser, String stPass)

In the following constructor, stLcuFile is required. This is the file spec for an LCU
file that contains the login information.

Node(String stLcuFile)

Disconnect Nodes
Use the DisconnectAll method to disconnect from all Nodes.

bool DisconnectAll()

Submit Processes
Use Submit and SubmitFile to submit Processes to a Node. These methods
automatically create a Process object and associate it with the Node for the Submit.

Below is the standard SubmitFile method. stFileName is required and is the file
specification of the Process to submit.

void SubmitFile(String stFileName)

The SubmitFile method allows more control of the submitted Process.


v stFileName is required and defines the requirements for the Process.
v holdOverride places the Process in the Hold queue.
v startTime specifies when to run the Process.
v symbolics define the substitution parameters to apply to the Process.

void SubmitFile(String stFileName, Hold holdOverride, String startTime, Dictionary<String,


String> symbolics)

The Submit method is very similar to the SubmitFile method but instead of
passing the file name of the Process to submit, you pass stText which is the text of
a Process to submit.

void Submit(String stText, Hold holdOverride, String startTime, Dictionary<String, String> symbolics)

Manage Processes
The Node object provides several methods to manage Processes. You can view,
change and delete Processes, place a Process on Hold, or release it from Hold. Each
method returns Process information in the ProcessList property of the Node class
for each Process that was selected or changed.

The following SelectProc method allows you to retrieve a list of all Processes from
the TCQ:

void SelectProc()

Chapter 7. .Net SDK User Guide 305


The following SelectProc method retrieves Processes from the TCQ whose Process
name matches stName.

void SelectProc(String^ stName)

The following SelectProc method retrieves Processes from the TCQ whose Process
number matches nNumber.

void SelectProc(int nNumber)

The following SelectProc method retrieves Processes from the TCQ whose Process
name matches any name in the array arrayNames.

void SelectProc(array<String^>^ arrayNames)

The following SelectProc method retrieves Processes from the TCQ whose Process
number matches a number in arrayNumbers.

void SelectProc(array<int>^ arrayNumbers)

The following HoldProc method places a Process in the TCQ on HOLD. pProcess
is a Process object.

void HoldProc(Process^ pProcess)

The following ReleaseProc method releases a Process from the HOLD and allows it
to run. pProcess is a process object.

void ReleaseProc(Process^ pProcess)

The following ReleaseProc method releases a Process that is on HOLD. nNumber is


the Process number of the Process, stPNode is the primary node of the Process,
and stUserid is the User ID of the Process.

void ReleaseProc(int nNumber, String^ stPNode, String^ stUserid)

The following DeleteProc method deletes a Process from the TCQ. pProcess is a
Process object.

void DeleteProc(Process^ pProcess)

The following DeleteProc method deletes a Process from the TCQ. nNumber is the
Process number to delete, stPNode is the primary node of the Process, and
stUserid is the User ID of the Process.

void DeleteProc(int nNumber, String^ stPNode, String^ stUserid)

306 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Retrieve Statistics
Use SelectStat methods to retrieve statistics from the stats database. Statistics are
returned in the StatsList property of the Node class.

The following SelectStat method retrieves all statistic records.

Note: The list could be large depending on how many days of records are kept in
the database.

void SelectStat()

The following SelectStat method retrieves all statistic records for a specific Process.
pProcess is the Process object to retrieve the stats for.

void SelectStat(Process^ pProcess)

The following SelectStat method retrieves all statistic records within a specified
time range. dtBegin identifies the beginning time and dtEnd is the ending time.
The time is in the format MM/DD/YYYY hh:mm:ss AM|PM.

void SelectStat(String^ dtBegin, String^ dtEnd)

Node Properties
Following are the node properties returned:
v ApiVersion - API version of the node as a long
v CDName - Sterling Connect:Direct node name sent to the client after
successfully logging on
v Name - Alias node name passed in the constructor
v OSSubType - Operating system sub-type (additional information) of the node
v OSType - Operating system type of the node
v ProcessEntry - Process from a Submit call
v ProcessList - Array of Processes
v SecurePlusSupported - Indicates if the node supports IBM Sterling
Connect:Direct Secure Plus
v SecurePlusVersion - Sterling Connect:Direct Secure Plus version as a long
v Server - File server name where the Sterling Connect:Direct node is running
v StatsList - Array of Stat messages from a SelectStat call
v Userid - User ID used to log in to the node

Process Class
The Process class contains Process criteria returned from a SUBMIT or SELECT
PROCESS method. Processes are submitted using the Node.Submit or
Node.SubmitFile method.

Method to Wait for Process Completion

Chapter 7. .Net SDK User Guide 307


The following WaitForCompletion method blocks the current thread until the
Process exits all queues on the Sterling Connect:Direct server, including error
queues. It waits indefinitely.

void WaitForCompletion()

The following WaitForCompletion method blocks the current thread until the
Process exits all queues on the Sterling Connect:Direct server, including error
queues, or until the timeout period expires. timeout is in milliseconds.

void WaitForCompletion(long timeout)

Process Properties
Following is a list of the Process properties:
v ByteCount - Returns the Bytes read from the file as a long
v Checkpoint - Returns the Checkpointing Enabled flag
v Class - Returns the session class property as a String
v ConditionCode - Returns the Return Code as an int
v DestDisp1 - Returns the Destination file disposition parameter 1 as a char
v DestDisp2 - Returns the Destination file disposition parameter 2 as a char
v DestDisp3 - Returns the Destination file disposition parameter 3 as a char
v DestFile - Returns the Destination File Name as a string
v ExecPriority - Returns the Current Execution Priority as a String
v ExtendedCompression - Returns the Extended Compression flag
v Feedback - Returns the Additional Return Code Information as an int
v FromNode - Returns the From Node flag
v Function - Returns the Current Function Executing as a string
v Hold - Returns the Hold flag as a char
v LocalNode - Returns the Local Node indicator flag
v LogDateTime - Returns the Logged Timestamp
v MsgData - Returns the Message Substitution Data as a string
v MsgId - Returns the Message Identifier field as a string
v MsgText - Returns the Message Text field as a string
v Name - Returns the Process Name as a string
v Number - Returns the Process Number as an int
v PNode - Returns the Primary Node Name as a string
v Priority - Returns the Current Priority as in int
v Queue - Returns the Process Queue as a string
v RecordCount - Returns the Records read/written as a long
v Restart - Returns the Restart flag
v Retain - Returns the Retain flag as a char
v SchedDateTime - Returns the Scheduled Timestamp
v SecureEnabled - Returns the Sterling Connect:Direct Secure Plus enabled flag
v SecureProtocol - Returns the Sterling Connect:Direct Secure Plus Protocol as a
string

308 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


v Signature - Returns the Sterling Connect:Direct Secure Plus effective Signature
setting
v SNode - Returns the Secondary Node Name as a string
v SourceDisp1 Returns the Source Disposition 1 as a char
v SourceDisp2 - Returns the Source Disposition 2 as a char
v SourceDisp3 - Returns the Source Disposition 3 as a char
v SourceFile - Returns the Source File Name as a String
v SSLCipherSuite - Returns the Sterling Connect:Direct Secure Plus SSL Cipher
Suite as a string
v StandardCompression - Returns the Standard Compression flag
v Status - Returns the Current Status as a string
v StepName - Returns the Current Stepname as a string
v SubmitNode - Returns the Submitter Node Name as a String
v Submitter - Returns the Submitter User ID as a string
v XmitBytes - Returns the Bytes sent/received count as a long
v XmitRUs - Returns the RUs sent/received as a long

Statistic Class
The Statistic class represents a group of records in the statistics database. They are
returned by a SelectStat method call.

Audit Information

The GetAuditField method returns the value of the field requested from the Stats
Audit Information. Audit data in Stats records is optional and Stat records can
have different audit fields available. stField is the name of the audit field you
request information for; stValue is the value of the field requested. This method
returns TRUE if the audit field is found and FALSE if not.

BOOL GetAuditField(String^ stField, String^% stValue)

Statistic Properties
Following are the statistics properties:
v ConditionCode - Returns the Return Code
v Feedback - Returns Additional Return Code information
v LogDateTime - Returns the Logged Timestamp
v MsgData - Returns the Message Substitution Data as a string
v MsgId - Returns the Message Identifier field as a string
v MsgText - Returns the Message Text field as a string
v ProcessName - Returns the Name of the process
v ProcessNumber - Returns the Process number
v RecCat - Returns the Record Category
v RecId - Returns the Record Identifier tag
v SNode - Returns the Secondary Node Name
v StartDateTime - Returns the Start Timestamp
v StopDateTime - Returns the Stop Timestamp

Chapter 7. .Net SDK User Guide 309


v Submitter - Returns the User Id of the submitter

310 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Notices
This information was developed for products and services offered in the US. This
material might be available from IBM in other languages. However, you may be
required to own a copy of the product or product version in that language in order
to access it.

IBM may not offer the products, services, or features discussed in this document in
other countries. Consult your local IBM representative for information on the
products and services currently available in your area. Any reference to an IBM
product, program, or service is not intended to state or imply that only that IBM
product, program, or service may be used. Any functionally equivalent product,
program, or service that does not infringe any IBM intellectual property right may
be used instead. However, it is the user's responsibility to evaluate and verify the
operation of any non-IBM product, program, or service.

IBM may have patents or pending patent applications covering subject matter
described in this document. The furnishing of this document does not grant you
any license to these patents. You can send license inquiries, in writing, to:

IBM Director of Licensing


IBM Corporation
North Castle Drive, MD-NC119
Armonk, NY 10504-1785
US

For license inquiries regarding double-byte character set (DBCS) information,


contact the IBM Intellectual Property Department in your country or send
inquiries, in writing, to:

Intellectual Property Licensing


Legal and Intellectual Property Law
IBM Japan Ltd.
19-21, Nihonbashi-Hakozakicho, Chuo-ku
Tokyo 103-8510, Japan

INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS


PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER
EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE. Some jurisdictions do not allow disclaimer of
express or implied warranties in certain transactions, therefore, this statement may
not apply to you.

This information could include technical inaccuracies or typographical errors.


Changes are periodically made to the information herein; these changes will be
incorporated in new editions of the publication. IBM may make improvements
and/or changes in the product(s) and/or the program(s) described in this
publication at any time without notice.

Any references in this information to non-IBM websites are provided for


convenience only and do not in any manner serve as an endorsement of those

© Copyright IBM Corp. 1982, 2016 311


websites. The materials at those websites are not part of the materials for this IBM
product and use of those websites is at your own risk.

IBM may use or distribute any of the information you provide in any way it
believes appropriate without incurring any obligation to you.

Licensees of this program who wish to have information about it for the purpose
of enabling: (i) the exchange of information between independently created
programs and other programs (including this one) and (ii) the mutual use of the
information which has been exchanged, should contact:

IBM Director of Licensing


IBM Corporation
North Castle Drive, MD-NC119
Armonk, NY 10504-1785
US

Such information may be available, subject to appropriate terms and conditions,


including in some cases, payment of a fee.

The licensed program described in this document and all licensed material
available for it are provided by IBM under terms of the IBM Customer Agreement,
IBM International Program License Agreement or any equivalent agreement
between us.

The performance data and client examples cited are presented for illustrative
purposes only. Actual performance results may vary depending on specific
configurations and operating conditions.

Information concerning non-IBM products was obtained from the suppliers of


those products, their published announcements or other publicly available sources.
IBM has not tested those products and cannot confirm the accuracy of
performance, compatibility or any other claims related to non-IBMproducts.
Questions on the capabilities of non-IBM products should be addressed to the
suppliers of those products.

Statements regarding IBM's future direction or intent are subject to change or


withdrawal without notice, and represent goals and objectives only.

All IBM prices shown are IBM's suggested retail prices, are current and are subject
to change without notice. Dealer prices may vary.

This information is for planning purposes only. The information herein is subject to
change before the products described become available.

This information contains examples of data and reports used in daily business
operations. To illustrate them as completely as possible, the examples include the
names of individuals, companies, brands, and products. All of these names are
fictitious and any similarity to actual people or business enterprises is entirely
coincidental.

COPYRIGHT LICENSE:

This information contains sample application programs in source language, which


illustrate programming techniques on various operating platforms. You may copy,
modify, and distribute these sample programs in any form without payment to

312 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


IBM, for the purposes of developing, using, marketing or distributing application
programs conforming to the application programming interface for the operating
platform for which the sample programs are written. These examples have not
been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or
imply reliability, serviceability, or function of these programs. The sample
programs are provided "AS IS", without warranty of any kind. IBM shall not be
liable for any damages arising out of your use of the sample programs.

Each copy or any portion of these sample programs or any derivative work must
include a copyright notice as shown in the next column.

© 2015.
Portions of this code are derived from IBM Corp. Sample Programs.
© Copyright IBM Corp. 2015.

Trademarks
IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of
International Business Machines Corp., registered in many jurisdictions worldwide.
Other product and service names might be trademarks of IBM or other companies.
A current list of IBM trademarks is available on the web at "Copyright and
trademark information" at www.ibm.com/legal/copytrade.shtml.

Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered
trademarks or trademarks of Adobe Systems Incorporated in the United States,
and/or other countries.

IT Infrastructure Library is a registered trademark of the Central Computer and


Telecommunications Agency which is now part of the Office of Government
Commerce.

Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo,
Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or
registered trademarks of Intel Corporation or its subsidiaries in the United States
and other countries.

Linux is a registered trademark of Linus Torvalds in the United States, other


countries, or both.

Microsoft, Windows, Windows NT, and the Windows logo are trademarks of
Microsoft Corporation in the United States, other countries, or both.

ITIL is a registered trademark, and a registered community trademark of the Office


of Government Commerce, and is registered in the U.S. Patent and Trademark
Office.

UNIX is a registered trademark of The Open Group in the United States and other
countries.

Java™ and all Java-based trademarks and logos are trademarks or registered
trademarks of Oracle and/or its affiliates.

Cell Broadband Engine is a trademark of Sony Computer Entertainment, Inc. in the


United States, other countries, or both and is used under license therefrom.

Notices 313
Linear Tape-Open, LTO, the LTO Logo, Ultrium and the Ultrium Logo are
trademarks of HP, IBM Corp. and Quantum in the U.S. and other countries.

Connect Control Center®, Connect:Direct®, Connect:Enterprise®, Gentran®,


Gentran®:Basic®, Gentran:Control®, Gentran:Director®, Gentran:Plus®,
Gentran:Realtime®, Gentran:Server®, Gentran:Viewpoint®, Sterling Commerce™,
Sterling Information Broker®, and Sterling Integrator® are trademarks or registered
trademarks of Sterling Commerce®, Inc., an IBM Company.

Other company, product, and service names may be trademarks or service marks
of others.

Terms and conditions for product documentation


Permissions for the use of these publications are granted subject to the following
terms and conditions.

Applicability

These terms and conditions are in addition to any terms of use for the IBM
website.

Personal use

You may reproduce these publications for your personal, noncommercial use
provided that all proprietary notices are preserved. You may not distribute, display
or make derivative work of these publications, or any portion thereof, without the
express consent of IBM.

Commercial use

You may reproduce, distribute and display these publications solely within your
enterprise provided that all proprietary notices are preserved. You may not make
derivative works of these publications, or reproduce, distribute or display these
publications or any portion thereof outside your enterprise, without the express
consent of IBM.

Rights

Except as expressly granted in this permission, no other permissions, licenses or


rights are granted, either express or implied, to the publications or any
information, data, software or other intellectual property contained therein.

IBM reserves the right to withdraw the permissions granted herein whenever, in its
discretion, the use of the publications is detrimental to its interest or, as
determined by IBM, the above instructions are not being properly followed.

You may not download, export or re-export this information except in full
compliance with all applicable laws and regulations, including all United States
export laws and regulations.

IBM MAKES NO GUARANTEE ABOUT THE CONTENT OF THESE


PUBLICATIONS. THE PUBLICATIONS ARE PROVIDED "AS-IS" AND WITHOUT
WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING
BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY,
NON-INFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE.

314 Sterling Connect:Direct for Microsoft Windows 4.7: Documentation


Notices 315
IBM®

Product Number: 5655-X01

Printed in USA

You might also like