DB Gate User Manual - Raz-Lee
Contents
1. e 56 DB Gate messages in server mode eene 56 Appendix A JDBC Driver for Excel CSV etc 59 ENY E cease 59 60 Appendix Oracle TNS 61 Working with Oracle TNS eerte nennen nnne retentis 61 Inline Method isse es eti ri ead aci a es 61 External File Method essen eene enne 61 DB Gate User Manual About This Manual This user guide is intended for system administrators and security administrators responsible for the implementation and management of security on AS400 systems However any user with basic knowledge of AS400 operations will be able to make full use of this product after reading this book Product Documentation Overview Raz Lee takes customer satisfaction seriously Our products are designed for ease of use by personnel at all skill levels especially those with minimal AS400 experience The documentation package includes a variety of materials to get you familiar with this software quickly and effectively Printed Materials This user guide is the only printed documentation necessary for understanding this product It is available in user friendly PDF format an2. 0 ameta n Ced a e EY be ETHER ERES ERE ER tens 31 33 Adding a New SD M 33 Deleting DB Driver EEEE 34 Drivers and Licenses 34 DB Gate I 35 Display Log Entries cerror ena S ee XE PI Ct end 36 Rem te User UD P 39 Injection of Remote User IDs eicit tetto e e eet 40 Modifying a Server Authentication Entry eese 40 Adding a New Server Authentication Entry 41 TeSt Drive 43 43 Working with SQL Program Sources sse eene nnns 44 System 45 General Definitions ge eon v duet 46 Ain 47 Setting DB Log Retention Parameters sse 47 Maintenance Menu eec 49 Display DB Gate Definitions sversi serris n E REEE 50 Work with Operators ae oit er Ir rer HIR Fe CAE EE Ei 51 Check MURUS 53 Iinucllm EE 54 Troubleshooting sas cards io odo tope eo Fahnen 55 Error Messages in Server
3. adl2 Parm lt adl3 gt Parm 4 lt adl 4 gt URL dft schema Std replacement lt gt lt gt catalog port schema adl1 4 5 F3 Exit Driver Driver file Class Driver page Default port Rdditional parms Parm 1 adl 1 Parm 2 adl2 Parm adl3 Parm 4 adl4 5 URL dft schema Std replacement lt host gt lt db gt catalog port schema adl1 4 5 F3 Exit Modifu DB Driver ORRCLE SID Oracle SID iSecurity DB Gate Drivers oracle ojdbcsS jar oracle jdbc Oracl eDriver http uuu oracle com technol ogy tech java sql j_jdbc index h tml 1521 Label System ID Possible values DB instance XE jdbc oracle thin host port adl 1 F7 Driver page F9 Restore Default Fi2 Cancel Modify DB Driver ORACLE_SID Oracle SID oracle ojdbc5 jar oracle jdbc Oracl eDriver http www oracle com technol ogy tech java sql j_jdbc index h tml 1521 Label System ID Possible values DB instance XE jdbc oracle thin host port adl 1 F7 Driver page F9 Restore Default Fi2 Cancel Figure 5 1 Modify DB Driver Full and Relative Paths DB Gate User Manual 29 Working with Database Drivers C You may add any number of additional drivers or modify the existing ones To set up a database driver 1 Se
4. EMPLOYEES WHERE FIRST BETWEEN Jack AND Ol iver SELECT statement run complete gt Bottom F3 Exit F4 Prompt F6 Insert line FQ9 Retrieve F10 Copy line F12 Cancel F13 Services F24 More keys Figure 8 1 Enter SQL Statements DB Gate User Manual 43 Working with SQL Program Sources Working with SQL Program Sources To begin working with SQL Program Sources select 5 Work with SQL program sources from the main screen and press Enter The Work with Members Using PDM screen is displayed as shown in Figure 8 2 on page 44 Work with Members Using WRKMBRPDM Type choices press Enter 2 4 e 4 Re name Library name XLIBL xCURLIB Member name XgenericX Member type type XgenericX Bottom F3 Exit F4 Prompt F5 Refresh F12 Cancel F13 How to use this display F24 More keys Figure 8 2 Work with Members using PDM DB Gate User Manual 44 System Configuration DB Gate is ready to run right out of the box You should review a few system configuration parameters that control important features prior to using the product for the first time It should be pointed out that there is no typical or optimal configuration for a connectivity product such as DB Gate Each installation or application has different operational criteria and security needs For example the log requirements fo
5. Highlight it and select 3 Copy The Copy DB Directory Entry screen appears with the selected directory entry appearing in both the From and To Directory Entry fields as shown in Figure 4 4 on page 25 Modify the To Directory Entry description and press Enter twice Copy DB Directory Entry Type choices press Enter From Directory Entry MSACCESS Description To New Directory Entry Qgsacc copy F3 Exit F4 Prompt Fi2 Cancel Modify data or press Enter to confirm Figure 4 4 DBG Copy Directory Entry Screen All the existing directory entry details are automatically added and the Work with Directory Entries screen is redisplayed with the newly created directory entry in deactivated status See Figure 4 5 on page 25 Work with DB Directory Entries Type options press Enter Subset 1 Select 3 Copy 4 Remove 7 Activate 8 Deactivate Status Directory entry Active ALEX TEST ALEX Active A150 Active A520 Active LO Active LOPC Active MS This is a MS SQL Active MS_JTDS Active MS_ROB This is a MS SQL MSACC Active MSACCESS Active MSPC This is a MS SQL Active MY Active MYFED Active MYH2 F3 Exit FS Refresh F6 Add F12 Cancel Directory Entry copied Figure 4 5 Work with Directory Entries Screen DB Gate User Manual 25 Creating a New Directory Entry Creating a New Directory Entry You can add a new Directory Entry either by copying one that already exists o
6. Language support Keep alive interval Keep alive statement F3 Exit Fi2 Cancel XRUTO 4 11 for Bidi F7 Driver page F8 Replace driver F12 Cancel Modify Directory Entry Part B ORACLE Driver ORACLE_SID QauTo xAUTO xNONE 4 11 for Bidi 5 Minutes SELECT FROM DUAL Figure 4 3 Modify Directory Entry Screen Table 4 1 on page 23 describes the detailed information you enter to create a new RDB Entry Some of the parameters may vary depending on the selected driver Table 4 1 RDB Entry Parameters Parameter Description Options Directory Entry Name of the directory Active Y yes or N no DB Gate User Manual 23 Modifying a Directory Entry Parameter Driver Table 4 1 RDB Entry Parameters Description Options The driver you associated with the new entry Description Description of the directory optional Log 0 Global default this value is taken from System Configuration s General Definitions screen 1 No log no data is stored 2 Connect the log will store a record of each connection and disconnection from a database 4 AII the log will store all commands sent when a Fetch command is sent it will only store the first in the series Host or IP The address used to access the remote database Port The port number associated with the above address required for setting up a connection to the remote dat
7. Special 71 Recreate Data Queue Note that Inline Mode does not require pre activation Selection or command gt F3 Exit F4 Prompt F9 Retrieve Fi2 Cancel Fi3 Information Assistant Fi6 AS 400 main menu Figure 3 13 Activation Screen DB Gate User Manual 20 Remote DB Definitions This chapter describes how to define a remote database When definitions are activated they create an RDBDIRE Remote DB Directory Entry in the operating system Working with Directory Entries To begin working with directory entries select 1 Work with Directory Entries from the main screen The Work with Directory Entries screen opens as shown in Figure 4 1 on page 21 Directories are marked as Active or deactivated You can perform the following activities Viewing Subsets of Drivers Modifying a Directory Entry Copying an Existing Directory Entry Creating a New Directory Entry Removing a Directory Entry Activating a Directory Entry Deactivating a Directory Entry Work with Directory Entries Type options press Enter Subset 1 Select 4 Remove 7 Activate 8 Deactivate Opt Status Directory entry Active CRM Active SALES SHIPMENTS Active F3 Exit F5 Refresh F6 Add new F8 Print F12 Cancel DB Directory Entry deleted Relational database directory entry deactivated Figure 4 1 Work with Directory Entries DB Gate User Manual 21 E Viewing Subsets of Drivers C Viewing
8. tmp customers xls One can also use COMMENT QTEMP MY_TABLEIS or COMMENT MY_TABLEIS NOTE In both cases the file MY_TABLE is created in an internal QTEMP library This is not to be confused with the current Job s QTEMP lib When issuing the SELECT statement the QTEMP library must be specified SELECT FROM QTEMP MY_TABLE When completed the QGPL MY TABLE is created and available with the data An SQL SELECT statement SELECT FROM QGPL MY TABLE The driver accesses the source PC file in a read only manner Excel sheets can be accessed by specifying the sheet number in the COMMENT statement Example COMMENT ON QGPL MY TABLE IS file tmp customers xI s 2 On this example the file is customers xls and the query targets the second sheet 2 The first sheet 15 1 Tables embedded in ODF Text Documents LibreOffice OpenOffice can be accessed in the same manner as sheets on Excel spreadsheet Table A 1 Access Protocols Examples Function Key Description File Mainly for accessing files in the IFS file system COMMENT QGPL MY_TABLE IS file tmp customers xls HTTP Mainly for the web COMMENT ON QGPL MY TABLE IS http www razlee info gui db gate ms xls FTP COMMENT ON QGPL MY TABLE IS ftp myserver com readme txt SMB MS Windows shares COMMENT ON QGPL MY TABLE IS smb 192 168 1 181 shareddocs sales csv DB Gate User Manual 60 Appendix Oracle
9. DB Gate s Display Log shows the contents of the history log which saves various data gathered from the different directory entries as you have defined them in a standard format and using basic filter criteria The Backward Glance feature lets you look at the last several minutes of activity without the need to define specific time or date parameters DB Gate User Manual 35 Display Log Entries Display Log Entries begin filtering log entries select 41 Display Log from the main menu The Display DB Gate Log Entries screen is displayed as shown in Figure 6 1 on page 36 Display DB Gate Log Entries Type choices press Enter Display last minutes Starting date and time Starting date Starting time Ending date and time Ending date Ending time User profile Remote user profile Relational DB Entry SQL Operation SQL State SQL Error Code SQL Statement contains F3 Exit F4 Prompt F5 Refresh F24 More keys 000000 235959 xRLL xRLL xRLL xRLL xRLL xRLL xRLL Number Date Time Date Time Name Name Name Name XCURRENT xSTRRT xYESTERDRY XALL xALL ALTER CLOSE Character xALL Number XERR XNOERR xALL F12 Cancel More Fi3 Hou to use this display Figure 6 1 Displa
10. W Search and filtering with generic text support The following describes the different data entry screens W To enter data in a field type the desired text and then press Enter or Field Exit To move from one field to another without changing the contents press Tab To view options for a data field together with an explanation press W To accept the data displayed on the screen and continue press Enter DB Gate User Manual 9 New Features and Functionality Table 2 1 on page 10 describes the standard function keys that may appear on data entry screens Table 2 1 Functions Keys Function Key Description F1 Help Displays context sensitive help F3 Exit Ends the current task and returns to the screen or menu from which the task was initiated F4 Prompt Displays a list of valid options for the current field or command For certain data items a pop up selection window appears F6 Add New Creates a new record or data item F8 Print Prints the current report or data item F9 Retrieve Retrieves the previously entered command F12 Cancel Returns to the previous screen or menu without updating New Features and Functionality Version 2 1 The following improvements have been made in this version A path relative to the DB Gate default driver s location can be used for specifying drivers files addition to absolute path The URL field in the RDB Entries scr
11. Definitions Type options press Enter 1 Inline no pre activation 2 Internal server 3 External server Run mode 2 set any password to user profile SECURITYBP to enable the initiation of the Internal Server This password does not have to be entered anywhere in the product ISQL Activities are always done by the actual user authority Auto Set Java version and CLASSPATH N Y Yes N No Java 1 5 or higher required See CLASSPATH in iSecurity DB Gate sp properties log level errors are always logged 5 1 No Log 2 Connects only 11 only first FETCH logged IF3 Exit Fi2 Cancel Figure 11 1 General Definitions Screen Mode 1 Options 6 Start a new job to test DB Gate User Manual 55 E Error Messages in Server Mode C Mode 2 Internal Server It is recommended to use Mode 2 since only the internal DB Gate user will be affected 1 Copy the file liSecurity DB Gate sp properties to liSecurity DB Gate SystemDefault properties 2 Update the Home Directory for the user profile to your own unique IFS folder For example to modify the SECURITYBP user profile type CHGUSRPRF USRPRF SECURITYBP HOMEDIR iSecurity DB Gate 3 Runthe command sequence STRDB 81 1 4 Turn off Auto Set Java version and CLASSPATH by changing the status to N 5 Make sure that the SystemDefault properties file contains the line java versionz1 5 6 Deactivate and then reactivate the server Issue The installation of th
12. Doe 11 1 Cc 12 NM MU 12 Mode 2 Internal Server eese cete aea e ea oa Fed HERR ug 12 Before You Begin 13 ERE UR 13 Automatic Activation upon Startup esses 15 Mode 3 External Server seiten de 15 Running the DB Gate Server sse 17 DB Gate Server Commands ener enne 18 Changing the DB Gate Mode 0 19 M 20 Remote DB 21 Working with Directory Entries 21 Viewing Subsets of 1 000 eene 22 Modifying a Directory Entry nennen innen nns 23 Copying Existing Directory 25 Creating a New Directory ener nnne nnn nennen 26 Removing a Directory eene enne 27 Activating a Directory Entry esses enne 27 DB Gate User Manual Deactivating a Directory Entry 27 DB CIN Saas 29 Working with Database Drivers esses ener nnns 29 Description for the driver seen 30 Modifying a
13. ID SASHA2 Password or DB Gate restricts Server to 18 characters User and Password are restricted to 10 characters F3 Exit F12 Cancel Figure 7 2 Modify User Authentication Entry Adding a New Server Authentication Entry To add a new server authentication entry 1 In the Work with Server Authentication Entries screen press F6 Add New An empty Add User Authentication Entry screen appears 2 Update the User profile Server and Remote user ID details displayed 3 Press Enter After a confirmation message appears press Enter again to save your settings DB Gate User Manual 41 Adding New Server Authentication Entry DB Gate User Manual 42 Test Drive This chapter describes the various ways you can start SQL and work with SQL programs These features rely on standard IBM commands which are described in detail in the IBM documentation Starting SQL To start working with SQL To begin writing SQL commands directly from your IBM System i select 51 Start SQL from the main menu and press Enter The Enter SQL Statements screen appears as shown in Figure 8 1 on page 43 This is the main screen for interactive Structured Query Language SQL for running SQL statements SQL messages also appear on this screen Enter SQL Statements SQL statement press Enter CONNECT TO SALES Current connection is to relational database SALES SELECT FIRST_NAME LAST_NAME EMAIL PHONE_NUMBER FROM HR
14. It is recommended to restart the job W Error in the DB Gate Java engine DB Gate User Manual 57 Error Messages Server Mode DB Gate User Manual 58 Appendix A JDBC Driver for Excel CSV etc Adding an Entry To add an entry 1 Type STRDB then select option 1 Work with Directory Entries 2 Press F6 give it a name and point it to the supplied PC_FILE driver as shown in Figure 1 on page 59 3 Press Enter Set log level and language support if needed and confirm The entry is activated and available for use Add New Directory Entry Directory Entry PC DCPHVOE r PC FILE F4 Prompt Figure A 1 Add New Directory Entry Opt Driver Available ORACLE SID Yes Oracle SID ORACLE SRV Yes Oracle Service ORACLE TNS Yes Oracle TNS PC FILE Yes CSV Microsoft Excel Text ODF Spreadsheet XML PERVASIVE Pervasive POINTBASEL Yes PointBase Local POINTBASES Yes PointBase Server Figure A 2 Opt Driver Available The driver operates based on target file s extension xls xlsx for MS Excel csv for comma separated values ods for ODF spreadsheet txt and any other extension is treated as text file DB Gate User Manual 59 Connecting 4 Connecting Working with the JDBC Driver Connect the entry no user password is required CONNECT TO PC Complete either of the following steps AnSQL ON statement COMMENT ON QGPL MY TABLE IS file
15. QSECOFR or equivalent user profile o Enter CALL SMZB DBRMVPRD Once the uninstall is completed enter DLTLIB SMZB Manually delete IFS directory iSecurity DB Gate Backups of previous releases might exist under the name QGPL P SMZx To confirm proper uninstall use DSPUSRPRF SECURITYBP TYPE xOBJOWN F3 Exit Figure 10 6 Uninstall SECURITYBP Screen DB Gate User Manual 54 Troubleshooting This chapter describes various issues that may arise and how to handle them Please review the following sections prior to contacting your Raz Lee distributor or customer support Issue Java versions lower than v5 0 loaded by default Workaround DB Gate requires Java v 5 or higher to run If any job has an earlier version of Java loaded perform the following workaround running either Mode 1 Inline Mode 2 Internal Server recommended Mode 1 Inline The following steps will impact on all Java programs running in every job 1 Copy the file iSecurity DB Gate sp properties to liSecurity DB Gate SystemDefault properties 2 Update the Home Directory for the user profile to your own unique IFS folder Modify the desired user profile by typing the following command CHGUSRPRF USRPRF xxx HOMEDIR iSecurity DB Gate 3 Run the command sequence STRDB gt 81 gt 1 4 Turn off Auto Set Java version and CLASSPATH 5 Make sure that the file SystemDefault properties contains the line java version 1 5 General
16. Select 1 Activate Server DB Gate begins to operate in Internal Server Mode A message appears at the bottom of the screen indicating c Select 5 Work with Active Jobs to verify that DB Gate is working The Work with Subsystem Jobs screen appears and displays active Subsystem Jobs and their status as shown in Figure 3 5 on page 14 Work with Subsystem Jobs 520 25 04 13 12 51 1 Subsystem sis Gel Paste E E as ZDBGATE Type options press Enter 2 Change 3 Hold 4 End S Work with 6 Rel ease 7 Display message 8 Work with spooled files 13 Disconnect Opt Job User Type Function L DBMONITOR SECURITYBP AUTO ACTIVE PGM DBSRVR Parameters or command gt F3 Exit F4 Prompt FS Refresh F9 Retrieve Fii Display schedule data Fi2 Cancel 17 F18 Bottom Figure 3 5 Work with Subsystem Jobs Screen DB Gate User Manual 14 Mode 3 External Server Automatic Activation upon Startup Internal Server Mode can be set to automatically activate upon startup of the IBM System Initial Program Load IPL from the Activation screen See Figure 3 4 on page 14 To enable automatic activation select 11 Activate Server at IPL To disable automatic activation select 12 Do Not Activate Server at IPL You can verify automatic activation status by typing DSPJOBLOG at the command prompt Mode 3 External Server DB Gate runs as a server process on a different computer That computer and the DB Gate service runni
17. Subsets of Drivers To view a specific subset of drivers type the first alphanumeric characters of the driver in the Subset by driver field and press Enter The driver list is redisplayed with results that match your query Work with DB Drivers Subset by driver Type options press Enter by text 1 Select 3 Copy 4 Delete 8 Driver page Opt Driver Available DB2 Yes DB2 for Windows Linux DB2JDBC4 Yes DB2 for Windows Linux FG6 Add new F8 Print Fi2 Cancel Figure 4 2 Work With DB Drivers DB Gate User Manual 22 Modifying a Directory Entry HE Modifying a Directory Entry You can update all directory entries except for the names of the Directory To modify the details of a Directory Entry 1 1 in Opt column to select it and press Enter The Modify Directory Entry screen appears with the selected directory entry filled in as shown in Figure 4 3 on page 23 Directory Entry Description Log Host or IP Port Modify Directory Entry LOGISTICS Active Y Driver 55012005 This is a MS SQL 8 Dft 1 2 Basic 4 811 1 1 1 197 lt port gt 1433 Catalog og Schema lt schema gt Database Auto replacments are AdventureWorks jdbc sql server lt host gt lt port gt databaseName lt db gt lt host gt lt port gt lt catal og gt lt schema gt lt db gt lt ad1 1 4 Language Support F3 Exit F4 Prompt Directory entry Description
18. change any settings Destination location C Program Files DB Gate Server Start Menu folder DB Gate Server Additional tasks Additional icons Create a desktop icon Create a Quick Launch icon Er Figure 3 7 Ready to Install Screen d Upon completion select Launch DB Gate Server and click Finish 12 Setup DB Gate Server D Eei xi Completing the DB Gate Server Setup Wizard Setup has finished installing DB Gate Server on your computer The application may be launched by selecting the installed icons Click Finish to exit Setup Launch DB Gate Server Figure 3 8 DB Gate Server Setup Wizard Finish Screen The Connect to System dialog appears See Running the DB Gate Server on page 17 DB Gate User Manual 16 Mode 3 External Server Running the DB Gate Server The DB Gate server is started either by Selecting Launch the DB Gate server at the end of the installation process Starting the DB Gate server from the Windows Start menu or the icon Start Server Sto Figure 3 9 DB Gate Server Startup Screen 1 Click Start Server The Connect To System dialog appears See Figure 3 10 on page 17 2 Connect to the system as follows a Type the address IP or network path or host name for the DB Gate server b Type the User and Password to access that host c Click OK connect Tosystem System Address or Mapped Ho
19. driver DB Gate User Manual 33 E Deleting a DB Driver C Deleting DB Driver To delete a DB driver from the list 1 In the Work with DB Drivers screen select the DB driver and then select 4 Delete The driver s page is displayed 2 Press Enter to confirm the delete request The driver is deleted Drivers and Licenses Folders To view and update a connection to a remote database Select 15 Drivers amp Licenses Folders from the main screen The Work with Object Links screen opens This resource screen lets you see the paths to the third party drivers and their licenses Work with Object Links Directory iSecurity DB Gate Drivers Type options press Enter 2 Edit 3 Copy 4 Remove 5 Display 7 Rename 8 Display attributes 11 Change current directory Opt Object link Type Attribute Text DIR ss DIR db2 DIR derby DIR excel DIR firebird DIR hsql db DIR 2541 DIR jtds DIR Parameters or command gt F3 Exit F4 Prompt F5 Refresh F9 Retrieve F12 Cancel F17 Position to F22 Display entire field F23 More options Figure 5 5 Work with Object Links The drivers belong to the official owners They are supplied with the product for your convenience Next to each driver you may find the actual license under which it is supplied These drivers have been downloaded and are supplied by Raz Lee with the understanding that they may be supplied in this way DB Gate User Manual 34 DB Gate Log
20. lt db gt og gt lt port gt schema adl 1 4 gt F3 Exit Modify DB Driver 82 for Windows Linux iSecurity DB Gate Drivers db2 jcc jar com ibm db2 jcc DB2Dr iver http uuu 306 ibm com softuare data db2 java 58888 Label Possible values jdbc 462 lt host gt lt port gt lt db gt F7 Driver F9 Restore Default F12 Cancel Figure 5 3 Modify DB Driver The following table describes the information in the DB Driver screen Table 5 1 DB Driver Parameters and Commands Parameter Command Driver Description Driver s name and description It will appear in the DB Drivers list when configuring a connection Driver file Path to the jar file on the IFS that contains the JDBC driver for this database Class JDBC driver class name Driver page DB Gate User Manual URL for the driver developer s web page 31 Modifying a DB Driver Table 5 1 DB Driver Parameters and Commands Parameter Command Default port Description The default port to use when setting up a connection Additional Parameters You may define up to four parameters which are specific for this driver The definition includes the label as well as a short explanation or the possible values Parameters which are defined here will be displayed when this driver is selected When in the Driver field displays a
21. to save your settings Display DB Gate Definitions Type choices press Enter Report type From item To item Format F3 Exit F4 Prompt F24 More keys gt xDBENTRY ALL xDETRILS F5 Refresh F12 Cancel XRLL XxDBENTRY xDBDRVR Character value XRLL xSTART Character value xLAST XLIST xDETAILS X XPRINT Bottom F13 How to use this display Figure 10 2 Display DB Gate Definitions Screen DB Gate User Manual 50 Work with Operators Work with Operators The operators authorities management is maintained in one place for this product It also offers the site a possibility of implementing a second password to protect use of the product There is one default group AUD SECAD It allows all users both AUDIT and SECADM special authorities By default this group has full access Read and Write to all the product s components You may add more operators delete them and give them authorities and passwords as required You even have the option to make the new operators definitions apply to all your systems therefore upon import they will work on every system To view existing operator authorities and modify them do the following 1 From the Maintenance Menu select 11 Work with Operators The Work with Operators screen appears as shown in Figure 10 3 on page 51 Work with Operators Type options press Enter 1 Select 4 Delete Authority level 1 xUSE 9 O
22. to view the results The following screen is an example of the output displayed Display DB Gate Log Log information is available from 22 03 12 gt DB gt DB gt SASHA SASHA SASHA DB gt DB gt SASHA SASHA SASHA DB gt SASHA WAREHOUSE PREPARE SQLERR 204 5010204 21 in ILAN type not WAREHOUSE PREPARE SQLERR 104 5010104 Token FROM1 was not valid Valid WAREHOUSE PREPARE SQLERR 204 SQL9204 21 in ILAN type XFILE not gt CRM PREPARE SQLERR 1146 Table ilan demopf21 doesn t exist select x gt CRM PREPARE SQLERR 1146 Table ilan demopf21 doesn t exist select x gt CRM PREPARE SQLERR 1 Table ilan demopf21 doesn t exist select x f WAREHOUSE PREPARE SQLERR 204 SQL9204 21 in ILAN type XFILE not WAREHOUSE PREPARE SQLERR 204 SQL9204 21 in ILAN type XFILE not gt CRM PREPARE SQLERR 204 Table ilan demopf21 doesn t exist select x gt CRM PREPARE SQLERR 284 You have an error in your SQL syntax check t gt CRM PREPARE SQLERR 204 You have an error in your SQL syntax check t WAREHOUSE PREPARE SQLERR 104 5010104 Token FROM1 was not valid Valid gt CRM PREPARE SQLERR 204 You have an error in your SQL syntax check t Bottom F3 Exit F1Q Entire Entry 17 F18 Bottom To view further details on the output select F10 Entire Entry The following screen appears Figure 6 3 Display DB Gate Log Addi
23. B Gate User Manual 61 Working with Oracle TNS C connect the RDB entry location of the file is written to the IFS file iSecurity DB Gate sp properties for example oracle net tns admin iSecurity DB Gate This is the default location for the tnsnames ora file If you move it to another location you must also update the sp properties file After modifying the sp properties file you must restart DB Gate If you are running in either internal server mode or external server mode you must restart the server If inline run mode is used any new SQL job will be affected Below is an example of the tnsnames ora file PROD DESCRIPTION ADDRESS LIST ADDRESS PROTOCOL TCP HOST 192 168 1 221 PORT 1521 CONNECT DATA SERVICE NAME XE TEST DESCRIPTION ADDRESS LIST ADDRESS PROTOCOL TCP HOST 192 168 1 21 PORT 1521 ADDRESS PROTOCOL TCP HOST 192 168 1 22 PORT 1521 SERVICE NAME XE2 In the Modify Directory Entry screen ensure that the JDBC URL field is set to jdbc oracle thin PROD or jdbc oracle thin TEST as appropriate DB Gate User Manual 62 Working with Oracle TNS Modify Directory Entry Part A Directory entry ORACLE_TNS Active Driver ORACLE_TNS Description L
24. PROP DPROP DPROP DPROP DPROP F3 Exit 4 Remove Server CRH1 RDBIMP S528DDM testrdbi0 CRM LOGISTICS SALES acum_db ACUMSDB ODED REPLICA SHI 192 168 168 182 192 168 168 4 F6 Add New F12 Cancel Subset by user server remote user Remote user Passuord SRSHR2 QSECOFR xYES QSECOFR xYES AV SASHA 5 sasha 5 5 DB2ADMIN xYES db2admin xYES DPROP ODED DPROP DPROP DPROP Figure 7 1 Work with Server Authentication Entries To view a specific subset of server authentication entries 1 Select one of the following subset fields User Server Remote User 2 Enter the first alphanumeric characters of the entry and press Enter The list is redisplayed with results that match your query DB Gate User Manual 40 ifyi thentication Entr E Modifying a Server Auth Entry E Modifying a Server Authentication Entry To modify a server authentication entry 1 Highlight the server authentication entry that you want to update in the Work with Server Authentication Entries screen and press 1 Select and then press Enter The Modify User Authentication Entry screen opens as shown in Figure 7 2 on page 41 Update the User profile Server and Remote user ID details displayed 3 Press Enter After a confirmation message appears press Enter again to save your settings Modify User Authentication Entry Type choices press Enter User profile Remote user
25. Select DB Driver window with the option to select a specific DB Driver After entering 1 Select the window closes and your selection is displayed in the Driver field Once the Driver page has been entered selecting F7 opens the URL in your default browser DB Gate User Manual Restores the original definition of a driver if it was supplied alongside the DB Gate and replaces the current settings 32 Copying DB Driver Copying a DB Driver To copy a DB driver do the following 1 In the Work with DB Drivers screen select the DB driver you want to copy press 3 Copy and then press Enter The Copy DB Driver screen opens with the name and description of the selected driver as shown in Figure 5 4 on page 33 In the new Driver field change the name and then press Enter 3 After a confirmation message appears asking if you want to modify any of the entries press Enter again to save the new driver Copy DB Driver Type choices press Enter From Driver DAFFODILSR Description DaffodilDB Server To New Driver HAFFODILSR F3 Exit F4 Prompt F12 Cancel Figure 5 4 Copy DB Driver Adding a New DB Driver To add a new DB driver 1 From the Work with DB Drivers screen press F6 An empty Add New DB Driver screen appears 2 After you complete the fields press Enter 3 Aftera confirmation message appears asking if you want to modify any of the entries press Enter again to save the new DB
26. TNS Names Working with Oracle TNS An RDB entry for Oracle can be defined using the ORACLE driver There two methods for specifying the JDBC URL inline on the System i or by referring to a TNS entry name in the external file tnsnames ora Inline Method To define the RDB for Oracle 1 Adda new Directory Entry as described in Creating a New Directory Entry on page 26 2 Ensure that the URL entry is as shown in Figure B 1 on page 61 Modify Directory Entry Part A Directory entry ORRCLE TNS Rctive Y Driver ORRCLE TNS Description I Log s s oc UR Ros 8 8 Dft 1 2 Basic 4 811 Host or IP lt host gt Port lt port gt Catalog catalog Schema schema Database lt db gt TNSName lt adl 1 gt URL file http Ruto replacments are lt host gt lt port gt lt catal og lt 5 gt lt gt lt 11 4 gt jdbc oracle thin DESCRIPTION ADDRESS_LIST ADDR ESS PROTOCOL TCP HOST 1 1 1 221 PORT 1521 CONNE CT DRTR SERVICE NRME XE F3 Exit F4 Prompt F7 Driver More F8 Replace driver F12 Cancel Figure B 1 Oracle TNS RDB External File Method You can find the available TNSNAMES entries listed in the tnsnames ora file on the client computer from which you are connecting The file is located and loaded upon an attempt to D
27. View requires no change in existing applications It works for both SQL and traditional I O Screen protects unattended terminals and PC workstations from unauthorized use It provides adjustable terminal and user specific timeout capabilities Password Password provides a first tier wall of defense for users by ensuring that user passwords cannot be easily cracked Assessment DB Gate User Manual Assessment checks your ports sign on attributes user privileges passwords terminals and more Results are instantly provided with a score of your current network security status with its present policy compared to the network if iSecurity were in place Overview Raz Lee Security s DB Gate part of the iSecurity suite lets you open concurrent and transparent SQL connections to numerous types of remote data sources and databases You can do this on any IBM or non IBM platform using STRSQL and compile using CRTSQL for programs which refer to these databases DB Gate is a client only product so it saves you both money and time you would otherwise require to integrate new hardware or set up a complicated API System Requirements Make sure your system meets the following requirements DB Gate requires the V5R3 operating system or higher DB Gate requires Java 5 0 or higher Starting DB Gate To begin using DB Gate type STRDB on any command line The DB Gate main screen is displayed as shown below in Fi
28. abase Catalog If the database requires a Catalog for the connection specify it here Schema The schema for the remote database Database Database name Additional parameters SID in this example Up to four different parameters based on the selected driver URL Provided by the DB driver provider May include parameters lt host gt lt ip gt lt user gt lt pwd gt lt catalog gt lt port gt lt schema gt lt adl1 4 gt The URL field can contain a URL that points to a text file that contains the full JOBC URL For example the file at http www acme com gui jdbc ms txt could contain the following jdbc sqlserver lt host gt lt port gt databaseName lt db gt Language Support AUTO Default setting NONE 4 11 Based on an IBM setting for specific language support Keep alive interval Frequency the keep alive SQL statement is sent to DB to ensure connection is maintained Keep alive statement SQL statement sent to DB to ensure connection is maintained F8 DB Gate User Manual Replace Driver Enables users to replace the driver configuration for this RDB entry 24 Copying Existing Directory Entry m E Copying an Existing Directory Entry You can add a new Directory Entry by copying one that already exists Copying a directory entry is also the only way you can change the name of an existing directory entry To copy an existing directory 1
29. and eliminating the need to remember and re enter a user name and password for each CONNECT to a remote DB Provides detailed traceability logs Uses standard SQL syntax and is based upon standard IBM i functionality so there is virtually no learning curve Use of the IBM Server Authentication Entries injecting user and password seamlessly when needed and eliminating the need to remember and re enter a user name and password for each CONNECT to a remote DB DB Gate User Manual 7 DB Gate Restrictions DB Gate Restrictions The following functions are not supported Database large objects BLOBs CLOBs DBCLOBs Data links User IDs longer than ten characters Passwords longer than ten characters Stored procedure result sets SQL statements longer than 32K Stored procedures with Commit on Return Scrollable cursors Multi row input Extended diagnostics RDB aliases Commitment Control NOTE When using an ARDPGIM the system enforces the use of commitment control If for example session attributes for commitment control is set to NONE the system will change this setting immediately after the connection An RDB entry that is based on ARDPGM is always considered as a remote connection and thus cannot be assigned for commitment control as shown below in Figure 2 2 on page 8 Commitment Control Help Select the type of commitment control values are NONE or NC The possible Specifies
30. d may be displayed or printed using Adobe Acrobat Reader version 4 0 or higher Acrobat Reader is included on the product CD ROM This manual contains concise explanations of the various product features as well as step by step instructions for using and configuring the product Online Help AS400 context sensitive help is available at any time by pressing the F1 key A help window appears containing explanatory text that relates to the function or option currently in use Online help will shortly be available in Windows help format for viewing on a PC with terminal emulation Typography Conventions Menu options field names and function key names are written in Courier Bold References to chapters or sections are written in Italic IBM i OS 400 commands and system messages are written in Courier Key combinations are separated by a dash for example Shift Tab Emphasis is written in Times New Roman bold DB Gate User Manual 1 iSecurity Product Suite C iSecurity Product Suite Raz Lee s iSecurity is an integrated state of the art security solution for all System i servers providing cutting edge tools for managing all aspects of network access data and audit security Its individual components work together transparently providing comprehensive out of the box security The iSecurity Product Suite includes Product Description Change Tracker Change Tracker automatically tracks modifications in the soft
31. d to 1 1 1 105 Job Name Time 2013 06 05 15 30 24 2013 06 05 15 32 17 2013 06 05 15 32 35 2013 06 05 15 32 52 2013 06 05 15 33 08 MR ILAN MR2 Job Number Activation Group DB 885408 DB 885414 2 DB 885417 2 DB 885422 2 DB 885425 2 r Stop Server Figure 3 12 Database Connection Screen Table 3 1 Database Connection Parameters and Options Button Column Description Release Job Stops the selected job Stop Server Deactivates the DB Gate Server Job Name Name of the job User User who initiated the job Job Number Number of the job Activation Group Activation Group number in which the application is running DB Gate User Manual 18 Changing the DB Gate Mode of Operation E Each job consists of one or more activation groups and it is important to note that DB Gate operates on the level of Activation Group Therefore the same job attributes can appear more than once but in different Activation Groups An example is provided in Table 3 2 on page 19 Table 3 2 Sample List of Connections Job Name User Job Number Activation Group QPADEVO010 DB 123456 22 0010 0 123456 32 Changing the DB Gate Mode of Operation The mode of operation can only be changed when no active SQL processes are running in DB Gate It is recommended to change the mode of operation in conjunct
32. e product failed Workaround Perform a manual installation 1 2 On the System i run the following command CRTSAVF QGPL SMZB On the server perform the following to extract the save file 2 extension from the zip file FTP xyzxyz A2P and copy it to the AS 400 as save file QGPL SMZB a ftp AS400_IP b c bin d cd QGPL e put DB0220V71 A2P SMZB f bye 3 Onthe System 1 run the following commands RSTOBJ OBJ DBI SAVLIB SMZB DEV SAVF SAVF QGPL SMZB RSTLIB QTEMP CALL OTEMP DB SAVFE DB OGPL SMZB The installation should now be complete Error Messages in Server Mode The following error messages may appear when running in server mode DB Gate messages in server mode Message DB Gate server disconnected DB Gate User Manual 56 Error Messages Server Mode HE Reason DB Gate has disconnected from running the SQL job due to activation group end job end or explicit disconnect request for that job Release Job from GUT Message No response from DB Gate server Reason DB Gate server is not currently active Message Connection terminated Job should be restarted Possible Reasons W DB Gate server has been deactivated while the SOL job was working with DB Gate This doesn t mean DB Gate server is not currently active but any connection made with DB Gate until that message is lost
33. ecord your product authorization code here DB Gate User Manual ii Table of Contents cesses ewes ii Table of Contents Ic iii About This Manual sssssssssssnunnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nna 1 Product Documentation Overview cccccsccscessceseeeseeeseesaeceaeceseseeecnaecaueceaeseeeseeesaeesaecaeenes 1 Printed Materials DS N A N 1 Online 1 Typography Conventions eee enne nennen eterne nnns eren 1 Isecurity Product Suite E E 2 OV ENO 5 System Requirements asserir irii e i AE Ea AR E OENE OEE EE NEE KE EA 5 Starting DB Gate ene eee ERROR ebd um terit TE 5 Why You Need nennen irren nennen nnns 7 Typical Remote Access Limitations sese 7 DBstrate eed T denos 7 DB Gate Restriction ROR ese etae edens 8 Commitment 1 8 Native IBM i Text Based User Interface 9 New Features and Functionality sess ennt enne nnne 10 uper 11 OV ELVIS Wien ai e e ERU ORE TRU
34. een can contain a URL that points to a text file that contains the full JDBC URL Internal JDBC driver for PC files W Improved calculation of the length of fields W Added a link to the manual in the driver s screen W Improved Excel xlsx format handling Server mode now works with single data queue This data queue can be recreated via the Activation menu PC installer for mode 43 DB Gate as an external server Can run as an internal server on the IBM 1 thereby eliminating the JVM starting time Can run as an external server on a Windows Linux or other platform supporting Java rather than using resources on the IBM 1 Keep alive statement is sent repeatedly Support for SMB protocol to allow access to Excel CSV files on shared folder Added support for reading Excel 2007 2010 XLSX formats Running on a PC enables DB Gate to work with additional data sources by employing the JDBC ODBC bridge That means for example that we can get data from MS Access Enhancements made to better support embedded SQL in RPG COBOL Added Bidi String Type option 1 NONE in RDB entry screen The product is bundled with a new JDBC driver for MS Excel 97 2000 XP 2003 2007 2010 CSV ODF spreadsheet LibreOffice OpenOffice and text files This driver is an in house development See Appendix A for a description of how to use it Support added for NVARCHAR field type DB Gate User Manual 10 Activation Overview DB Gate can be activated
35. g authorization codes and so on USE Read authority only Person responsible for backups setting authorization codes and so on FULL Read and Write authority 52 Check Locks Check Locks To verify if objects are locked in the system select 52 Check Locks from the Maintenance Menu The Check Locks screen appears as shown in Figure 10 5 on page 53 GSLCKMNU Check Locks iSecurity System 520 Select one of the following Check Locks 1 Data Base Files Display Files End this session Enter CHKSECLCK OBJTYPE xDSPF from a neu session RII File Types End this session Enter CHKSECLCK OBJTYPE xALL from a neu session Selection or command F3 Exit F4 Prompt F9 Retrieve F12 Cancel Fi3 Information Assistant F16 AS 400 main menu Figure 10 5 Check Locks Screen DB Gate User Manual 53 Uninstall Uninstall Use the Uninstall feature to remove DB Gate from your computer 1 Select 91 Uninstall from the Maintenance Menu 2 Follow the directions that follow on the Uninstall SECURITYBP screen Uninstall SECURITYBP You are about to uninstall this product All program files data and definitions will be deleted You are advised to print this screen for further reference Before proceeding ensure that o No user or batch job is working or intends to work with this product To run uninstall procedure you should do the following o Exit from the current session o Open a new session using
36. gure 2 1 on page 6 You can access the different features from the main DB Gate screen The various feature groups are described in the following chapters Remote DB Definitions DB Drivers W Activity Log W General Configuration and Maintenance DB Gate User Manual 5 Starting DB Gate DBHENU iSecurity System 5520 Select one of the follouing XPatent Pendingx Remote DB Definitions Rctivity Log 1 Work with Directory Entries 41 Display Log DB Drivers Test Drive 11 Work with DB Drivers 51 Start SQL 15 Drivers amp Licenses Folders 55 Work with 501 program sources Auto Injection of Remote User ID General 21 Work with Server Authentication 81 System Configuration 82 Maintenance Menu Selection or command F3 Exit F4 Prompt F9 Retrieve F12 Cancel Fi3 Information Assistant F16 AS 400 main menu Figure 2 1 DB Gate Main Screen DB Gate User Manual DB Gate Benefits Why You Need DB Gate IBM System i AS 400 users often require access to remote non DB2 databases that do not support DRDA server behavior such as Oracle MS SQL and Derby These databases run on various operating systems and use standard languages for example SQL Typical Remote Access Limitations To successfully access remote databases companies have selected products based on either of the following limited methods W Using ambiguous or non standard APIs that are not defined through RDBDIRE relational Database Directory En
37. he Work with DB Directories screen select the directory to be removed by typing a 4 next to it and pressing Enter The Delete Directory Entry Part A screen appears with the Directory Entry details 2 Press Enter and then again Enter when the Delete Directory Entry Part B screen appears to confirm The Work with DB Directory Entries screen reappears with the Directory Entry removed Activating a Directory Entry To activate a Directory Entry 1 In the Work with DB Directories screen select the directory to be activated by typing a 7 next to 1t and pressing Enter 2 The Directory Entry is activated Deactivating a Directory Entry To deactivate a Directory Entry 1 Inthe Work with DB Directories screen select the directory to be deactivated by typing a 8 next to it and pressing Enter 2 The Directory Entry is deactivated DB Gate User Manual 27 Deactivating a Directory Entry DB Gate User Manual 28 DB Drivers Working with Database Drivers A database driver enables you to access a remote database first by recognizing it and then by establishing a connection with it DB Gate comes with pre installed DB drivers The default path for drivers is iSecurity DB Gate Drivers You can enter a full path or a path relative to DB Gate default driver s location as shown in Figure 5 1 on page 29 Driver Driver file Class Driver page Default port Rdditional parms Parm 1 lt adl 1 gt Parm 2
38. iSecurity 8 DB Gate User Manual Software Version 02 22 November 2013 RAZ LEE gt The iSeries Security Experts E Copyright Notice Copyright Raz Lee Security Inc All rights reserved This document is provided by Raz Lee Security for information purposes only Raz Lee Security is a registered trademark of Raz Lee Security Inc Action System Control User Management Assessment Firewall FileScope Screen Password Audit Capture View Visualizer Anti Virus AP Journal are trademarks of Raz Lee Security Inc Other brand and product names are trademarks or registered trademarks of the respective holders Microsoft WindowsO is a registered trademark of the Microsoft Corporation Adobe Acrobat is a registered trademark of Adobe Systems Incorporated Information in this document is subject to change without any prior notice The software described in this document is provided under Raz Lee s license agreement This document may be used only in accordance with the terms of the license agreement The software may be used only with accordance with the license agreement purchased by the user No part of this document may be reproduced or retransmitted in any form or by any means whether electronically or mechanically including but not limited to photocopying recording or information recording and retrieval systems without written permission given by Raz Lee Security Inc Visit our web site at www razlee com R
39. ion of the Internal Server This password does not have to be entered anywhere in the product SQL Activities are always done by the actual user authority Auto Set Java version and CLASSPATH Y Y Yes N No Java 1 5 or higher required See CLASSPATH in iSecurity DB Gate sp properties Log level errors are always logged 5 1 No Log i 2 Connects only A Al1 only first FETCH logged F3 Exit Fi2 Cancel Figure 9 2 General Definitions Screen 2 Enter a Log level setting from one of the following options Description No data is stored The log will store a record of each connection and disconnection from a database The log will store all commands sent when a Fetch command is sent it will only store the first in the series NOTE Modifying a Directory Entry on page 23 describes how to change a global default setting 0 Global default setting for a specific directory entry The above procedure overrides the global default setting 0 DB Gate User Manual 46 Log Retention Setting DB Log Retention Parameters Log Retention parameters govern the retention and backup of the DB Gate history log files In order to preserve desk storage capacity and improve query response time you should retain transactions for the minimum period necessary to maintain an effective audit program The recommended initial settings are shown below To set the log retention periods 1 Select 9 Log Retention from the DB Di
40. ion with IPL To change the Run mode 1 Notify all relevant users that you are about to stop and change the current Run mode Make sure all SQL jobs running through DB Gate are signed off If DB Gate is currently running in Server mode 2 or 3 stop the server Go the General Definitions screen 81 and set the new Run Mode Start DB Gate iFor Inline Mode 1 no further action is necessary a Internal Server Mode 2 activate as described in Activation on page 12 For External Server Mode 3 activate as described in Activation on page 13 DB Gate User Manual 19 Changing the DB Gate Mode of Operation A Data Queues DB Gate uses a a data queue for communication when operating in server mode 2 or 3 You can recreate this data queue delete and build using option 71 in the Activation screen see Figure 3 13 on page 20 This maintenance task is useful when the data queue becomes too large This task action should be only be performed while the server is down and there are no SQL jobs employing DB Gate Activation System DB Gate can Function in server mode which requires pre activation The actual operation mode is set in System Configuration on Hain Menu Internal Server Mode External Server Mode Activate Server Activation De activation is performed De activate Server on the external server Hork with Active Jobs See manual for details 11 Activate Server at IPL 12 Do Not Activate Server
41. le SECURITYBP to enable the initiation of the Internal Server This password does not have to be entered anywhere in the product SQL Activities are always done by the actual user authority Auto Set Java version and CLASSPATH Y Y Yes N No Java 1 5 or higher required See CLASSPATH in iSecurity DB Gate sp properties Log level errors are always logged 5 1 No Log es 2 Connects only 11 only first FETCH logged Fi2 Cancel Figure 3 3 General Definitions Screen c Set the Run mode to 2 if set to another mode and press Enter continuously usually 2 or 3 times to return to the DB Gate Main screen DB Gate User Manual 13 Mode 2 Internal Server 2 Activate the server as follows a Select 2 Activation to open that menu as shown in Figure 3 4 on page 14 System DB Gate can Function in server mode which requires pre activation The actual operation mode is set in System Configuration on Main Menu Internal Server Mode External Server Mode Activate Server Activation De activation is De activate Server on the external server Hork with Active Jobs See manual for details 11 Activate Server at IPL 12 Do Not Activate Server at IPL Special 71 Recreate Data Queue Note that Inline Mode does not require pre activation Selection or command gt F3 Exit F4 Prompt F9 Retrieve 12 1 Fi3 Information Assistant Fi16 HS 400 main menu Figure 3 4 Activation Screen b
42. lect 11 Work with DB Drivers from the Main Menu The Work with DB Drivers screen as shown in Figure 5 2 on page 30 with a three column list of the different types of database already entered in the system is displayed 2 You can create a remote connection from this screen which includes the following details Driver Name Available Yes indicates that the driver s Driver file parameter the Modify DB Driver screen as shown in Figure 5 3 on page 31 has been filled in with the path to the jar file on the IFS Description for the driver Work with DB Drivers Subset by driver Type options press Enter by text 1 Select 4 Delete 8 page Opt Driver Available AS400DB2 Yes DB2 on 05 400 platform CACHE Cache DRFFODILLO DaffodilDB Local DAFFODILSR DaffodilDB Server DB2 Yes 082 for Windows Linux DB2JDBC4 Yes DB2 for Windows Linux DERBY Yes JavaDB Derby FIREBIRD Yes Firebird FRONTBASE Yes FrontBase HSQLDB Yes HSQLDB HSQLDBEMBD Yes HSQLDB Embedded H2_EMBED Yes H2 Database Engine Embedded 2 Yes H2 Database Engine In memory mode H2 SERVER Yes 2 Database Engine Server mode F3 Exit F6 fidd neu F8 Print F12 Cancel Figure 5 2 Work with DB Drivers If the URL for the driver manufacturer has been saved within the driver s details you can open the driver s web page in your browser and read detailed information on the database To do this select 8 Driver page and then press Enter T
43. ll protection to the server its file contents and resident iSeries or System i dedicated software Visualizer Visualizer is an advanced DWH statistical tool with state of the art technology This solution provides security related data analysis in GUI and operates on summarized files hence it gives immediate answers regardless of the amount of security data being accumulated Firewall Firewall protects and secures all types of access to and from the System i within or outside the organization under all types of communication protocols Firewall manages user profile status secures entry via pre defined entry points and profiles activity by time Its Best Fit algorithm determines the validity of any security related action hence significantly decreasing system burden while not compromising security Audit is a security auditing solution that monitors System i events in real time It includes a powerful query generator plus a large number of predefined reports Audit can also trigger customized responses to security threats by means of the integrated script processor contained in Action DB Gate User Manual 3 iSecurity Product Suite Product Description View is a unique patent pending field level solution that hides sensitive fields and records from restricted users This innovative solution hides credit card numbers customer names and so on Restricted users see asterisks or zeros instead of real values
44. ng on it must be activated before any SQL processing 15 initiated The computer running this server mode can run on Windows Unix Linux or any other operating system that supports Java This mode has no initial extra processing and requires virtually no extra memory resources from the IBM i All memory resources and processing power are consumed on the external computer running the DB Gate server It is the user s responsibility to ensure activation of the computer and server running the external DB Gate 1 Install the DB Gate server as follows a Close all applications b Run the setup file DB Gate_setup exe The installation wizard opens 15 Setup DB Gate Server Welcome to the DB Gate Server Setup Wizard This will install DB Gate Server 2 0 1 your computer It is recommended that you close all other applications before continuing Click Next to continue or Cancel to exit Setup 3 Cancel Figure 3 6 DB Gate Server Setup Wizard Welcome Screen DB Gate User Manual 15 cm Mode 3 External Server C Proceed through the Wizard choosing the destination path name and shortcut settings and click Install on the Ready to Install screen See Figure 3 7 on page 16 15 Setup DB Gate Server a xd Ready to Install Setup is now ready to begin ind ting DB Gate Server on your computer b 32 Click Install to continue with the installation or click Back if you want to review or
45. o view a specific subset of drivers do one of the following 1 In the Subset by driver field at the top right of the screen enter the first alphanumeric characters of the driver and press Enter The driver list 1s redisplayed with results that match your query 2 Inthe Subset by text field enter any alphanumeric characters you want to match in either the Driver Name or Description fields and press Enter The driver list is redisplayed with results that match your query DB Gate User Manual 30 Modifying DB Driver HE Modifying a DB Driver To modify a DB driver do the following 1 In the Work with DB Drivers screen select the DB driver you want to update and press 1 Select and then press Enter The Modify DB Driver screen as shown in Figure 5 3 on page 31 opens with the driver s details Update the fields then press Enter A confirmation message appears asking if you want to modify any of the entries Press Enter again to save the changes to the driver From within the driver page you can view open the URL for the driver manufacturer to read detailed information on the DB driver by selecting F7 Driver page To restore the default settings of the current driver select F9 Restore Default Driver Driver file Driver page Default port Rdditional parms Parm 1 lt adl1 gt Parm 2 lt 12 gt Parm 413 gt Parm 4 lt adl 4 gt URL dft schema Std replacments lt host gt
46. og amp s e o m 9 oom 8 8 Dft 1 None 2 4 Al Host or IP host Port Xport Catalog catalog Schema lt schema gt Database lt db gt TNSName 411 gt URL file http jdbc oracle thin ePROD Ruto replacments are lt host gt lt port gt lt catal og lt schema gt lt db gt lt ad1 1 4 gt More F3 Exit F4 Prompt F7 Driver page F8 Replace driver F12 Cancel Figure B 2 Oracle TNS RDB Defined Externally DB Gate User Manual 63 Working with Oracle TNS DB Gate User Manual 64
47. on the System i Remote user profile All default or a specific user profile on the remote database Relational DB Entry All default or a specific remote DB entry SQL Operation All default or a specific SQL operation that is used at the beginning of an SQL statement for example CONNECT CREATE DROP and so on SQL State All default or a specific state SQL Error Code All default a specific error code number or name that describes the problem or entries without any error code SQL Statement contains All default or a specific SQL statement SQL Message contains All default or a specific error message that is associated with an error code From job name All default or specific job User All default or specific user Number All default or a specific number From program name All default or the program in the IBM System i that created this log Library All default or specific library of the program name Number of records to pro cess No Maximum amount NOMAX or a specific number Output DB Gate User Manual On the screen Printed on one of the defined printers If you enter Outfile you must then define the following additional parameters File to receive output Library Member to receive output Replace or add records 37 Display Log Entries E Once you have defined the filter for the log press Enter
48. pt User System DB Adm xAUD SECAD 520 9 9 cs 520 9 GS 520 9 9 05 5520 1 1 Bottom DB DB Gate Adm Administrator F3 Exit F6 Add new F8 Print F11 XxSECRDM XxRUDIT authority F12 Cancel Figure 10 3 Work with Operators 2 To modify an operator highlight it and choose 1 Select The Modify Operator screen appears as shown in Figure 10 4 on page 52 3 To add a new operator press F6 DB Gate User Manual 51 Work with Operators Type choices press Enter Operator System Password Authorities by subject Product Administrator F3 Exit F12 Cancel Modify Operator xAUD SECAD 520 XRLL Name 5 Name 5 BLANK 1 xUSE 9 xFULL 1 xUSE 9 xFULL Figure 10 4 Modify Operator Screen Table 10 2 on page 52 explains the parameters on the Modify Operator Screen Parameter Table 10 2 Modify Operator Parameters Value Description The Operator can be a user or group profile DB Gate provides one type of Operator group AUDZSECAD This group has full access Read and Write to all parts of DB Gate System ALL Name Password Name Password SAME Same as previous password when edited BLANK No password DB Gate Controls use of the product 1 USE Read authority only FULL Read and Write authority Can perform backups set authorization codes and so on DB Gate User Manual Person responsible for backups settin
49. r a large manufacturing environment may be quite different from those for a bank a software developer or a service organization To begin system configuration select 81 System Configuration from the main screen and press Enter The DB Directory Entry System Configuration screen appears as shown in Figure 9 1 on page 45 DBPRRHR DB Directory Entry System Configuration 25 03 12 12 18 36 Select one of the follouing DB Gate 1 General Definitions 9 Log Retention General 98 Driver Licenses Selection gt 99 Copyright Notice Release ID 01 0 12 03 20 44DE466 520 7459 Authorization code BO1203731542 1 F3 Exit F22 Enter Authorization Code F12 Cancel Figure 9 1 DB Directory Entry System Configuration After you modify any of the parameters accessible from this menu the message Modify data or press Enter appears upon return to the menu DB Gate User Manual 45 HE General Definitions Refer to Activation on page 11 for detailed descriptions and instructions on the three Run modes To change the global settings of DB Gate 1 Select 1 General Definitions from the System Configuration screen The General Definitions screen appears as shown in Figure 9 2 on page 46 General Definitions Type options press Enter Run mode vas dec SS RR ENS ME 1 Inline no pre activation 2 Internal server 3 External server For Run mode 2 set any password to user profile SECURITYBP to enable the initiat
50. r by entering all the details on your own To create a new directory entry 1 Select F6 Add New to open the Add New Directory Entry screen 2 Adda Directory Entry by doing one of the following W the new Directory Entry alias name Select F4 Prompt while in the Directory Entry field to display the existing Directory Entry list Select the Directory Entry by typing 1 next to it Press Enter The selected Directory Entry is added to the new Directory Entry field See Figure 4 6 on page 26 Add New Directory Entry Select Directory Entry Type options press Enter Position to 1 Select Subset Opt Directory entry ALEX TEST A150 This is a MS SQL Xd This is a MS SQL MSRCC COPY Fi2 Cancel Figure 4 6 DBG Add New Directory Entry 3 Adda Driver by doing one of the following W Type the new Driver name Select F4 Prompt when in the Driver field to display a list of the existing DB drivers Select the Driver by typing 1 next to it Press Enter The selected Directory Entry is added to the new Directory Entry field 4 Click Enter to move on to the empty Add New Directory Entry Details screen This screen is the same as the Modify Directory Entry screen above as shown in Figure 4 3 on page 23 NOTE If the URL is already saved in the driver it is automatically added DB Gate User Manual 26 Removing a Directory Entry Removing a Directory Entry To remove a Directory Entry 1 In t
51. rectory Entry System Configuration screen The DB Log Retention screen appears as shown in Figure 9 3 on page 47 and described in Table 9 1 on page 47 2 Enter the parameters as defined in the table below 3 Press Enter After a confirmation message appears press Enter again to save your settings DB Log Retention 25 03 12 10 40 10 Type options press Enter Data retention period days e Days 99 xNOHRX Backup program for data Name XSTD Backup program library You may specify a backup program to run automatically before deleting old data This program runs prior to automatic deletion of data uhenever the retention period expires The xSTD program is SHMZB DBSOURCE DBDBGBKP F3 Exit F12 Cancel Figure 9 3 DB Log Retention Table 9 1 DB Log Retention Parameters Parameter Description Data retention period The number of days that the queries are retained At the end of this period queries are purged from the log Enter 99 to retain all data indefinitely Backup Program for Enter the name of the backup program you wish to use data STD to use the standard backup program or NONE for no backup Library Enter the name of the library where the backup program is located DB Gate User Manual 47 DB Gate User Manual 48 Maintenance Menu The Maintenance Menu enables you to set and display global definitions for DB Gate To access the Maintenance menu select 82 Maintenance Men
52. rocessing and requires fewer memory resources DB Gate User Manual 12 Mode 2 Internal Server E Before You Begin 1 Ensure that all SQL jobs using DB Gate are signed off This should be done by your organization s IT Administrator 2 Seta password for the user profile SECURITYBP which initially has a password of NONE and set the password expiration interval PWDEXPITV to NOMAX Activation To activate DB Gate to run in Internal Server Mode 2 1 Ensure DB Gate mode is set to Internal Server 2 as follows a Go to the DB Gate Main screen and select 81 System Configuration to open that screen as shown in Figure 3 2 on page 13 IDBPARMR DB Directory Entry System Configuration 26 04 13 09 31 5 Select one of the following IDB Gate 1 General Definitions 9 Log Retention General 98 Driver Licenses Selection gt 99 Copyright Notice Release ID o 4 02 00 13 04 02 6561870 520 7140 Authorization code B01304776591 1 BERT IF3 Exit F22 Enter Authorization Code F12 Cancel Modify data or press Enter Figure 3 2 DB Directory Entry System Configuration Screen b Select 1 General Definitions to open that screen as shown in Figure 3 3 on page 13 General Definitions Type options press Enter Run mode c er her Gs EE ie ue 1 Inline no pre activation 2 Internal server 3 External server For Run mode 2 set any password to user profi
53. st Name User AS 400 User Password Use SSL Cancel Figure 3 10 Connect to System Dialog 3 Log in to the IBM i 4 Start SQL by typing STRSQL 5 Connect to the SQL database instance as shown in Figure 3 11 on page 18 DB Gate User Manual 17 Mode 3 External Server Enter SQL Statements SQL statement commit Commit completed disconnect pcpc External function exception SQLSTATE 38xxx press Enter Session was saved and started again STRSQL parameters ignored Current connection is to relational database connect to pcpc Current connection is to relational database Session was saved and started again STRSQL parameters ignored Current connection is to relational database CONNECT TO LOPC SQLCODE 438 PRODDB PCPC PRODDB F6 Insert line Fi3 Services F3 Exit F4 Prompt Fi2 Cancel F9 Retrieve F24 More keys F10 Copy line Figure 3 11 Connecting to Database Instance 6 Open the DB Gate Server GUI by double clicking from the Windows Start menu or the icon The options are described in DB Gate Server Commands on page 18 DB Gate Server Commands The DB Gate Connected To Database screen indicates active jobs connected to the DB Gate server See Figure 3 12 on page 18 and Table 3 1 on page 18 for a description of the relevant parameters and options Server 2 0 1 Connecte
54. that commitment control is not used Uncommitted changes in other jobs can be seen If the SQL DROP COLLECTION statement is included in the program NONE or NC must be used If a relational database is specified on the RDB parameter and the relational database is on a system that is not on an iSeries NONE or NC cannot be specified Figure 2 2 Commitment Control Help DB Gate User Manual DB Gate Restrictions Native IBM i Text Based User Interface DB Gate is designed to be a user friendly product The user interface follows standard System 1 CUA conventions All product features are available via the menus so you are never required to memorize arcane commands Many features are also accessible via the command line for the convenience of experienced users Menus Product menus allow for easy access to all features with a minimum of keystrokes Menu option numbering and terminology are consistent throughout this product as well as other Raz Lee products To select a menu option simply type the option number and press Enter The command line is available from nearly all product menus If the command line does not appear and your user profile allows use of the command line press F10 to display it Data Entry Screens Data entry screens include many convenient features such as Pop up selection windows Convenient option prompts Easy to read descriptions and explanatory text for all parameters and options
55. tional Entry Information System 520 Remote DB Entry WAREHOUSE From User Profile DB Date sent 12 83 22 Time sent 18 23 47 From Job QZRCSRVS QUSER 215534 Program DBCRTLGR Remote User DB Library SMZB Remote IP SQL Opr PREPRRE SQL State 42704 SQL Err 204 SQL Error Message SQL8284 21 in ILAN type not found SQL Statement select from ilan demopf21 F12 Cancel Figure 6 4 Additional Entry Information from DB Gate Log DB Gate User Manual 38 Remote User ID This chapter describes how to work with server authentications The parameters and settings rely on standard IBM commands such as ADDSVRAUTE and CHGSVRAUTE which are described in detail in the IBM documentation At the time that authentication information is required the data entered here will be used This eliminates the need for repetitive entries of the authentication information DB Gate User Manual 39 Injection of Remote User IDs Injection of Remote User IDs To set up auto injection of remote user IDs select 21 Work with Server Authentication from the main menu and press Enter The Work with Server Authentication Entries screen is displayed as shown in Figure 7 1 on page 40 Work with Server Authentication Entries Type options press Enter 1 Select Opt User AU AU AU AV DB DB DB DB2RDMIN DB2RDMIN D
56. to run in either Mode Inline running in the same job which requires external DB access Mode 2 Internal Server running on separate subsystem in the i This server supports any number of jobs Mode 3 External Server running in an external system consumes the processing power of a different computer This server supports any number of jobs The functionality of DB Gate is the same regardless of the mode run No changes are required in the programs running on the IBM i The choice of mode selected can be made at any stage Figure 3 1 on page 11 shows the architecture of the 3 run modes Mode 1 Inline Mode 2 Internal Server Mode 3 External Server RPG COBOL RPG COBOL RPG COBOL DB Gate DB Gate RPG COBOL RPG COBOL RPG COBOL External DB Gate Server Job3 DB Gate Internal Server Figure 3 1 Run Mode Architecture DB Gate User Manual 11 E Mode 2 Internal Server C Mode 1 Inline Activation DB Gate runs the internal mode by default No pre activation is required Note that first SQL command within a job activates within DB Gate a process which may require a few seconds depending on available computing resources Mode 2 Internal Server DB Gate runs as server job on a dedicated subsystem This subsystem must be started before processing any SQL statement The product can be configured to start this subsystem automatically after every IPL This mode has no initial extra p
57. try and therefore make no use of an ARD program Selecting a client server configuration that requires additional hardware These options are cumbersome and require special settings which often prevents the user from fully utilizing standard SQL commands on the IBM System i and often include hidden infrastructure costs as well DB Gate Benefits Opens the entire non DB2 spectrum of databases Greatly expands programmer s capabilities when working with non DB2 databases Reduces the need for redundant data and ETL extract transformation load data manipulation products Eliminates the need for SQLPKG even when accessing another DB2 database including one on the IBM System 1 Unique technology enables transparent access to any database MySQL ORACLE MS SQL DB2 Informix SQLite or data source for example Excel which resides on any IBM or non IBM platform using STRSQL or programs in languages such as RPG Cobol and so on compiled using CRTSQL Integration with the STRSQL lets you prompt to see the Column names and more and expands IBM i based DRDA functionality by enabling transparent connectivity with JDBC databases not supported by DRDA Uses standard SQL syntax and is based upon standard IBM 1 functionality so there is virtually no learning curve to get up and running Remote Server Authentication that makes use of the IBM Server Authentication Entries injecting them seamlessly when needed
58. u from the main menu The Maintenance Menu appears as shown in Figure 10 1 on page 49 DBHINTM Maintenance iSecurity DB Gate System 5528 Select one of the following XPatent Pendingk Def initions General 9 Display DB Gate Definitions 52 Check Locks perators Journal Definition Files 11 Work with Operators 71 Add Journa 72 Remove Journal 79 Display Journal Uninstal 91 Uninstall Selection or command gt F3 Exit F4 Prompt F9 Retrieve F12 Cancel F13 Information Assistant F16 AS 400 main menu Figure 10 1 Maintenance Menu DB Gate User Manual 49 Display DB Gate Definitions HE Display DB Gate Definitions To print or display the definitions that you entered for DB Gate 1 From the Maintenance Menu screen select 5 Display DB Gate Definitions The Display DB Gate Definitions screen appears as shown in Figure 10 2 on page 50 Table 10 1 on page 50 explains the options Table 10 1 DB Gate Definition Options Parameter Report Type Description ALL All of the following options DBENTRY The definitions for the Directory Entries DBDRVR The definitions for the DB Drivers From Item Start From the beginning of all values To Item Only Last Format List Short form Details Full form Output ui Screen Print 2 Press Enter After a confirmation message appears press Enter again
59. ware and file structure within production libraries Changes are tracked at both the object and source levels It does not require any special actions by programmers COMMAND monitors and filters commands and its parameters before they are run enabling you to control each parameter qualifier or element in conjunction with the context in which it is about to run Options include Allow Allow with Changes and Reject It includes a comprehensive log proactive alerting and easily integrates with SIEM Authority On Demand Authority on Demand provides an advanced solution for emergency access to critical application data and processes which is one of the most common security slips in IBM System i AS 400 audits Current manual approaches to such situations are not only error prone but do not comply with regulations and often stringent auditor security requirements Capture silently captures and documents user screens for tracking and monitoring without any effects on system performance It also preserves job logs for subsequent review Capture can run in playback mode and can be used to search within texts DB Gate User Manual 2 iSecurity Product Suite E Product Description AP Journal AP Journal automatically manages database changes by documenting and reporting exceptions made to the database journal Anti Virus Anti Virus is a dedicated iSeries specific product engineered to provide fu
60. y DB Gate Log Entries Screen 1 Display DB Gate Log Entries Type choices press Enter SQL Message contains From job name User Number From program name Library Number of records to process Output F3 Exit F4 Prompt F5 Refresh F24 More keys xRLL xRLL xRLL xRLL xRLL F12 Cancel Name Name genericx 999999 xRLL XALL XRLL Number PRINT Bottom Fi3 How to use this display Figure 6 2 Display DB Gate Log Entries Screen 2 DB Gate User Manual 36 Display Log Entries HE Table 6 1 on page 37 describes the various settings you can define to filter log entries Table 6 1 Filter Log Settings Parameter Display last minutes Description Number BYTIME This Backward Glance feature lets you enter the number of minutes of recent activity you want to view without the need to define any other time or date parameters The feature is particularly helpful when trying to clarify the cause of problems Starting date Choose from Current Start Yesterday Week Start Previous Weeks Month Start Previous Months Year Start Previous Years and each day of the week Starting time hh mm ss format Ending date Same options as Starting date Ending time hh mm ss format User profile All default or a specific user profile
Download Pdf Manuals
Related Search