Description
Details how to make passwords optional in job definitions when being submitted to UUJMA running on UNIX.
Solution
The $CAIGLBL0000/sche/config/ExtNodeL.sch configuration file maintains policies that specify how password validation is to be performed based on the submitting node and user ID.
You can use the cawrksec utility to maintain this file.
The syntax of the ExtNodeL.sch file is
-n=nodename,user-id,flag
where:
nodename
Represents the node from which the job is initiated; it may contain a trailing generic mask character.
User id
Defines a user ID to whom the rule applies; it can contain a trailing generic mask character.
flag
Specifies D for disable (perform no password authorizations), E for enable (unless the proper password is supplied, the job will not run), or W for warn (check the password; if invalid, run the job but issue a warning message).
Job Management scans the entire configuration file for a best match and uses that rule. It uses the node field as a high-level qualifier when searching for a best match.
Examples of lines you could configure in the ExtNodeL.sch
-n=*,*,E
This is the default rule in effect if, during installation, you elected to enable password checking. The rule states that for all nodes and all users, password validation is to occur.
-n=*,*,D
This is the default rule in effect if, during installation, you elected to disable password checking. The rule states that for all nodes and all users, password validation is bypassed.
-n=*,*,D
-n=*,root,E
This combination of rules enforces a password validation only on user root and allows all other users to bypass password validation.