|
|
|
Netutil supports a non-interactive mode of operation controlled by command line flags and an input control file. You can use this mode if you want to write your own system administration utility programs or authorize large numbers of users using a batch file.
The following functions are available through this interface:
Creates a new connection data entry or remote user authorization.
Destroys a connection data entry or remote user authorization.
Displays information to the terminal. This function does not correspond to a menu item in the forms-based interface.
Stops all Communications Servers.
For example, this command stops a specific Communications Server:
stop 2937
Stops all Communications Servers after the sessions currently in progress on those servers have terminated.
For example, this command quiesces a specific Communications Server:
quiesce 2116
Note: The Edit and Test functions found in the forms-based netutil interface are not supported in non-interactive mode.
|
|
|
The following command line flags are supported in netutil's non-interactive mode:
Impersonate the specified user for the purpose of managing private authorization and connection entries. Only a user with the NET_ADMIN privilege (generally a system administrator) can impersonate another user.
When this flag is used, netutil processes commands specified in the indicated input control file.
The format of the input control file is described in the following section.
If the input file is specified as "-" (a single dash character), input is taken from the standard input channel. This allows the user to enter commands directly from the keyboard or to run netutil as part of a UNIX pipeline. To exit, press Ctrl+Z.
Connect to the Name server on the remote instance specified by the vnode name.
The vnode name must be defined on the local host's Name server; that is, connection and authorization information must exist locally for that vnode name. This information can be defined by invoking netutil on the local Name server.
|
|
|
The input control file is an ASCII file that stores instructions about operations to be performed on the Name Server database. Each line of the file represents either a create, destroy, or show operation. These lines are called "input lines" in the remainder of this section.
The following conventions are observed:
show private login paulj
|
|
|
The first four fields of an input line describe the action to be performed and the vnode with which the action is associated. These four fields appear in the order given below in every input line (except stop and quiesce server commands).
The following table defines these fields and their potential values:
Field |
Parameter |
Value |
Description |
|---|---|---|---|
1 |
Function |
Create, Destroy, or Show |
The task that is performed. |
2 |
Type |
Global or Private |
The registration type of the object. A global object is available to all users on the local node. A private object is available to a single user. |
3 |
Object |
Login or Connection
Attribute |
The object to be created, destroyed, or shown. "Connection" refers to a connection data entry. "Login" refers to a remote user authorization. "Attribute" refers to a vnode attribute entry. |
4 |
Virtual Node Name |
Vnode name |
The virtual node name. Each line in the input control file must contain a vnode identifier. |
Note: Values in any of the first three fields (Function, Type, and Object) can be abbreviated to a unique left substring. In practice, this means that a single-letter abbreviation is sufficient for any of these fields.
Values in the Virtual Node Name field cannot be abbreviated.
In addition to the four fields discussed above, other fields are required depending on the task to be accomplished by the input line. For example, an input line creating a remote user authorization requires an additional two fields: a login field and a password field. An input line creating or destroying a connection data entry requires an additional three fields: a network address field, a protocol field, and a listen address field.
For detailed information about additional fields, see the examples that follow.
|
|
|
On input lines that specify either the Destroy or Show function, the asterisk character (*) can be entered as a wildcard in any field other than the Function, Type, and Object fields.
The asterisk character (*) indicates that the field is not to be used in selecting the data records to which the function is applied. Therefore, it is possible to destroy or display a number of records with a single input line.
Note: Wildcards cannot be used with the Create function.
|
|
|
In netutil non-interactive mode, you can use the create function to create a remote user authorization.
This function has the following format when used to create a remote user authorization:
create type login vnode login password
Specifies the type of entry. Valid values are:
Indicates that the object is available to all users on the local node.
Indicates that the object is available to a single user.
Identifies the virtual node name associated with this authorization.
Identifies the name of the account to be used on the remote instance's host machine.
If you are authorizing access to the remote instance using an Installation Password, an asterisk (*) must be entered into this field.
Identifies the password of the remote account or the remote instance's Installation Password, depending on which method of authorization you are using.
Examples: Create a Remote User Authorization
This command creates a private authorization for vnode "payroll" for user Jane:
C P L Payroll jane jpassword
This command creates a global authorization for vnode "accounting" using an Installation Password:
cr gl login accounting * acctpassword
Note: Any previously existing authorization of the specified type is replaced by the execution of this line.
Note: Private authorizations are created for the currently logged-in user or for the user identified by the -u flag. Only a user with the GCA privilege NET_ADMIN can create a global authorization.
|
|
|
In netutil non-interactive mode, you can use the destroy function to destroy a remote user authorization.
This function has the following syntax when destroying a remote user authorization:
destroy type login vnode
Specifies the type of entry. Valid values are:
Indicates that the object is available to all users on the local node.
Indicates that the object is available to a single user.
Identifies the virtual node name associated with this authorization.
Examples: Destroy a Remote User Authorization
This command destroys a private login on vnode "payroll." The entry to be destroyed is uniquely identified by its type and the vnode name. No additional fields are necessary.
DE PR L payroll # Current user now uses global login
This command destroys a private login on all vnodes where it occurs. Using a wildcard in the vnode field lets you destroy all instances of a particular login with a single input line:
DE PR L *
Note: Private authorizations are destroyed for the currently logged-in user or for the user identified by the -u flag. Only a user with the GCA privilege NET_ADMIN can destroy a global authorization.
|
|
|
In netutil non-interactive mode, you can use the show function to display remote user authorizations. The login information for the specified vnodes is displayed on the terminal, or written to standard output (Windows and UNIX) or SYS$OUTPUT (VMS). The password is not displayed.
The information is displayed in a format similar to that of control file input lines for ease of use in programs that edit and re-use the information.
The show function has following format for displaying remote user authorizations:
show type login vnode
Specifies the type of entry. Valid values are:
Indicates that the object is available to all users on the local node.
Indicates that the object is available to a single user.
Identifies the virtual node name associated with this authorization. An asterisk (*) can be used as a wildcard in the vnode, field.
Example: Display Remote User Authorizations
The following command displays the global login of vnode "accounting:"
S GL login accounting
The following line is displayed:
global login accounting ingres
|
|
|
In netutil non-interactive mode, you can use the create function to create an Installation Password for the local instance.
This function has the following format:
create global login local_vnode * password
Identifies the name that has been configured as LOCAL_VNODE on this instance. This name can be found on the Configure Name Server screen of the CBF utility.
Defines the Installation Password you have chosen for this instance.
Example: Define an Installation Password
This command defines an Installation Password for the local instance, which has a local_vnode name of "payroll:"
create gl login payroll * payroll_password
|
|
|
In netutil non-interactive mode, you can use the create function to create a connection data entry.
This function has the following format:
create type connection vnode network_address protocol listen_address
Specifies the type of entry. Valid values are:
Indicates that the object is available to all users on the local node.
Indicates that the object is available to a single user.
Identifies the virtual node name associated with this connection entry.
Identifies the address or name of the remote node. Your network administrator specifies this address or name when the network software is installed. Normally, the node name as defined at the remote node is sufficient for this field.
The format of a net address depends on the type of network software that the node is using.
Specifies the keyword for the protocol used to connect to the remote instance. For a list of protocols and their associated keywords, see Network Protocol Keywords.
Is the unique identifier used by the remote Communications Server for interprocess communication. The format of a listen address depends on the network protocol.
Example: Create a Connection Data Entry
The following command creates a global connection data entry on vnode "payroll," where:
Network address = payroll
Protocol = TCP/IP
Listen address = fe0
C G C payroll payroll tcp_ip fe0 # payroll comsvr 1
Note: The virtual node name and the network address are different objects, although it is common for them to have the same value.
If a connection entry already exists that matches the specified one in all respects, the operation has no effect and no error is reported.
Note: Private connection data entries are created for the currently logged-in user or for the user identified by the -u flag. Only a user with the GCA privilege NET_ADMIN can create a global connection data entry.
|
|
|
In netutil non-interactive mode, you can use the destroy function to destroy a connection data entry. To obtain the network address, protocol, and listen address of the connection data entry you want to destroy, use the show command.
This function has the following format:
destroy type connection vnode network_address protocol listen_address
Specifies the type of entry. Valid values are:
Indicates that the object is available to all users on the local node.
Indicates that the object is available to a single user.
Identifies the virtual node name associated with this input line. An asterisk (*) can be used as a wildcard to select a range of records.
Identifies the address or name of the remote node. An asterisk (*) can be used as a wildcard to select a range of records.
Specifies the keyword for the protocol used to connect to the remote instance. For a list of protocols and their associated keywords, see Network Protocol Keywords. An asterisk (*) can be used as a wildcard to select a range of records.
Is the unique identifier used by the remote Communications Server for interprocess communication. An asterisk (*) can be used as a wildcard to select a range of records.
Examples: Destroy a Connection Data Entry
The following command destroys a private connection data entry on vnode "payroll", where:
Network address = payroll
Protocol = TCP/IP
Listen address = fe2
D p c payroll payroll tcp_ip fe2 # No comm server on fe2
The following command destroys all global connection data entries for vnode "accounting" that include the TCP/IP protocol:
d gl c accounting * tcp_ip *
Note: Private connection data entries are destroyed for the currently logged-in user or for the user identified by the -u flag. Only a user with the GCA privilege NET_ADMIN can destroy a global connection data entry.
|
|
|
In netutil non-interactive mode, you can use the show function to display connection data entries. The connection information for the specified vnode is displayed on the terminal, or written to standard output (Windows and UNIX) or SYS$OUTPUT (VMS). The information is displayed in a format similar to the format of control file input lines, for ease of use in programs that edit and re-use the information. The password is not displayed.
This function has the following format:
show type connection vnode network_address protocol listen_address
Specifies the type of entry. Valid values are:
Indicates that the object is available to all users on the local node.
Indicates that the object is available to a single user.
Identifies the virtual node name associated with this input line. An asterisk (*) can be used as a wildcard to select a range of records.
Identifies the address or name of the remote node. An asterisk (*) can be used as a wildcard to select a range of records.
Specifies the keyword for the protocol used to connect to the remote instance. For a list of protocols and their associated keywords, see Network Protocol Keywords. An asterisk (*) can be used as a wildcard to select a range of records.
Is the unique identifier used by the remote Communications Server for interprocess communication. An asterisk (*) can be used as a wildcard to select a range of records.
Example: Display Connection Data Entries
The following displays global connection data entries on vnode "payroll," where:
Network address = payroll
Protocol = * (This field is not to be used in selecting records.)
Listen address = * (This field is not to be used in selecting records.)
S GL conn payroll payroll * *
The following line is displayed:
global connection payroll payroll tcp_ip fe2
|
|
|
In netutil non-interactive mode, to stop all Communications Servers on the instance, enter the following commands at the system prompt:
netutil -file-
stop
To stop a single Communications Server, enter the following commands at the system prompt:
netutil -file-
stop server_id
Is a unique string that identifies a particular Communications Server on the instance. To find the server_id, use the iinamu utility.
Examples: Quiesce One or More Communications Servers
The following commands entered at the system prompt quiesce all Communications Servers on the instance (that is, stops the Communications Servers after all current sessions have terminated):
netutil -file-
quiesce
The following commands entered at the system prompt quiesce Communications Server 2937 (that is, stop the server after all current sessions have terminated):
netutil -file-
quiesce 2937
Note: Only a user with the GCA privilege SERVER_CONTROL can stop a Communications Server.