By default, these files are located in the BASEDIR/smarts/conf directory. The sm_edit utility saves changes to the file in BASEDIR/smarts/local/conf and does not modify the original version of the file.

The format of a record in the clientConnect.conf or brokerConnect.conf is:

<login user>:<target>:<
            
         
          username>:<password>

Fields for clientConnect.conf and brokerConnect.conf describes the four fields of an authentication record in the clientConnect.conf and brokerConnect.conf files.

Table 1. Fields for clientConnect.conf and brokerConnect.conf

Field

Definition

Value

<login user>

System login name of the person or process attempting a connection.

Can be a matching pattern with wildcards.

<target >

Name of the server to which the client is trying to connect.

Can be a matching pattern with wildcards or one of the following special values:

  • <BROKER> indicates that this record applies only to the Broker.

  • ~<BROKER> indicates this record applies to all servers except the Broker.

< username>

username that is sent to server for authentication.

Can be a username or one of the following special values:

  • <USERNAME> indicates that the username under which the current process is logged in as is sent as the username.

  • <PROMPT> indicates that the client program asks the user to provide an username.

  • <AUTO> is provided for site-specific credentials.

  • <DEFAULT> mimics legacy client authentication.

<password>

Password that is sent to the server for authentication.

Can be a password or one of the following special values:

  • <PROMPT> indicates that the client program asks the user to provide a password.

  • <AUTO> is provided for site-specific credentials.

  • <DEFAULT> mimics legacy client authentication.

It is important to remember that an program runs under the login name of the user who started it. This has several implications:

  • A user account must provide sufficient privileges for the program to function properly. For example, a Manager may need to run with root privileges because it sends ICMP pings or receives SNMP traps.

  • A Domain Manager is as a Broker, and the Broker is listening on port 426. Port 426 is a privileged port, meaning the process must be running as root to open the port. Ports numbered below 1024 require root privileges.

    Note:

    A process, without being root, can connect to a process listening on a port below 1024.

  • A user’s system login name must correspond to an username in the clientConnect.conf file or an username and password will not be sent to a server for authentication. In the clientConnect.conf record, a user’s login name and username do not have to be identical.