The file defines who can connect to which server and what privileges they are granted.

By default, separate versions of the file reside in the BASEDIR/smarts/conf and the BASEDIR/smarts/local/conf directories on the system where the server is running. The first version does not contain encrypted passwords, so the default values are accessible by anyone who can read the file. The version in BASEDIR/smarts/local/conf contains encrypted passwords.

Format of a record in serverConnect.conf

<target>:<ITOps username>:<password>:<privilege>

Field description of parameters in serverConnect.conf file

Table 1. Field descriptions for serverConnect.conf
Field Definition Value
<target> Name of the server for which this connection is intended.

A server will only read this line if its name matches the value of the target field.

Can be a matching pattern with wildcards or one of the following special values:
  • <BROKER> indicates that this record applies only to the Broker.
  • ~<BROKER> indicates this record applies to all servers except the Broker.
<Smart Assurance username> Username for the client requesting a connection.

Can be a matching pattern with wildcards or the following special value:

  • <DEFAULT> is provided for legacy clients that cannot send a username.
  • <AUTO> is provided for site-specific credentials.
<password> Password for the user requesting a connection.

Can be a password or one of the following special values:

  • <SYS> indicates that the username must be a valid login name on the local system. The server passes the credentials to the host operating system for validation.
  • <DEFAULT> is provided for legacy clients that cannot send a password.
  • <AUTO> is provided for site-specific credentials.
<privilege> Access privileges of the client. Valid values include:
  • All
  • Monitor
  • None
  • Ping
Note: During the authentication process, the server receives a connection target, Smart Assurance username, and password from a client. The server checks each of its records looking for a match. When it finds the first match, it sends the appropriate privilege back to the client. Otherwise, the server logs the failed authentication.