Security User Group Process Working
Here is how the security user group process works:
The MFT Platform Server for IBM i process checks that the selected node name in the Node Configuration file sent by the MFT Command Center request has the proper Command Center support parameter field selected with a Y. For all functions other than CFPING, the MFT Platform Server for IBM i process validates that the user name and password are correct by logging on to the IBM i System.
Then the MFT Platform Server for IBM i verifies if the logon user has administrator rights over the proper data area object CFADMIN, CFBROWSE, CFTRANSFER. Each data area object represents a different MFT Command Center request function action.
The MFT Platform Server for IBM i also executes an IBM i command CHGDTAARA and tries to change a particular data area object value from one to zero. If the logon user cannot change the particular data area object value, then the MFT Platform Server for IBM i sends an error message to MFT Command Center saying "Command Center Node Request was Unsuccessful User Name has no Authorization Rights to Perform Node Action"
| Data Area | Description |
|---|---|
| CFBROWSE | Allows an inquiry on the MFT Platform Server Audit file. |
| CFADMIN | Allows node, user and responder profile inquiry lists and add, update, delete functions. Also allows inquiry on the MFT Platform Server Audit file. |
| CFTRANSFER | Allows MFT Platform Server send, receive, and execute command transfer requests. |