Password Management

TIBCO MFT Platform Server for z/OS supports the following two types of credentials:

User Profiles
Responder Profiles

For more information on user profiles and responder profiles, see the "User Profiles" section in the TIBCO® Managed File Transfer Platform Server for z/OS Installation and Operation Guide.

User Profiles

User profiles allow a user or an administrator to define credentials when initiating transfers to a target node. Here is how user profiles work:

User profiles are used when the remote user is set to *PROFILE and the remote password is not defined.
Platform Server matches the user submitting the transfer and the target node defined for the transfer against user profile definitions created through the FUSPROF utility.
When a match is found, these credentials are saved in the transfer and are sent to the remote system.

Advantages of Using User Profiles

Passwords do not need to be included in the command line or in template files.
The user initiating the transfers does not need to know the passwords of the remote system.

Note: When you want to use "User Profiles", set the remote user (RUSER) to *PROFILE. Example: RUSER=*PROFILE

Responder Profiles

Responder profiles are used when remote Platform Server clients initiate transfers to Platform Server for z/OS. Responder profiles match the credentials sent by the client against predefined credentials for that server. Here is how user profiles work.

When a request is received, Platform Server matches the incoming IP address against the node definition table.
Platform Server compares the node name of the incoming request and the user ID/password credentials contained in the request against the responder profiles created through the FUSPROF utility.
When a match is found, the transfer is run under the rights of the local user associated with the responder profile.

Advantages of Using Responder Profiles

The credentials used to connect to Platform Server for z/OS cannot log on to the z/OS system.
You can reduce the number of RACF definitions required.

Responder profiles can be used for the following requests:

File transfers initiated by Platform Server clients
Command Center Collector and Audit Poll requests
Command Center Node and Profile/RProfile requests
Command Center Execute Platform Transfer requests

Note: Platform Server user profiles and responder profiles can both be used on the same transfer.

Responder Profile Password Rules

You can define password complexity rules for responder profiles. For details, see "Responder Profile Password Rules" in the Global Configuration section.