Every Optim™ process initiated by a client, whether online (from a Request Editor) or from the Command Line Interface or the ODBC Interface, is run in its own process under the Server. This allows you to start individual processes under explicit user credentials and run multiple processes simultaneously without interfering with each other.
You can choose the credentials used to start these processes.
These credentials determine the network access allowed for the process, and, for Oracle OS Authentication or the Informix® Loader, the User ID used for DBMS access.
The credentials are verified by the system and must include a valid User ID known to the specified security provider. For Windows, an actual logon for the specified user occurs and the process is started under those credentials, as if the user logged on from the console directly. For UNIX or Linux, the effective User ID and Group ID for the process are changed to the credentials specified for running Optim processes.
You can run processes under the authentication provided by the Server credentials. This limits access to the files local to the Server machine or, at least, to the files that are accessible with the Server credentials.
Select Server credentials for processes, as follows:
Note the following when you use the Server credentials to run processes:
You can run processes under an explicit user account to control network access and DBMS logons that use the account for the process (for Oracle OS Authentication and Informix Loader).
You can use the Server to access Optim Directories, DB Aliases, and network shares that individual clients cannot access, and simply restrict the users that can log on to the Server machine. You must require that the credentials in the Optim Server Settings applet (Windows) or pstserv.cfg (UNIX or Linux) be used instead of credentials from the initiating clients, as follows:
You can run processes under the credentials from the workstation used to initiate the process. The process is run with the same rights as if it were run on the initiating machine as a LOCAL request.
Require the use of initiating credentials on the Server as follows:
Also, on each initiating machine, you must provide the credentials for the Server.