Replicating Security Definitions

Event Replicator for Adabas allows you to replicate modifications in the security definitions in an Adabas database. However, to do this, there are some requirements and restrictions of which you need to be aware.

Note:
Adabas Security Facilities, including the Adabas security utility (ADASCR) can be obtained only by special request. If you are interested in Adabas Security Facilities, please contact your Software AG sales representative.

This document covers the following topics:


Restrictions

The following restrictions exist for security definition replication:

  • Security definition replication only replicates security definition actions performed by the ADASCR utility. It does not replicate security definitions used by Adabas SAF Security.

  • Any security file you identify in an SFILE definition cannot also be used in an initial-state definition. In other words, Event Replicator for Adabas does not support the use of security files in initial-state definitions. If you want to populate a target database with an initial snapshot of the security definitions, read Initial-State Processing of Security Definitions.

Requirements

To replicate security definitions, the following requirements must be met:

  1. You must have a supported version of Adabas installed.

  2. The following other SFILE parameters settings are required:

    • The SFSECURITYFILE parameter in the SFILE definition must be set to "YES".

    • A format buffer may not be specified in the SFILE definition. This means that no values may be specified for the SFBAI, SFBBI, SFBKEY, SGFORMATAI, SGFORMATBI, or SGFORMATKEY parameters.

    • No value may be specified for the SFDEFAULTACODE parameter.

    • A transaction filter definition may not be specified. This means that no value may be specified for the SFFILTER parameter.

    • The default value of YES must be specified for the SFREPLICATEDELETE, SFREPLICATEINSERT, SFREPLICATENOTCHANGED, and SFREPLICATEUPDATE parameters.

    • A subscription exit may not be specified. This means that no value may be specified for the SFSEXIT parameter.

    • When you specify SFSECURITYFILE=YES, you indicate that the file specified in the SFILE parameter is the file number of the security file for the source database identified by the SFDBID parameter. Therefore, if SFSECURITYFILE=YES is specified for other subscription SFILE definitions using the same source database (with the same SFDBID setting), the same value must be set for each of the SFILE parameters in the SFILE definition. In other words, it is invalid for a source database (SFDBID setting) to have different file numbers specified for the security file in different subscriptions. For example, source database 10 cannot have the security file specified as both file 15 in one SFILE definition and 20 in another SFILE definition.

    Finally, if SFSECURITYFILE=YES is specified for a source database (SFDBID parameter), then any Adabas destination definitions with same database specified as the destination input database (SFDBID setting equals the DAIDBID setting), must also specify identical file numbers for both the DAIFILE (input file) and DATFILE (target file) parameters.

  3. Replication must be turned on for the security file in the source database. You can turn replication ON for the security file:

    • when you load the security file

    • using the ADADBS REPLICATION function

    • using Adabas Online System (AOS).

Initial-State Processing of Security Definitions

Any security file you identify in an SFILE definition cannot also be used in an initial-state definition. In other words, Event Replicator for Adabas does not support the use of security files in initial-state definitions.

To populate a target database with an initial snapshot of your security definitions, use one of the following methods:

  • Save the source database and restore it on the target database.

  • Once replication is turned on for the source security file, run ADASCR (Adabas security utility) jobs to set all of the security definitions. Replication will then replicate the security definitions to the target database.

  • Run the ADASCR utility on the target database to initially set up the security definitions there.