%META:TOPICPARENT{name="ConfigureUDAFeatures"}%

= Configuring OS-Level Authentication ({{{OpSysLogin}}}) =

The Multi-Tier {{{OpSysLogin}}} feature authenticates users at the operating system level. This provides enhanced security for databases with known security issues, such as older versions of Informix, Ingres, or Progress, which lack internal user authentication.

 <i><b>Note:</b> The {{{OpSysLogin}}} feature requires that the Request Broker run with permissions of the {{{root}}} user. After enabling the feature as described below, we recommend using the [[Security| Multi-Tier security Utility]] to enable ordinary users to launch the Broker with {{{root}}} permissions.</i>

Use the following instructions to configure {{{OpSysLogin}}}, if required for your deployment.

# Log in to the Request Broker host.
# Open the active Rulebook (e.g., {{{oplrqb.ini}}}) in a text editor.
# Locate the {{{[generic_xxxxx]}}} section, which corresponds to the relevant Database Agent. For example:
{{{
[generic_inf2000]
Description = Default settings for Informix 2000 agent
Program     = inf9_mv
Environment = INFORMIX2000
;OpsysLogin  = No
ReUse       = always
;CommandLine    =
;ConnectOptions =
;Directory      = /tmp
;Database       =
;Userid         =
;Password       =
;ReadOnly       = Yes
}}}
# Locate the {{{OpsysLogin}}} parameter.
# Ensure that no semicolon ("{{{;}}}") appears in front of {{{OpSysLogin}}}.
# Set
{{{
OpsysLogin = Yes
}}}
# Save your changes and exit the file.
# Restart or reinitialize ({{{oplshut +reinit}}}) your Request Broker service.