This article describes how to start the CIC Agent service as a qualified user, which is the user that has privilege to the network resources being accessed.
Note: The CIC Agent does not yet have the ability to specify certain credentials to access the iSeries. As a result, two options are provided.
- This first option involves the use of a Windows domain user that has the same credentials as an iSeries user, to allow CIC to see the desired IFS or NFS directories.
- The second option is for existing LexiCom customers; utilize LexiCom solely for accessing the iSeries, and set up actions to copy data to/from WIndows network directories that the CIC Agent can access.
Procedure Overview
- Create a new Access Point (to get the PowerShell installation script) in CIC.
- Install and configure your CIC Agent.
-
Add new File System Endpoints in the CIC for both source and destination directories.
- Set up your Dataflows.
Note: The solution described below utilizes UNC paths, not mapped drives. Mapped drives are relative to a logged-on user and their logged-on experience, so are not effective/reliable for CIC Agent communications.
Assumptions
- The iSeries IFS (Integrated File System) and/or the NFS (Native File System) have been set up and shared appropriately.
The IFS is akin to a regular Windows SMB share, while the NFS is the proprietary IBM file system.
NFS structure normally consists of a wide but not deep structure; usually there are .LIB library “directories” under the root library /QSYS.LIB, with .FILE “directories” underneath. The actual data files (.MBR files called “members”) reside in the .FILE “directories”. - The source and destination directory UNC paths are known and reachable via the File Explorer on the client machine (as a connectivity test, when logged in as a valid iSeries user that has privilege to the IFS or NFS directories).
- An iSeries user that has access to the IFS or NFS directories has been identified.
- On the domain server, a new user was created that has the same username and password as the iSeries user (VLTEST).
- The iSeries user’s password does not conflict with the domain server’s password complexity policy requirements.
Values used in this document for sample purposes only
Domain = win2019.local also known as WIN20190.
Domain user = VLTEST with a password of cleocleo.
Domain user group = cleoagents.
IFS network directory UNC path = \\172.16.0.16\ifs_directory\
NFS network directory UNC path = \\172.16.0.16\root\QSYS.LIB\DATA.LIB\DATA.FILE\
iSeries server = 172.16.0.16
iSeries user = VLTEST with password of cleocleo.
Option 1
This first option involves use of a Windows domain user that has the same credentials as an iSeries user, to allow CIC to see the desired IFS or NFS directories. Please note the 5th assumption above regarding the password complexity policy.
Before proceeding with the steps below, also note the following on client machine administrative access. On the client machine (win2019-2), add the desired domain user (VLTEST) or the desired domain group (cleoagents) to the local Administrators group.
Create an Access Point in CIC
Create and save an Access Point from the Network > Access page. As part of this process, a Powershell installation script is provided which, when installed as an administrator, ensures the CIC Agent has sufficient access to content on this Access Point. The status for this Access Point will be Pending, until the Agent is activated and successfully connected to the CIC Cloud.
Install and configure the CIC Agent
- Install the CIC Agent via the PowerShell script. These instructions are provided in the CIC as part of Agent creation.
- Launch the services.msc.
- Stop the Cleo Agent service if running.
- Right-click on the Cleo Agent and select Properties.
- From the Log On tab, select the This Account radio button and click Browse.
- Click the Locations button, and expand the Entire Directory field and select the domain (win2019.local); click OK when done.
- Enter the “iSeries” network username (VLTEST) and password (cleocleo), then confirm password and click OK. A dialog box should appear confirming that the user has been granted access to run the service.
- Start the Cleo Agent service.
- Continue to refresh the Services window (should take no longer than 10 seconds), verifying the Cleo Agent service remains running.
Add a new File System Endpoint in the CIC (for source directory)
These steps take place from the Network > Endpoints page in the CIC.
-
- Create a File System Endpoint and select the newly created Access Point (described above).
- Edit the Access Point path by clicking the button, and enter the UNC path.
For example: \\172.16.0.16\ifs_directory\source\ - After entering the UNC path: click Go, Select, and then Save.
Add a new File System Endpoint in the CIC (for destination directory)
These steps take place from the Network > Endpoints page in the CIC.
-
- Create a File System Endpoint and select the newly created Access Point (described above).
- Edit the Access Point path by clicking the button, and enter the UNC path.
For example: \\172.16.0.16\ifs_directory\dest\ - Once entered, click Go, Select, and then Save.
Setting up Dataflows
Proceed with setting up dataflows to utilize the newly created endpoints.
Option 2
For existing LexiCom customers, utilize LexiCom solely for accessing the iSeries, and set up actions to copy data to/from WIndows network directories that the CIC Agent can access. There is no need to set up a Harmony; just minimize LexiCom’s role to that of a go-between for the iSeries directories and network directories.
Regarding VPNs
CIC itself is unaware of VPN connections, but the CIC Agent can be used with a VPN if the network directories are only reachable by a VPN. The VPN connection must be turned on and operational in order for the CIC Agent to use it. It is recommended to use IP address in place of domain names, if possible, to help alleviate DNS issues related to VPN connectivity.
Comments
0 comments
Please sign in to leave a comment.