File Formats, Data Descriptions, MIBs, and System Processes Reference
The T_DOMAIN
class represents global application attributes. These attribute values serve to identify, customize, size, secure, and tune a BEA Tuxedo system application. Many of the attribute values represented here serve as application defaults for other classes represented in this MIB.
There is exactly one object of the T_DOMAIN
class for each application. Because of this, there are no key fields defined for this class. A GET
operation on this class will always return information representing this single object. Likewise, a SET
operation will update it. GETNEXT
is not permitted with this class.
UID
and GID
as known to the UNIX systemnum
must be a multiple of 2 or 5num
so that num
times TA_SCANUNIT
is approximately "Default"Numeric key for the well-known address in a BEA Tuxedo system bulletin board. In a single processor environment, this key "names" the bulletin board. In a multiple processor or LAN environment, this key names the message queue of the DBBL. In addition, this key is used as a basis for deriving the names of resources other than the well-known address, such as the names for bulletin boards throughout the application.
Master (LMID1
) and backup (LMID2
) logical machine identifiers. The master identifier (LMID1
) must correspond to the local machine for INActive
applications. SHM
mode applications (see TA_MODEL
below) may set only the master logical machine identifier. Modifications to this attribute value in an ACTive MP
application (see TA_MODEL
below) have the following semantics:
Assuming current active master LMID A
, current backup master LMID B
, and secondary LMIDs C, D, . . .
, the following scenarios define the semantics of permitted changes to the TA_MASTER
attribute in a running MP
mode application.
Note that master migration may be either orderly or partitioned. Orderly migration takes place when the master machine is ACTive
and reachable. Otherwise, partitioned migration takes place. All newly established or reestablished network connections will verify that the two sites connecting share a common view of where the master machine is. Otherwise, the connection will be refused and an appropriate log message generated. The master and backup machines in an ACTive
application must always have a BEA Tuxedo release number greater than or equal to all other machines active in the application. The master and backup machines must be of the same release. Modifications to the TA_MASTER
attribute must preserve this relationship.
Configuration type. SHM
specifies a single machine configuration; only one T_MACHINE
object may be specified. MP
specifies a multi-machine or network configuration; MP
must be specified if a networked application is being defined.
A SET
operation will update configuration and run-time information for the T_DOMAIN
object. The following states indicate the meaning of a TA_STATE
set in a SET
request. States not listed may not be set.
Application defined field. This field is used by the BEA Tuxedo system /Admin GUI product to store and save GUI display preferences.
Default attribute setting for newly configured objects in the T_MACHINE
class. Limitation: Changes to this attribute do not affect active or already configured T_MACHINE
objects.
Default attribute setting for newly configured objects in the T_MACHINE
class. Limitation: Changes to this attribute do not affect active or already configured T_MACHINE
objects.
Default attribute setting for newly configured objects in the T_MACHINE
class. Limitation: Changes to this attribute do not affect active or already configured T_MACHINE
objects.
Expiration date for the binary on that machine or a 0-length string if binary is not a BEA Tuxedo system master binary.
Licensed maximum number of users on that machine or -1 if binary is not a BEA Tuxedo system master binary.
Attribute access mask. User type/access mode combinations specified by this attribute value will no longer be allowed for all class/attribute combinations defined in this reference page. For example, a setting of 0003
disallows all updates to users other than the administrator or the operator.
Default maximum number of clients and servers that can be simultaneously connected to the bulletin board on any particular machine in this application. If not specified, the default maximum number is 50. The T_DOMAIN
value for this attribute can be overridden in the T_MACHINE
class on a per-machine basis.
System administration processes, such as the BBL, restartsrv
, cleanupsrv
, tmshutdown()
, and tmadmin()
, need not be accounted for in this value, but the DBBL, all bridge processes, all system-supplied and application server processes, and all potential client processes at a particular site need to be counted. (Examples of system-supplied servers are AUTHSVR
, TMQUEUE
, TMQFORWARD
, TMUSREVT
, TMSYSEVT
, TMS
(see T_GROUP:TA_TMSNAME
attribute), TMS_QM
, GWTDOMAIN
, and WSL
.) If the application is booting workstation listeners (WSLs) at a particular site, both the WSLs and the number of potential workstation handlers (WSHs) that may be booted need to be counted.
Note that for BEA Tuxedo pre-release 7.1 (6.5 or earlier), both the TA_MAXACCESSERS
and TA_MAXSERVERS
attributes for an application play a part in the user license checking scheme. Specifically, a machine is not allowed to boot if the number of TA_MAXACCESSERS
for that machine + the number of TA_MAXACCESSERS
for the machine (or machines) already running in the application is greater than the number of TA_MAXSERVERS
+ user licenses for the application. Thus, the total number of TA_MAXACCESSERS
for an application must be less than or equal to the number of TA_MAXSERVERS
+ user licenses for the application.
Note also that the user license checking scheme in BEA Tuxedo release 7.1 or later considers only the following two factors when performing its checks: the number of user licenses for an application and the number of licenses currently in use for the application. When all user licenses are in use, no new clients are allowed to join the application.
Limitation: Changes to this attribute do not affect active or already configured T_MACHINE
objects.
Maximum number of simultaneous conversations in which clients and servers on any particular machine in this application can be involved. If not specified, the default is 64 if any conversational servers are defined in the T_SERVER
class, or 1 otherwise. The maximum number of simultaneous conversations per server is 64. The T_DOMAIN
value for this attribute can be overridden in the T_MACHINE
class on a per-machine basis.
Limitation: Changes to this attribute do not affect active or already configured T_MACHINE
objects.
Maximum number of simultaneous global transactions in which any particular machine in this application can be involved. If not specified, the default is 100. The T_DOMAIN
value for this attribute can be overridden in the T_MACHINE
class on a per-machine basis.
Limitation: Changes to this attribute do not affect active or already configured T_MACHINE
objects.
Maximum number of buffer subtypes that can be accommodated in the bulletin board buffer subtype table.
Maximum number of routing table entries that can be accommodated in the bulletin board routing table. One entry per T_ROUTING
class object is required. Additional entries should be allocated to allow for run-time growth.
Maximum number of server groups that can be accommodated in the bulletin board server group table. Limitation: BEA Tuxedo release 4.2.2 and earlier sites have a fixed setting of 100 for this attribute. Interoperability with these sites requires that no more than 100 server group entries be in use at any time. Release 4.2.2 and earlier sites will not be allowed to join an application that has more than 100 defined server groups. Additionally, applications already including release 4.2.2 or earlier sites will not be allowed to add server groups beyond 100.
Specifies the maximum number of configured network groups to be accommodated in the NETWORK
section of the TUXCONFIG
file. This value must be greater than or equal to 1 and less than 8192. If not specified, the default is 8.
Maximum number of machines that can be accommodated in the bulletin board machine table. Limitation: BEA Tuxedo release 4.2.2 has a fixed setting of 256 for this attribute. Releases prior to release 4.2.2 have a fixed setting of 50 for this attribute. Interoperability with release 4.2.2 and earlier sites requires that no more than the lowest fixed setting number of machine table entries be in use at any time. Release 4.2.2 sites will not be allowed to join an application that has more than 256 defined machines. Pre-release 4.2.2 sites will not be allowed to join an application that has more than 50 defined machines. Additionally, applications already including active release 4.2.2 or earlier sites will not be allowed to add machines beyond the lowest applicable limit.
Maximum number of queues to be accommodated in the bulletin board queue table. Limitation: release 4.2.2 and earlier sites may join an active application only if the setting for TA_MAXQUEUES
is equal to the setting for TA_MAXSERVERS
.
Maximum number of routing criteria range table entries to be accommodated in the bulletin board range criteria table. One entry per individual range within a TA_RANGES
specification is required plus one additional entry per T_ROUTING
class object. Additional entries should be allocated to allow for run-time growth.
Maximum string pool space in bytes to be accommodated in the bulletin board string pool table. Strings and carrays specified within TA_RANGES
values are stored in the string pool. Additional space should be allocated to allow for run-time growth.
Maximum string pool space in bytes to be accommodated in the bulletin board common string pool. This value must be greater than or equal to 0 and less than or equal to 2147483640. The default is 0. This attribute applies only to applications running BEA Tuxedo 8.1 or later software.
In most cases, accepting the default for this attribute will result in the BEA Tuxedo system allocating sufficient string pool space for the following TUXCONFIG
parameter strings whose maximum allowed length has been increased to 256 bytes in BEA Tuxedo 8.1: TUXCONFIG
, TUXDIR
, APPDIR
, TLOGDEVICE
, ULOGPFX
, ENVFILE
, TMSNAME
, RCMD
, NADDR
, NLSADDR
, FADDR
, and the SERVERS
section AOUT
.
For applications for which extensive dynamic configuration is anticipated (for example, anticipating the addition of six more machines to a BEA Tuxedo application), administrators can use the TA_MAXSPDATA
attribute to increase the size of the common string pool. Note that adjusting the size of the common string pool has no effect on the size of the of the routing string pool controlled by the TA_MAXRTDATA
attribute. The two string pools are separate.
Regardless of the value specified for TA_MAXSPDATA
, the BEA Tuxedo system will not allocate an amount of string pool space outside of a system-calculated range based on (1) the strings actually specified in the TUXCONFIG
file and (2) the amount of space that would be required if all 256-byte capable strings were specified. The tmloadcf(1)
command will report a warning if the user-specified value is outside of this range and then set the value to the closest acceptable value.
Note that of the TUXCONFIG
parameters whose maximum allowable length has been increased to 256 bytes, only the GROUPS
section TMSNAME
parameter and the SERVERS
section AOUT
and RCMD
parameters are actually stored in the bulletin board. The others are read in at process startup time and stored in process memory.
Maximum timeout in seconds allowed for transactions started in or received by this BEA Tuxedo application. This value must be greater than or equal to 0 and less than or equal to 2147483647. The default is 0, which indicates that no global transaction timeout limit is in effect. This attribute applies only to applications running BEA Tuxedo 8.1 or later software.
If the TA_MAXTRANTIME
timeout value is less than the TRANTIME
timeout value specified for an AUTOTRAN
service or the timeout value passed in a tpbegin(3c)
call to start a transaction, the timeout for a transaction is reduced to the TA_MAXTRANTIME
value. TA_MAXTRANTIME
has no effect on a transaction started on a machine running BEA Tuxedo 8.0 or earlier software, except that when a machine running BEA Tuxedo 8.1 or later software is infected by the transaction, the transaction timeout value is capped—reduced if necessary—to the TA_MAXTRANTIME
value configured for that machine.
Even if the TRANTIME
value specified in the SERVICES
section of the UBBCONFIG
file is greater than the TA_MAXTRANTIME
value, the tmloadcf(1)
command loads the configuration without error. Any BEA Tuxedo 8.1 or later machine infected with the AUTOTRAN
transaction will automatically reduce the transaction timeout to the TA_MAXTRANTIME
value configured for that machine.
Limitation: Run-time modifications to this attribute do not affect transactions started before the update takes place.
Maximum number of servers to be accommodated in the bulletin board server table for this application. If not specified, the default is 50.
All instances of system-supplied and application servers available to an application need to be accounted for in the bulletin board server table, which is a global table, meaning that the same server table resides on each machine in the application. Examples of system-supplied servers are AUTHSVR
, TMQUEUE
, TMQFORWARD
, TMUSREVT
, TMSYSEVT
, TMS
(see T_GROUP:TA_TMSNAME
attribute), TMS_QM
, GWTDOMAIN
, and WSL
.
Administration of each BEA Tuxedo system site adds approximately one system-supplied server. Additionally, the DBBL process and all BBL, bridge, and WSH processes must be accounted for in the TA_MAXSERVERS
value.
Maximum number of services to be accommodated in the bulletin board service table. This value must be greater than 0 and less than 32,766. If not specified, the default is 100.
To calculate an adequate value, be sure to count the number of services used by both application servers and system servers, such as the BBL, DBBL, BRIDGE, TMS, and any other system-supplied servers needed for administrative purposes. For each BEA Tuxedo system site, add approximately five services to accommodate administration for the site. You should also include any administrative services that are added to support administrative components such as Workstation, /Q, and Domains.
Maximum number of group identifiers that can be used for ACL permissions checking. The maximum group identifier that can be defined is TA_MAXACLGROUPS
- 1.
Initial setting of the TP_COMMIT_CONTROL
characteristic for all client and server processes in a BEA Tuxedo system application. LOGGED
initializes the TP_COMMIT_CONTROL
characteristic to TP_CMT_LOGGED
; otherwise, it is initialized to TP_CMT_COMPLETE
. See the description of the BEA Tuxedo System ATMI function tpscmt()
for details on the setting of this characteristic.
Limitation: Run-time modifications to this attribute do not affect active clients and servers.
Default notification detection method to be used by the system for unsolicited messages sent to client processes. This default can be overridden on a per-client basis using the appropriate tpinit()
flag value. Note that once unsolicited messages are detected, they are made available to the application through the application defined unsolicited message handling routine identified via the tpsetunsol()
function.
The value DIPIN
specifies that dip-in-based notification detection should be used. This means that the system will detect notification messages only on behalf of a client process while within ATMI calls. The point of detection within any particular ATMI call is not defined by the system, and dip-in detection will not interrupt blocking system calls. DIPIN
is the default notification detection method.
The value SIGNAL
specifies that signal-based notification detection should be used. This means that the system sends a signal to the target client process after the notification message has been made available. The system installs a signal-catching routine on behalf of clients selecting this method of notification.
The value THREAD
specifies that THREAD
notification should be used. This means that the system dedicates a separate thread for the receipt of unsolicited messages and dispatches the unsolicited message handler in that thread. Only one unsolicited message handler executes at one time per BEA Tuxedo application association. This value is allowed only on platforms that offer support for multithreading. COBOL clients cannot use THREAD
notification, and will default to DIPIN
if THREAD
is in effect.
The value IGNORE
specifies that by default, notification messages are to be ignored by application clients. This would be appropriate in applications where only clients that request notification at tpinit()
time should receive unsolicited messages.
Limitations: Run-time modifications to this attribute do not affect active clients. All signaling of native client processes is done by administrative system processes and not by application processes. Therefore, only native clients running with the same UNIX system user identifier as the application administrator can be notified using the SIGNAL
method. Workstation clients may use the SIGNAL
method, regardless of which user identifier they are running under.
Note: The SIGNAL
notification method is not available for MS-DOS clients.
Default mode used by BEA Tuxedo system libraries within application processes to gain access to BEA Tuxedo system's internal tables. FASTPATH
specifies that BEA Tuxedo system's internal tables are accessible by BEA Tuxedo system libraries via unprotected shared memory for fast access. PROTECTED
specifies that BEA Tuxedo system's internal tables are accessible by BEA Tuxedo system libraries via protected shared memory for safety against corruption by application code. NO_OVERRIDE
can be specified to indicate that the mode selected cannot be overridden by an application process using flags available for use with tpinit(3c) or TPINITIALIZE(3cbl).
Limitations: (1) Updates to this attribute value in a running application affect only newly started clients and newly configured T_SERVER
objects.
(2) Setting TA_SYSTEM_ACCESS
to PROTECTED
may not be effective for multithreaded servers because it is possible that while one thread is executing BEA Tuxedo code, which means it is attached to the bulletin board, another thread might be executing user code. The BEA Tuxedo system cannot prevent such situations.
TA_OPTIONS
: "
{[LAN
| MIGRATE
| ACCSTATS
| NO_XA
| NO_AA
],
*}"
Comma-separated list of application options in effect. Valid options are defined below:
NO_AA
—the auditing and authorization plugin functions will not be called.
Limitation: Only the ACCSTATS
may be set or reset in an active application.
TA_SECURITY
: "
{NONE
| APP_PW
| USER_AUTH
| ACL
| MANDATORY_ACL
}"
Type of application security. A 0-length string value or NONE
for this attribute indicates that security is/will be turned off. The identifier APP_PW
indicates that application password security is to be enforced (clients must provide the application password during initialization). Setting this attribute requires a non-0 length TA_PASSWORD
attribute. The identifier USER_AUTH
is similar to APP_PW
but, in addition, indicates that per-user authentication will be done during client initialization. The identifier ACL
is similar to USER_AUTH
but, in addition, indicates that access control checks will be done on service names, queue names, and event names. If an associated ACL
is not found for a name, it is assumed that permission is granted. The identifier MANDATORY_ACL
is similar to ACL
but permission is denied if an associated ACL
is not found for the name.
Note: If the NO_AA
value is enabled in the TA_OPTIONS
attribute, the security values NONE
, APP_PW
, and USER_AUTH
will continue to work properly—except that no authorization or auditing will take place. The remaining modes of security, ACL
and MANDATORY_ACL
will continue to work properly—but will only use the default BEA security mechanism.
Clear text application password. This attribute is ignored if the TA_SECURITY
attribute is set to nothing. The system automatically encrypts this information on behalf of the administrator.
Application authentication service invoked by the system for each client joining the system. This attribute is ignored if the TA_SECURITY
attribute is set to nothing or to APP_PW
.
Interval of time (in seconds) between periodic scans by the system. Periodic scans are used to detect old transactions and timed-out blocking calls within service requests. The TA_BBLQUERY
, TA_BLOCKTIME
, TA_DBBLWAIT
, and TA_SANITYSCAN
attributes are multipliers of this value. Passing a value of 0 for this attribute on a SET
operation will cause the attribute to be reset to its default.
Multiplier of the TA_SCANUNIT
attribute indicating time between DBBL status checks on registered BBLs. The DBBL checks to ensure that all BBLs have reported in within the TA_BBLQUERY
cycle. If a BBL has not been heard from, the DBBL sends a message to that BBL asking for status. If no reply is received, the BBL is partitioned. Passing a value of 0 for this attribute on a SET
operation will cause the attribute to be reset to its default. This attribute value should be set to at least twice the value set for the TA_SANITYSCAN
attribute value (see below).
Multiplier of the TA_SCANUNIT
attribute indicating the minimum amount of time a blocking ATMI call will block before timing out. Passing a value of 0 for this attribute on a SET
operation will cause the attribute to be reset to its default.
Multiplier of the TA_SCANUNIT
attribute indicating maximum amount of time a DBBL should wait for replies from its BBLs before timing out. Passing a value of 0 for this attribute on a SET
operation will cause the attribute to be reset to its default.
Multiplier of the TA_SCANUNIT
attribute indicating time between basic sanity checks of the system. Sanity checking includes client/server viability checks done by each BBL for clients/servers running on the local machine as well as BBL status check-ins (MP
mode only). Passing a value of 0 for this attribute on a SET
operation will cause the attribute to be reset to its default.
Security principal name identification string to be used for authentication purposes by an application running BEA Tuxedo 7.1 or later software. This attribute may contain a maximum of 511 characters (excluding the terminating NULL character). The principal name specified for this attribute becomes the identity of one or more system processes running in this domain.
TA_SEC_PRINCIPAL_NAME
can be specified at any of the following four levels in the configuration hierarchy: T_DOMAIN
class, T_MACHINE
class, T_GROUP
class, and T_SERVER
class. A principal name at a particular configuration level can be overridden at a lower level. If TA_SEC_PRINCIPAL_NAME
is not specified at any of these levels, the principal name for the application defaults to the TA_DOMAINID
string for this domain.
Note that TA_SEC_PRINCIPAL_NAME
is one of a trio of attributes, the other two being TA_SEC_PRINCIPAL_LOCATION
and TA_SEC_PRINCIPAL_PASSVAR
. The latter two attributes pertain to opening decryption keys during application booting for the system processes running in a BEA Tuxedo 7.1 or later application. When only TA_SEC_PRINCIPAL_NAME
is specified at a particular level, the system sets each of the other two attributes to a NULL
(zero length) string.
Location of the file or device where the decryption (private) key for the principal specified in TA_SEC_PRINCIPAL_NAME
resides. This attribute may contain a maximum of 511 characters (excluding the terminating NULL character).
TA_SEC_PRINCIPAL_LOCATION
can be specified at any of the following four levels in the configuration hierarchy: T_DOMAIN
class, T_MACHINE
class, T_GROUP
class, and T_SERVER
class. When specified at any of these levels, this attribute must be paired with the TA_SEC_PRINCIPAL_NAME
attribute; otherwise, its value is ignored. (TA_SEC_PRINCIPAL_PASSVAR
is optional; if not specified, the system sets it to a NULL
—zero length—string.)
Variable in which the password for the principal specified in TA_SEC_PRINCIPAL_NAME
is stored. This attribute may contain a maximum of 511 characters (excluding the terminating NULL character).
TA_SEC_PRINCIPAL_PASSVAR
can be specified at any of the following four levels in the configuration hierarchy: T_DOMAIN
class, T_MACHINE
class, T_GROUP
class, and T_SERVER
class. When specified at any of these levels, this attribute must be paired with the TA_SEC_PRINCIPAL_NAME
attribute; otherwise, its value is ignored. (TA_SEC_PRINCIPAL_LOCATION
is optional; if not specified, the system sets it to a NULL
—zero length—string.)
During initialization, the administrator must provide the password for each of the decryption keys configured with TA_SEC_PRINCIPAL_PASSVAR
. The system automatically encrypts the password entered by the administrator and assigns each encrypted password to the associated password variable.
Number of seconds into the future that a digital signature's timestamp is allowed to be, when compared to the local machine's clock. If not specified, the default is 3600 seconds (one hour). This attribute applies only to applications running BEA Tuxedo 7.1 or later software.
Number of seconds into the past that a digital signature's timestamp is allowed to be, when compared to the local machine's clock. If not specified, the default is 604800 seconds (one week). This attribute applies only to applications running BEA Tuxedo 7.1 or later software.
If set to "Y"
, every process running in this domain requires a digital signature on its input message buffer. If not specified, the default is "N"
. This attribute applies only to applications running BEA Tuxedo 7.1 or later software.
TA_SIGNATURE_REQUIRED
can be specified at any of the following four levels in the configuration hierarchy: T_DOMAIN
class, T_MACHINE
class, T_GROUP
class, and T_SERVICE
class. Setting SIGNATURE_REQUIRED
to "Y"
at a particular level means that signatures are required for all processes running at that level or below.
If set to "Y"
, every process running in this domain requires an encrypted input message buffer. If not specified, the default is "N"
. This attribute applies only to applications running BEA Tuxedo 7.1 or later software.
TA_ENCRYPTION_REQUIRED
can be specified at any of the following four levels in the configuration hierarchy: T_DOMAIN
class, T_MACHINE
class, T_GROUP
class, and T_SERVICE
class. Setting TA_ENCRYPTION_REQUIRED
to "Y"
at a particular level means that encryption is required for all processes running at that level or below.
Many attributes of this class are tunable only when the application is inactive. Therefore, use of the ATMI interface routines to administer the application is not possible. The function tpadmcall()
is being provided as a means of configuring or reconfiguring an unbooted application. This interface may only be used for configuration (SET
operations) in an inactive application and only on the site being configured as the master site for the application. Once an initial configuration is created and activated, administration is available through the standard ATMI interfaces as described in MIB(5)
.