Previous Topic: User IDsNext Topic: Testing for Success

IntroductionPasswords

Passwords

Most platforms and shops require a password when logging on a user ID. CA IAS provides a mechanism for storing encrypted passwords and retrieving them during job submission.

Storing passwords in CA IAS can minimize the effort involved when passwords expire and must be changed. For example, a password can be stored once for all jobs using a specific user ID on a given agent. When the password must be changed, it can be changed in one place. All jobs using that user ID on that agent immediately start using the new password.

Each scheduling manager has its own interface to CA IAS, including the facility for defining passwords. See the documentation for your scheduling manager for more information about defining passwords.

Passwords are never displayed. Passwords are encrypted before being stored or transmitted.

A password is associated with a user ID and any combination of agent name, job type, and namespace (such as a domain). Passwords are searched in a most-specific to least-specific order. The order of precedence is agent name, followed by job type, followed by namespace.

Example: How Passwords are Matched with User IDs

Suppose the following passwords have been defined:

User ID

Agent Name

Job Type

Namespace

Password

USERA

 

 

 

ONE

USERA

SYSTEMA

 

 

TWO

USERA

 

NT_JOB

 

THREE

USERA

SYSTEMB

NT_JOB

 

FOUR

USERA

 

 

DOMAINX

FIVE

Consider the following scenarios:

Note: The namespace only applies to selected job types. For example, an HTTP job (HTTP_JOB) accepts two user IDs: a connection user ID and a proxy user ID. HTTP jobs use domain names to distinguish between two user IDs that have the same name, but different passwords. The namespace lets you store multiple passwords for the same user ID/agent/job type combination. Individual job types that take advantage of this feature are described in detail later in this guide.