Resolution
How do I set up generic paths for IFS Approved Entries in Remote Request Management?
fact
VigilEnt Security Agent for AS/400 5.3/6.3
fact
Remote Request Management
fix
Create a new approved entry or use one that has been previously "collected". It may be necessary to create at least two entries depending on what you are allowing. Refer to the following two examples:
Once Collection has been turned off and Exit Points have been "secured", you will likely want to set up generic entries for IFS type transactions (they have information in the "Path" area when you display Approved Requests). These generics may be set up prior to turning off Collection and Securing Exit Points but they will not be used.
Here are some examples:
If you wish to allow the user to perform the function noted for any directory, and any subdirectory/folder under it, you would need two approved entries. The path information would be as follows:
Path Name: /___________________________________ AND
Path Name: /*.*______________
As you set up generic paths, you will find that two entries are often required to accomplish your objective. For example, if you wish to allow transactions in the QIBM directory only (and not any directories beyond this) you would add two entries: /QIBM/ and /QIBM/*.* in the path (entry is case sensitive).
You will find it useful to use existing Approved Entries. Use Opt 3 to copy and modify the path.
You can also copy the generic Approved Entry to user *ALL if you would like to allow everyone to use the same entry. From the RRM Approved Entries screen, choose Option 3 to copy the entry and enter *ALL for the To User:
NOTE: You cannot use a partial directory name with a wildcard such as 123* for directories/folders beginning with 123 in the name.