Connection Profiles
Connection profiles are used to define access methods and security credentials for a specific application. They can be referenced by multiple jobs. To do this, you must deploy the connection profile definition before running the relevant jobs.
ConnectionProfile:Hadoop
These examples show how to use connection profiles for the various types of Hadoop jobs.
Hadoop (all types)
These are the required parameters for all Hadoop job types.
"HADOOP_CONNECTION_PROFILE":
{
"Type" : "ConnectionProfile:Hadoop",
"TargetAgent" : "edgenode",
"TargetCTM" : "CTMHost"
}
}
Parameter | Description |
TargetAgent | The Control-M/Agent to which to deploy the connection profile. |
TargetCTM | The Control-M/Server to which to deploy the connection profile. If there is only one Control-M/Server, that is the default. |
These are the optional parameters for defining the user running the Hadoop job types.
"HADOOP_CONNECTION_PROFILE":
{
"Type" : "ConnectionProfile:Hadoop",
"TargetAgent" : "edgenode",
"TargetCTM" : "CTMHost",
"RunAs": "",
"KeyTabPath":""
}
}
RunAs | Defines the user of the account on which to run Hadoop jobs. Leave this field empty to run Hadoop jobs using the user account where the agent was installed. The Control-M/Agent must run as root, if you define a specific RunAs user. |
In the case of Kerberos security
RunAs | Principal name of the user |
KeyTabPath | Keytab file path for the target user |
Apache Spark
9.0.19.200 The following example shows a connection profile that defines access to a Spark server.
"SPARK_CONNECTION_PROFILE" :
{
"Type" : "ConnectionProfile:Hadoop",
"TargetAgent" : "docker-hadoop5",
"Spark" :
{
"CustomPath" : "/home"
}
}
}
The CustomPath parameter is optional.
Apache Oozie
The following example shows a connection profile that defines access to an Oozie server.
"OOZIE_CONNECTION_PROFILE" :
{
"Type" : "ConnectionProfile:Hadoop",
"TargetAgent" : "hdp-ubuntu",
"Oozie" :
{
"SslEnabled" : false,
"Host" : "hdp-centos",
"Port" : "11000"
}
}
}
Parameter | Description |
---|---|
Host | Oozie server host |
Port | Oozie server port Default: 11000 |
SslEnabled | true | false Default: false |
Apache Sqoop
The following example shows a connection profile that defines a Sqoop data source and access credentials.
"SQOOP_CONNECTION_PROFILE" :
{
"Type" : "ConnectionProfile:Hadoop",
"TargetAgent" : "edgenode",
"TargetCTM" : "CTMHost",
"Sqoop" :
{
"User" : "username",
"Password" : "userpassword",
"ConnectionString" : "jdbc:mysql://mysql.server/database",
"DriverClass" : "com.mysql.jdbc.Driver"
}
}
}
The following table describes the parameters in the example above, as well as several additional optional parameters:
Parameter | Description |
---|---|
User | The database user connected to the Sqoop server |
Password | A password for the specified user If you are updating an existing connection profile and do not want to change the existing password, enter a string of 5 asterisk characters, "*****". |
ConnectionString | JDBC-compliant database: The connection string used to connect to the database |
DriverClass | JDBC-compliant database: The driver class for the driver .jar file, which indicates the entry-point to the driver |
PasswordFile | (Optional) The full path to a file located on the HDFS that contains the password to the database Note: To use a JCEKS file, include the .jceks file extension. |
DatabaseVendor | (Optional) The database vendor of an automatically supported database used with Sqoop, one of the following:
|
DatabaseName | (Optional) Name of an automatically supported database used with Sqoop |
DatabaseHost | (Optional) The host server of an automatically supported database used with Sqoop |
DatabasePort | (Optional) The port number for an automatically supported database used with Sqoop |
Apache Tajo
The following example shows a connection profile that defines access to a Tajo server. Tajo is an advanced data warehousing system on top of HDFS.
"TAJO_CP" :
{
"Type" : "ConnectionProfile:Hadoop",
"TargetAgent" : "edgenode",
"Tajo":
{
"BinaryPath": "$TAJO_HOME/bin/",
"DatabaseName": "myTajoDB",
"MasterServerName" : "myTajoServer",
"MasterServerPort": "26001"
}
}
}
Parameter | Description |
---|---|
BinaryPath | Path to the bin directory where tsql utility is located |
DatabaseName | Name of the Tajo database |
MasterServerName | Host name of the server where the Tajo master is running |
MasterServerPort | Tajo master port number |
Apache Hive
The following example shows a connection profile that defines a Hive beeline endpoint and access credentials. The parameters in the example translate to this beeline command:
beeline -u jdbc:hive2://<Host>:<Port>/<DatabaseName>
"HIVE_CONNECTION_PROFILE" :
{
"Type" : "ConnectionProfile:Hadoop",
"TargetAgent" : "edgenode",
"TargetCTM" : "CTMHost",
"Hive" :
{
"Host" : "hive_host_name",
"Port" : "10000",
"DatabaseName" : "hive_database",
}
}
The following shows how to use optional parameters for a Hadoop Hive job type connection profile.
The parameters in the example translate to this beeline command:
beeline -u jdbc:hive2://<Host>:<Port>/<DatabaseName>;principal=<Principal> -n <User> -p <Password>
"HIVE_CONNECTION_PROFILE1":
{
"Type" : "ConnectionProfile:Hadoop",
"TargetAgent" : "edgenode",
"TargetCTM" : "CTMHost",
"Hive" :
{
"Host" : "hive_host_name",
"Port" : "10000",
"DatabaseName" : "hive_database",
"User" : "user_name",
"Password" : "user_password",
"Principal" : "Server_Principal_of_HiveServer2@Realm"
}
}
}
If you are updating an existing connection profile and do not want to change the existing password, enter a string of 5 asterisk characters, "*****".
ConnectionProfile:FileTransfer
Connection profiles for File Transfers are available for the following types of target servers and communication protocols:
- FTP
- SFTP
- FTPS 9.0.19.120
- Local filesystem
- Amazon Simple Storage Service (Amazon S3) and S3-Compatible Storage 9.0.19.110
- AS2 9.0.19.120
For FTP, SFTP, FTPS, and Local filesystem transfers, you can choose between the following types of connection profiles, depending on the number of hosts for which the connection profile contains connection details:
- Single endpoint: Each connection profile contains the connection details of a single host. Such a connection profile can be used for either the source host or the destination host in a file transfer.
- Dual endpoint: The connection profile contains connection details of two hosts, both the source host and the destination host, in a file transfer.
ConnectionProfile:FileTransfer:FTP
The following examples show a connection profile for a file transfer to a single endpoint using the FTP communication protocol.
Simple ConnectionProfile:FileTransfer:FTP
"FTPConn" : {
"Type" : "ConnectionProfile:FileTransfer:FTP",
"TargetAgent" : "AgentHost",
"TargetCTM" : "CTMHost",
"HostName": "FTPServer",
"Port": "21",
"User" : "FTPUser",
"Password" : "ftp password"
}
}
ConnectionProfile:FileTransfer:FTP with optional parameters
"FTPConn" : {
"Type" : "ConnectionProfile:FileTransfer:FTP",
"TargetAgent" : "AgentHost",
"TargetCTM" : "CTMHost",
"WorkloadAutomationUsers":["john","bob"],
"HostName": "FTPServer",
"Port": "21",
"User" : "FTPUser",
"Password" : "ftp password",
"HomeDirectory": "/home/FTPUser",
"OsType": "Unix"
}
}
TargetAgent | The Control-M/Agent to which to deploy the connection profile. |
TargetCTM | The Control-M/Server to which to deploy the connection profile. If there is only one Control-M/Server, that is the default. |
WorkloadAutomationUsers | (Optional) Control-M users that are allowed to access the connection profile. NOTE: You can use "*" as a wildcard. For example, "e*" Default: * (all users) |
WorkloadAutomationGroups | (Optional) Control-M roles (groups of users) that are allowed to access the connection profile. NOTE: You can use "*" as a wildcard. For example, "e*" Default: Empty (no roles specified) |
Port | Number of the port to listen to for the file transfer. |
VerifyChecksum | (Optional) Enable or disable error detection on file transfer true | false Default: false |
VerifyDestination | (Optional) Verify the size of the file at the destination after a successful binary-mode transfer. true | false Default: true |
VerifyBytes | (Optional) Verify that the number of bytes sent to the destination during a successful binary-mode transfer is the same as the source file. If it is not the same size, the transfer fails. true | false Default: false |
OsType | (Optional) FTP server operating system type Default: Unix Types: Unix, Windows |
Password | (Optional) Password for FTP server account. Use Secrets in code to not expose the password in the code. If you are updating an existing connection profile and do not want to change the existing password, enter a string of 5 asterisk characters, "*****". |
HomeDirectory | (Optional) User home directory |
Passive | Set the FTP client mode. Passive false means active. true | false Default: false true - recommended for servers behind a firewall |
ConnectionProfile:FileTransfer:SFTP
The following examples show a connection profile for a file transfer to a single endpoint using the SFTP (SSH File Transfer Protocol) communication protocol.
Simple ConnectionProfile:FileTransfer:SFTP
"sFTPconn": {
"Type": "ConnectionProfile:FileTransfer:SFTP",
"TargetAgent": "AgentHost",
"TargetCTM" : "CTMHost",
"HostName": "SFTPServer",
"Port": "22",
"User" : "SFTPUser",
"Password" : "sftp password"
}
}
ConnectionProfile:FileTransfer:SFTP with optional parameters
"sFTPconn": {
"Type": "ConnectionProfile:FileTransfer:SFTP",
"TargetAgent": "AgentHost",
"TargetCTM" : "CTMHost",
"HostName": "SFTPServer",
"Port": "22",
"User" : "SFTPUser",
"HomeDirectory": "/home/SFTPUser",
"PrivateKeyName": "/home/controlm/ctm_agent/ctm/cm/AFT/data/Keys/sFTPkey",
"Passphrase": "passphrase",
"SSHCompression": true
}
}
TargetAgent | Which agent computer to deploy the connection profile |
TargetCTM | The Control-M/Server to which to deploy the connection profile. If there is only one Control-M/Server, that is the default. |
WorkloadAutomationUsers | (Optional) Users that are allowed to access the connection profile. NOTE : You can use "*" as a wildcard. For example, "e*" Default: * (all users) |
WorkloadAutomationGroups | (Optional) Control-M roles (groups of users) that are allowed to access the connection profile. NOTE: You can use "*" as a wildcard. For example, "e*" Default: Empty (no roles specified) |
Port | Number of the port to listen to for the file transfer. |
VerifyChecksum | (Optional) Enable or disable error detection on file transfer true | false Default: false |
VerifyDestination | (Optional) Verify the size of the file at the destination after a successful binary-mode transfer. true | false Default: true |
VerifyBytes | (Optional) Verify that the number of bytes sent to the destination during a successful binary-mode transfer is the same as the source file. If it is not the same size, the transfer fails. true | false Default: false |
PrivateKeyName | (Optional) Private key full file path |
Passphrase | (Optional) Password for the private key. Use Secrets in code to not expose the password in the code. If you are updating an existing connection profile and do not want to change the existing password, enter a string of 5 asterisk characters, "*****". |
Password | (Optional) Password for SFTP Server account. Use Secrets in code to not expose the password in the code. If you are updating an existing connection profile and do not want to change the existing password, enter a string of 5 asterisk characters, "*****". |
HomeDirectory | (Optional) User home directory |
SSHCompression | (Optional) Whether to compress the file before the transfer. true | false Default: false |
ConnectionProfile:FileTransfer:FTPS
9.0.19.120 The following example shows a connection profile for a file transfer to a single endpoint using the FTPS (FTP over SSL) communication protocol.
"FTPSConn": {
"Type": "ConnectionProfile:FileTransfer:FTPS",
"HomeDirectory": "/var/home",
"TargetAgent": "sqa",
"TargetCTM": "LocalControlM",
"HostName" : "localhost",
"User" : "controlm",
"Password": "ftps_pass",
"Port": "10021",
"SSLImplicit": false,
"ClearDataChannel": true,
"SSLLevel": "ClientServerAuthentication",
"ClearCommandChannel": true
}
}
TargetAgent | The Control-M/Agent to which to deploy the connection profile. |
TargetCTM | The Control-M/Server to which to deploy the connection profile. If there is only one Control-M/Server, that is the default. |
WorkloadAutomationUsers | (Optional) Control-M users that are allowed to access the connection profile. NOTE: You can use "*" as a wildcard. For example, "e*" Default: * (all users) |
WorkloadAutomationGroups | (Optional) Control-M roles (groups of users) that are allowed to access the connection profile. NOTE: You can use "*" as a wildcard. For example, "e*" Default: Empty (no roles specified) |
Port | Number of the port to listen to for the file transfer. |
VerifyChecksum | (Optional) Enable or disable error detection on file transfer true | false Default: false |
VerifyDestination | (Optional) Verify the size of the file at the destination after a successful binary-mode transfer. true | false Default: true |
VerifyBytes | (Optional) Verify that the number of bytes sent to the destination during a successful binary-mode transfer is the same as the source file. If it is not the same size, the transfer fails. true | false Default: false |
OsType | (Optional) FTPS server operating system type Default: Unix Types: Unix, Windows |
Password | (Optional) Password for FTPS server account. Use Secrets in code to not expose the password in the code. If you are updating an existing connection profile and do not want to change the existing password, enter a string of 5 asterisk characters, "*****". |
HomeDirectory | (Optional) User home directory |
Passive | Set the FTPS client mode. Passive false means active. true| false Default: false true - recommended for servers behind a firewall |
SSLImplicit | Whether to automatically create an SSL connection to the FTPS server (Default port 990). In SSL Explicit mode, a connection is first established with the FTP server and the connection is then changed to SSL mode (FTP over SSL/TLS). true (implicit connection) | false (explicit connection) Default: false |
ClearDataChannel | Whether to encrypt the connection process while files are transferred without encryption. This option is useful if you want your login information encrypted and your files transferred without encryption. true | false Default: true |
SSLLevel | The SSL security level, one of the following:
|
ClearCommandChannel | Whether to set the transmission mode from encrypted mode to clear text mode. You can secure sensitive information, including user name and password, by sending them in an encrypted mode, and then use this parameter to change the transmission mode back to clear text mode to send the port and IP information (FTP over SSL/TLS). true | false Default: true |
ConnectionProfile:FileTransfer:Local
The following example shows a connection profile for a file transfer to a single endpoint on a Local File System.
"LocalConn" : {
"Type" : "ConnectionProfile:FileTransfer:Local",
"TargetAgent" : "AgentHost",
"TargetCTM" : "CTMHost",
"User" : "controlm",
"Password" : "local password"
}
}
TargetAgent | The Control-M/Agent to which to deploy the connection profile. |
TargetCTM | The Control-M/Server to which to deploy the connection profile. If there is only one Control-M/Server, that is the default. |
WorkloadAutomationUsers | (Optional) Users that are allowed to access the connection profile. NOTE : You can use "*" as a wildcard. For example, "e*" Default: * (all users) |
WorkloadAutomationGroups | (Optional) Control-M roles (groups of users) that are allowed to access the connection profile. NOTE: You can use "*" as a wildcard. For example, "e*" Default: Empty (no roles specified) |
VerifyChecksum | (Optional) Enable or disable error detection on file transfer true | false Default: false |
VerifyDestination | (Optional) Verify the size of the file at the destination after a successful binary-mode transfer. true | false Default: true |
VerifyBytes | (Optional) Verify that the number of bytes sent to the destination during a successful binary-mode transfer is the same as the source file. If it is not the same size, the transfer fails. true | false Default: false |
OsType | (Optional) Local server operating system type Default: Unix Types: Unix, Windows |
Password | (Optional) Password for local account. Use Secrets in code to not expose the password in the code. If you are updating an existing connection profile and do not want to change the existing password, enter a string of 5 asterisk characters, "*****". |
ConnectionProfile:FileTransfer:S3:Amazon
9.0.19.110 The following example shows a connection profile for file transfers between a local filesystem and an Amazon S3 storage service.
"testAmazon": {
"Type": "ConnectionProfile:FileTransfer:S3:Amazon",
"Region": "us-west-2",
"AccessKey": "mykey",
"SecretAccessKey": "mysecret",
"VerifyDestination": true,
"TargetAgent": "sqa"
}
}
This connection profile has the following parameters:
TargetAgent | The Control-M/Agent to which to deploy the connection profile. |
Region | The region in which the Amazon S3 storage bucket is located. Specify one of the following regions:
|
AccessKey | The access key to the Amazon S3 storage. |
SecretAccessKey | The secret access key to the Amazon S3 storage. Use Secrets in code to not expose this secret access key in the code. |
VerifyDestination | (Optional) Verify the size of the file at the destination after a successful binary-mode transfer. true | false Default: true |
ConnectionProfile:FileTransfer:S3:Compatible
9.0.19.110 The following example shows a connection profile for file transfers between a local filesystem and an S3-compatible storage service.
"testCompatible": {
"Type": "ConnectionProfile:FileTransfer:S3:Compatible",
"RestEndPoint": "api.com",
"AccessKey": "mykey",
"SecretAccessKey": "mysecret",
"VerifyDestination": true,
"TargetAgent": "sqa"
}
}
This connection profile has the following parameters:
TargetAgent | The Control-M/Agent to which to deploy the connection profile. |
RestEndPoint | The network address where the S3 Compatible Storage is located. |
AccessKey | The access key to the S3 Compatible storage. |
SecretAccessKey | The secret access key to the S3 Compatible storage. Use Secrets in code to not expose this secret access key in the code. |
VerifyDestination | (Optional) Verify the size of the file at the destination after a successful binary-mode transfer. true | false Default: true |
ConnectionProfile:FileTransfer:AS2
9.0.19.120 The following examples show connection profiles for file transfers from a local filesystem to an AS2 server using the AS2 protocol.
Note: File transfers that use the AS2 protocol are supported by Control-M Automation API only in one direction — from a local filesystem to an AS2 server.
Simple ConnectionProfile:FileTransfer:AS2
"AS2_Conn_1": {
"Type": "ConnectionProfile:FileTransfer:AS2",
"TargetCTM": "LocalControlM",
"TargetAgent": "sqa",
"WorkloadAutomationUsers": [
"noAi"
],
"PartnerAS2Id": "partner-as2-id",
"PartnerDestinationUrl": "sqa",
"PartnerCertificateAlias": "partnerCertAlias",
"HostName": "sqa",
"Password": "*****"
}
}
ConnectionProfile:FileTransfer:AS2 with optional parameters
"AS2_Conn_2": {
"Type": "ConnectionProfile:FileTransfer:AS2",
"TargetCTM": "LocalControlM",
"TargetAgent": "sqa",
"WorkloadAutomationUsers": [
"em_user1"
],
"PartnerAS2Id": "partner-as2-id",
"PartnerDestinationUrl": "sqa",
"PartnerCertificateAlias": "partnerCertAlias",
"HostName": "sqa",
"Password": "*****",
"AsyncMdnTimeout": "18120000",
"User": "basicUser",
"SendMessageTimeout": "301000",
"CompressMessage": true,
"SignMessageParameters": {
"SignMessage": false,
"SignatureAlgorithm": "RSA with SHA-384"
},
"EncryptMessageParameters": {
"EncryptMessage": false,
"EncryptionAlgorithm": "tripleDES (DES EDE3)"
},
"RequestReceiptParameters": {
"RequestReceipt": false,
"Mode": "Asynchronous",
"Sign": "Unsigned"
}
}
}
This connection profile has the following parameters:
TargetCTM | The Control-M/Server to which to deploy the connection profile. If there is only one Control-M/Server, that is the default. |
TargetAgent | The Control-M/Agent to which to deploy the connection profile. |
PartnerAS2Id | The logical name of the remote AS2 server |
PartnerDestinationUrl | The URL of the AS2 server |
PartnerCertificateAlias | The alias of the partner certificate that is stored in the AS2 keystore |
Password | (Optional) The password of the HTTP request for the AS2 message. Use Secrets in code to not expose the password in the code. If you are updating an existing connection profile and do not want to change the existing password, enter a string of 5 asterisk characters, "*****". |
AsyncMdnTimeout | (Optional) The number of minutes to wait for the AS2 server to send the receipt before a timeout occurs The default is 18000000 minutes. |
User | The username of the HTTP request for the AS2 message |
SendMessageTimeout | (Optional) The number of seconds to wait for the AS2 server to reply before a timeout occurs The default is 300000 seconds (5000 hours). |
CompressMessage | Whether to compress the AS2 message when sent, either true or false The default is false. |
SignMessageParameters | |
SignMessage | Whether to digitally sign the AS2 message with the algorithm specified by SignatureAlgorithm, either true or false The default is true. |
SignatureAlgorithm | The algorithm to use for signing the AS2 message, one of the following options:
The default is RSA with SHA-1. |
EncryptMessageParameters | |
EncryptMessage | Whether to encrypt the AS2 message with one of the encryption algorithm specified by EncryptionAlgorithm, either true or false The default is true. |
EncryptionAlgorithm | The algorithm to use for encryption of the AS2 message, one of the following options:
The default is CAST5_CBC. |
RequestReceiptParameters | |
RequestReceipt | Whether to receive an MDN receipt of the AS2 message from the AS2 server that confirms that it was received and processed, either true or false The default is true. |
Mode | The mode for receiving the MDN receipt, either Asynchronous or Synchronous The default is Synchronous. |
Sign | The type of MDN receipt to receive, either Signed or Unsigned The default is Signed. |
WorkloadAutomationUsers | (Optional) Users that are allowed to access the connection profile. NOTE : You can use "*" as a wildcard. For example, "e*" Default: * (all users) |
WorkloadAutomationGroups | (Optional) Control-M roles (groups of users) that are allowed to access the connection profile. NOTE: You can use "*" as a wildcard. For example, "e*" Default: Empty (no roles specified) |
VerifyChecksum | (Optional) Enable or disable error detection on file transfer true | false Default: false |
VerifyDestination | (Optional) Verify the size of the file at the destination after a successful binary-mode transfer. true | false Default: false |
VerifyBytes | (Optional) Verify that the number of bytes sent to the destination during a successful binary-mode transfer is the same as the source file. If it is not the same size, the transfer fails. true | false Default: false |
ConnectionProfile:FileTransfer:DualEndPoint
In a dual-endpoint connection profile, you specify connection details for the source host and for the destaination host of the file transfer. Connection details can be based on the FTP, SFTP, or FTPS communication protocols or can be to a local file system.
The following example shows a dual-endpoint connection profile. One endpoint uses the FTP communication protocol and the other endpoint uses the SFTP communication protocol.
"DualEpConn" : {
"Type" : "ConnectionProfile:FileTransfer:DualEndPoint",
"WorkloadAutomationUsers" : [ "em_user1" ],
"TargetAgent" : "AgentHost",
"src_endpoint" : {
"Type" : "Endpoint:Src:FTP",
"User" : "controlm",
"Port" : "10023",
"HostName" : "localhost",
"Password" : "password",
"HomeDirectory" : "/home/controlm/"
},
"dest_endpoint" : {
"Type" : "Endpoint:Dest:SFTP",
"User" : "controlm",
"Port" : "10023",
"HostName" : "host2",
"Password" : "password",
"HomeDirectory" : "/home/controlm/"
}
}
}
The dual-endpoint connection profile can have the following parameters:
TargetAgent | The Control-M/Agent to which to deploy the connection profile. |
TargetCTM | The Control-M/Server to which to deploy the connection profile. If there is only one Control-M/Server, that is the default. |
WorkloadAutomationUsers | (Optional) Users that are allowed to access the connection profile. NOTE: You can use "*" as a wildcard. For example, "e*" Default: * (all users) |
WorkloadAutomationGroups | (Optional) Control-M roles (groups of users) that are allowed to access the connection profile. NOTE: You can use "*" as a wildcard. For example, "e*" Default: Empty (no roles specified) |
VerifyChecksum | (Optional) Enable or disable error detection on file transfer true | false Default: false |
VerifyDestination | (Optional) Verify the size of the file at the destination after a successful binary-mode transfer. true | false Default: true |
VerifyBytes | (Optional) Verify that the number of bytes sent to the destination during a successful binary-mode transfer is the same as the source file. If it is not the same size, the transfer fails. true | false Default: false |
Endpoint | Two endpoint objects, one for the source host and one for the destaination host. Each endpoint can be based on FTP, SFTP, FTPS or local file system. Here are all the possible types of Endpoint objects:
Parameters under the Endpoint object are the same as the remaining parameters for a single-endpoint connection profile, depending on type of connection: |
ConnectionProfile:Database
The connection profile for database allows you to connect to the following database types:
- ConnectionProfile:Database:DB2
- ConnectionProfile:Database:Sybase
- ConnectionProfile:Database:PostgreSQL
- ConnectionProfile:Database:MSSQL
- ConnectionProfile:Database:Oracle
- ConnectionProfile:JDBC
The following example shows how to define an MSSQL database connection profile.
"MSSQL_CONNECTION_PROFILE": {
"Type": "ConnectionProfile:Database:MSSQL",
"TargetCTM":"CTMHost",
"TargetAgent": "AgentHost",
"Host": "MSSQLHost",
"User": "db user",
"Port":"1433",
"Password": "db password",
"DatabaseName": "master",
"DatabaseVersion": "2005",
"MaxConcurrentConnections": "9",
"ConnectionRetryTimeOut": "34",
"ConnectionIdleTime": "45"
},
"MSsqlDBFolder": {
"Type": "Folder",
"testMSSQL": {
"Type": "Job:Database:SQLScript",
"Host": "app-redhat",
"SQLScript": "/home/controlm/sqlscripts/selectArgs.sql",
"ConnectionProfile": "MSSQL_CONNECTION_PROFILE",
"Parameters": [
{ "firstParamName": "firstParamValue" },
{ "second": "secondParamValue" }
],
"Autocommit": "N",
"OutputExcecutionLog": "Y",
"OutputSQLOutput": "Y",
"SQLOutputFormat": "XML"
}
}
}
The following table describes the parameters in the example above, as well as several additional optional parameters.
Parameter | Description |
---|---|
Port | The database port number. If the port is not specified, the following default values are used for each database type:
|
Password | Password to the database account. Use Secrets in code to not expose the password in the code. If you are updating an existing connection profile and do not want to change the existing password, enter a string of 5 asterisk characters, "*****". |
DatabaseName | The name of the database |
DatabaseVersion | The version of the database. The following database drivers are supported in Control-M for database V9:
The default version for each database is the earliest version listed above. |
MaxConcurrentConnections | The maximum number of connections that the database can process at the same time. Allowed values: 1–512 |
ConnectionRetryTimeOut | The number of seconds to wait before attempting to connect again. Allowed values: 1–300 |
ConnectionIdleTime | The number of seconds that the database connection profile can remain idle before disconnecting. Default value: 300 seconds |
ConnectionRetryNum | The number of times to attempt to reconnect after a connection failure. Allowed values: 1–24 |
AuthenticationType | SQL Server Authentication Possible values are:
|
ConnectionProfile:Database:DB2
The following example shows how to define a connection profile for DB2. Additional available parameters are described in the table above.
"DB2_CONNECTION_PROFILE": {
"Type": "ConnectionProfile:Database:DB2",
"TargetCTM":"CTMHost",
"TargetAgent": "AgentHost",
"Host": "DB2Host",
"Port":"50000",
"User": "db user",
"Password": "db password",
"DatabaseName": "db2"
}
}
ConnectionProfile:Database:Sybase
The following example shows how to define a connection profile for Sybase. Additional available parameters are described in the table above.
"SYBASE_CONNECTION_PROFILE": {
"Type": "ConnectionProfile:Database:Sybase",
"TargetCTM":"CTMHost",
"TargetAgent": "AgentHost",
"Host": "SybaseHost",
"Port":"4100",
"User": "db user",
"Password": "db password",
"DatabaseName": "Master"
}
}
ConnectionProfile:Database:PostgreSQL
The following example shows how to define a connection profile for PostgreSQL. Additional available parameters are described in the table above.
"POSTGRESQL_CONNECTION_PROFILE": {
"Type": "ConnectionProfile:Database:PostgreSQL",
"TargetCTM":"CTMHost",
"TargetAgent": "AgentHost",
"Host": "PostgreSQLHost",
"Port":"5432",
"User": "db user",
"Password": "db password",
"DatabaseName": "postgres"
}
}
ConnectionProfile:Database:Oracle
Oracle includes three types of database definition types:
ConnectionProfile:Database:Oracle:SID
The following example shows how to define a connection profile for an Oracle database using the SID identifier. Additional available parameters are described in the table above.
"ORACLE_CONNECTION_PROFILE": {
"Type": "ConnectionProfile:Database:Oracle:SID",
"TargetCTM": "controlm",
"Port": "1521",
"TargetAgent": "AgentHost",
"Host": "OracleHost",
"User": "db user",
"Password": "db password",
"SID": "ORCL"
}
}
ConnectionProfile:Database:Oracle:ServiceName
The following example shows how to define a connection profile for an Oracle database using a single service name. Additional available parameters are described in the table above.
"ORACLE_CONNECTION_PROFILE": {
"Type": "ConnectionProfile:Database:Oracle:ServiceName",
"TargetCTM": "controlm",
"Port": "1521",
"TargetAgent": "AgentHost",
"Host": "OracleHost",
"User": "db user",
"Password": "db password",
"ServiceName": "ORCL"
}
}
ConnectionProfile:Database:Oracle:ConnectionString
The following example shows how to define a connection profile for an Oracle database using a connection string that contains text from your tnsname.ora file. Additional available parameters are described in the table above.
"ORACLE_CONNECTION_PROFILE": {
"Type": "ConnectionProfile:Database:Oracle:ConnectionString",
"TargetCTM":"CTMHost",
"ConnectionString":"OracleHost:1521:ORCL",
"TargetAgent": "AgentHost",
"User": "db user",
"Password": "db password"
}
}
ConnectionProfile:Database:JDBC
The following example shows how to define a connection profile using a custom defined database type created using JDBC. Additional available parameters are described in the table above.
"JDBC_CONNECTION_PROFILE": {
"Type": "ConnectionProfile:Database:JDBC",
"User":"db user",
"TargetCTM":"CTMHost",
"Host": "PGSQLHost",
"Driver":"PGDRV",
"Port":"5432",
"TargetAgent": "AgentHost",
"Password": "db password",
"DatabaseName":"dbname"
}
}
Parmeter | Description |
Driver | JDBC driver name as defined in Control-M or as defined using the Driver object |
Driver:JDBC:Database
You can define a driver to be used by a connection profile. The following example shows the parameters that you use to define a driver:
"MyDriver": {
"Type": "Driver:Jdbc:Database",
"TargetAgent":"app-redhat",
"StringTemplate":"jdbc:sqlserver://<HOST>:<PORT>/<DATABASE>",
"DriverJarsFolder":"/home/controlm/ctm/cm/DB/JDBCDrivers/PostgreSQL/9.4/",
"ClassName":"org.postgresql.Driver",
"LineComment" : "--",
"StatementSeparator" : ";"
}
}
Parameter | Description |
---|---|
TargetAgent | The Control-M/Agent to which to deploy the driver. |
StringTemplate | The structure according to which a connection profile string is created. |
DriversJarsFolder | The path to the folder where the database driver jars are located. |
ClassName | Name of driver class |
LineComment | The syntax used for line comments in the scripts that run on the database. |
StatementSeparator | The syntax used for statement separator in the scripts that run on the database. |
ConnectionProfile:SAP
SAP connection profiles that you create for use by your SAP jobs can be defined for logon to a specific SAP Application Server or for an SAP logon group.
The following example is for a connection profile for a specific SAP Application Server:
"SAP-SERVER-CONN" : {
"Type" : "ConnectionProfile:SAP",
"User" : "my-user",
"Password" : "123456",
"SapClient" : "100",
"Language" : "",
"XBPVersion": "XBP3.0",
"AppVersion": "R3",
"ApplicationServerLogon" : {
"Host" : "localhost",
"SystemNumber" : "12"
},
"SecuredNetworkConnection": {
"SncLib": " " ,
"SncPartnerName": "",
"QualityOfProtection": "2",
"SncMyName":""
},
"SapResponseTimeOut" : "180",
"UseExtended": true,
"SolutionManagerConnectionProfile" : "IP4-GROUP",
"IsSolutionManagerConnectionProfile": true
}
}
The following example is for a connection profile for an SAP logon group:
"SAP-GROUP-CONN" : {
"Type" : "ConnectionProfile:SAP",
"User" : "my-user",
"Password" : "123456",
"SapClient" : "100",
"Language" : "",
"XBPVersion": "XBP3.0",
"AppVersion": "R3",
"GroupLogon": {
"SystemID": "123",
"MessageServerHostName": "msgsv",
"GroupName": "group1"
},
"SecuredNetworkConnection": {
"SncLib": " " ,
"SncPartnerName": "",
"QualityOfProtection": "2",
"SncMyName":""
},
"SapResponseTimeOut" : "180",
"UseExtended": true,
"SolutionManagerConnectionProfile" : "IP4-GROUP",
"IsSolutionManagerConnectionProfile": true
}
}
Parameter | Description |
---|---|
User | SAP user name |
Password | Password for the SAP user If you are updating an existing connection profile and do not want to change the existing password, enter a string of 5 asterisk characters, "*****". |
SapClient | SAP client number, a three-digit number |
Language | The SAP language. The default is English. |
XBPVersion | SAP XBP interface version installed on the SAP server Valid values are:
|
AppVersion | Version of the SAP application, one of the following:
|
GroupLogon | Parameters for defining an SAP logon group |
SystemID | SAP system ID, three alpha-numeric characters |
MessageServerHostName | Host name of the computer on which the SAP System Message Server is running |
GroupName | SAP logon group name The Group name is defined in the SAP SMLG transaction. |
ApplicationServerLogon | Parameters for defining a specific SAP Application Server |
Host | The host name of the computer that runs the SAP Application Server |
SystemNumber | SAP instance number, a two-digit number |
SecuredNetworkConnection | Parameters that you can use to activate a secured network connection |
SncLib | Client full path and file name to SAP crypto lib For example: /home1/agsapfp/SNC/libsapcrypto.sl |
SncPartnerName | SNC name of the application server For example: p:CN=LE1, OU=BPM, O=BMC, C=US |
QualityOfProtection | Quality of the protection Valid values: 1, 2, 3, 8 (default), 9 |
SncMyName | SNC name of the user sending the RFC Default: The name provided by the security product for the user who is logged on. |
SapResponseTimeOut | Number of seconds that the program waits for an RFC request to be handled by the SAP system before returning a timeout error Default: 180 |
UseExtended | Whether the extended functionality of Control-M for SAP should be used, either false (default) or true NOTE: If you select this option, the Control-M Function Modules must be installed on your SAP server, as described in Control-M for SAP XBP interface and Control-M Function Modules in the Control-M for SAP online help. |
SolutionManagerConnectionProfile | Solution Manager connection profile for retrieval of SAP job Documentation This parameter is relevant only if the current connection profile is not a Solution Manager connection profile, as discussed in the next parameter. |
IsSolutionManagerConnectionProfile | Whether the current connection profile is a Solution Manager connection profile, either true or false (the default) |
ConnectionProfile:ApplicationIntegrator
The following example shows how to define a connection profile for a job type defined in the Control-M Application Integrator. For information about the Control-M Application Integrator, see the Control-M Application Integrator Help.
Properties defined for the connection profile in Control-M Application Integrator are all prefixed with "AI-" in the .json code, as shown in the following example.
"AI_CONNECTION_PROFILE": {
"Type": "ConnectionProfile:ApplicationIntegrator:<JobType>",
"TargetAgent": "AgentHost",
"TargetCTM":"CTMHost",
"AI-Param03": "45",
"AI-Param04": "group"
}
}
ConnectionProfile:Informatica
The following example shows how to define a connection profile for an Informatica job:
"INFORMATICA_CONNECTION": {
"Type": "ConnectionProfile:Informatica",
"TargetAgent": "AgentHost",
"TargetCTM": "CTMHost",
"Host": "InformaticaHost",
"Port": "7333",
"User": "UserName",
"Password": "Password",
"PowerCenterDomain": "DomainName",
"Repository": "RepositoryName",
"IntegrationService": "ServiceName",
"SecurityDomain": "Native",
"ConnectionType": "HTTP",
"MaxConcurrentConnections": "100"
}
}
Parameter | Description |
---|---|
TargetAgent | The Control-M/Agent to which to deploy the connection profile |
TargetCTM | The Control-M/Server to which to deploy the connection profile. If there is only one Control-M/Server, that is the default. |
Host | Name of the Informatica web services server |
Port | (Optional) Port number of the Informatica web services server Values range from 1 to 65535. The default is 7333. |
User | Name of a user to log into the Repository |
Password | A password to log into the Repository. Use Secrets in code to not expose the password in the code. If you are updating an existing connection profile and do not want to change the existing password, enter a string of 5 asterisk characters, "*****". |
PowerCenterDomain | Name of the Informatica server that contains the Repository service |
Repository | Name of the repository where the repository folders and workflows are located |
IntegrationService | The Integration Service to use to run the workflows |
SecurityDomain | The name of a Security Domain, a collection of user accounts and groups in a Power Center Domain. If the user name belongs to the native security domain, this parameter is optional, and the default is an empty value. If the user name belongs to an LDAP security domain, this parameter is required. |
ConnectionType | (Optional) Protocol for the connection to the Informatica server, either HTTP (the default) or HTTPS. |
MaxConcurrentConnections | (Optional) The maximum number of allowed concurrent workflows in the connection profile Values range from 1 to 512, with a default value of 100. |
ConnectionProfile:AWS
9.0.19.200 The following example shows how to define a connection profile for an AWS job:
"AWS_CONNECTION": {
"Type": "ConnectionProfile:AWS",
"TargetAgent": "AgentHost",
"TargetCTM": "CTMHost",
"AccessKey": "1234",
"SecretAccessKey": "mysecret",
"Region": "ap-northeast-1"
}
}
Parameter | Description |
---|---|
TargetAgent | The Control-M/Agent to which to deploy the connection profile |
TargetCTM | The Control-M/Server to which to deploy the connection profile. If there is only one Control-M/Server, that is the default. |
AccessKey | AWS account Access Key |
SecretAccessKey | AWS account Secret Access Key |
Region | Location of the AWS user |