0
793
Question Raghuram Devarakonda · Apr 24, 2017

How to enable OS level authentication from command line?

#Caché

Hi,

I am able to enable OS level authentication for an instance from the UI (System Administration => Security => System Security => Authentication/CSP Session Options) but is there a way this can be done from command line as well?

Thanks,

Raghu

Discussion (7)1
Log in or sign up to continue

Comments

John Murray · Apr 24, 2017

It looks like the AutheEnabled property of Security.System is the equivalent. See class doc here.

Use the Get and Modify classmethods to fetch and update values.

0
Raghuram Devarakonda  Apr 24, 2017 to John Murray

Thanks for the pointer. I couldn't figure out exact code to set "AuthEnabled" property so instead, I used "Import" function to modify it. I found the exact value for "OS Authentication" by exporting from another instance where I enabled it from UI.

Thanks,

Raghu

0
John Murray  Apr 24, 2017 to Raghuram Devarakonda

The AutheEnabled property is an integer value that is treated as a set of bitflags. Here's one way of decomposing it:

%SYS>set sc=##class(Security.System).Get(,.props)
%SYS>for bit=0:1:31 if $zboolean(props("AutheEnabled"),2**bit,1) write !,"Bit ",bit," is set"
 
Bit 4 is set
Bit 5 is set
Bit 6 is set
Bit 10 is set
%SYS>

Documentation for the $ZBOOLEAN function is here. You can use the OR operation (third argument = 7) to set a specific bit within the existing value. For example, to ensure bit 4 (whose meaning is AutheOS) is set:

set props("AutheEnabled")=$zboolean(props("AutheEnabled"),2**4,7)

If you are satisfied with my answer please click on the checkmark alongside its title.

0
David Little  Oct 17, 2018 to John Murray

Thanks John, this was invaluable.  Works for Security.Services class to modify %Services_* too, in case anyone else stumbles across this in the future!

Cheers

0
Enzo Medina  May 12, 2022 to John Murray

Is it possible to set this using iris merge functionality?

0
Pete Greskoff · Apr 24, 2017

You can also do this via ^SECURITY

%SYS>d ^SECURITY
 
1) User setup
2) Role setup
3) Service setup
4) Resource setup
5) Application setup
6) Auditing setup
7) Domain setup
8) SSL configuration setup
9) Mobile phone service provider setup
10) OpenAM Identity Services setup
11) Encryption key setup
12) System parameter setup
13) X509 User setup
14) Exit
 
Option? 12
 
1) Edit system options
2) Edit authentication options

0