This section lists the data that is transferred, indicates the dependencies of the UTM variants and generation parameters and describes in greater detail which user data is always transferred and which it might sometimes not be possible to transfer.

Transfer in standalone applications

The data that KDCUPD transfers from the old KDCFILE to the new one depends on the variant of the UTM application, see also section "Transfer of user data":

• UTM-F applications

  KDCUPD transfers certain changes to the administration data:

  • Passwords and RSA keys

  • if data compression is permitted by means of the generation: information whether data compression is enabled.

  • locales of users and version numbers of load modules on BS2000 systems

  • version number of shared objects on Unix and Linux systems

  • version number of DLLs on Windows systems.

  All available RSA keys of levels 1 to 4 are also transferred in a KDCUPD run. Active keys and keys created using administration facilities but not yet activated are transferred. If, in the old KDCFILE, there are no RSA keys in an encryption level, then nothing is transferred for this level. It can therefore happen that RSA keys generated for this encryption level in the new KDCFILE are not overwritten with 0.

• UTM-S applications

  For UTM-S applications, KDCUPD transfers all changes as for UTM-F applications and in addition transfers administration data and current user data such as global secondary storage areas, asynchronous messages, TLS or ULS areas, and service-specific information etc. from the previous KDCFILE to a newly generated KDCFILE. In the data transfer, the KDCUPD checks whether the owner, the destination or the initiator of the data is missing in the new KDCFILE or if it was deleted by the administration in the previous application run. In this case, KDCUPD does not transfer the data and logs this event.

Transfer in UTM cluster applications on Unix, Linux and Windows systems

In UTM cluster applications, the scope of the transferred data also depends on whether you are performing a node update or a cluster update.

Cluster update

When a cluster update is performed in a UTM cluster application, the management and user data for the GSSB, ULS and the service-specific information from the previous UTM cluster files is imported into the new UTM cluster files irrespective of the variant of the UTM application. If data cannot be transferred, for example because the owner of the service specific data is not present in the new UTM cluster files, then this is logged.

Node update

In the case of a node update, the data that KDCUPD transfers from the old to the new KDCFILE depends on the variant of the UTM application:

• UTM-F applications

  KDCUPD transfers certain changes to the administration data:

  • RSA keys

  • if data compression is permitted by means of the generation: information whether data compression is enabled.

  • version number of shared objects on Unix and Linux systems

  • version number of DLLs on Windows systems.

  All available RSA keys of levels 1 to 4 are transferred in a KDCUPD run. Active keys and keys created using administration facilities but not yet activated are transferred. If, in the old KDCFILE, there are no RSA keys in an encryption level, then nothing is transferred for this level. It can therefore happen that RSA keys generated for this encryption level in the new KDCFILE are not overwritten with 0.

• UTM-S applications

  For UTM-S applications, KDCUPD transfers all changes as for UTM-F applications and in addition transfers administration data and current user data such as asynchronous messages, TLS areas from the previous KDCFILE to a newly generated KDCFILE. In the data transfer, the KDCUPD checks whether the owner, the destination or the initiator of the data is missing in the new KDCFILE or if it was deleted by the administration in the previous application run. In this case, KDCUPD does not transfer the data and logs this event.

For further details, see "Update generation for UTM cluster applications". The effect of the individual parameters in node updates and cluster updates can be found in the description of the TRANSFER statement, see "TRANSFER - control the data transfer of the user data".