The QueryClients action parameter is deprecated for Query Manipulation Server version 11.5.0 and later. HPE recommends that you use authorization roles instead. See Authorization Roles Configuration Parameters.

The QueryClients configuration parameter is still available for existing implementations, but it might be incompatible with new functionality. The parameter might be deleted in future.

The QueryClients parameter specifies the IP addresses (or host names) of clients that are permitted to send queries to the ACI port. Separate multiple addresses with commas. There must be no space before or after the comma.

You can use wildcards in the IP address. For example, 187.*.*.* includes any machine with an IP address that starts with 187. You can also filter the QueryClients parameter using CIDR notation.

You can also configure client permissions by using the [AuthorizationRoles] configuration section. This section provides a more flexible method for setting up user authorization, and also allows you to set up permissions by using SSL identities or GSS principals. See Authorization Roles Configuration Parameters.

Configuring an authorization role with StandardRoles set to Query overrides the default value for QueryClients.

To disable authorization by client IP address, set this parameter to "". In this case, Query Manipulation Server uses the options that you set in the [AuthorizationRoles] section only.

Type: String
Default: *
Required: No
Configuration Section: Server
Example: QueryClients=10.1.1.*,
See Also: Port