Right, I said "vendor", BTDT myself. Outsourcer is of course similar, I'd forgotten that case. Still not "common", but at least plausible.
I hadn't heard "Droole & Babble", just "Gruel and Garbage"! Back in 1989, B&B decided they wanted out of the VM business, and fooled my then-management into buying their VM tape and backup management products. I did the technical analysis, said "Toy products, don't buy". Management said "Nah, they have hundreds of customers, it'll be great", so I analyzed the customers. At the time VM was divided into VM/SP and VM/SP HPO, as some of you will remember. This is sort of like VSE vs. MVS, and the customers were overwhelmingly in the VM/SP category, so my second report said "Toy products, toy customers". They bought them anyway. Narrator voice: "It was not great." The products not only barely worked on a good day, but would happily kill your system by modifying real memory to do things they needed to do. Specifically, at the time VM didn't have a way to reassign a tape drive from one user to another without unloading the tape, so they tried to munge control blocks to prevent that--with predictably poor results. Plus the source code they sold us didn't match the shipping products, and there was nobody left there to help reconcile things, so one of our guys spent 18 months trying to do just that. He got close, and then we found someone even dumber than we were and unloaded the products, at somewhat of a loss. I spent the entire 18 months trying not to say "I ****ING TOLD YOU SO" every five minutes. Thanks for ripping the scab off THAT wound! /s -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Steve Thompson Sent: Thursday, February 5, 2026 2:44 PM To: [email protected] Subject: Re: Cross Posted If you work for an outsourcer, yes, you could have all three security products (BTDT with ACS). And you could have JES2 and JES3 environments. For me, as a developer of OBS/ACS Wylbur, I had to know those three and WACF (Wylbur Access Control Facility -- IF I remember the name correctly). And I had to support customers that had them. To cut down on the work load I started working on implementing SAF(?) which allowed a client to run any and I only needed one access interface --- in theory. And I had to know the interfaces for JES2 and JES3 since we had customers split between those. Same kind of problem at Droole & Babble (formerly Boole & Babbage, which is now owned by BMC). And Sterling Commerce's NDM or Connect:Direct -- acquired by IBM (and then sold off...). Steve Thompson On 2/5/2026 2:17 PM, Phil Smith III wrote: > I'm sure you're right (I've heard that the approaches are surprisingly > different), but why would you need to know all three, unless you're going to > a vendor? I've heard of shops with two (typically trying to get to one), but > is it common to have all three?? > > -----Original Message----- > From: IBM Mainframe Discussion List <[email protected]> On > Behalf Of David Spiegel > Sent: Thursday, February 5, 2026 2:13 PM > To: [email protected] > Subject: Re: Cross Posted > > Hi Len, > Your statement is somewhat naive. > RACF has a hierarchical structure (Users and Groups) TSS is user-centric, > unlike the other 2. > ACF2 has a 24-Byte UID String. G-d help you if it is not designed properly. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
