Re: Is anyone still running..........................

[R.S.]

james smith wrote:

Given the global nature of this list I was curious if any list members
were
aware of any financial organization(s) still running Os/390 V2.10 and/or
still running on G5/G6 processors.  Nice to hear all comments but mainly
interested in the financial sector.


Is it something special in running outdated hardware and software and 
"legacy" application?

Is it something special when financial institutions do it?

I guess you do it and looking for other examples to say management, 
"don't worry, there are other banks which still use OS/390".

Am I right?

--
Radoslaw Skorupka
Lodz, Poland

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Is anyone still running..........................

[Stephen Mednick]

Happen to know of a couple of banks in The Philippines still on OS/390 V2.10.
There may be others in Asia/Pacific.

Stephen Mednick
Computer Supervisory Services
Sydney, Australia

> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of james smith
> Sent: Thursday, 11 January 2007 4:55 PM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Is anyone still running..
> 
> Given the global nature of this list I was curious if any 
> list members were aware of any financial organization(s) 
> still running Os/390 V2.10 and/or still running on G5/G6 
> processors.  Nice to hear all comments but mainly interested 
> in the financial sector.
> 
> Regards
> 
> James F. Smith

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: What is "command reject" trying to tell me?

[Alan Altmark]

On Wed, 10 Jan 2007 16:16:14 -0800, Charles Mills <[EMAIL PROTECTED]> wrote:

>I have just started getting
>IOS000I 0339,5E,CMD,47,0E00,,00AC,volser,jobname,
>
> 80AC000404208400FF010F004EA0AC00
>
> FAILING PARAMETER LIST DATA = 8684 00AC 00AC00 00 
>
> Can someone suggest what sort of problem this might indicate?

I'm not a dasd guru either, but it looks like its trying to read record 0 
on cyl 172.  Is that where the dataset is located?  I think the CMDREJ is 
because the last two bytes are zero, but byte 1 bit 0 says that bytes 14 & 
15 contain a non-zero value.  My info is coming from an old 3880 book at 
http://www.bitsavers.org/pdf/ibm/dasd/GA26-1661-
9_3880_StorageCtrlDescr_Sep87.pdf, so no need to be a "modern dasd 
expert".  Warning: The pages in the PDF file aren't in the right order.

Since I know nothing about the implementation of QSAM on z/OS, I can't 
help you further.  This looks like a problem for the Support Center.  As 
you say, that's a strange error to be getting from QSAM!

Alan Altmark
IBM

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Is anyone still running..........................

[james smith]

Given the global nature of this list I was curious if any list members were
aware of any financial organization(s) still running Os/390 V2.10 and/or
still running on G5/G6 processors.  Nice to hear all comments but mainly
interested in the financial sector.

Regards

James F. Smith
 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Standalone Dump on DASD

[Ed Gould]

John,

It can't be the IPL volume... Standalone needs the IPLTEXT for it own  
use.


Ed

On Jan 10, 2007, at 2:19 PM, Chase, John wrote:


Hi, All,

Getting ready to "transition" from SADMP from/to tape to doing it
from/to DASD.  After reading the SADUMP generation doc in "z/OS 1.7  
MVS

Diagnosis:  Tools and Service Aids", it's still not clear whether the
"residence volume" for the SADUMP program should be a "standalone"
volume, or can be another volume that is not a page or OS RES volume.

Could someone clarify for me?

Also, I couldn't find the previous discussion in the archives about  
how
many DASD volume should be available to receive the standalone  
dump.  We

plan to use "mod-9s", but how many should we have available?  Largest
LPAR will have 12 GiB central storage and run around 500 address  
spaces.

z9-EC box, if that makes a difference.

TIA,

-jc-


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: How to debug WQE modification by SSI

[Scott Fagen]

On Tue, 9 Jan 2007 23:29:02 -0600, Patrick O'Keefe <[EMAIL PROTECTED]>
wrote:

>And add another question to the list:
>What related process would make commands entered from the same console
>not be copied to SYSLOG?

Something that may be 'non-obvious' is the hardcopy setting for command
responses.

>From z/OS V1R6.0 MVS System Commands:

3.5.1.2 Selecting Commands and Command Responses for the Hardcopy Message Set


Unless you specify otherwise, the system includes all operator and system
commands, responses, and status displays (including static and time-interval
updated status displays) in the hardcopy message set. To request that some
commands and command responses not be included in the hardcopy message set,
the system gives you the following choices on the VARY ,HARDCPY command:

NOCMDS
The system does not include operator commands or their responses in the
hardcopy message set.

INCMDS
The system includes all operator commands and their responses, excluding
any status displays, in the hardcopy message set.

STCMDS
The system includes all operator commands and their responses, excluding
dynamic status displays, in the hardcopy message set.

CMDS
The system includes all operator commands and their responses, including
all status displays (both dynamic and static), in the hardcopy message set.

Is it possible someone set hardcopy to "NOCMDS" in CONSOLxx or via the VARY
SYSLOG,HARDCPY command?

Scott Fagen
z/OS Core Technology Design
IBM Poughkeepsie

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: ISGAMF00 problem

[Scott Fagen]

On Fri, 5 Jan 2007 09:10:29 -0500, Rob Scott <[EMAIL PROTECTED]>
wrote:

>I would put my money on the fact that SCOPE=STEP enqueues are
>maintained in structures and queues in the GRS address space just like
>other SCOPEs - I would be amazed if GQSCAN caused GRS to shot SRBs into
>foreign address spaces to trawl thru LSQA.
>
>
>Rob Scott

Rob's money would be on the right spot.

Scott Fagen
z/OS Core Technology Design
IBM Poughkeepsie

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: ISGAMF00 problem

[Scott Fagen]

On Fri, 5 Jan 2007 11:56:41 +0100, R.S. <[EMAIL PROTECTED]> wrote:

>Scott,
>Thnk you for the explanation. Indeed - I'm not happy of such surprise.
>However I have on more question:
>Can I see scope=STEP enq's using D GRS,RES=(q,r) command ?
>My experiments say I cannot.
>
>Or, more general: is there any method to dsiplay STEP enqueues ?
>
>Regards
>--
>Radoslaw Skorupka
>Lodz, Poland

Radoslaw,

Yes, D GRS,RES= will show STEP ENQs held on the system.  For this example, I
ran a job that obtained 3 ENQs, called SYSTEMS.ENQ, SYSTEM.ENQ, and
STEP.ENQ.  Here's what comes out on the console:

d grs,res=(*,enq),l=z   
ISG343I 21.48.51 GRS STATUS 803 
S=STEPSTEP ENQ  
SYSNAMEJOBNAME ASID TCBADDR   EXC/SHRSTATUS 
FAGEN1GRSTOOL0027   004EAE88   SHARE  OWN   
S=SYSTEM  SYSTEM   ENQ  
SYSNAMEJOBNAME ASID TCBADDR   EXC/SHRSTATUS 
FAGEN1GRSTOOL0027   004EAE88   SHARE  OWN   
S=SYSTEMS SYSTEMS  ENQ  
SYSNAMEJOBNAME ASID TCBADDR   EXC/SHRSTATUS 
FAGEN1GRSTOOL0027   004EAE88   SHARE  OWN

As mentioned in another post, VERBX GRSTRACE and the GRSDATA IPCS commands
will also display the held STEP ENQs at the time of the dump, if the data
are available in the dump.

Scott Fagen
z/OS Core Technology Design
IBM Poughkeepsie

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

What is "command reject" trying to tell me?

[Charles Mills]

I've got a fairly straightforward assembler subroutine that does GETs on a
RECFM=FB DCB - nothing fancy. The code is under development, but this part
of the code has been working.

 

I have just started getting

 

IOS000I 0339,5E,CMD,47,0E00,,00AC,volser,jobname, 

 80AC000404208400FF010F004EA0AC00  

 FAILING PARAMETER LIST DATA = 868400AC00AC 

 

The SYNAD data is 0339,D,SYS00029,GET   ,COMMAND REJECT ,00AC00,QSAM


 

Can someone suggest what sort of problem this might indicate? I have written
EXCP and CCW chains back in the S/360 days so I am generally familiar with
channel and DASD concepts, but why should I be getting a command reject when
QSAM is building the CCWs? I have RTFM but without being a modern DASD CCW
expert, I don't know quite what to make of the information there.

 

Thanks, 

Charles Mills



 


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Arcane scripting language for web server

[Rupert Reynolds]

I'm playing with a new web server and some wag suggested that a proper 
test of things would be to implement a /really/ /different/ scripting 
language.


I discounted a few (including TXL (Turing) and APL!) and eventually 
settled on Assembler H in a S/370 sort of environment, since a friend 
here is also a reformed bit-twiddler and should be able to help--he 
owes me a favour ever since he asked me to hack together a public web 
server actually running on MVS 3.8/Hercules, then promptly forgot what 
he'd wanted it for!


I've still got some emulator code tucked away somewhere, so it 
shouldn't be too much hard work to bolt it on, but I doubt it'll 
support JITA (Just In Time Assembly) :-)


The only downside I can see it that I can't think of any job on the 
web it'd be the best tool for. Perhaps I'll bolt Rexx in beside it for 
practical purposes.


Does anyone have suggestions/comments before I commit the last thin 
strands of my sanity to this, please? :-)


Roo

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forbidding Special characters in passwords

[Ulrich Boche]

[EMAIL PROTECTED] wrote:
I am constantly amazed at the number of sites which FORBID the use of 
special characters in passwords and userid's.  And by the sites which 
LIMIT the length of passwords and userid's.  Since the number of possible 
combinations increases exponentially with the possibe values for each 
character and the number of characters, I cannot fathom why they impose 
such limits.  But they do on such financial sites as Vanguard Mutual 
Funds, Scottrade, and World Savings.  I eMail them regularly and complain, 
but I have seen no changes so far.  There may be a case for forbidding 
certain special characters, and I  think that requiring special characters 
might be counter productive, but I cannot see any logical reason for 
completely forbidding them. 



Well, RACF for example doesn't allow special characters (apart from $, 
#, and @) in passwords. This makes it very difficult for any site to 
allow such characters if the user repository is RACF (or Top Secret or 
ACF/2).

--
Ulrich Boche
SVA GmbH, Germany
IBM Premier Business Partner

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: zNALC in an LPAR and z/VSE V4 Sub-Capacity Pricing

[Al Sherkow]

z/OS.e and NALC are the same price. The primary difference being the
limitations of z/OS.e and that z/OS.e could be a sub-capacity pricing metric
while NALC was full capacity. 

Ed was correct that zNALC is priced lower than either once the billable MSUs
are above 45MSUs. The difference is not large, at 175 MSUs z/OS.e is $6,300
and z/OS with zNALC is $6,040 (USD). 

The big difference between NALC and zNALC is sub-capacity in an LPAR rather
than a dedicated machine. Also it seems more clear cut to me as to what is a
"Qualifying Workload" for zNALC. While the zNALC LPAR is to be dedicated to
the "Qualifying Workload" the database server used for the "Qualifying
Workload" can also be in the zNALC partition. This allows DB2 to be with
WebSphere if DB2 is the database server for a WebSphere "Qualifying Workload". 

Al Sherkow, I/S Management Strategies, Ltd.
Consulting Expertise on Capacity Planning, Performance Tuning,
WLC, LPARs, IRD and LCS Software
Seminars on IBM SW Pricing, LPARs, and IRD
Voice: +1 414 332-3062 
Web: www.sherkow.com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: z New Application License Charges (zNALC) Announced

[Hal Merritt]

That may be true, but sadly not relevant in this context. z/os under
z/VM is not qualified for zNALC. 

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of McKown, John
Sent: Wednesday, January 10, 2007 1:28 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: z New Application License Charges (zNALC) Announced

> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of Hal Merritt
> Sent: Wednesday, January 10, 2007 1:19 PM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: z New Application License Charges (zNALC) Announced
> 
> 
> Agreed. But it does. There is a proposed stepwise procedure where you
> first change the name to '*', then to the target name. I plan to test
> that on my DR box in a week or so.

All of which simply proves the inherent superiority of z/VM over LPAR.

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage
Administrative Services Group
Information Technology
 
NOTICE: This electronic mail message and any files transmitted with it are 
intended exclusively
for the individual or entity to which it is addressed. The message, together 
with any attachment, may contain confidential and/or privileged
information. Any unauthorized review, use, printing, saving, copying, 
disclosure 
or distribution is strictly prohibited. If you have received this message in 
error, please immediately
advise the sender by reply email and delete all copies.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Standalone Dump on DASD

[Clark Kevin (DTI)]

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Mark Zelden
Sent: Wednesday, January 10, 2007 4:47 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Standalone Dump on DASD

On Wed, 10 Jan 2007 16:32:16 -0500, Thomas H Puddicombe
<[EMAIL PROTECTED]>
wrote:



Probably not true.  The most important stuff is dumped first. In
the SHARE presentation from Greg Dyck that I mentioned in my last
post,
he says this:

>"95% of failures are solved using 5% of dumped data (my
guesstimate)"

>So even if you run out of space during your SADUMP or only have
time
>say 10-15 minutes) to let it run before re-IPLing (SLAs), there is
>>still
>>a good chance you will have what is needed.

>>> 

SO TRUE... Just getting the MTTRACE has help me on many occasions. Let
it run

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[Jim Phoenix]

If it is, it is awfully generous.  Or maybe is just uses a generous 
curve.  :-D


Edward Jaffe wrote:

Jon Brock wrote:
I know some people think that C is the best programming language 
in history, but this is one reason -- another being the tendency it 
engenders for pointer problems -- that I could never get into it 
wholeheartedly.
  


Isn't "C" the language that grades itself?



--
| Jim Phoenix  | Voice:   (310) 338-0400 x316   |
| Senior Software Developer| Fax: (310) 338-0801|
| Phoenix Software International   | Alt fax: (310) 337-2685|
| 5200 W. Century Blvd., Suite 800 | [EMAIL PROTECTED] |
| Los Angeles, CA 90045| http://www.phoenixsoftware.com |

Opinions expressed by this individual are not necessarily those of the Company.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Standalone Dump on DASD

[Mark Zelden]

On Wed, 10 Jan 2007 16:32:16 -0500, Thomas H Puddicombe <[EMAIL PROTECTED]>
wrote:

>Assume that standalone dump is going to copy the contents of real storage
>and the "live" contents of the page datasets to the standalone dump
>dataset.
>
>You don't want to run out:  if you do, the one page not dumped
>successfully will contain the key datum to solve the problem.
>

Probably not true.  The most important stuff is dumped first. In
the SHARE presentation from Greg Dyck that I mentioned in my last post,
he says this:

"95% of failures are solved using 5% of dumped data (my guesstimate)"

So even if you run out of space during your SADUMP or only have time
(say 10-15 minutes) to let it run before re-IPLing (SLAs), there is still
a good chance you will have what is needed.

Mark
--
Mark Zelden
Sr. Software and Systems Architect - z/OS Team Lead
Zurich North America / Farmers Insurance Group - GITO
mailto:[EMAIL PROTECTED]
z/OS and OS390 expert at http://searchDataCenter.com/ateExperts/
Systems Programming expert at http://expertanswercenter.techtarget.com/
Mark's MVS Utilities: http://home.flash.net/~mzelden/mvsutil.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Standalone Dump on DASD

[Shane Ginnane]

> You don't want to run out:  if you do, the one page not dumped 
> successfully will contain the key datum to solve the problem.

M - not so sure about this.
When I tested this (back in er..., 1.2 maybe) I'm pretty sure it spilled 
to cart.
Slow, but worked.

Pretty easy to test during the cutover.

Shane ...

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Standalone Dump on DASD

[Thomas H Puddicombe]

Assume that standalone dump is going to copy the contents of real storage 
and the "live" contents of the page datasets to the standalone dump 
dataset. 

You don't want to run out:  if you do, the one page not dumped 
successfully will contain the key datum to solve the problem.



This is a PRIVATE message. If you are not the intended recipient, please 
delete without copying and kindly advise us by e-mail of the mistake in 
delivery. NOTE: Regardless of content, this e-mail shall not operate to 
bind CSC to any order or other contract unless pursuant to explicit 
written agreement or government initiative expressly permitting the use of 
e-mail for such purpose.





Mark Zelden <[EMAIL PROTECTED]> 
Sent by: IBM Mainframe Discussion List 
01/10/2007 04:11 PM
Please respond to
IBM Mainframe Discussion List 


To
IBM-MAIN@BAMA.UA.EDU
cc

Subject
Re: Standalone Dump on DASD






On Wed, 10 Jan 2007 14:19:03 -0600, Chase, John <[EMAIL PROTECTED]> wrote:

>Hi, All,
>
>Getting ready to "transition" from SADMP from/to tape to doing it
>from/to DASD.  After reading the SADUMP generation doc in "z/OS 1.7 MVS
>Diagnosis:  Tools and Service Aids", it's still not clear whether the
>"residence volume" for the SADUMP program should be a "standalone"
>volume, or can be another volume that is not a page or OS RES volume.
>
>Could someone clarify for me?

Any other volume that does not have IPL text already and is not a
page volume. I've always used a dlib volume.  Some people use a 
secondary sysres volume. 

>
>Also, I couldn't find the previous discussion in the archives about how
>many DASD volume should be available to receive the standalone dump.  We
>plan to use "mod-9s", but how many should we have available?  Largest
>LPAR will have 12 GiB central storage and run around 500 address spaces.
>z9-EC box, if that makes a difference.

I thought there was something in the archives.  I think the FM says
"a lot".  :-) 

In a similar environment, I have 9 3390-3s. I think it all fit when
I had to take a SADUMP sometime last year.   In a larger environment
we have 16 3390-3s. 

If you have access to SHARE presentations, there was one from Greg 
Dyck from July 2001 - session 2823.  It includes information on the
changes in z/OS 1.2.

Mark
--
Mark Zelden
Sr. Software and Systems Architect - z/OS Team Lead
Zurich North America / Farmers Insurance Group - GITO
mailto:[EMAIL PROTECTED]
z/OS and OS390 expert at http://searchDataCenter.com/ateExperts/
Systems Programming expert at http://expertanswercenter.techtarget.com/
Mark's MVS Utilities: http://home.flash.net/~mzelden/mvsutil.html



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[Edward Jaffe]

Jon Brock wrote:

I know some people think that C is the best programming language in 
history, but this is one reason -- another being the tendency it engenders for 
pointer problems -- that I could never get into it wholeheartedly.
  


Isn't "C" the language that grades itself?

--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Standalone Dump on DASD

[Mark Zelden]

On Wed, 10 Jan 2007 14:19:03 -0600, Chase, John <[EMAIL PROTECTED]> wrote:

>Hi, All,
>
>Getting ready to "transition" from SADMP from/to tape to doing it
>from/to DASD.  After reading the SADUMP generation doc in "z/OS 1.7 MVS
>Diagnosis:  Tools and Service Aids", it's still not clear whether the
>"residence volume" for the SADUMP program should be a "standalone"
>volume, or can be another volume that is not a page or OS RES volume.
>
>Could someone clarify for me?

Any other volume that does not have IPL text already and is not a
page volume. I've always used a dlib volume.  Some people use a 
secondary sysres volume.  

>
>Also, I couldn't find the previous discussion in the archives about how
>many DASD volume should be available to receive the standalone dump.  We
>plan to use "mod-9s", but how many should we have available?  Largest
>LPAR will have 12 GiB central storage and run around 500 address spaces.
>z9-EC box, if that makes a difference.

I thought there was something in the archives.  I think the FM says
"a lot".  :-)   

In a similar environment, I have 9 3390-3s. I think it all fit when
I had to take a SADUMP sometime last year.   In a larger environment
we have 16 3390-3s. 

If you have access to SHARE presentations, there was one from Greg 
Dyck from July 2001 - session 2823.  It includes information on the
changes in z/OS 1.2.

Mark
--
Mark Zelden
Sr. Software and Systems Architect - z/OS Team Lead
Zurich North America / Farmers Insurance Group - GITO
mailto:[EMAIL PROTECTED]
z/OS and OS390 expert at http://searchDataCenter.com/ateExperts/
Systems Programming expert at http://expertanswercenter.techtarget.com/
Mark's MVS Utilities: http://home.flash.net/~mzelden/mvsutil.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: [SPAM] RE: IEBGENER and unlabled tape

[Mark H. Young]

Yes, LABEL=(AL) is for ANSI labels, but not used if it's an non-labeled or 
unlabeled tape.  The DCB=OPTCD=Q is required in IBM JCL (especially if 
it's NL), when bringing across a tape from a foreign NON-IBM system (like 
UNIX, UNISYS, etc). This tells IBM's OS to translate from ASCII to EBCDIC, 
as 'other' systems write in ASCII.
Just my 2 cents worth.Mark

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: z New Application License Charges (zNALC) Announced

[Mark Zelden]

>A POR should no longer be required to rename an LPAR.
>

As long as you plan ahead and have a z990/z890/z9EC/z9BC. At least 
one is (was) required, but that could have been when you installed
the box.  

Mark
--
Mark Zelden
Sr. Software and Systems Architect - z/OS Team Lead
Zurich North America / Farmers Insurance Group - GITO
mailto:[EMAIL PROTECTED]
z/OS and OS390 expert at http://searchDataCenter.com/ateExperts/
Systems Programming expert at http://expertanswercenter.techtarget.com/
Mark's MVS Utilities: http://home.flash.net/~mzelden/mvsutil.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: DFSort oddity

[David Betten]

Neal Eckhardt wrote:
> I have been testing different values for HIPRMAX to limit the amount
> of expanded storage it uses.
>
> It appears that DFSort uses a Hiperspace OR a Data Space. Specifying
> HIPRMAX=1% will result in no usage of Data Spaces. Why not?
>
> The EXCP counts on SORTIN and SORTOUT are different depending on
> wether a Hiperspace is used or a Data Space is used (counts below).
> Why would SORTIN and SORTOUT EXCP counts be different?
>
> Neal
>
> Dataspace:
>
> DEVICE ACTIVITY:  (BLOCK COUNT, DDNAME, DEVICE, DEVICE TYPE)
> 229 SORTIN   1123 3390125 SORTOUT  1228 3390
> 193 SORTWK04 103E 339
> 195 SORTWK02 103F 3390191 SORTWK01 1227 3390
> 184 SORTWK03 1229 339
>   2 SORTWK05 1228 3390  1 SORTWK06 1228 3390
>
> Hiperspace:
>
> DEVICE ACTIVITY:  (BLOCK COUNT, DDNAME, DEVICE, DEVICE TYPE)
> 117 SORTIN   1123 3390299 SORTOUT  1227 3390
> 346 SORTWK02 103E 3390
> 332 SORTWK05 103E 3390340 SORTWK03 103F 3390
> 321 SORTWK01 1228 3390
> 321 SORTWK04 1229 3390  1 SORTWK06 1227 3390


You are correct that DFSORT will use Hiperspace OR Dataspace.  It will not
use them together.  Note that in DFSORT V1R5 it's Memory Object or
Hiperspace or Dataspace.

When you specify HIPRMAX=1% and there is no usage of Dataspace, does the
sort use Hiperspace instead or neither?

The EXCP counts are going to vary between the two methods because of the
way DFSORT allocates storage for i/o buffers.  DFSORT allocates different
control blocks and internal storage areas differently for the two methods.

If you would like to investigate this in more detail, you can send me the
sysouts from your runs and I can take a look at them.

It would be helpful to understand what your objective is in this testing.
Generally, we recommend you let DFSORT select the method that's optimal for
each sort based on the characteristics of the sort and the available
resources on the system.

Dave Betten
IBM DFSORT Performance Lead
[EMAIL PROTECTED]

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: zNALC in an LPAR and z/VSE V4 Sub-Capacity Pricing

[Al Sherkow]

I believe zNALC will be usable for some inhouse written applications: From
the intro to the zNALC annoucement 207-006: "a qualified "new workload"
application (Qualified Application) such as Java™ language business
applications running under WebSphere® Application Server,"

and later in the detail of 2.(c): "(c) It is a Java language business
application running under WebSphere Application Server (or equivalent).
These do not include systems management tools."

Al Sherkow, I/S Management Strategies, Ltd.
Consulting Expertise on Capacity Planning, Performance Tuning,
WLC, LPARs, IRD and LCS Software
Seminars on IBM SW Pricing, LPARs, and IRD
Voice: +1 414 332-3062 
Web: www.sherkow.com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: z New Application License Charges (zNALC) Announced

[Al Sherkow]

My understanding is that LPAR name changes could be dynamic since the z990
was delivered. I've been advising people for years to have extra LPARs (yes
that is plural) defined to avoid the need for the POR, and the z990 allowed
sites to have extra LPARs defined and then to change the name to something
meaningful when they were ready to use those LPARs.

No one wants to be person to point out "Building that LPAR is a good idea,
but we need to shut down the whole machine to define it".

You have some time to rename your LPAR or define new LPARs because the
earliest date to collect data for SCRT is 2Apr2007. 

Al Sherkow, I/S Management Strategies, Ltd.
Consulting Expertise on Capacity Planning, Performance Tuning,
WLC, LPARs, IRD and LCS Software
Seminars on IBM SW Pricing, LPARs, and IRD
Voice: +1 414 332-3062 
Web: www.sherkow.com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Standalone Dump on DASD

[Chase, John]

Hi, All,

Getting ready to "transition" from SADMP from/to tape to doing it
from/to DASD.  After reading the SADUMP generation doc in "z/OS 1.7 MVS
Diagnosis:  Tools and Service Aids", it's still not clear whether the
"residence volume" for the SADUMP program should be a "standalone"
volume, or can be another volume that is not a page or OS RES volume.

Could someone clarify for me?

Also, I couldn't find the previous discussion in the archives about how
many DASD volume should be available to receive the standalone dump.  We
plan to use "mod-9s", but how many should we have available?  Largest
LPAR will have 12 GiB central storage and run around 500 address spaces.
z9-EC box, if that makes a difference.

TIA,

-jc-


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: z New Application License Charges (zNALC) Announced

[Chase, John]

> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of McKown, John
> 
> > -Original Message-
> > From: IBM Mainframe Discussion List On Behalf Of Hal Merritt
> > 
> > Agreed. But it does. There is a proposed stepwise procedure where
you 
> > first change the name to '*', then to the target name. I plan to
test
> > that on my DR box in a week or so.
> 
> All of which simply proves the inherent superiority of z/VM over LPAR.

But z/VM costs "real money".  LPAR is "free".

-jc-

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: special characters in passwords

[Anne & Lynn Wheeler]

Arthur T. wrote:
> also didn't list some minor ones (like the code to the push-button locks 
on the doors).  I also didn't list all of the passwords and PINs needed 
in my personal life.  Note that in about a quarter of the above, I could 
not be sure that the password was end-to-end encrypted, and thus had to 
be different from all other passwords.


 I believe that when Schneier said to write down passwords, he did 
mean work-related ones, too.  And I agree.  The alternative is that 
you'll have people with the same password on a weak system (maybe 
internal website) as a strong system (mainframe RACF).




it doesn't have to be two different "strong" systems ... the major source
of exploits, compromises, fraud ... etc are insiders ... all it takes is an
insider in one domain, using common password to attack some other domain.

slight allegory is that compromised merchant point-of-sale terminals are 
typically
used to skim/harvest information and then (effectively replay) attack at some
completely different merchant ... as opposed to using a compromised 
point-of-sale
terminal to directly do fraudulent transactions.

there is also a allegory with SSL used for encrypting financial transactions 
... there
are an enormous number of areas where the financial transaction as accessed and
stored ... while SSL is only used to hide the information for a fleeting moment
while it transits the internet.

in any case, that was one of the reasons i took a look at what would be 
necessary to
morph from an institutional-centric authentication paradigm to a person-centric 
authentication paradigm ... previous post in thread:

http://www.garlic.com/~lynn/2007b.html#12 Special characters in passwords was: 
Re: RACF - Password rules

a prevalent and widely deployed single-sign-on infrastructure is based on 
kerberos ... a couple
recent posts mentioning kerberos
http://www.garlic.com/~lynn/2007.html#15 SSL info
http://www.garlic.com/~lynn/2007.html#32 V2X2 vs. Shark (SnapShot v. FlashCopy)

and lots of past posts mentioning kerberos and/or pk-init (i.e. where a
public key is registered in lieu of kerberos password and using the 
public key to authenticate digital signature)

http://www.garlic.com/~lynn/subpubkey.html#kerberos

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[Chase, John]

> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of McKown, John
> 
> > -Original Message-
> > From: IBM Mainframe Discussion List On Behalf Of Jon Brock
> > 
> > I know some people think that C is the best programming language
in 
> > history, but this is one reason -- another being the tendency it 
> > engenders for pointer problems -- that I could never get into it 
> > wholeheartedly.
> 
> Java! Java! Java! No, wait. Perl! Perl! Perl! Uh, make that 
> Ruby! Ruby!
> Ruby! OK, old-timers repeat after me COBOL! COBOL! COBOL!

Assembumbler!  Assembumbler!  Assembumbler!

-jc-

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[Howard Brazee]

On 10 Jan 2007 11:30:31 -0800, [EMAIL PROTECTED] (Steve Comstock)
wrote:

>> Java! Java! Java! No, wait. Perl! Perl! Perl! Uh, make that Ruby! Ruby!
>> Ruby! OK, old-timers repeat after me COBOL! COBOL! COBOL!
>> 
>
>Assembler! Assembler! Assembler!

We don't need no stinking assemblers.   We've got wire boards!

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[Steve Comstock]

McKown, John wrote:

-Original Message-
From: IBM Mainframe Discussion List 
[mailto:[EMAIL PROTECTED] On Behalf Of Jon Brock

Sent: Wednesday, January 10, 2007 1:19 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Special characters in passwords was Re: RACF - 
Password rules .



	I know some people think that C is the best programming 
language in history, but this is one reason -- another being 
the tendency it engenders for pointer problems -- that I 
could never get into it wholeheartedly.  


Jon



Java! Java! Java! No, wait. Perl! Perl! Perl! Uh, make that Ruby! Ruby!
Ruby! OK, old-timers repeat after me COBOL! COBOL! COBOL!



Assembler! Assembler! Assembler!



-Steve Comstock
The Trainer's Friend, Inc.

303-393-8716
http://www.trainersfriend.com

-- to be included in our opt-in list of announcements of
-- new courses and other products and services from The
-- Trainer's Friend, send an email to [EMAIL PROTECTED]


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: z New Application License Charges (zNALC) Announced

[McKown, John]

> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of Hal Merritt
> Sent: Wednesday, January 10, 2007 1:19 PM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: z New Application License Charges (zNALC) Announced
> 
> 
> Agreed. But it does. There is a proposed stepwise procedure where you
> first change the name to '*', then to the target name. I plan to test
> that on my DR box in a week or so.

All of which simply proves the inherent superiority of z/VM over LPAR.

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage
Administrative Services Group
Information Technology

The information contained in this e-mail message may be privileged
and/or confidential.  It is for intended addressee(s) only.  If you are
not the intended recipient, you are hereby notified that any disclosure,
reproduction, distribution or other use of this communication is
strictly prohibited and could, in certain circumstances, be a criminal
offense.  If you have received this e-mail in error, please notify the
sender by reply and delete this message without copying or disclosing
it. 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[McKown, John]

> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of Jon Brock
> Sent: Wednesday, January 10, 2007 1:19 PM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: Special characters in passwords was Re: RACF - 
> Password rules .
> 
> 
>   I know some people think that C is the best programming 
> language in history, but this is one reason -- another being 
> the tendency it engenders for pointer problems -- that I 
> could never get into it wholeheartedly.  
> 
> Jon

Java! Java! Java! No, wait. Perl! Perl! Perl! Uh, make that Ruby! Ruby!
Ruby! OK, old-timers repeat after me COBOL! COBOL! COBOL!

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage
Administrative Services Group
Information Technology

The information contained in this e-mail message may be privileged
and/or confidential.  It is for intended addressee(s) only.  If you are
not the intended recipient, you are hereby notified that any disclosure,
reproduction, distribution or other use of this communication is
strictly prohibited and could, in certain circumstances, be a criminal
offense.  If you have received this e-mail in error, please notify the
sender by reply and delete this message without copying or disclosing
it. 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: So, OK, no more promotions from me - after this one

[Kirk Talman]

replacing rosie or donald?

IBM Mainframe Discussion List  wrote on 01/10/2007 
09:39:31 AM:

> Tuesday I have audition for hosting a TV show; if I get
> the gig it would be a minimum of 26 weeks of work.

> Kind regards,

> -Steve Comstock

-
The information contained in this communication (including any
attachments hereto) is confidential and is intended solely for the
personal and confidential use of the individual or entity to whom
it is addressed. The information may also constitute a legally
privileged confidential communication. If the reader of this
message is not the intended recipient or an agent responsible for
delivering it to the intended recipient, you are hereby notified
that you have received this communication in error and that any
review, dissemination, copying, or unauthorized use of this
information, or the taking of any action in reliance on the
contents of this information is strictly prohibited. If you have
received this communication in error, please notify us immediately
by e-mail, and delete the original message. Thank you

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: z New Application License Charges (zNALC) Announced

[Hal Merritt]

Agreed. But it does. There is a proposed stepwise procedure where you
first change the name to '*', then to the target name. I plan to test
that on my DR box in a week or so.

 

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Edward Jaffe
Sent: Wednesday, January 10, 2007 12:59 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: z New Application License Charges (zNALC) Announced
 

A POR should no longer be required to rename an LPAR.

-- 
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

 
NOTICE: This electronic mail message and any files transmitted with it are 
intended exclusively
for the individual or entity to which it is addressed. The message, together 
with any attachment, may contain confidential and/or privileged
information. Any unauthorized review, use, printing, saving, copying, 
disclosure 
or distribution is strictly prohibited. If you have received this message in 
error, please immediately
advise the sender by reply email and delete all copies.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[Jon Brock]

I know some people think that C is the best programming language in 
history, but this is one reason -- another being the tendency it engenders for 
pointer problems -- that I could never get into it wholeheartedly.  

Jon



in much of the 90s, the biggest (internet) related threats were from buffer 
overflow exploits ... mostly related to c language programming conventions. 
lots of posts on this topic
http://www.garlic.com/~lynn/subintegrity.html#overflow

implementations done in other languages suffered much fewer (or none) overflow 
exploits. I know of none in the original mainframe tcp/ip done in pascal/vs 


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: z New Application License Charges (zNALC) Announced

[Edward Jaffe]

Hal Merritt wrote:

Now, I have a year or two to figure out how to get my shop to zNALC. Two
*really* annoying requirements is a special LPAR name and being mutually
exclusive with z/os.e. The conversion looks to be a royal blue PITA.
C'mon, IBM, why a POR? All this noise about high availability and you
make me do something like that so you can change your pricing schemes.
Not cool. 
  


A POR should no longer be required to rename an LPAR.

--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forbidding Special characters in passwords

[jim harrison]

Please tell that to the automobile insurance companies.  Last time I looked, 
they  were still using their indecipherable coverage codes to report policy 
options (well, Geico was at least).  Usually something along the lines of 
AX4T90F1PE with 5 pages explaining what each character and position represents.
  "Howard Brazee" <> wrote in message news:<[EMAIL PROTECTED]>...

  The days of us giving everybody the same report and telling our users  to 
learn to read it are numbered. Now our customers include the  general public 
and they aren't interested in doing things my way.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: special characters in passwords

[Arthur T.]

On 10 Jan 2007 03:36:33 -0800, in bit.listserv.ibm-main 
(Message-ID:<[EMAIL PROTECTED]>) 
[EMAIL PROTECTED] (R.S.) wrote:


BTW: Bruce Schneier's opinion on writing passwords cannot 
be treated as recommendation for internal company systems. 
He rather meant many sites on the web, etc. Many systems, 
unrelated on to each other, many rules, sometimes very 
hard to user. Application like password safe are good for 
this case. However it shouldn't be understood like 
recommendation for company systems. Better one is single 
sign on product.


 Single sign-on is definitely the way to go, if 
possible.  However, it was not available at my old 
shop.  Nor is it possible for *all* of the passwords you 
need in your job.  At my old job, I had:


10 MVS systems w/ separate RACF databases

2 RACF RVARY passwords per system

1 VM system with unencrypted password file

1 Customer system which, I believe, had unencrypted 
passwords


2 IBMLINK userids

3 Omegamon passwords

3 TMS passwords

1 PC power-on password

1 SecurID password

1 E-mail system password

1 Problem/Change mgt password

1 long-distance phone password

1 voicemail password

1 internal website password

5 (or more) vendor website passwords

 You might be able to SSO some of these, but not all 
of them.  I also didn't list some minor ones (like the code 
to the push-button locks on the doors).  I also didn't list 
all of the passwords and PINs needed in my personal 
life.  Note that in about a quarter of the above, I could 
not be sure that the password was end-to-end encrypted, and 
thus had to be different from all other passwords.


 I believe that when Schneier said to write down 
passwords, he did mean work-related ones, too.  And I 
agree.  The alternative is that you'll have people with the 
same password on a weak system (maybe internal website) as 
a strong system (mainframe RACF).


--
I cannot receive mail at the address this was sent from.
To reply directly, send to ar23hur "at" intergate "dot" com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[Anne & Lynn Wheeler]

Howard Brazee writes:

One of the tough choices programmers come up with is when a 30 year
old program that has been modified every year - should be replaced.

This type of decision becomes more difficult with people who design
operating systems and systems that interface with other systems.   


in much of the 90s, the biggest (internet) related threats were from buffer 
overflow exploits ... mostly related to c language programming conventions. 
lots of posts on this topic
http://www.garlic.com/~lynn/subintegrity.html#overflow

implementations done in other languages suffered much fewer (or none) overflow 
exploits. I know of none in the original mainframe tcp/ip done in pascal/vs ... 
i had done the enhancement to support rfc 1044 ... base thruput (on 3090) was 
something like 44kbytes/sec aggregate thruput ... some tuning at cray research 
between 4341-clone and cray, the rfc 1044 support was getting 1mbyte/sec ... 
misc. past posts
http://www.garlic.com/~lynn/subnetwork.thm#1044

similarly, it has been claimed that there were no known buffer overflow 
exploits in Multics (implemented in PLI) ... some past posts.
http://www.garlic.com/~lynn/2002l.html#42 Thirty Years Later: Lessons from the 
Multics Security Evaluation
http://www.garlic.com/~lynn/2002l.html#44 Thirty Years Later: Lessons from the 
Multics Security Evaluation
http://www.garlic.com/~lynn/2002l.html#45 Thirty Years Later: Lessons from the 
Multics Security Evaluation

for some drift, multics was on the 5th floor ... and the science center was on 
the 4th floor
http://www.garlic.com/~lynn/subtopic.html#545tech

which brought you virtual machines, the internal network (from which came 
bitnet/earn), gml precursor to sgml, html, xml, etc), and loads of other online 
and interactive tools.

around the turn of the century ... because of the introduction of automatic 
scripting ... the exploits started to shift to half overflows and half 
automatic scripting (i.e. files or email arriving from the network would 
include script code that would be automatically executed).

I had tried to categorize information from various exploit databases 
http://www.garlic.com/~lynn/2004e.html#43 security taxonomy and CVE


... looking to enhance my merged security taxonomy and glossary
http://www.garlic.com/~lynn/index.html#glossnote

however, the descriptions were quite free form and I complained that they could 
be quite difficult to categorize. since then there have been some announcements 
that they would be adding more structure to exploit database entries to aid 
categorization

later a more extensive exploit study ... including various human factor 
characteristics came up with 1/3rd overloads, 1/3rd automatic scripting and 1/3 
social engineering. social engineering includes phishing, convincing people to 
divulge information, convinging people to execute programs arriving over the 
network, etc.

some of the suggestions for transition to dumb devices ... isn't so much whether they are 
dumb or not ... it is whether they support loading and execution of foreign (and 
potentially extremely hostile) code. turns out that vast majority of devices that have 
been classified as "dumb" are providing features for loading and execution of 
foreign code (of one sort or another).

this is a problem we had to deal with on the internal network 
http://www.garlic.com/~lynn/subnetwork.html#internalnet


a couple decades ago ... and a flavor of it showed up on bitnet/earn
http://www.garlic.com/~lynn/subnetwork.html#bitnet

even before showing up on the internet ... ref ...
http://www.garlic.com/~lynn/2005b.html#20 Buffer overruns

one of the other issues with "smart" vis-a-vis "dumb" devices connected to the 
internet ... is one of the most prevalent platforms dates back to something that was designed to 
operate in totally unconnected environment ... and as such had  no defenses and countermeasures. 
some number of applications even grew up taking advantage of being able to assume complete control 
of the machine (like games). later ... adding internet connectivity to the same platform created 
quite a bit of a problem a) platform that was designed to have no defenses and countermeasures, b) 
large set of applications that took advantage of the platform not having  defenses and 
countermeasures and c) connected to an extremely hostile network environment which requires 
significant defenses and countermeasures.

recently there has been some work on using virtualization in attempt to address 
the diametrically opposing requirements ... no defenses and countermeasures at 
the same time requiring very extensive defenses and countermeasures.

other posts in this thread:
http://www.garlic.com/~lynn/2007b.html#6 Special characters in passwords was 
Re: RACF - Password rules
http://www.garlic.com/~lynn/2007b.html#8 Special characters in passwords was 
Re: RACF - Password rules
http://www.garlic.com/~lynn/2007b.html#10 Special characters in passwords was 
Re: RACF - Passwor

Re: DFSORT question

[Frank Yaeger]

Frank Silven wrote:
> Can somebody pls help me with a problem I have when DFSORT reformats a VB
602 file
> to a new VB 612 file having a leading record sequence nr
>
> JCL step:
>
> //SORT03   EXEC   PGM=SORT,PARM='SIZE=MAX',COND=(0,NE)
> //SORTIN   DD DSN=XE01.XE40.GNROSC.DATA,DISP=SHR
> //SORTOUT  DD DSN=XD0113.SAMPLE.V4,DISP=OLD
> //SORTWK01 DD UNIT=DISK,SPACE=(CYL,(25),RLSE)
> //SORTWK02 DD UNIT=DISK,SPACE=(CYL,(25),RLSE)
> //SYSOUT   DD SYSOUT=*
> //SYSINDD *
>  OPTION COPY
>  OUTFIL FNAMES=SORTOUT,
> OUTREC=(1:1,4,
> 5:SEQNUM,10,ZD,
>15:5,598),VLFILL=C' '
> /*
> ...
> I suspect that the VLFILL option causes all trailing bytes (up to data
byte 608) being filled with blanks. This way all
> resulting output records have a data portion padded with blanks up to
databytepos 608 in the new file.
>
> However I want DFSORT to automatically adapt the leading 4 byte RDW from
the old RDW + 10 bytes. But i dont want
> the padding up to the max record length! When I omit the VLFILL clause
then i get a DFSORT abend message on the
> first record telling that 40 bytes do not fill up the data portion of 608
bytes
>
> Any ideas ? Thanks a lot in advance

To do what you want, you can use:

   OPTION COPY
   OUTFIL FNAMES=SORTOUT,
  OUTREC=(1:1,4,
  5:SEQNUM,10,ZD,
 15:5)

5,598 and VLFILL=C' ' tells DFSORT to pad the records.  5 without a length
tells DFSORT to include the bytes from position 5 to the end of
the record without padding .

Frank Yaeger - DFSORT Team (IBM) - [EMAIL PROTECTED]
Specialties: PARSE, JFY, SQZ, ICETOOL, IFTHEN, OVERLAY, Symbols, Migration

 => DFSORT/MVS is on the Web at http://www.ibm.com/storage/dfsort/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forbidding Special characters in passwords

[Walt Farrell]

On 1/10/2007 12:53 PM, Sebastian Welton wrote:

On Wed, 10 Jan 2007 12:45:29 -0500, Walt Farrell <[EMAIL PROTECTED]> wrote:


On 1/10/2007 12:14 PM, Howard Brazee wrote:

I'm amazed about the number of sites that believe that the consumers
should do things their way.Some other examples include:
...snipped...

2.  Not accepting 8 digit zip codes.

I didn't know there were any valid 8-digit zip codes.  5, or 9, yes.  But 8?


A zip code is a the equivalent to a postcode in the UK which can be anything
from 5 to 7 characters. Worldwide they vary:


Yes, I know that other countries have different formats, but I would 
expect anything wanting a "zip" code to want a US code.


In my (admittedly limit4ed) experience sites that accept non-US 
addresses label the field differently, or have a separate field.  That 
helps in verifying validity, for the cases where validation is possible.


I could understand it if Howard had complained about sites that require 
US addresses (but there the argument is probably that they don't want to 
have to pay international postage, or recognize that they need to do so).


Walt

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forbidding Special characters in passwords

[Howard Brazee]

On 10 Jan 2007 09:46:04 -0800, [EMAIL PROTECTED] (Walt Farrell)
wrote:

>2.  Not accepting 8 digit zip codes.
>
>I didn't know there were any valid 8-digit zip codes.  5, or 9, yes.  But 8?

Oops, not in the US.   (If you want foreign business, know about
foreign address standards).

How about 10 characters - as in "80026-2895"?A user friendly
interface should accept that.  


The days of us giving everybody the same report and telling our users
to learn to read it are numbered.Now our customers include the
general public and they aren't interested in doing things my way.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forbidding Special characters in passwords

[Sebastian Welton]

On Wed, 10 Jan 2007 12:45:29 -0500, Walt Farrell <[EMAIL PROTECTED]> wrote:

>On 1/10/2007 12:14 PM, Howard Brazee wrote:
>> I'm amazed about the number of sites that believe that the consumers
>> should do things their way.Some other examples include:
>>...snipped...
>2.  Not accepting 8 digit zip codes.
>
>I didn't know there were any valid 8-digit zip codes.  5, or 9, yes.  But 8?

A zip code is a the equivalent to a postcode in the UK which can be anything
from 5 to 7 characters. Worldwide they vary:

http://en.wikipedia.org/wiki/List_of_postal_codes

Seb.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forbidding Special characters in passwords

[Walt Farrell]

On 1/10/2007 12:14 PM, Howard Brazee wrote:

I'm amazed about the number of sites that believe that the consumers
should do things their way.Some other examples include:
...snipped...

2.  Not accepting 8 digit zip codes.

I didn't know there were any valid 8-digit zip codes.  5, or 9, yes.  But 8?

Walt

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: zNALC in an LPAR and z/VSE V4 Sub-Capacity Pricing

[Steve Comstock]

Bill Klein wrote:

"Tony Harminc" <[EMAIL PROTECTED]> wrote in message
news:<[EMAIL PROTECTED]>...


McKown, John wrote:



 


I'm not sure if this is a good thing, but it will presumably eliminate the
point of things like the COBOL compiler to JVM bytecodes that at least a
couple of vendors provide(d), other than as an off-mainframe migration


aid.


ACTUALLY, I think that MORE COBOL applications will now be eligible.  Rather
than being required to use a CEEPIPI "driver" program, all that one will
need to do is prove (?) that the same application is available on Windows,
Unix, HP-UX, etc.  Given the large number of compilers that claim to port
z/OS COBOL applications to these environments "seamlessly", I don't know how
IBM will distinguish between them and Java, C, whatever programs also
running on those platforms.

You can even run CICS and IMS programs on Windows with Micro Focus,
CA-Realia (and I think Fujitsu).

You can also run non-LE conforming Assembler with Micro Focus and Realia.

   ***

It wouldn't surprise me if the T&C's change before z/OS.e goes bye-bye, but
as announced today, this actually opens up MANY more applications than are
"legal" under z/OS.e.


Well, I hope you're right on this, Bill. I took some time
and went back to read the announcment more carefully. It's
pretty complex. But it looks to me that a company's private
apps (inventory, billing, personnel, etc.), if developed by
the company for the company's use, are not eligible. It
doesn't seem to me that because a program was written in
COBOL (or Assembler or PL/I or C or C++) makes it eligible.
It's only if there is a commercially viable product designed
to run on multiple platforms (and can thus be ported to z)
that makes it eligible.

But, of course, the devil is in the details. A lot depends
on how laid back IBM is in allowing apps to be considered
eligible. We shall see how it all unfolds.

Kind regards,

-Steve Comstock

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forbidding Special characters in passwords

[Hal Merritt]

A huge technical reason is that many such characters are not encoded the
same on different platforms. Character translations occur all over the
place.  

Another reason could be that complex passwords have not been shown to
add value. In fact, I have seen one study (I wish I could recall the
source) that suggests that simpler is better. 

 

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of John Mattson
Sent: Wednesday, January 10, 2007 10:51 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Forbidding Special characters in passwords

I am constantly amazed at the number of sites which FORBID the use of 
special characters in passwords and userid's.  And by the sites which 
LIMIT the length of passwords and userid's.  Since the number of
possible 
combinations increases exponentially with the possibe values for each 
character and the number of characters, I cannot fathom why they impose 
such limits.  But they do on such financial sites as Vanguard Mutual 
Funds, Scottrade, and World Savings.  I eMail them regularly and
complain, 
but I have seen no changes so far.  There may be a case for forbidding 
certain special characters, and I  think that requiring special
characters 
might be counter productive, but I cannot see any logical reason for 
completely forbidding them. 

 
NOTICE: This electronic mail message and any files transmitted with it are 
intended exclusively
for the individual or entity to which it is addressed. The message, together 
with any attachment, may contain confidential and/or privileged
information. Any unauthorized review, use, printing, saving, copying, 
disclosure 
or distribution is strictly prohibited. If you have received this message in 
error, please immediately
advise the sender by reply email and delete all copies.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forbidding Special characters in passwords

[Kim Goldenberg]

John Mattson wrote:
I am constantly amazed at the number of sites which FORBID the use of 
special characters in passwords and userid's.  And by the sites which 
LIMIT the length of passwords and userid's.  Since the number of possible 
combinations increases exponentially with the possibe values for each 
character and the number of characters, I cannot fathom why they impose 
such limits.  But they do on such financial sites as Vanguard Mutual 
Funds, Scottrade, and World Savings.  I eMail them regularly and complain, 
but I have seen no changes so far.  There may be a case for forbidding 
certain special characters, and I  think that requiring special characters 
might be counter productive, but I cannot see any logical reason for 
completely forbidding them. 

  
Because they don't exist on ATMs. If you have a debit/credit card tied 
to your account and
go to an ATM, you can't enter the special characters (perhaps except # 
and *). ATMs also
limit the password lengths, so that the software inside doesn't have to 
have more buffer
space than absolutely necessary. That also probably eliminated 
upper/lower case differences
as well. Quite possibly folds the letters into the appropriate numbers 
as on the phone.


Kim Goldenberg

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: So, OK, no more promotions from me - after this one

[Galambos, Robert]

 
The IDUG DB2 listserv has a good solution to this issue. We require (I am a 
volunteer) that any promotions, ads, etc, have, as a prefix on the subject line 
the lateral '[AD]' in this way, those who are interested can still read them 
and those who do not can delete/filter

Just an idea
 
Robert Galambos 

Compuware Senior Technical Specialist 
IBM Certified Solutions Expert - 
DB2 UDB for OS/390 Database Administration 
[EMAIL PROTECTED]
 
  
Tel: +1 905 886 7000 
Toll Free: +1 800 263 7189
Fax: +1 905 886 7023
Quebec: +1 877-281-1888 
  
Compuware  Canada

Service is our best product 
 Les renseignements contenus dans le présent message électronique sont 
confidentiels et concernent exclusivement le(s) destinataire(s) désigné(s). Il 
est strictement interdit de distribuer ou de copier ce message. Si vous avez 
reçu ce message par erreur, veuillez répondre par courriel à l'expéditeur et 
effacer ou détruire toutes les copies du présent message.

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of 
Steve Comstock
Sent: January 9, 2007 12:00 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: So, OK, no more promotions from me - after this one

Recently I got a post on the ISPF list objecting to my posting announcements of 
new courses and offerings on the list.

In response, I've gotten a number of emails both on- and off-list from people 
who say they don't mind seeing my announcements from time to time. As well as a 
few who say they agree with the objections to my doing this.

At the same time, I understand and respect the tradition of usenets and 
listservs being mostly promotion-free forums for the exchanging of ideas.

So one idea someone suggested was to build an opt-in list of people who wish to 
be kept current on courses and other offerings we have available. So if anyone 
else is interested in being on my opt-in list, let me know.

(Aside from Rob, Amy, John K., John McK., and Bob H.)

And I promise I will stop posting promotion-only emails from now on. (I 
consider a sly pointer to a relevant course as part of answering a question to 
be OK).


Kind regards,

-Steve Comstock
The Trainer's Friend, Inc.
http://www.trainersfriend.com
[EMAIL PROTECTED]

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
[EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at 
http://bama.ua.edu/archives/ibm-main.html

The contents of this e-mail are intended for the named addressee only. It 
contains information that may be confidential. Unless you are the named 
addressee or an authorized designee, you may not copy or use it, or disclose it 
to anyone else. If you received it in error please notify us immediately and 
then destroy it. 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forbidding Special characters in passwords

[Howard Brazee]

On 10 Jan 2007 08:50:58 -0800, [EMAIL PROTECTED] wrote:

>I am constantly amazed at the number of sites which FORBID the use of 
>special characters in passwords and userid's.  And by the sites which 
>LIMIT the length of passwords and userid's.  Since the number of possible 
>combinations increases exponentially with the possibe values for each 
>character and the number of characters, I cannot fathom why they impose 
>such limits.  But they do on such financial sites as Vanguard Mutual 
>Funds, Scottrade, and World Savings.  I eMail them regularly and complain, 
>but I have seen no changes so far.  There may be a case for forbidding 
>certain special characters, and I  think that requiring special characters 
>might be counter productive, but I cannot see any logical reason for 
>completely forbidding them.

I'm amazed about the number of sites that believe that the consumers
should do things their way.Some other examples include:
1.  Not accepting spaces in credit card numbers (there's a reason they
are on the cards).
2.  Not accepting 8 digit zip codes.
3.  Not accepting complex names with mixed case letters.
4.  Making it extremely difficult to get help.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: So, OK, no more promotions from me - after this one

[Ed Gould]

On Jan 10, 2007, at 8:39 AM, Steve Comstock wrote:
--SNIP---


Tuesday I have audition for hosting a TV show; if I get
the gig it would be a minimum of 26 weeks of work.




Steve:

Don't "ham" it up too much they will complain that there is too much  
bacon:(


Ed

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: INFO ZIP Large File Error

[Crystal Kay]

Hi,
  I got it working zipping a 840 cylinder file. I think the problem is due
to file names - mixture of numbers and characters. It takes a long time
though - about 10 minutes cpu and 30 minutes clock time.

Crystal

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Forbidding Special characters in passwords

[John Mattson]

I am constantly amazed at the number of sites which FORBID the use of 
special characters in passwords and userid's.  And by the sites which 
LIMIT the length of passwords and userid's.  Since the number of possible 
combinations increases exponentially with the possibe values for each 
character and the number of characters, I cannot fathom why they impose 
such limits.  But they do on such financial sites as Vanguard Mutual 
Funds, Scottrade, and World Savings.  I eMail them regularly and complain, 
but I have seen no changes so far.  There may be a case for forbidding 
certain special characters, and I  think that requiring special characters 
might be counter productive, but I cannot see any logical reason for 
completely forbidding them. 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[Howard Brazee]

On Wed, 10 Jan 2007 09:21:53 -0700, Anne & Lynn Wheeler
<[EMAIL PROTECTED]> wrote:

>security (actually almost any characteristic) guideline has been that
>it has to be built in as part of the base infrastructure and KISS.

One of the tough choices programmers come up with is when a 30 year
old program that has been modified every year - should be replaced.

This type of decision becomes more difficult with people who design
operating systems and systems that interface with other systems.   


Here's an excerpt from the following URL:
http://www.wired.com/wired/archive/15.01/start.html?pg=15
According to Jonathan Zittrain, professor of Internet governance and
regulation at Oxford University, these software saboteurs will drive
smart users to dumber appliances like BlackBerrys, iPods, and Xboxes.
In his upcoming book, Zittrain writes that the migration to closed
systems will end innovation on the Internet. We asked the veteran
info-freedom fighter why he’s wearing such gloom-colored glasses.

His book assumes we don't change direction before we're forced to. Is
he correct?   Are we that stuck in the mire of our own making?

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: z New Application License Charges (zNALC) Announced

[Hal Merritt]

The impact to us is not clear. It is also not clear how this will make
my life easier. 

I salute IBM for trying to help us with pricing. We really appreciate
the efforts. 

We spent a good deal of time and money in getting to z/os.e and sub
capacity pricing. I have to say the benefits were well worth the costs.
All of our loved ones are now on z/os.e with z/os in 'penalty box' LPARs
capped to a near wait state. z/os is not even a high priority in our DR
plan.   

Now, I have a year or two to figure out how to get my shop to zNALC. Two
*really* annoying requirements is a special LPAR name and being mutually
exclusive with z/os.e. The conversion looks to be a royal blue PITA.
C'mon, IBM, why a POR? All this noise about high availability and you
make me do something like that so you can change your pricing schemes.
Not cool. 

I guess the good news is that there will be some cause to keep me on the
payroll for a bit longer :-)

My $0.02 (before taxes) 

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Timothy Sipples
Sent: Tuesday, January 09, 2007 9:01 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: z New Application License Charges (zNALC) Announced

Apologies if this is already on the list:

http://www.ibm.com/common/ssi/rep_ca/6/897/ENUS207-006/ENUS207006.PDF

Looks all good.  A whole lot simpler, and it's (new) application-based
licensing rather than technology-based.  It was a little strange having
both NALC and z/OS.e, and now it's all unified.  I think it makes life
easier for the sysprog, too.

- - - - -
Timothy Sipples
IBM Consulting Enterprise Software Architect
Specializing in Software Architectures Related to System z
Based in Tokyo, Serving IBM Japan and IBM Asia-Pacific
E-Mail: [EMAIL PROTECTED]
 
NOTICE: This electronic mail message and any files transmitted with it are 
intended exclusively
for the individual or entity to which it is addressed. The message, together 
with any attachment, may contain confidential and/or privileged
information. Any unauthorized review, use, printing, saving, copying, 
disclosure 
or distribution is strictly prohibited. If you have received this message in 
error, please immediately
advise the sender by reply email and delete all copies.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: SubSystem Interface - IEFJRASP - help! - Really late reply...

[Patrick O'Keefe]

On Wed, 10 Jan 2007 09:30:50 -0500, Craddock, Chris 
<[EMAIL PROTECTED]> wrote:

>...
>>The question of who's on first is kinda silly, but I have seen
>developers convince themselves that they just -had- to be first. As we
>know, there's really no rational way to ensure that it so.
>...

Those that merely inspect are satisfied with being first.  Those that 
modify probably want to be both first and last.

>...
>It might be easier all around if IBM surveyed the current usage of those
>hooks and offered new dynamic exit intercepts, or in some cases perhaps
>just new ENF signals, so products can get notified of the things the
>need to see and get out of the BCP's panties at the same time.
>...

That would be fine for those that just want to look.  I don't think 
that would satisfy those that "know" they need to modify something.

Pat O'Keefe

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Warning on IBM APAR OA17011

[Mike Wood]

I have sent a feedback to [EMAIL PROTECTED] to get the book corrected 
next time it is updated.

Mike Wood   RMM Development

On Wed, 10 Jan 2007 06:04:39 -0600, Steve O'Connell 
 wrote:


>Incidentally, the IBM Redbook Enterprise Tape A Practical Guide I have
>says :
>
>Since no management class attributes are available for tape cartridges,
>defining management classes is optional and not recommended.
>
>Regards,
> Steve O.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[Anne & Lynn Wheeler]

R.S. writes:

Additional security also raises the price. Almost always.
Additional complexity doesn't always mean additional security,
sometimes the opposite.


any add-on features increase complexity ... complexity increases costs
... complexity also tends to make infrastructures more vulnerable and
fragile ... with failures tending to happen in unexpected ways. I've even
used the analogy between various after-market/add-on security features and
after-market automobile seat belts back in the 60s.

security (actually almost any characteristic) guideline has been that
it has to be built in as part of the base infrastructure and KISS.

as before, misc. past posts mentioning fraud, vulnerabilities, threats,
exploits, risk
http://www.garlic.com/~lynn/subintegrity.html#fraud

from 3-factor authentication paradigm
http://www.garlic.com/~lynn/subintegrity.html#3factor

* something you have
* something you know
* something you are

...

shared-secrets like pin and passwords
http://www.garlic.com/~lynn/subintegrity.html#secrets

work sort-of ok, as "something you know" authentication when the
person had one (or at most a very few) shared secret to remember. a
problem is the paradigm scales up very poorly. however, a lot of
institutions continue to make believe that they are the one and only
security domain that a user has to deal with (and therefor theirs is
the only password the person needs to remember). 


in reality, many people are dealing with scores of unique security
domains and therefor dealing with large number of places requiring
authentication. when the authentication is a (static) shared-secret,
the requirement is that there be a unique value per security domain
(as countermeasure to cross-domain attacks).

previous posts in this thread
http://www.garlic.com/~lynn/2007b.html#6 Special characters in passwords was 
Re: RACF - Password rules
http://www.garlic.com/~lynn/2007b.html#8 Special characters in passwords was 
Re: RACF - Password rules

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Sort problem

[Frank Yaeger]

Rashmi Mogali wrote on 01/10/2007 04:26:44 AM:
> My input file with record length - 80 bytes is in the following format:
>
>


> AA BBB 12345
> AA  BB 12345
> AAA BBB
>
> My desired output is:
>
>


> AA,BBB,12345
> AA,BB,12345
> AAA,BBB
>
> How can this be accomplished?

Here's a DFSORT job that will do what you asked for.  You'll need z/OS
DFSORT V1R5 PTF UK90007 or DFSORT R14 PTF UK90006 (April, 2006) in order to
use DFSORT's SQZ function.  If you don't have the April, 2006 PTF, ask your
System Programmer to install it (it's free).  For complete details on all
of the new DFSORT and ICETOOL functions available with the April, 2006 PTF,
see:

www.ibm.com/servers/storage/support/software/sort/mvs/peug/

//S1EXEC  PGM=ICEMAN
//SYSOUTDD  SYSOUT=*
//SORTIN DD DSN=...  input file (FB/80)
//SORTOUT DD DSN=...  output file (FB/80)
//SYSINDD*
  OPTION COPY
  INREC BUILD=(1,80,SQZ=(SHIFT=LEFT,MID=C','))
/*

Frank Yaeger - DFSORT Team (IBM) - [EMAIL PROTECTED]
Specialties: PARSE, JFY, SQZ, ICETOOL, IFTHEN, OVERLAY, Symbols, Migration

 => DFSORT/MVS is on the Web at http://www.ibm.com/storage/dfsort/
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[Howard Brazee]

On 10 Jan 2007 06:39:57 -0800, [EMAIL PROTECTED] (R.S.) wrote:

>Some auditors told me that it should be 3. I always asked why - "because 
>it should be 3. Everywhere is 3". My answer: "here is 5, si it invalid 
>number? It's not true about everywhere, because in many places it's 
>infinity".
>I also discussed it on RACF-L.
>The only reasonable answer I've got is it came from baseball rule: 
>"three strikes and you're out".
>Maybe the rule sounds different I have no idea about baseball rules. I'm 
>not sure if there are any. 

It's nice for consumers to know the rules.   For instance, if I screw
up my PIN at an ATM, I will retry once, but not twice.   Because I
know that if I screw up in my third attempt, I won't have a card for a
while.It's amazing how unsure I am with a PIN after I make a
mistake. My office has coded entry - but the third floor has a
different shaped keyboard.The numbers are worn out of the main
keyboard but I don't really enter my entry PIN by number, but by motor
memory - which doesn't work when the keyboard is arranged differently.

But hackers also like knowing the rules.   They can try twice per day
to hack a PIN just the same way as consumers do.


Passwords are a technology that needs to be replace.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[Howard Brazee]

On 10 Jan 2007 03:13:09 -0800, [EMAIL PROTECTED] (R.S.)
wrote:

>Additional security also raises the price. Almost always.
>Additional complexity doesn't always mean additional security, sometimes 
>the opposite.

Insufficient security can be much more expensive.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: USS Process Identifier (PID) information...

[Paul Gilmartin]

In a recent note, Jackson, Scott said:

> Date: Wed, 10 Jan 2007 07:10:01 -0800
> 
> A coworker just asked a question about UNIX Systems Services Process
> Identifiers (PIDs) that I do not have ready answer.
> 
> Does the PID contain "information" relevant to the process? After
> looking at several PIDs we noticed that looking at the hexadecimal
> representation of the PID it looked like it may contain some sort of
> "status" flags in the first halfword...
> 
> Example of some PIDS that contain, various times, 0x0100, 0x0300, and
> 0x0500. In others there are 0x0200 .I couldn't find anything in the
> POSIX standards or IBM docs... (I'm running 1.7 of z/OS FWIW)... I also
> didn't see these patterns in z/Linux or other OS types... Any meaning to
> these or am I seeing things? 
> 
This was explained on MVS-OE many years ago.  IIRC (poorly), the
right two bytes are sequential, similar to the customary UNIX
PID.  The leftmost byte is an attempt to insure long-term uniqueness
(I'm not convinced it succeeds.)  The remaining byte is reserved
for sysplex use.

-- gil
-- 
StorageTek
INFORMATION made POWERFUL

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

USS Process Identifier (PID) information...

[Jackson, Scott]

(posted to IBM-MAIN and MVS-OE)

All, 

A coworker just asked a question about UNIX Systems Services Process
Identifiers (PIDs) that I do not have ready answer.

Does the PID contain "information" relevant to the process? After
looking at several PIDs we noticed that looking at the hexadecimal
representation of the PID it looked like it may contain some sort of
"status" flags in the first halfword...

Example of some PIDS that contain, various times, 0x0100, 0x0300, and
0x0500. In others there are 0x0200 .I couldn't find anything in the
POSIX standards or IBM docs... (I'm running 1.7 of z/OS FWIW)... I also
didn't see these patterns in z/Linux or other OS types... Any meaning to
these or am I seeing things? 

Thanks!

Example 1
1st PID   0001 decimal 1 (BPXOINIT) 

2nd PID  0100 0154 decimal 16777556  PPID=1

3rd PID  0100 0145 decimal 16777541   PPID=16777556  

4th PID   0161 decimal 353   PPID=16777541   

Example 2
1st  PID   000A decimal 10 (INETD) 

2nd  PID  0300 0151 decimal 50331985  PPID=10

3rd  PID  0300 0148 decimal 50331976  PPID=50331985

4th  PID  0400 01A7 decimal 67109287  PPID=50331976  


Example 3
1st PID   0001 decimal 1 (BPXOINIT) 

2nd PID  0500 017E decimal 83886462  PPID=1

3rd PID  0500 0167 decimal 83886439   PPID=83886462  

4th PID  0300 01D6 decimal 50332118   PPID=83886439 


- 
Scott Wm. Jackson
Principle Software Engineer
Informatica Corporation
- 
It's here... PowerCenter For Z/OS
It's here... PowerCenter For z/Linux



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: So, OK, no more promotions from me - after this one

[Richard Pinion]

Maybe you could interview "Tron Guy" Jay Maynard.

--- [EMAIL PROTECTED] wrote:

From: Steve Comstock <[EMAIL PROTECTED]>
To:   IBM-MAIN@BAMA.UA.EDU
Subject: Re: So, OK, no more promotions from me - after this one
Date: Wed, 10 Jan 2007 07:39:31 -0700

Eric N. Bielefeld wrote:
> I really don't mind Steve's mentions of his courses, but I have to agree 
> with what Graeme said quoted below also.  I know a few posters, 
> specifically Bruce Black, often mention their products.  Bruce and Steve 
> have so many good answers, that even if you don't like their promoting 
> their products, they contribute a lot to the list.

Thans for that (to you and Grame).
> 
> By the way Steve, how is the market for your classes going?  I know a 
> while back you weren't doing anything, and thinking of chucking the 
> whole business.  Is it better now?
> 

At this point, I have no classes confirmed for the rest of my life.

Maybe, as I mentioned last year, the mainframe training business
is too flaky and I should switch to something stable, like acting.

Tuesday I have audition for hosting a TV show; if I get
the gig it would be a minimum of 26 weeks of work.

Kind regards,

-Steve Comstock

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html




_
Netscape.  Just the Net You Need.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[R.S.]

Ted MacNEIL wrote:

BTW: I changed 3 strikes rule to 5 strikes and number of password reset


issues was reduced over half (less than 50% left).

We have no control of 'N'.
Our security department picked three.


Some auditors told me that it should be 3. I always asked why - "because 
it should be 3. Everywhere is 3". My answer: "here is 5, si it invalid 
number? It's not true about everywhere, because in many places it's 
infinity".

I also discussed it on RACF-L.
The only reasonable answer I've got is it came from baseball rule: 
"three strikes and you're out".
Maybe the rule sounds different I have no idea about baseball rules. I'm 
not sure if there are any. 


--
Radoslaw Skorupka
Lodz, Poland

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: So, OK, no more promotions from me - after this one

[Steve Comstock]

Eric N. Bielefeld wrote:
I really don't mind Steve's mentions of his courses, but I have to agree 
with what Graeme said quoted below also.  I know a few posters, 
specifically Bruce Black, often mention their products.  Bruce and Steve 
have so many good answers, that even if you don't like their promoting 
their products, they contribute a lot to the list.


Thans for that (to you and Grame).


By the way Steve, how is the market for your classes going?  I know a 
while back you weren't doing anything, and thinking of chucking the 
whole business.  Is it better now?




At this point, I have no classes confirmed for the rest of my life.

Maybe, as I mentioned last year, the mainframe training business
is too flaky and I should switch to something stable, like acting.

Tuesday I have audition for hosting a TV show; if I get
the gig it would be a minimum of 26 weeks of work.

Kind regards,

-Steve Comstock

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Comparsion between CA SRM , IBM storage allocation and BMC storage allocation

[Tommy Tsui]

thanks Timothy sipples information. I just want to know anyone can share the
experience after use the SRM product and which one is the best ...such as
BMC, CA or IBM
I think most product can do the same function but which one user friendly
or consume more CPU or overhead...

thanks


On 1/9/07, Timothy Sipples <[EMAIL PROTECTED]> wrote:


>David O'Brien writes:
>Tommy, You can add Teracloud's Spacefinder and Mainstar's
>Catalog Recovery Plus to your list. Catalog Recovery Plus'
>Map command will give you precise info about catalogs and
>datasets as well as recommendations to correct problems like
>'dead space' in KSDS files.
>>Tommy Tsui writes:
>>Our shop want to seek a software which can track the VSAM/QSAM
>>extend and CA split level etc. Anypne have experience can share.

David, FWIW I didn't read Tommy's question the way you did, although now
that I read it again I'm confused about what exactly Tommy is looking for.
:-)  (Tommy: If you can reply with some additional details, that'd be
great.)  I was thinking Tivoli Allocation Optimizer for z/OS, BrightStor
CA-Allocate, BMC MAINVIEW SRM, etc., and perhaps other vendor products
(IDP's products maybe?)

By way of general response, Tommy can contact all the vendors to get
suggestions.  Mainstar products, including CR+, are represented both by
Mainstar directly and through IBM.  I think most vendors probably can
provide demonstrations, perhaps even providing remote access to a
mainframe
via the Internet for a test spin.  Some vendors may also be able/willing
to
offer trials for products where a demonstration or remote trial use is not
sufficient.

Most people probably already know the IBM person to call or e-mail.  But
if
you're absolutely stuck trying to find the right IBM person, here's a good
list of contacts for mainframe tools/utilities:

http://www.ibm.com/software/solutions/softwaremigration/contacts.html

The "Contact Us" link (or equivalent) on CA, BMC, IDP, Mainstar, IBM, and
other vendor Web sites usually works really well to summon the reps, too.
:-)

- - - - -
Timothy Sipples
IBM Consulting Enterprise Software Architect
Specializing in Software Architectures Related to System z
Based in Tokyo, Serving IBM Japan and IBM Asia-Pacific
E-Mail: [EMAIL PROTECTED]
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: SubSystem Interface - IEFJRASP - help! - Really late reply...

[Craddock, Chris]

I said
> >Aw c'mon Scott, using the dynamic exit facility is a no-brainer!
> >Ensuring that your exit is always at the front of the queue is a
little
> >more challenging :-)

(I didn't really mean I -wanted- to be first, or that I even wanted to
be there at all)

> Shmuel added these 2 cents:
> 
> >Sigh! What is the supported programmatic way to do this when there is
> >more than one program involved? They can't both be at the front of
the
> >queue.
> >
> >The first rule of systems programming should be: whatever you're
> >doing, don't assume that you're the only one with a need to do it.

After eons passed, Scott came back from his summer holiday to give us a
terrifying answer to the rhetorical question of how to ensure that your
own exit is always "first" with this amusing disclaimer: 

> Disclaimer:  If two or more processes use this algorithm, the system
will
> perform no useful work..

Joking aside, the underlying problem is that too many vendors are adding
front-ends to a wide range of system functions (not just SSI functions)
because they perceive a "need" to control that function, or at least to
know that it is being invoked and take some action. A lot of the
automation products depend on that sort of approach.

The question of who's on first is kinda silly, but I have seen
developers convince themselves that they just -had- to be first. As we
know, there's really no rational way to ensure that it so.

It might be easier all around if IBM surveyed the current usage of those
hooks and offered new dynamic exit intercepts, or in some cases perhaps
just new ENF signals, so products can get notified of the things the
need to see and get out of the BCP's panties at the same time.
 
> Is that easy enough, Chris?

Um... I am without words.

:-)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: So, OK, no more promotions from me - after this one

[William Shirey]

I agree, and there's also nothing wrong with emailing Darren and asking
if it's all right to post a message, and, if he blesses it, including a
line in the post that Darren approved it.  That has been done in the
past many times.  In my experience those types of posts aren't followed
by an ongoing discussion of the relative merits of the post - like this
one... 

Greg Shirey
Ben E. Keith Company 
(if responding to this post, 
please edit out my email address - thanks)  

-Original Message-
From: IBM Mainframe Discussion List On Behalf Of Binyamin Dissen
Sent: Wednesday, January 10, 2007 3:20 AM

 

On the other hand, there is absolutely nothing wrong with tagging a
content
post, i.e., an answer to a question, with a mini-ad for a course that
addresses the issue.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: sort problem

[Rashmi Nijaguni Mogali]

Yes the spaces need to be replaced by comma

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of john gilmore
Sent: Wednesday, January 10, 2007 6:35 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: sort problem

Are we to understand that multiple blanks, x'40' in EBCDIC or x'20' in
ASCII, are to be replaced by a single field separator (a comma in your
example)?



John Gilmore
Ashland, MA 01721-1817
USA

_
Get FREE Web site and company branded e-mail from Microsoft Office Live
http://clk.atdmt.com/MRT/go/mcrssaub0050001411mrt/direct/01/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

 CAUTION - Disclaimer *
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely 
for the use of the addressee(s). If you are not the intended recipient, please 
notify the sender by e-mail and delete the original message. Further, you are 
not to copy, disclose, or distribute this e-mail or its contents to any other 
person and any such actions are unlawful. This e-mail may contain viruses. 
Infosys has taken every reasonable precaution to minimize this risk, but is not 
liable for any damage you may sustain as a result of any virus in this e-mail. 
You should carry out your own virus checks before opening the e-mail or 
attachment. Infosys reserves the right to monitor and review the content of all 
messages sent to or from this e-mail address. Messages sent to or from this 
e-mail address may be stored on the Infosys e-mail system.
***INFOSYS End of Disclaimer INFOSYS***

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: SubSystem Interface - IEFJRASP - help! - Really late reply...

[Chase, John]

> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Scott Fagen
> 
> [ snip ]
> 
> 1) Add your exit routine for the IEFJFRQ exit, specifying POS=FIRST.
> 2) Add an exit routine for the CSVDYNEX exit point.  Watch 
> for instances of programs attempting to install _their_ exit 
> as POS=FIRST for IEFJFRQ.  When this happens, signal an 
> asynchronous process TO DO STUFF YOU SHOULDN'T DO IN THE EXIT ROUTINE
> 
> Asynchronous process:
> When signaled, use CSVDYNEX to delete your current active 
> IEFJFRQ exit routine.  Then use CSVDYNEX to reinstall your 
> exit POS=FIRST.
> 
> Disclaimer:  If two or more processes use this algorithm, the 
> system will perform no useful work..

I can just hear the sound of a ping-pong game emanating from the
machine  "gaNIP gaNOP gaNIP gaNOP ...".  :-)

-jc-

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[Ted MacNEIL]

>BTW: I changed 3 strikes rule to 5 strikes and number of password reset 
issues was reduced over half (less than 50% left).

We have no control of 'N'.
Our security department picked three.

  
Yaw tee pucketty!
Rum ting clue!
Ni! Ni! Ni!
Arrooo!  

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Warning on IBM APAR OA17011

[Russell Witt]

Kees,

You are correct, guess I didn't explain that correctly. If you have a tape
management system AND all your tapes are protected by rules defined within
the tape management system then you are safe. However, if some of your tape
files have their retention controlled by what is in the JCL then you at
risk.

It is documented that if you do not want a maximum retention enforced to
specify NOLIMIT, so that has not changed. It is just that enforcement is
just now being performed.

Russell Witt
CA-1 Level-2 Support Manager

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED]
Behalf Of Vernooy, C.P. - SPLXM
Sent: Wednesday, January 10, 2007 6:19 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Warning on IBM APAR OA17011


..

I had to read Russel's text several time until I saw what he meant (I
hope).

He said, spread over several sentences:
If you have an tape management system AND you have a parameter file
(CA-1 RDS, etc.) that determines the expiration of tapes THEN nothing
changes with the PTF and you are safe.

In all other circumstances, your expiration processing might change.

Kees.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: sort problem

[john gilmore]

Are we to understand that multiple blanks, x'40' in EBCDIC or x'20' in 
ASCII, are to be replaced by a single field separator (a comma in your 
example)?




John Gilmore
Ashland, MA 01721-1817
USA

_
Get FREE Web site and company branded e-mail from Microsoft Office Live 
http://clk.atdmt.com/MRT/go/mcrssaub0050001411mrt/direct/01/


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Sort problem

[Rashmi Nijaguni Mogali]

Hi,



My input file with record length - 80 bytes is in the following format:






AA BBB
12345

AA  BB
12345

AAA
BBB



My desired output is:






AA,BBB,12345

AA,BB,12345

AAA,BBB



How can this be accomplished?



Regards,

Rashmi









 CAUTION - Disclaimer *
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely 
for the use of the addressee(s). If you are not the intended recipient, please 
notify the sender by e-mail and delete the original message. Further, you are 
not to copy, disclose, or distribute this e-mail or its contents to any other 
person and any such actions are unlawful. This e-mail may contain viruses. 
Infosys has taken every reasonable precaution to minimize this risk, but is not 
liable for any damage you may sustain as a result of any virus in this e-mail. 
You should carry out your own virus checks before opening the e-mail or 
attachment. Infosys reserves the right to monitor and review the content of all 
messages sent to or from this e-mail address. Messages sent to or from this 
e-mail address may be stored on the Infosys e-mail system.
***INFOSYS End of Disclaimer INFOSYS***

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Warning on IBM APAR OA17011

[Vernooy, C.P. - SPLXM]

""Steve O'Connell""  wrote in message
news:<[EMAIL PROTECTED]>...
> Russel,
> can you clarify something for me please?
> Your sig states that you support CA-1, and in your post you say that
folks 
> running a tape management system (including CA-1) are safe, but you go
on 
> to say that you have 2 clients (by deduction CA-1 customers?) who have

> lost data as a result of this issue.
> How did this occur?

I had to read Russel's text several time until I saw what he meant (I
hope).

He said, spread over several sentences:
If you have an tape management system AND you have a parameter file
(CA-1 RDS, etc.) that determines the expiration of tapes THEN nothing
changes with the PTF and you are safe.

In all other circumstances, your expiration processing might change.

Kees.


**
For information, services and offers, please visit our web site: 
http://www.klm.com. This e-mail and any attachment may contain confidential and 
privileged material intended for the addressee only. If you are not the 
addressee, you are notified that no part of the e-mail or any attachment may be 
disclosed, copied or distributed, and that any other action related to this 
e-mail or attachment is strictly prohibited, and may be unlawful. If you have 
received this e-mail by error, please notify the sender immediately by return 
e-mail, and delete this message. Koninklijke Luchtvaart Maatschappij NV (KLM), 
its subsidiaries and/or its employees shall not be liable for the incorrect or 
incomplete transmission of this e-mail or any attachments, nor responsible for 
any delay in receipt.
Koninklijke Luchtvaart Maatschappij N.V. (also known as KLM Royal Dutch 
Airlines) is registered in Amstelveen, The Netherlands, with registered number 
33014286 
**

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Warning on IBM APAR OA17011

[Steve O'Connell]

Russel,
can you clarify something for me please?
Your sig states that you support CA-1, and in your post you say that folks 
running a tape management system (including CA-1) are safe, but you go on 
to say that you have 2 clients (by deduction CA-1 customers?) who have 
lost data as a result of this issue.
How did this occur?

I took a look at our SMS managed tape setup and see that we don't pass a 
management class to tape datasets, and in fact the ACS routines set 
management class to NULL so I guess we are safe anyhow.
Incidentally, the IBM Redbook Enterprise Tape A Practical Guide I have 
says :

Since no management class attributes are available for tape cartridges, 
defining management classes is optional and not recommended.

Regards,
 Steve O.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: special characters in passwords

[R.S.]

Ted MacNEIL wrote:
If you have no password rules, most people will pick 
a simple word.  If you require at least one digit, most 
people will put it at the beginning or end.  Both are easy prey to

dictionary attacks.

FUD!
Pick a minimum length.
Allow anything and an "N"-Strikes rule.

The dictionary attack dies after "N" attempts.


It is good to distinguish some terms.
Dictionary attack is repetitivie trying to logon using some dictionary 
as password database.
Brute force is trying all possible passwords, sometimes (usually?) brute 
force is OPTIMIZED to small subset of all possible attack, usually it is 
based on some dictionary plus some additions, like numeric at the end, etc.


Both methods are unusable for RACF with N-strikes rule. I't much more 
likely to win Lotto than to find the password within N strikes.


However there's also password guessing, social engineering etc. People 
tend to use their family names, dog name etc. In such case hacker have 
to learn about the user to try the password. However implementation of 
simple rule like ALPHANUM make this method unusable.


The other attack could rely on "password iteration": My current password 
is JOHN01, the next will be JOHN02, etc. In such case *some insider* can 
watch the keyboard, find part of the password (or all at once) and then 
try once a day to find missing characters. This is quite dangerous, 
because once you get the password, you will know or easily try each 
next. The only method to prevent it in RACF is security exit which deny 
usage of password "too similar" to old one. This rule is not very popular.


BTW: Bruce Schneier's opinion on writing passwords cannot be treated as 
recommendation for internal company systems. He rather meant many sites 
on the web, etc. Many systems, unrelated on to each other, many rules, 
sometimes very hard to user. Application like password safe are good for 
this case. However it shouldn't be understood like recommendation for 
company systems. Better one is single sign on product.


So, for RACF (mainframe) I would vote for:
RULE1(LENGTH(4:8) ALPHANUM(1:8)))
HISTORY(32)
REVOKE(5)
INTERVAL(60)
WARNING(3)
MINCHANGE(1)
MIXEDCASE if all applications support it.

and  some exit which prevent usage of userid as a part of the password, 
and new password similar to old one.


Of course, it is good to create and maintain list of "forbidden words" 
like all postal codes and car registration numbers of all employees 


--
Radoslaw Skorupka
Lodz, Poland

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Special characters in passwords was Re: RACF - Password rules .

[R.S.]

Ted MacNEIL wrote:
[...]

All these rules make it very difficult to come up with a new one.
It took me 20 minutes to create one on one site.
(Of course, in this case, it wouldn't tell me what rules it was using; I
had to guess).


I oftenly met security guys, which want to keep the security rules in 
secret. "Because it's security issue". They absolutely don't want to 
describe it on "everyone access" place, like Intranet. "Just for 
security". Ususally I'm able to convice them it's stupid.



We have a "three strikes" policy, with a minimum length. And, that
appears to be adequate.

We also have 35% of our calls to the help desk as password resets. This
was so expensive, we out sourced it to Manilla and are now payin 15-20%
of the cost.

Additional complexity just raises the price.


Additional security also raises the price. Almost always.
Additional complexity doesn't always mean additional security, sometimes 
the opposite.


BTW: I changed 3 strikes rule to 5 strikes and number of password reset 
issues was reduced over half (less than 50% left).


--
Radoslaw Skorupka
Lodz, Poland

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: So, OK, no more promotions from me - after this one

[Binyamin Dissen]

On Wed, 10 Jan 2007 09:03:03 + Jim McAlpine <[EMAIL PROTECTED]>
wrote:

:>On 1/10/07, Charles Mills <[EMAIL PROTECTED]> wrote:

:>> With all the trivia and word games and nostalgia and nit-picking and such
:>> that gets posted, how could anyone object to the announcement of a new
:>> mainframe class?

:>> I say "keep up the announcements, Steve." The people who need the classes
:>> most are the least likely to sign up for the opt-in list. How will
:>> tomorrow's newbie know? Are you going to re-post the "no more promotions"
:>> announcement every six months? 

:>> So far as I know, every PC comes equipped with an ANSI-standard delete
:>> key.

:>Couldn't agree more.  At least it's relevant.  As you say there's lots of
:>other crap that people can complain about.  You've got my vote Steve.

I am against just plain advertisements - such as not enough students yet for
course X. An opt-in list for course announcements is a good idea.

On the other hand, there is absolutely nothing wrong with tagging a content
post, i.e., an answer to a question, with a mini-ad for a course that
addresses the issue.

--
Binyamin Dissen <[EMAIL PROTECTED]>
http://www.dissensoftware.com

Director, Dissen Software, Bar & Grill - Israel


Should you use the mailblocks package and expect a response from me,
you should preauthorize the dissensoftware.com domain.

I very rarely bother responding to challenge/response systems,
especially those from irresponsible companies.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: So, OK, no more promotions from me - after this one

[Jim McAlpine]

On 1/10/07, Charles Mills <[EMAIL PROTECTED]> wrote:


With all the trivia and word games and nostalgia and nit-picking and such
that gets posted, how could anyone object to the announcement of a new
mainframe class?

I say "keep up the announcements, Steve." The people who need the classes
most are the least likely to sign up for the opt-in list. How will
tomorrow's newbie know? Are you going to re-post the "no more promotions"
announcement every six months? 

So far as I know, every PC comes equipped with an ANSI-standard delete
key.

Charles



Couldn't agree more.  At least it's relevant.  As you say there's lots of
other crap that people can complain about.  You've got my vote Steve.

Jim McAlpine

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: SubSystem Interface - IEFJRASP - help! - Really late reply...

[Binyamin Dissen]

On Tue, 9 Jan 2007 22:53:48 -0600 Scott Fagen <[EMAIL PROTECTED]>
wrote:

:>Or is there a need to have a r/o exit point prior to the r/w exit point to
:>ensure than anyone who needs to can see the SSI request before the unwashed
:>masses get their grubby hands on it?

Great idea.

Of course, those that want to completely filter certain calls will still do
the front end.

An "intelligent" front end should pass thru any call it does not understand,
even if it looks completely bogus. Another front end may use the bogus data
for its own use.

--
Binyamin Dissen <[EMAIL PROTECTED]>
http://www.dissensoftware.com

Director, Dissen Software, Bar & Grill - Israel


Should you use the mailblocks package and expect a response from me,
you should preauthorize the dissensoftware.com domain.

I very rarely bother responding to challenge/response systems,
especially those from irresponsible companies.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html