Re: LPAR Capping - weight question

2008-05-12 Thread Shane Ginnane 
G'day Michael - this is an ugly hack. But you knew that already.
Weights being merely guess-timates, I normally set them (for all LPARs) to 
what you want the box divvied up as when all LPARs are (concurrently) 100% 
busy. In your case, maybe set the CF LPAR to slightly higher, just for 
sanity - the capping will take care of it.
Set the other two to the preferred ratio.

Give me a ring in the office if you want to talk  it over.

You could of course upgrade to a decent hunk of iron so you can use 
capacity groups, but I guess that is out of the question.

Shane ...

> We wish to follow the advice given in an earlier to cap MSU usage of our 
2 
> LPARs (2 monoplexes) by intoducing a dummy CF LPAR when we upgrade our 
> z890. I understand we should SET DYNDISP OFF.
> 
> But what would be a good weight for the CF LPAR so it always consume a 
> fixed number of MSUs (capped of course).

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: LPAR Capping - weight question

2008-05-12 Thread Bruno Sugliani 
On Tue, 13 May 2008 05:43:24 +, Ted MacNEIL <[EMAIL PROTECTED]> wrote:

>I think you have some terminology problems.
>CF LPARs are NOT dummies.
>If you are truly using them as CFs, they should not be used in this manner.
>
It is OK 
What he means , is , he does not need any CF , but he wants to prevent the 
z/OS LPARS to consume more than a specific value .
In order to avoid the brutal software capping , he wants to use the known CF
trick with dyndisp=no . 
I also call this "fake CF" or "dummy CF" .
This enables the software lpars to eat CPU between them when it is available 
To answer the question you just need to put a weight equal in percentage to
the power you do not want to pay for .  
It is the way i was protecting my bill before i purchased a product to help
me reduce my bill ( i use Zcost ) 
Bruno
Bruno(dot)Sugliani(at)Aramice(dot)fr  

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: CICS/BMS greenies to GUI's

2008-05-12 Thread Timothy Sipples 
There are lots of ways to provide alternative user interfaces to CICS. The
"best" answer will depend at least a little bit on what development
approach you prefer. Questions people might ask to determine the best
choice include: How are you generating BMS macros today? Do you need to
maintain "dual path" user interfaces -- both 3270 and graphical -- or are
you attempting to move entirely to graphical? What graphical user interface
development approach do you use already, and is that the approach you want
to use also for CICS applications? (Do you have a "Web team" that would
prefer to do the work a certain way, for example?) Do you need to integrate
the graphical presentation into some other regime, such as a Web portal?

But leaving those questions aside for now, I'll start you off by suggesting
you look at something reasonably simple that's included with CICS itself at
no additional charge: CICS Web Support. (Not to be confused with CICS Web
services.) CWS debuted in CICS Transaction Server Version 1.3 a decade ago
and has been refined since. (CWS followed the older CWI.) Here's the link
to the CWS reference information for the current release of CICS
Transaction Server for z/OS:

http://publib.boulder.ibm.com/infocenter/cicsts/v3r2/topic/com.ibm.cics.ts.internet.doc/topics/dfhtl_part2.html

You'll probably want to dig into that documentation starting with the "CICS
Web support and 3270 display applications" section. There's a older redbook
that may be helpful, too:

http://www.redbooks.ibm.com/abstracts/sg245480.html

CWS also comes with CICS Transaction Server for VSE. There's a redbook for
the VSE version here:

http://www.redbooks.ibm.com/abstracts/sg245997.html

Please post a follow-up to let us know how you do with CWS. You might also
want to join the CICS-L mailing list. If you'd like to repost my reply to
the original forum, please feel free. Enjoy.

- - - - -
Timothy Sipples
IBM Consulting Enterprise Software Architect
Specializing in Software Architectures Related to System z
Based in Tokyo, Serving IBM Japan and IBM Asia-Pacific
E-Mail: timothy.sipples -at-nospam- us.ibm.com
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Robert A. Rosenberg 
At 15:19 -0600 on 05/12/2008, Steve Comstock wrote about Re: 
Mainframe programming vs the Web:



Yeah, I thought about that. Actually built a prototype. I'll think about it.
I do know that not all browsers recognize NOSCRIPT, but those are probably
in the minorty.


To the best of my knowledge, the only Browsers that do not support 
NOSCRIPT also do not support SCRIPT and are Version 1 and 2 levels of 
Netscape and IE or predate those levels of NS/IE.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Robert A. Rosenberg 
At 21:17 + on 05/12/2008, =?utf-8?B?VGVkIE1hY05FSUw=?= wrote 
about Re: Mainframe programming vs the Web:


Is it truly being a luddite to not want your PC screwed over by 
bad/malicious external code?


What type of things are/were done to your system by the supplied 
JavaScript? I think you are confusing what JavaScript is allowed to 
do with having a Web site send you a Virus.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: LPAR Capping - weight question

2008-05-12 Thread Ted MacNEIL 
>Upgrading capacity of z890 but capping total MSUs of existing 2 LPARs to 26 
>MSUs, but also not wanting to cap each LPAR as such (i.e. each LPAR could 
get the whole 26 MSUs if the other LPAR is idle). Therefore using the dummy CF 
LPAR to consume the MSUs we do not want to be charged for.

I think you have some terminology problems.
CF LPARs are NOT dummies.
If you are truly using them as CFs, they should not be used in this manner.

-
Too busy driving to stop for gas!

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Cleanup a unconnected Coupling Facility

2008-05-12 Thread Tom Schmidt 
On Mon, 12 May 2008 23:34:11 -0500, Cwi Jeret wrote:

>Attached are the Commands I used with the results.
>Again, the problem is that CFRM still has the allocations on
>CF2  which used to be on 2094 .
>Now CF2 is on 2097, therfore the CF is not connected, preventing
>any action on its structures !

...snipped...

>  -D XCF,CF,CFNAME=CF2
>
>   IXC362I  07.06.50  DISPLAY XCF 148
>   CFNAME: CF2
> COUPLING FACILITY :   002094.IBM.83.00062161
>   PARTITION: 02   CPCID: 00
> SITE  :   N/A
> POLICY DUMP SPACE SIZE:   6000 K
> ACTUAL DUMP SPACE SIZE:   N/A
> STORAGE INCREMENT SIZE:   N/A
>
> ALLOCATION NOT PERMITTED
> POLICY CHANGE PENDING - DELETE
>
> NO SYSTEMS ARE CONNECTED TO THIS COUPLING FACILITY
>
> STRUCTURES:
> DFHCFLS_SYSTCFD1(PND)  DFHNCLS_PRODNC1(PND)   DFHNCLS_SYSTNC1
>(PND)
> DFHXQLS_PRODTSQ1(PND)  DFHXQLS_SYSTTSQ1(PND)  DSNDSNY_LOCK1
>(PND)
> DSNDSNY_SCAIGWLOCK00(PND) ISTGNRAQ(PND)
> ISTGNRBG(PND)  IXCPATH2(PND)  RRS_ARCHIVE_2(PND)
> RRS_DELAYED_2(PND) RRS_MAINUR_2(PND)  RRS_RESTART_2(PND)
> RRS_RMDATA_2(PND)
>
>
>
>  -setxcf force,structure,strname=DSNDSNY_LOCK1
>
>   IXC353I THE SETXCF FORCE REQUEST FOR STRUCTURE
>   DSNDSNY_LOCK1 WAS REJECTED:
>   STRUCTURE NOT ALLOCATED OR IS PENDING DEALLOCATION
 
  
You are almost finished -- you just need to issue one more command:

 setxcf force,structure,strname=DSNDSNY_SCA 

...and that should do the trick! 

--
Tom Schmidt
(We had a similar issue with our shiny new z10 on Sunday morning and all we 
needed to 
do was force the structures that did NOT contain the (PND) suffix in the 
display.  Presto!) 
 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Cleanup a unconnected Coupling Facility

2008-05-12 Thread Cwi Jeret 
Hello Alan ,

You wrote :
"We realized we'd seen this situation when going to DR so we ended up
deleting the CFRM datasets and reloading them with the new policy and
then ipling the sysplex."

I like this solution, but isn't it possible to perform this without the
entire SYSPLEX IPL ?

As our problematic CF2 is not connected, and all the structures in it
are active on our Alternate CF's , CF1 and CF3 . 

Why couldn't I just make sthe sysplex "FORGET" about CF2 ?

Cwi Jeret

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Cleanup a unconnected Coupling Facility

2008-05-12 Thread Cwi Jeret 
Thanks Kevin for Your detailed answer .

Attached are the Commands I used with the results.
Again, the problem is that CFRM still has the allocations on 
CF2  which used to be on 2094 .
Now CF2 is on 2097, therfore the CF is not connected, preventing
any action on its structures !

 -d xcf,str,status=polchg

   IXC359I  07.19.34  DISPLAY XCF 100
   STRNAMEALLOCATION TIME   STATUS
   DFHCFLS_SYSTCFD1 05/10/2008 22:45:55 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   DFHCFLS_SYSTCFD1 02/18/2008 00:11:46 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   DFHNCLS_PRODNC1  05/11/2008 08:48:00 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   DFHNCLS_PRODNC1  03/05/2008 08:28:57 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   DFHNCLS_SYSTNC1  05/10/2008 22:45:55 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   DFHNCLS_SYSTNC1  03/20/2008 09:57:41 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   DFHXQLS_PRODTSQ1 05/11/2008 08:47:44 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   DFHXQLS_PRODTSQ1 03/09/2008 14:22:12 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   DFHXQLS_SYSTTSQ1 05/10/2008 22:45:54 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   DFHXQLS_SYSTTSQ1 02/18/2008 00:11:47 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   DSNDSNY_SCA  04/09/2008 09:41:30 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   IGWLOCK0005/10/2008 22:40:23 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   IGWLOCK0003/18/2008 09:22:48 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   ISTGNRAQ 05/10/2008 22:46:00 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   ISTGNRAQ 03/18/2008 09:22:48 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   ISTGNRBG 05/09/2008 03:15:19 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   ISTGNRBG 03/18/2008 09:22:47 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   IXCPATH1 05/10/2008 22:39:19 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   IXCPATH2 05/10/2008 22:39:20 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   IXCPATH2 05/08/2008 04:23:32 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   LOGREC   05/10/2008 22:45:41 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   OPERLOG  05/10/2008 22:45:43 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   RRS_ARCHIVE_205/09/2008 03:15:12 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   RRS_ARCHIVE_205/08/2008 04:24:56 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   RRS_DELAYED_205/09/2008 03:15:10 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   RRS_DELAYED_205/08/2008 04:24:53 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   RRS_MAINUR_2 05/09/2008 03:15:09 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   RRS_MAINUR_2 05/08/2008 04:24:52 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   RRS_RESTART_205/09/2008 03:15:11 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   RRS_RESTART_205/08/2008 04:24:55 DEALLOCATION PENDING:
  DEALLOCATING SYSTEM LOST
  CONNECTIVITY
   RRS_RMDATA_2 05/09/2008 03:15:08 ALLOCATED
POLICY CHANGE PENDING - CHANGE
   RRS_RMDATA_2 05/08/2008 04:

Re: LPAR Capping - weight question

2008-05-12 Thread Michael Mcloughlin 
>But what would be a good weight for the CF LPAR so it always consume a 
fixed number of MSUs (capped of course).

>>CF's do not contribute to MSU charging.
>>They should always be allowed to run without any form of capping or 
sharing.

>>What problem are you trying to solve?

Upgrading capacity of z890 but capping total MSUs of existing 2 LPARs to 26 
MSUs, but also not wanting to cap each LPAR as such (i.e. each LPAR could 
get the whole 26 MSUs if the other LPAR is idle). Therefore using the dummy 
CF LPAR to consume the MSUs we do not want to be charged for.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: CICS/BMS greenies to GUI's

2008-05-12 Thread Graham Hobbs 

Thanks Bill.

- Original Message - 
From: "Bill Klein" <[EMAIL PROTECTED]>

Newsgroups: bit.listserv.ibm-main
To: 
Sent: Monday, May 12, 2008 7:41 PM
Subject: Fw: CICS/BMS greenies to GUI's



This note was posted directly to the USENET newsgroup and hasn't had many
replies.  I am forwarding it to the list-server, to see if more people 
have

input on it.  (It is also in the comp.lang.cobol newsgroup).

"Graham Hobbs" <[EMAIL PROTECTED]> wrote in message
news:<[EMAIL PROTECTED]>...

Hello,
Big technical challenge for me so here I am again. Is CICS but that
group seems dormant.

I have a small system that generates Cobol/CICS programs but
particularly generates several BMS Assembler macros (old green
screens). After compiles and assembles the CICS transaction works
fine. This is stuff I know well.

Very briefly, the BMS I generate looks like:

. . DFHMSD . . etc
. . DFHMDI . . etc
. . DFHMDF's
etc
END

But I'd like to also generate a GUI frontend be it/they Java or HTML
or what other possibilities are there.
Might anybody have any pointers as to where I might begin? Articles,
references, code samples (especially), etc?
Thanks.

Graham Hobbs
** Posted from http://www.teranews.com **


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Clark Morris 
On 12 May 2008 15:03:41 -0700, in bit.listserv.ibm-main you wrote:

>It's un-American not to have a one syllable nickname. ;-)
>
>On the other hand, legal names have to be accommodated whether it's COBOL
>on punch cards or entry fields on a web window. It would be nice to see
>some sincere concern for the end user. AKA the one who pays for the
>'service'.
>
The payroll system that I worked on in the 1960's and 1970's had a
first initial, middle initial, and 15 character last name.  This was
initially run on a 32K model 30 under DOS after migration from an 8 or
12K 1401.  Disk space (3 7 megabyte disks for everything including the
operating system) and slow tapes meant that record length minimization
was desirable.  Also input was on 80 column cards  Even today, I
suspect that the person with the very long names who was mentioned in
another posting would still have problems with most organizations.
Names of 60 characters don't fit well on screens, reports and
envelopes.  I doubt that I would have been able to spell that name or
even copy it correctly.  

Clark Morris
>
>
>
>
>   
> Ed Finnell
> <[EMAIL PROTECTED] 
> OM>To 
> Sent by: IBM  IBM-MAIN@BAMA.UA.EDU
> Mainframe  cc 
> Discussion List   
> <[EMAIL PROTECTED] Subject 
> .EDU> Re: Mainframe programming vs the
>   Web 
>   
> 05/12/2008 02:48  
> PM
>   
>   
> Please respond to 
>   IBM Mainframe   
>  Discussion List  
> <[EMAIL PROTECTED] 
>   .EDU>   
>   
>   
>
>
>
>
>
>In a message dated 5/12/2008 4:13:37 P.M. Central Daylight Time,
>[EMAIL PROTECTED] writes:
>
>Novel before getting to your message. Based on this memory, and on
>impulse, I just right now bought a copy so I can reread it. Copies
>are  available from Amazon if you want to reread it yourself.
>
>
>>>
>We actually had a Fijian back in the 80's  who's first name was 45 chars
>English, Second 37 and Last over 60! He probably  spent as much time with
>HR as
>programming. Finally got promoted so didn't have  to fill out a time card.
>Think
>everybody just called him Raz
>
>--
>For IBM-MAIN subscribe / signoff / archive access instructions,
>send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
>Search the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Cleanup a unconnected Coupling Facility

2008-05-12 Thread Kevin Mckenzie 
There are probably outstanding failed persistent connections to the CF 
that you need to delete.  Use the command

d xcf,cf,cfname=CF2

to get a list of structures that XCF thinks is allocated on that CF.  Then 
you can use the command

d xcf,str,strname=

to get a list of connections to that structure.  There will probably be 
some that are marked failed persistent.  These are what are preventing the 
change.

Optionally, depending on what release of z/OS you're running, you can 
issue the command

d xcf,str,status=polchg

assuming you've tried activating a new policy that doesn't contain the CF.

You can use the command

setxcf force,connection,strname=,conname=

Obviously, be very careful you're forcing the correct connections.

Once all the structures have been deallocated to the CF from an XCF point 
of view, you should be able to remove that CF via a CFRM policy update.

That should work; we have to go through that process on the test floor 
once or twice a month.

Kevin McKenzie

External Phone: 845-435-8282, Tie-line: 8-295-8282
z/OS BCP SVT, Dept FXKA, Bldg 706/2D38 



From:
Cwi Jeret <[EMAIL PROTECTED]>
To:
IBM-MAIN@BAMA.UA.EDU
Date:
05/11/2008 02:47 AM
Subject:
Cleanup a unconnected Coupling Facility



We migrated our 2094 to 2097 .
We prepared A new CFRM policy containing the new 2097 definition on the 
two 
CF lpars, CF2 and CF3.
Now, after the migration we have CF3 defined on 2097 with active 
structures, 
but CF2 has still definitions of the old structures and remained pending 
with its 
2094 definition and with "NO SYSTEMS CONNECTED to this CF"

How can we CLEANUP the remaining Structures in CF2 so that the new 2097 
difinition will take place so that we will be able to use the CF ??

C. Jeret  Bank- Hapoalim T.A.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

IBM PR: Pervasive Business Intelligence with System z

2008-05-12 Thread Timothy Sipples 
IBM has a webcast scheduled at 2:00 p.m. Eastern U.S. (New York) time on
May 22, 2008, focused on how to deliver and improve operational business
intelligence on System z. Business intelligence needs are maturing rapidly,
and for increasing numbers of businesses it is no longer acceptable to wait
until the end of month reports to uncover and correct problems such as
fraud, inventory mishandling, customer service discrepancies, and other
real-time issues.

So IBM has been strengthening System z's unique capabilities for
operational business intelligence. This webcast provides an introduction.

To register, please visit:

http://w.on24.com/clients/ibm/106630

Editorial comment: I'm highlighting this one because I think it represents
a fundamental strategic shift in how IBM is positioning the mainframe. For
years we've had the "dump your data from here to there, then run your
analysis there" architectural pattern for business intelligence solutions.
Well, that pattern works OK for certain needs but is pretty terrible for
others. And it introduces a bunch of difficult problems concerning data
security and privacy protection, disaster recovery and availability,
timeliness and currency of answers to critical business questions, high
infrastructure costs, and other issues.  I think there's increasing
recognition that business intelligence solutions must be
more...intelligent.

- - - - -
Timothy Sipples
IBM Consulting Enterprise Software Architect
Specializing in Software Architectures Related to System z
Based in Tokyo, Serving IBM Japan and IBM Asia-Pacific
E-Mail: [EMAIL PROTECTED]
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Fw: CICS/BMS greenies to GUI's

2008-05-12 Thread Bill Klein 
This note was posted directly to the USENET newsgroup and hasn't had many
replies.  I am forwarding it to the list-server, to see if more people have
input on it.  (It is also in the comp.lang.cobol newsgroup).

"Graham Hobbs" <[EMAIL PROTECTED]> wrote in message
news:<[EMAIL PROTECTED]>...
> Hello,
> Big technical challenge for me so here I am again. Is CICS but that
> group seems dormant.
> 
> I have a small system that generates Cobol/CICS programs but
> particularly generates several BMS Assembler macros (old green
> screens). After compiles and assembles the CICS transaction works
> fine. This is stuff I know well.
> 
> Very briefly, the BMS I generate looks like: 
> 
> . . DFHMSD . . etc 
> . . DFHMDI . . etc 
> . . DFHMDF's
> etc
> END
> 
> But I'd like to also generate a GUI frontend be it/they Java or HTML
> or what other possibilities are there.
> Might anybody have any pointers as to where I might begin? Articles,
> references, code samples (especially), etc?
> Thanks.
> 
> Graham Hobbs
> ** Posted from http://www.teranews.com **

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: LPAR Capping - weight question

2008-05-12 Thread Ted MacNEIL 
>But what would be a good weight for the CF LPAR so it always consume a fixed 
>number of MSUs (capped of course).

CF's do not contribute to MSU charging.
They should always be allowed to run without any form of capping or sharing.

What problem are you trying to solve?

-
Too busy driving to stop for gas!

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Ivan Warren 

Arthur T. wrote:


 I'm not an expert, so I let Google do the work.  Some of the 
exploits are old, but they do or did exist.  Here's just a sample:


As you may of noticed - most of the security issues are 'implementation' 
issues - not design issues..


Now, the same goes for "Real Language" Java :

Chronology of security-related bugs and issues
Through its own research and rigorous testing, Sun has discovered a 
potential security issue in the Java Runtime Environment that affects 
both Java ...

java.sun.com/sfaq/chronology.html - 39k - Cached - Similar pages

Attack Applets: Exploiting Holes in the Security Model (Chapter ...
In terms of Java, the penetrate-and-patch machine is smoothly oiled (not 
that it represents the best approach to security, but that's another 
issue). ...


www.securingjava.com/chapter-five/ - 11k - Cached - Similar pages
Internet Explorer vulnerable to Java security problem - CNET News.com
A new weakness has been discovered in Microsoft's version of the Java 
technology, one that allows a malicious Java program launched over the 
Internet to ...

www.news.com/2100-1001-231428.html - 58k - Cached - Similar pages



And I'm sure it's also true for some browsers even when rendering pure 
HTML.. Either by using especially doctored HTML documents to permeate a 
vulnerable MSHTML/Trident or Gecko HTML layout engines.


MySpace Hacked Using Simple HTML Exploit - Alicia Keys and Others ...
The malicious site however does target IE specifically. So in that sense 
T is right on the money. T: The exploit isn't using a script. It's basic 
HTML and ...

www.centernetworks.com/myspace-hacked - 49k - Cached - Similar pages

Fix for URL Spoofing Security Vulnerability Checked in to Mozilla ...
In HTML mail, *everyone* has javascript disabled. ... Reply to this 
message. I would simply open a new window, without a statusbar, and scam 
on :-) ...
www.mozillazine.org/talkback.html?article=4149 - 27k - Cached - Similar 
pages




And about the  tag that allows you to include & instantiate 3rd 
party objects (Word, PDF, Flash anyone ?) - all this with Javascript 
disabled..




I could also go with the security issues that came up in various 
"server" protocols (ssh comes to mind).. or even non-network oriented 
stuff (VM/SP (up to VM/SP 4 at least) VMUTIL had a cool trick to get you 
class ABCDEFG and getting the CP Directory with all passwords in a 
matter of minutes).


Finally, I would also like to state that driving, crossing the street, 
eating, breathing and living altogether are inherently dangerous 
activities that can lead to extreme cases of death (actually, living is 
a known cause of certain death).


Ok.. I'm getting rhetorical.. But what I want to put out is that taking 
prophylactic measures is fine - until it prevents you from achieving 
your goal.


And disabling javascript today makes a lot of web sites unusable.. 
Well.. your choice !


--Ivan

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

LPAR Capping - weight question

2008-05-12 Thread Michael Mcloughlin 
We wish to follow the advice given in an earlier to cap MSU usage of our 2 
LPARs (2 monoplexes) by intoducing a dummy CF LPAR when we upgrade our 
z890. I understand we should SET DYNDISP OFF.

But what would be a good weight for the CF LPAR so it always consume a 
fixed number of MSUs (capped of course).

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: CTC Disconnect Time

2008-05-12 Thread Dave Barry 
Off the top of my head, I believe you have to tell VTAM that there are separate 
inbound and outbound paths between the two nodes.  Sounds like you're 
configuration has forced your links to be half-duplex.

db

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of 
Magen Margalit
Sent: Monday, April 14, 2008 4:29 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: CTC Disconnect Time

Hi list,

I have a situation I don't fully understand...

I have a shared Escon channel used as CTC between 2 Lpars.
The CTC is used for XCF and VTAM communication.
For XCF there are 2 Devices defined on each system (in and out) and for VTAM 
there is 1 device defined on each system.

Looking on RMF report I see the following info:
Channel utilization is low - about 10%
Device Disconnect time for the IN device (on both systems) is huge - about 
5000ms (the out devices numbers are fine).
The in device utilization is almost at all time near 100%.

I don't think that this is a normal situtation, but except from GRS delay for 
XCF (about 5%) It doesn't seemes to have any performance effect or am I wrong?

Any help would be appricated.

Thanks
Magen

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
[EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at 
http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Ted MacNEIL 
>Javascript is not JAVA! Chant it if it helps you to remember...

Admittingly, I'm not an expert (I said that).
My point was that both seem to be exposures.
I've seen posts that both have security issues.

I deferr to the experts on this.
-
Too busy driving to stop for gas!

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Craddock, Chris 
> >What EXACTLY do you claim that JavaScript can do that is
> >dangerous? It has no ability to access the Hard Drive (so
> >it can not look at your files) or things like that.
> 
> According to other posters, it can.
> Since I'm not a JAVA expert, I'll defer to their expertise.

Javascript is not JAVA! Chant it if it helps you to remember...

CC

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Ted MacNEIL 
>What EXACTLY do you claim that JavaScript can do that is 
>dangerous? It has no ability to access the Hard Drive (so 
>it can not look at your files) or things like that.

According to other posters, it can.
Since I'm not a JAVA expert, I'll defer to their expertise.

-
Too busy driving to stop for gas!

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Probably a basic TCP/IP question

2008-05-12 Thread Kirk Wolf 
As a USS program, FTP probably uses the C library's time functions,
which don't know about the z/OS PARMLIB setting!
You probably have to set the TZ environment variable if you want to
see local time.   Use the ENVAR() LE parm option (or via CEEOPTS if
you are running 1.7+).

You would think that a batch job that dubs into USS (like FTP batch
client) would get variables from /etc/init.options, but you would be
wrong!   We have batch USS programs that try to work around this by
reading /etc/init.options themselves, but have found that some
installations don't make this file world-readable.   AFAIK, there is
no place to important system-wide environment variables so that
*every* USS process gets them.  Feature or bug?

Kirk Wolf
Dovetailed Technologies


On Mon, May 12, 2008 at 4:57 PM, Pommier, Rex R.
<[EMAIL PROTECTED]> wrote:
> I think John wins the prize!  I just IPLed my sandbox moving the local
>  time 2 hours to the west and the FTP client still put a GMT timestamp on
>  the member it put into the PDS.  The programmer who reported it to me
>  reported it as a z/OS 1.7 upgrade issue and since I have no 1.4 LPARs
>  left, I couldn't refute it.  Now I can (with some certainty) tell her
>  that this is how it has been working and there's nothing I can do about
>  it.
>
>  Thanks for all the good responses.  I learned a bit about z/OS unix
>  today.
>
>  Rex
>
>
>  -Original Message-
>  From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
>
> Behalf Of McKown, John
>  Sent: Monday, May 12, 2008 3:39 PM
>  To: IBM-MAIN@BAMA.UA.EDU
>
>
> Subject: Re: Probably a basic TCP/IP question
>
>
>  > -Original Message-
>  > From: IBM Mainframe Discussion List
>  > [mailto:[EMAIL PROTECTED] On Behalf Of Pommier, Rex R.
>  > Sent: Monday, May 12, 2008 3:07 PM
>  > To: IBM-MAIN@BAMA.UA.EDU
>  > Subject: Probably a basic TCP/IP question
>  >
>  > Sorry for a basic question, but where does the FTP client get it's
>  > timestamp information from?  I have a programmer who just performed an
>
>  > FTP GET command to a PDS member.  The ISPF statistics were updated
>  > with the FTP GET.  Unfortunately, the timestamp placed on the member
>  > is 5 hours into the future.  My CLOCKxx parameter in Parmlib is set to
>
>  > west 5, so somehow the FTP client is adding another 5 hours onto it's
>  > timestamp but I can't find it.  I have a sneaking suspicion
>  > that as soon
>  > as I have the answer, I'll be slapping my forehead with a
>  > "DOH!", so can
>  > somebody give me the opportunity to hit myself by pointing me in the
>  > right direction?
>  >
>  > Thanks.
>  >
>  > Rex
>
>  Sounds like it is logging with GMT instead of LOCAL time. If so, then
>  you likely cannot change that. A UNIX program can request either LOCAL
>  or GMT time, whichever it wants. This "gmtime()" vs. "localtime()" in
>  the C run-time.
>
>  --
>  John McKown
>  Senior Systems Programmer
>  HealthMarkets
>  Keeping the Promise of Affordable Coverage
>  Administrative Services Group
>  Information Technology
>
>  The information contained in this e-mail message may be privileged
>  and/or confidential.  It is for intended addressee(s) only.  If you are
>  not the intended recipient, you are hereby notified that any disclosure,
>  reproduction, distribution or other use of this communication is
>  strictly prohibited and could, in certain circumstances, be a criminal
>  offense.  If you have received this e-mail in error, please notify the
>  sender by reply and delete this message without copying or disclosing
>  it.
>
>  --
>  For IBM-MAIN subscribe / signoff / archive access instructions,
>  send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
>  Search the archives at http://bama.ua.edu/archives/ibm-main.html
>
>

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Arthur T. 
On 12 May 2008 14:14:14 -0700, in bit.listserv.ibm-main 
(Message-ID:<[EMAIL PROTECTED]>) 
[EMAIL PROTECTED] (Robert A. Rosenberg) wrote:


At 16:38 +0100 on 05/12/2008, Martin Packer wrote about 
Re: Mainframe programming vs the Web:


Javascript, by design, can do damn near anything to your 
machine.


What EXACTLY do you claim that JavaScript can do that is 
dangerous? It has no ability to access the Hard Drive (so 
it can not look at your files) or things like that.


 One old standby was to open dozens or hundreds of 
browser windows with ads in them.  It could lead to a 
reboot just to get back control of your computer.


 I'm not an expert, so I let Google do the work.  Some 
of the exploits are old, but they do or did exist.  Here's 
just a sample:


From http://www.pantos.org/atw/35547.html
Basically, any Web page that wants to can monitor and 
record every move made by any user who hasn't disabled 
JavaScript. The information that can be obtained includes 
virtually every bit of data passed between the user and 
every remote Web site they visit (including encrypted data, 
complete with decryption keys).


http://www2006.org/programme/files/xhtml/17/xhtml/fp17-atterer.html
We present an implementation for detailed tracking of user 
actions on web pages. An HTTP proxy modifies HTML pages by 
adding JavaScript code before delivering them to the 
client. This JavaScript tracking code collects data about 
mouse movements, keyboard input and more. We demonstrate 
the usefulness of our approach in a case study.


http://www.nist.org/news.php?extend.175
Two Hackers at the ToorCon hacker conference demonstrated a 
flaw in Firefox that could lead to arbitrary code 
execution. The problem is with how Firefox implements 
JavaScript.

...
When this is done it appears that whatever the Javascript 
did in the browser actually came from the website. So when 
you think you are entering your pin number on the banks 
site you may actually be entering it on the phishing / 
hackers site


http://www.tcmagazine.com/forums/index.php?showtopic=2662
For example - if you follow security related news, you will 
see that JavaScript is the key avenue being used against 
you in today's attacks (even thru adbanners!)


http://www.blackhat.com/html/bh-usa-06/bh-usa-06-speakers.html
Imagine you're visiting a popular website and invisible 
JavaScript exploit code steals your cookies, captures your 
keystrokes, and monitors every web page that you visit. 
Then, without your knowledge or consent, your web browser 
is silently hijacked to transfer out bank funds, hack other 
websites, or post derogatory comments in a public forum. No 
traces, no tracks, no warning sirens. In 2005's "Phishing 
with Superbait" presentation we demonstrated that all these 
things were in fact possible using nothing more than some 
clever JavaScript.


--
I cannot receive mail at the address this was sent from.
To reply directly, send to ar23hur "at" intergate "dot" com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Skip Robinson 
It's un-American not to have a one syllable nickname. ;-)

On the other hand, legal names have to be accommodated whether it's COBOL
on punch cards or entry fields on a web window. It would be nice to see
some sincere concern for the end user. AKA the one who pays for the
'service'.





   
 Ed Finnell
 <[EMAIL PROTECTED] 
 OM>To 
 Sent by: IBM  IBM-MAIN@BAMA.UA.EDU
 Mainframe  cc 
 Discussion List   
 <[EMAIL PROTECTED] Subject 
 .EDU> Re: Mainframe programming vs the
   Web 
   
 05/12/2008 02:48  
 PM
   
   
 Please respond to 
   IBM Mainframe   
  Discussion List  
 <[EMAIL PROTECTED] 
   .EDU>   
   
   





In a message dated 5/12/2008 4:13:37 P.M. Central Daylight Time,
[EMAIL PROTECTED] writes:

Novel before getting to your message. Based on this memory, and on
impulse, I just right now bought a copy so I can reread it. Copies
are  available from Amazon if you want to reread it yourself.


>>
We actually had a Fijian back in the 80's  who's first name was 45 chars
English, Second 37 and Last over 60! He probably  spent as much time with
HR as
programming. Finally got promoted so didn't have  to fill out a time card.
Think
everybody just called him Raz

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: ERBPPSRT Gone at z/OS 1.9

2008-05-12 Thread Shane 
On Mon, 2008-05-12 at 13:15 -0400, Steven Conway wrote:

> Skipping multiple releases, going thru those same multiple releases' 
> migration and planning guides, almost a guarantee I'll miss something.

I tend to rely on Marnas (fantastic) offering in lieu of the "official"
guides - more so where multiple releases are involved.

Nicely coloured, with little graphics (in red) to pull you up (no I
haven't looked at 1.9 to see if she caught this). 

They are the ducks nuts. Thanks (again) Marna.

Shane ...

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Probably a basic TCP/IP question

2008-05-12 Thread Pommier, Rex R. 
I think John wins the prize!  I just IPLed my sandbox moving the local
time 2 hours to the west and the FTP client still put a GMT timestamp on
the member it put into the PDS.  The programmer who reported it to me
reported it as a z/OS 1.7 upgrade issue and since I have no 1.4 LPARs
left, I couldn't refute it.  Now I can (with some certainty) tell her
that this is how it has been working and there's nothing I can do about
it.

Thanks for all the good responses.  I learned a bit about z/OS unix
today.

Rex

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of McKown, John
Sent: Monday, May 12, 2008 3:39 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Probably a basic TCP/IP question


> -Original Message-
> From: IBM Mainframe Discussion List
> [mailto:[EMAIL PROTECTED] On Behalf Of Pommier, Rex R.
> Sent: Monday, May 12, 2008 3:07 PM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Probably a basic TCP/IP question
> 
> Sorry for a basic question, but where does the FTP client get it's 
> timestamp information from?  I have a programmer who just performed an

> FTP GET command to a PDS member.  The ISPF statistics were updated 
> with the FTP GET.  Unfortunately, the timestamp placed on the member 
> is 5 hours into the future.  My CLOCKxx parameter in Parmlib is set to

> west 5, so somehow the FTP client is adding another 5 hours onto it's
> timestamp but I can't find it.  I have a sneaking suspicion 
> that as soon
> as I have the answer, I'll be slapping my forehead with a 
> "DOH!", so can
> somebody give me the opportunity to hit myself by pointing me in the
> right direction?
> 
> Thanks.
> 
> Rex

Sounds like it is logging with GMT instead of LOCAL time. If so, then
you likely cannot change that. A UNIX program can request either LOCAL
or GMT time, whichever it wants. This "gmtime()" vs. "localtime()" in
the C run-time.

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage
Administrative Services Group
Information Technology

The information contained in this e-mail message may be privileged
and/or confidential.  It is for intended addressee(s) only.  If you are
not the intended recipient, you are hereby notified that any disclosure,
reproduction, distribution or other use of this communication is
strictly prohibited and could, in certain circumstances, be a criminal
offense.  If you have received this e-mail in error, please notify the
sender by reply and delete this message without copying or disclosing
it.  

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Ed Finnell 
 
In a message dated 5/12/2008 4:13:37 P.M. Central Daylight Time,  
[EMAIL PROTECTED] writes:

Novel before getting to your message. Based on this memory, and on  
impulse, I just right now bought a copy so I can reread it. Copies 
are  available from Amazon if you want to reread it yourself.


>>
We actually had a Fijian back in the 80's  who's first name was 45 chars 
English, Second 37 and Last over 60! He probably  spent as much time with HR as 
programming. Finally got promoted so didn't have  to fill out a time card. 
Think 
everybody just called him Raz







**Wondering what's for Dinner Tonight? Get new twists on family 
favorites at AOL Food.  
(http://food.aol.com/dinner-tonight?NCID=aolfod000301)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: CA ACF2 SAF HFS Security and COCSTS32

2008-05-12 Thread Doug Fuerst 
Yes, I have had the HFS protected by ACF2 for a least 2 years or more. 
This is fairly common. Try the ACF2 list on Yahoo for help on ACF2


Doug Fuerst



Subject: CA ACF2 SAF HFS Security and COCSTS32




[snip]

  
 
Has anyone implemented ACF2 CA SAF HFS Security and setup the resource

rules for the HFS directories?
Is there a better way to protect the HFS directories from the
application programming staff?



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Steve Comstock 

Robert A. Rosenberg wrote:
At 09:51 -0600 on 05/12/2008, Steve Comstock wrote about Re: Mainframe 
programming vs the Web:



It's a real dilema for webpage developers. I recently redesigned
our home page. My initial design was to be very minimalist, just
a few lines, but if you clicked a line it was expanded, using
javascript, to a series of bullets and links. It was pretty cool.
My alternate was just to have the bullets fixed in place.


In a case of this type, all you need to do is place a NOSCRIPT Tag on 
the page saying that since they have disabled JavaScript, to click a 
supplied link which will take them to a duplicate page that does not 
need JavaScript and point them at the version with the exposed bullets. 
This gives the best of both worlds. The normal user gets an interactive 
copy of the page while the Paranoid Luddites get a non-interactive 
static page.


Yeah, I thought about that. Actually built a prototype. I'll think about it.
I do know that not all browsers recognize NOSCRIPT, but those are probably
in the minorty.


Kind regards,

-Steve Comstock
The Trainer's Friend, Inc.

303-393-8716
http://www.trainersfriend.com

  z/OS Application development made easier
* Our classes include
   + How things work
   + Programming examples with realistic applications
   + Starter / skeleton code
   + Complete working programs
   + Useful utilities and subroutines
   + Tips and techniques

==> Check out the Trainer's Friend Store to purchase z/OS  <==
==> application developer toolkits. Sample code in four<==
==> programming languages, JCL to Assemble or compile, <==
==> bind and test. <==
==>   http://www.trainersfriend.com/TTFStore/index.html<==



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread McKown, John 
> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of Robert A. Rosenberg
> Sent: Monday, May 12, 2008 4:01 PM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: Mainframe programming vs the Web
> 
> In a case of this type, all you need to do is place a NOSCRIPT Tag on 
> the page saying that since they have disabled JavaScript, to click a 
> supplied link which will take them to a duplicate page that does not 
> need JavaScript and point them at the version with the exposed 
> bullets. This gives the best of both worlds. The normal user gets an 
> interactive copy of the page while the Paranoid Luddites get a 
> non-interactive static page.

PARANOID LUDDITE AND PROUD! Or maybe just paranoid . I do allow
Javascript on Firefox for some sites.

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage
Administrative Services Group
Information Technology

The information contained in this e-mail message may be privileged
and/or confidential.  It is for intended addressee(s) only.  If you are
not the intended recipient, you are hereby notified that any disclosure,
reproduction, distribution or other use of this communication is
strictly prohibited and could, in certain circumstances, be a criminal
offense.  If you have received this e-mail in error, please notify the
sender by reply and delete this message without copying or disclosing
it.  

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Ted MacNEIL 
>The normal user gets an interactive copy of the page while the Paranoid 
>Luddites get a 
non-interactive static page.

Is it truly being a luddite to not want your PC screwed over by bad/malicious 
external code?

I've been hit too many times, and I know better.
Our security people know even more and we lose too much.

Just because you're paranoid, it does not mean they're not out to get you!

-
Too busy driving to stop for gas!

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Robert A. Rosenberg 
At 11:27 -0500 on 05/12/2008, Chase, John wrote about Re: Mainframe 
programming vs the Web:



 > -Original Message-

 From: IBM Mainframe Discussion List On Behalf Of Howard Brazee

 [ snip ]

 I did work for a company that had to clean up addresses - it
 had a dirty word file that it used - but I've read of some
 foreign "dirty
 words" that are valid places and names.  . . .


Ummm  A town in Austria comes immediately to mind.

-jc-


Or towns in the UK with "SEX" in their names (Middlesex, Sussex, etc).

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Robert A. Rosenberg 
At 16:38 +0100 on 05/12/2008, Martin Packer wrote about Re: Mainframe 
programming vs the Web:



Javascript, by design, can do damn near anything to your machine.


What EXACTLY do you claim that JavaScript can do that is dangerous? 
It has no ability to access the Hard Drive (so it can not look at 
your files) or things like that.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Robert A. Rosenberg 
At 09:51 -0600 on 05/12/2008, Steve Comstock wrote about Re: 
Mainframe programming vs the Web:



It's a real dilema for webpage developers. I recently redesigned
our home page. My initial design was to be very minimalist, just
a few lines, but if you clicked a line it was expanded, using
javascript, to a series of bullets and links. It was pretty cool.
My alternate was just to have the bullets fixed in place.


In a case of this type, all you need to do is place a NOSCRIPT Tag on 
the page saying that since they have disabled JavaScript, to click a 
supplied link which will take them to a duplicate page that does not 
need JavaScript and point them at the version with the exposed 
bullets. This gives the best of both worlds. The normal user gets an 
interactive copy of the page while the Paranoid Luddites get a 
non-interactive static page.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Robert A. Rosenberg 
At 09:59 -0600 on 05/12/2008, Howard Brazee wrote about Re: Mainframe 
programming vs the Web:



Around 1968 I read a book where this guy had a long hyphenated name
which the computers kept having troubles with.   He invented a
bacterium that ate computer tapes for revenge - which made him an
ecological hero though.


By any chance was that "The Man Whose Name Wouldn't Fit"?

As I was reading this thread I was thinking of that Science Fiction 
Novel before getting to your message. Based on this memory, and on 
impulse, I just right now bought a copy so I can reread it. Copies 
are available from Amazon if you want to reread it yourself.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Cleanup a unconnected Coupling Facility

2008-05-12 Thread Martin Kline 
We also went throught this situation recently. After the Cf swap, the sysplex 
still had a pending situation, waiting for the now non-existent CF to come 
online. Approximately 100 hours after the CF swap, it suddenly cleared itself 
with no other manual intervention, all pending status's completed, and 
everything was ok.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Probably a basic TCP/IP question

2008-05-12 Thread McKown, John 
> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of Pommier, Rex R.
> Sent: Monday, May 12, 2008 3:07 PM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Probably a basic TCP/IP question
> 
> Sorry for a basic question, but where does the FTP client get it's
> timestamp information from?  I have a programmer who just performed an
> FTP GET command to a PDS member.  The ISPF statistics were 
> updated with
> the FTP GET.  Unfortunately, the timestamp placed on the member is 5
> hours into the future.  My CLOCKxx parameter in Parmlib is set to west
> 5, so somehow the FTP client is adding another 5 hours onto it's
> timestamp but I can't find it.  I have a sneaking suspicion 
> that as soon
> as I have the answer, I'll be slapping my forehead with a 
> "DOH!", so can
> somebody give me the opportunity to hit myself by pointing me in the
> right direction?
> 
> Thanks.
> 
> Rex

Sounds like it is logging with GMT instead of LOCAL time. If so, then
you likely cannot change that. A UNIX program can request either LOCAL
or GMT time, whichever it wants. This "gmtime()" vs. "localtime()" in
the C run-time.

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage
Administrative Services Group
Information Technology

The information contained in this e-mail message may be privileged
and/or confidential.  It is for intended addressee(s) only.  If you are
not the intended recipient, you are hereby notified that any disclosure,
reproduction, distribution or other use of this communication is
strictly prohibited and could, in certain circumstances, be a criminal
offense.  If you have received this e-mail in error, please notify the
sender by reply and delete this message without copying or disclosing
it.  

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Z/OS 1.9

2008-05-12 Thread Steve Comstock 

Fred Hoffman wrote:

Does anyone know whether z/os 1.9 will be offered to PWD members.  The last 
release I have is 1.8.

TIA,

Fred Hoffman


We installed z/OS 1.9 on our zPad last month. Came as part of
the Cornerstone / FLEX-es / PWD package. Not sure who does
which part, to tell you the truth. We're getting near the end
of life of our FLEX-es license and, of course, it does not
look like that option will be viable any more.



Kind regards,

-Steve Comstock
The Trainer's Friend, Inc.

303-393-8716
http://www.trainersfriend.com

  z/OS Application development made easier
* Our classes include
   + How things work
   + Programming examples with realistic applications
   + Starter / skeleton code
   + Complete working programs
   + Useful utilities and subroutines
   + Tips and techniques

==> Check out the Trainer's Friend Store to purchase z/OS  <==
==> application developer toolkits. Sample code in four<==
==> programming languages, JCL to Assemble or compile, <==
==> bind and test. <==
==>   http://www.trainersfriend.com/TTFStore/index.html<==



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Probably a basic TCP/IP question

2008-05-12 Thread Pommier, Rex R. 
So would I set this in the /etc/init.options file?

Thanks.

Rex

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Fletcher, Kevin
Sent: Monday, May 12, 2008 3:33 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Probably a basic TCP/IP question



Jack,

I forgot to mention one item.  It's being run as a batch job so
/etc/profile isn't a player.  

Rex


Rex, 

I still believe it runs through the FTP (usually called FTPD) STC, and
that will use the TZ envrionment variable.

Fletch

--
For IBM-MAIN subscribe / signoff / archive access instructions, send
email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search
the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Z/OS 1.9

2008-05-12 Thread Fred Hoffman 
Does anyone know whether z/os 1.9 will be offered to PWD members.  The last 
release I have is 1.8.

TIA,

Fred Hoffman

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Probably a basic TCP/IP question

2008-05-12 Thread Jack Kelly 

It's being run as a batch job so /etc/profile isn't a player. 


Batch doesn't make any difference, you just have batch UNIX. 'tis a brave 
new world...

Jack Kelly
202-502-2390 (Office)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Probably a basic TCP/IP question

2008-05-12 Thread McKown, John 
> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of Pommier, Rex R.
> Sent: Monday, May 12, 2008 3:29 PM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: Probably a basic TCP/IP question
> 
> Jack,
> 
> I forgot to mention one item.  It's being run as a batch job so
> /etc/profile isn't a player.  
> 
> Rex

It might be getting it from your LE parameters. LE has an ENVAR
parameter to specify UNIX environment variables.

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage
Administrative Services Group
Information Technology

The information contained in this e-mail message may be privileged
and/or confidential.  It is for intended addressee(s) only.  If you are
not the intended recipient, you are hereby notified that any disclosure,
reproduction, distribution or other use of this communication is
strictly prohibited and could, in certain circumstances, be a criminal
offense.  If you have received this e-mail in error, please notify the
sender by reply and delete this message without copying or disclosing
it.  

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Probably a basic TCP/IP question

2008-05-12 Thread Fletcher, Kevin 

Jack,

I forgot to mention one item.  It's being run as a batch job so
/etc/profile isn't a player.  

Rex


Rex, 

I still believe it runs through the FTP (usually called FTPD) STC, and
that will use the TZ envrionment variable.

Fletch

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Probably a basic TCP/IP question

2008-05-12 Thread Pommier, Rex R. 
Jack,

I forgot to mention one item.  It's being run as a batch job so
/etc/profile isn't a player.  

Rex

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Jack Kelly
Sent: Monday, May 12, 2008 3:12 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Probably a basic TCP/IP question



but where does the FTP client get it's timestamp information from? 


FTP belongs to the brave UNIX world. Sounds like you don't have 
TZ=EST5EDT
export TZ

set in etc profile or are not executing it..

Jack Kelly
202-502-2390 (Office)

--
For IBM-MAIN subscribe / signoff / archive access instructions, send
email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search
the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Question concerning performance, VIO and chargeback

2008-05-12 Thread Clark Morris 
On 12 May 2008 11:33:26 -0700, in bit.listserv.ibm-main you wrote:

>Edward E Jaffe wrote:
>
>> That is -- and AFAIK has always been -- the VIO trade-off. CPU time for 
>> clock time.
>
>Yes, that's right. And VIO should be compared and contrasted with other 
>DIM techniques for Batch. I've a feeling I wrote a blog post about it a 
>few months ago. I should've because I used to present on VIO - especially 
>the DFSMS management thereof.

If z/OS had FBA, could VIA be a lot more efficient CPU wise?  Is some
of the CPU time associated with IO hidden in general overhead non-task
attributable while VIO attributes all CPU to the task?
>
>The "DIM Coffee Table" book came about as the result of a number of 
>studies Development did - in the late 1980s. I DIDN'T participate. But it 
>led onto residencies I DID participate in. Anyhow the book documented many 
>performance tests that mapped out the performance characteristics 
>(including CPU) of many DIM techniques.
>
>And, as noted, the reason there's the CPU cost is the emulation of disk 
>devices - rather than the "block mode" operation of eg VSAM LSR.
>
>I also note that, like some other techniques, VIO is usually seen as a 
>more or less "write once then read once" use of memory. I.e. not dense in 
>terms of I/Os avoided per MB of memory deployed. I wonder if the economics 
>of today make that much less of an issue. I think the answer would have to 
>be that (UK) :-) English word "somewhat".*
>
>Martin
>
>Martin Packer
>Performance Consultant
>IBM United Kingdom Ltd
>+44-20-8832-5167
>+44-7802-245-584
>[EMAIL PROTECTED]
>
>
>
>* "Somewhat" is the younger sibling of "it depends" and the (less evil) 
>twin of "quite". :-)
>
>
>
>
>
>Unless stated otherwise above:
>IBM United Kingdom Limited - Registered in England and Wales with number 
>741598. 
>Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
>
>
>
>
>
>
>--
>For IBM-MAIN subscribe / signoff / archive access instructions,
>send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
>Search the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Probably a basic TCP/IP question

2008-05-12 Thread Fletcher, Kevin 


Sorry for a basic question, but where does the FTP client get it's
timestamp information from?  I have a programmer who just performed an
FTP GET command to a PDS member.  The ISPF statistics were updated with
the FTP GET.  Unfortunately, the timestamp placed on the member is 5
hours into the future.  My CLOCKxx parameter in Parmlib is set to west
5, so somehow the FTP client is adding another 5 hours onto it's
timestamp but I can't find it.  I have a sneaking suspicion that as soon
as I have the answer, I'll be slapping my forehead with a "DOH!", so can
somebody give me the opportunity to hit myself by pointing me in the
right direction?



Rex, you probably need a TZ= environment variable assigned to your FTP
STC. Ours is set to TZ=EST5EDT. We had a similar problem with FTP's from
SAS jobs.

Fletch

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: HIPAA auditing (was:RE: VSAM / COBOL question - redux (fwd))

2008-05-12 Thread Clark Morris 
On 12 May 2008 10:35:48 -0700, in bit.listserv.ibm-main you wrote:

>You are correct that this auditing must be done.  This "Application Auditing" 
>must include not just what a RACF log would show - that someone had access to 
>a file, but to show exactly what the user saw.  It is one thing to know that 
>someone logged in, accessed a sensitive file and logged out later in the day, 
>but the requirements are to be able to know what they were doing and which 
>sensitive information they saw.  You would need to be able to see they same 
>screens they saw.  This "Application Auditing" is possible and goes beyond 
>what logs can do.  

How much data needs to be stored in order to accomplish that?   What
are the implications for application testing?  Does this mean that
test data correction must include obfuscation of identifiable data?

Clark Morris
>
>
> 
>Robert Galambos CIPP/C  
>
>Compuware Senior Technical Specialist 
>IBM Certified Solutions Expert - 
>DB2 UDB for OS/390 Database Administration
>Certified Information Privacy Professional/Canada 
>[EMAIL PROTECTED]
> 
>  
>Tel: +1 905 886 7000 
>Toll Free: +1 800 263 7189
>Fax: +1 905 886 7023
>Quebec: +1 877-281-1888 
>  
>Compuware  Canada
>   
>Service is our best product
> Les renseignements contenus dans le présent message électronique sont 
> confidentiels et concernent exclusivement le(s) destinataire(s) désigné(s). 
> Il est strictement interdit de distribuer ou de copier ce message. Si vous 
> avez reçu ce message par erreur, veuillez répondre par courriel à 
> l'expéditeur et effacer ou détruire toutes les copies du présent message.
>
>
>The contents of this e-mail are intended for the named addressee only. It 
>contains information that may be confidential. Unless you are the named 
>addressee or an authorized designee, you may not copy or use it, or disclose 
>it to anyone else. If you received it in error please notify us immediately 
>and then destroy it.
>
>From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of 
>McKown, John
>Sent: Friday, May 09, 2008 8:25 AM
>To: IBM-MAIN@BAMA.UA.EDU
>Subject: HIPAA auditing (was:RE: VSAM / COBOL question - redux (fwd))
>
>> -Original Message-
>> From: IBM Mainframe Discussion List
>> [mailto:[EMAIL PROTECTED] On Behalf Of Kenneth E Tomiak
>> Sent: Thursday, May 08, 2008 7:10 PM
>> To: IBM-MAIN@BAMA.UA.EDU
>> Subject: Re: VSAM / COBOL question - redux (fwd)
>> 
>> My understanding of HIPAA is access to data is not denied to everyone, 
>> knowing who accessed it is the requirement. For 'confidential' data, 
>> logging who accessed it even if they are AUTHORIZED is done in some 
>> hospitals. Think audit trail. And of course they try to limit access. 
>> But if the developers have access to production does it matter what 
>> file it is in, they still accessed it.
>> Proper logging would then have to log everyone that accesses the 
>> copies. And th snowball starts rolling. Once you give access to 
>> someone, it is hard to control what they do with it.
>> 
>
>We do log all access to this data. We produced TONS of SMF data for this (RACF 
>auditing). Actually, we UAUDIT every ID which has any possibility of accessing 
>this data (e.g. TSO, ftp, HTTP, ...)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Probably a basic TCP/IP question

2008-05-12 Thread Jack Kelly 

but where does the FTP client get it's timestamp information from? 


FTP belongs to the brave UNIX world. Sounds like you don't have 
TZ=EST5EDT
export TZ

set in etc profile or are not executing it..

Jack Kelly
202-502-2390 (Office)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Report: HP to buy EDS for $12 billion

2008-05-12 Thread Tom Schmidt 
Report: HP to buy EDS for $12-13 billion (possibly to be announced as early as 
tomorrow?) 
 
http://www.news.com/8301-10784_3-9942051-7.html
 
--
Tom Schmidt 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Probably a basic TCP/IP question

2008-05-12 Thread Pommier, Rex R. 
Sorry for a basic question, but where does the FTP client get it's
timestamp information from?  I have a programmer who just performed an
FTP GET command to a PDS member.  The ISPF statistics were updated with
the FTP GET.  Unfortunately, the timestamp placed on the member is 5
hours into the future.  My CLOCKxx parameter in Parmlib is set to west
5, so somehow the FTP client is adding another 5 hours onto it's
timestamp but I can't find it.  I have a sneaking suspicion that as soon
as I have the answer, I'll be slapping my forehead with a "DOH!", so can
somebody give me the opportunity to hit myself by pointing me in the
right direction?

Thanks.

Rex

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Patrick O'Keefe 
On Mon, 12 May 2008 09:09:18 -0500, McKown, John 
<[EMAIL PROTECTED]> wrote:

>...
>The other thing that irritates many is the US (and English?) centric
>"First Name", "Middle Name (or initial)", "Last Name". ...

"First Name", "Middle Initial", "Last Name"  has always bothered me.
And those (admittedly fewer) sites that think that quote marks - 
singel or double - have to come in pairs.  Very irritating.

J. Patrick O'Keefe  

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Craddock, Chris 
>  From what I understand about JAVA vs. JAVASCRIPT, which I freely
admit
> may be a faulty understanding, there are important differences.

Javascript and JAVA are apples and fish. It's like CLIST versus COBOL.
There are some similar semantic constructs but that's about all.
Javascript is just a scripting language based on the DOM for the page.
JAVA is a real programming language. See
 for more details.

> And from
> what I've seen of javascript, it's enough to give a security chap a
> severe case of "The Willies". The capability of javascript to cause a
> serious problem, perhaps a true disaster, seems to be very real and
ever
> present. I've got a serious problem with that; I wish I could
> selectively enable/disable javascript, based on the source site, and
my
> corresponding level of trust. It would sure be nice if desktop systems
> had protection such that some functions couldn't be accessed by
> javascript, something like z/OS APF facilities.

If you allow "active" content from outside your firewall in your browser
(at least on Windoze) you're begging for trouble. And on the other
platforms it is not so much of a problem, but only because the nefarious
script kiddies are too busy duping the clueless on the windows systems. 

None of those platforms support an APF-like model and even if they did
that would be the wrong answer. You would be much better off with a
RACF-like permission model based on resource class and entity name. 

> Bottom line (for me): Java and JavaScript have their places; I'm just
> not sure exactly where.

Inside your firewall with your own content they are great. There are
loads of tools for doing slick stuff. Outside your firewall all bets are
off. And even poor old IE can tell the difference and behave
accordingly.

CC

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: HIPAA auditing (was:RE: VSAM / COBOL question - redux (fwd))

2008-05-12 Thread Galambos, Robert 
You are correct that this auditing must be done.  This "Application Auditing" 
must include not just what a RACF log would show - that someone had access to a 
file, but to show exactly what the user saw.  It is one thing to know that 
someone logged in, accessed a sensitive file and logged out later in the day, 
but the requirements are to be able to know what they were doing and which 
sensitive information they saw.  You would need to be able to see they same 
screens they saw.  This "Application Auditing" is possible and goes beyond what 
logs can do.  


 
Robert Galambos CIPP/C  

Compuware Senior Technical Specialist 
IBM Certified Solutions Expert - 
DB2 UDB for OS/390 Database Administration
Certified Information Privacy Professional/Canada 
[EMAIL PROTECTED]
 
  
Tel: +1 905 886 7000 
Toll Free: +1 800 263 7189
Fax: +1 905 886 7023
Quebec: +1 877-281-1888 
  
Compuware  Canada

Service is our best product 
 Les renseignements contenus dans le présent message électronique sont 
confidentiels et concernent exclusivement le(s) destinataire(s) désigné(s). Il 
est strictement interdit de distribuer ou de copier ce message. Si vous avez 
reçu ce message par erreur, veuillez répondre par courriel à l'expéditeur et 
effacer ou détruire toutes les copies du présent message.


The contents of this e-mail are intended for the named addressee only. It 
contains information that may be confidential. Unless you are the named 
addressee or an authorized designee, you may not copy or use it, or disclose it 
to anyone else. If you received it in error please notify us immediately and 
then destroy it.

From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of 
McKown, John
Sent: Friday, May 09, 2008 8:25 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: HIPAA auditing (was:RE: VSAM / COBOL question - redux (fwd))

> -Original Message-
> From: IBM Mainframe Discussion List
> [mailto:[EMAIL PROTECTED] On Behalf Of Kenneth E Tomiak
> Sent: Thursday, May 08, 2008 7:10 PM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: VSAM / COBOL question - redux (fwd)
> 
> My understanding of HIPAA is access to data is not denied to everyone, 
> knowing who accessed it is the requirement. For 'confidential' data, 
> logging who accessed it even if they are AUTHORIZED is done in some 
> hospitals. Think audit trail. And of course they try to limit access. 
> But if the developers have access to production does it matter what 
> file it is in, they still accessed it.
> Proper logging would then have to log everyone that accesses the 
> copies. And th snowball starts rolling. Once you give access to 
> someone, it is hard to control what they do with it.
> 

We do log all access to this data. We produced TONS of SMF data for this (RACF 
auditing). Actually, we UAUDIT every ID which has any possibility of accessing 
this data (e.g. TSO, ftp, HTTP, ...)

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage Administrative Services Group 
Information Technology

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Question concerning performance, VIO and chargeback

2008-05-12 Thread Martin Packer 
Edward E Jaffe wrote:

> That is -- and AFAIK has always been -- the VIO trade-off. CPU time for 
> clock time.

Yes, that's right. And VIO should be compared and contrasted with other 
DIM techniques for Batch. I've a feeling I wrote a blog post about it a 
few months ago. I should've because I used to present on VIO - especially 
the DFSMS management thereof.

The "DIM Coffee Table" book came about as the result of a number of 
studies Development did - in the late 1980s. I DIDN'T participate. But it 
led onto residencies I DID participate in. Anyhow the book documented many 
performance tests that mapped out the performance characteristics 
(including CPU) of many DIM techniques.

And, as noted, the reason there's the CPU cost is the emulation of disk 
devices - rather than the "block mode" operation of eg VSAM LSR.

I also note that, like some other techniques, VIO is usually seen as a 
more or less "write once then read once" use of memory. I.e. not dense in 
terms of I/Os avoided per MB of memory deployed. I wonder if the economics 
of today make that much less of an issue. I think the answer would have to 
be that (UK) :-) English word "somewhat".*

Martin

Martin Packer
Performance Consultant
IBM United Kingdom Ltd
+44-20-8832-5167
+44-7802-245-584
[EMAIL PROTECTED]



* "Somewhat" is the younger sibling of "it depends" and the (less evil) 
twin of "quite". :-)





Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 
741598. 
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU






--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Question concerning performance, VIO and chargeback

2008-05-12 Thread Ed Finnell 
 
In a message dated 5/12/2008 12:17:10 P.M. Central Daylight Time,  
[EMAIL PROTECTED] writes:

What I used to call the "DIM Coffee Table Book" :-) showed VIO to  Expanded 
Storage burnt CPU compared to doing it to straight temp data sets  on disk. 
For MOST data points.


>>
There used to be some Candle reports(are they  still around?) regarding
VIO vs paging vs DASD. IIRC VIO was only  beneficial for a small set of
data with blksize less then 2K and maybe less  than 10cyls.







**Wondering what's for Dinner Tonight? Get new twists on family 
favorites at AOL Food.  
(http://food.aol.com/dinner-tonight?NCID=aolfod000301)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: ERBPPSRT Gone at z/OS 1.9

2008-05-12 Thread Steven Conway 
Yup, it was.  Definitely a local (my) error, not IBM's. 

My post was an observation that, while some migration actions may be 
ignored, this one can't. 

Skipping multiple releases, going thru those same multiple releases' 
migration and planning guides, almost a guarantee I'll miss something. Not 
to mention, going back to OS/390 2.10, the RMF User's Guide has pointed to 
the "new" exits.


Cheers,,,Steve

Steve Conway
Lead Systems Programmer
Information Systems & Services Division
Computer & Network Operations
Phone:   (703) 450-3156
Fax:(703) 450-3197



   "Staller, Allan" <[EMAIL PROTECTED]> 
   Sent by: IBM Mainframe Discussion List 
   05/12/2008 12:09 PM
   Please respond to
IBM Mainframe Discussion List 


To
IBM-MAIN@BAMA.UA.EDU
cc

Subject
Re: ERBPPSRT Gone at z/OS 1.9






This was documented on pp 236 of the migration guide 


  Went to z/OS 1.9 yesterday on our main DEV system, which also runs
some 
PROD batch.  One of our Capacity & Performance RMF processing jobs got
an 
S806 on module ERBPPSRT.  It was pointed out years ago (in this forum) 
that this sort exit in SYS1.SERBLINK had been replaced by ERBPPE15 and 
ERBPPE35, but the old ERBPPSRT was still being distributed.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Question concerning performance, VIO and chargeback

2008-05-12 Thread O'Brien, David W. (NIH/CIT) [C] 
Ed,
 
Customer feedback for elapsed time follows:
 
Actually the elapsed time was substantially shorter for the VIO tests:
- the VIO tests both executed in .02 min
- the physical IO tests executed in .05 and .07 min
 
Still I rather doubt that they will pay for the quicker turn around.



> Ed wrote: 

VIO is CKD DASD emulated by software.

Some processing that would normally be "offloaded" to the DASD
controller is now being done by software running on general CPs, the
storage occupied by the emulated file will need to be paged in/out, etc.

Do you get better elapsed times?



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Question concerning performance, VIO and chargeback

2008-05-12 Thread Martin Packer 
I expect it's because VIO requires cycles. Definitely true when simulating 
a device in memory. Quite possibly also true when doing VIO to page data 
sets on disk.

What I used to call the "DIM Coffee Table Book" :-) showed VIO to Expanded 
Storage burnt CPU compared to doing it to straight temp data sets on disk. 
For MOST data points.

Martin

Martin Packer
Performance Consultant
IBM United Kingdom Ltd
+44-20-8832-5167
+44-7802-245-584
[EMAIL PROTECTED]






From:
"O'Brien, David W. (NIH/CIT) [C]" <[EMAIL PROTECTED]>
To:
IBM-MAIN@BAMA.UA.EDU
Date:
12/05/2008 17:51
Subject:
Question concerning performance, VIO and chargeback



We are running Z/os 1.7. It recently came to my attention that VIO had 
been implemented in such a way that temp datasets no matter how small 
ALWAYS went to DASD. One of my predessesors used a storclas with 
Guaranteed Space. Anyway a user asked to be able to use VIO so I turned it 
on. Today he comes back with test results showing higher chargeback for 
CPU when using VIO. My question is - How is this possible?
 
We are processing the same numbers of records and eliminating some 
physical I/O and the CPU usage is higher.
The total CPU for the job doubled. I would have thought that eliminating 
some of the channel activity would have reduced CPU usage. Can someone 
explain this to me?
 
Regards,
Dave O'Brien

 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html









Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 
741598. 
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU






--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Question concerning performance, VIO and chargeback

2008-05-12 Thread O'Brien, David W. (NIH/CIT) [C] 
Ed,
 
Thank you for the response. 
 
I doubt paging would be an issue on this machine. 
The user did not report back on elapsed times. I suspect when he saw the 
charges for the job had doubled, elapsed time took secondary importance.



From: Edward Jaffe [mailto:[EMAIL PROTECTED]
Sent: Mon 5/12/2008 1:00 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Question concerning performance, VIO and chargeback



O'Brien, David W. (NIH/CIT) [C] wrote:
> We are running Z/os 1.7. It recently came to my attention that VIO had been 
> implemented in such a way that temp datasets no matter how small ALWAYS went 
> to DASD. One of my predessesors used a storclas with Guaranteed Space. Anyway 
> a user asked to be able to use VIO so I turned it on. Today he comes back 
> with test results showing higher chargeback for CPU when using VIO. My 
> question is - How is this possible?
> 
> We are processing the same numbers of records and eliminating some physical 
> I/O and the CPU usage is higher.
> The total CPU for the job doubled. I would have thought that eliminating some 
> of the channel activity would have reduced CPU usage. Can someone explain 
> this to me?
>  

VIO is CKD DASD emulated by software.

Some processing that would normally be "offloaded" to the DASD
controller is now being done by software running on general CPs, the
storage occupied by the emulated file will need to be paged in/out, etc.

Do you get better elapsed times?

--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Question concerning performance, VIO and chargeback

2008-05-12 Thread Edward Jaffe 

O'Brien, David W. (NIH/CIT) [C] wrote:

Ed,
 
Customer feedback for elapsed time follows:
 
Actually the elapsed time was substantially shorter for the VIO tests:

- the VIO tests both executed in .02 min
- the physical IO tests executed in .05 and .07 min
 
Still I rather doubt that they will pay for the quicker turn around.
  


That is -- and AFAIK has always been -- the VIO trade-off. CPU time for 
clock time.


--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

CA-ACF2 SAF HFS worded another way

2008-05-12 Thread John P Donnelly 
 

 

  _  

From: Carlson, Steven 
Sent: Monday, May 12, 2008 10:07 AM
To: Donnelly, John P
Subject: IBMMAIN Question

 

John:

 

  I found this question in IBMMAIN, and would like to send it again.

 

Has anyone implemented the CA-ACF2 SAF HFS security facility to 
replace Unix security in USS?  I would like to hear your experiences. 
We're early in the planning process and it would be helpful to hear 
from those brave souls who have gone before...  



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Question concerning performance, VIO and chargeback

2008-05-12 Thread Edward Jaffe 

O'Brien, David W. (NIH/CIT) [C] wrote:

We are running Z/os 1.7. It recently came to my attention that VIO had been 
implemented in such a way that temp datasets no matter how small ALWAYS went to 
DASD. One of my predessesors used a storclas with Guaranteed Space. Anyway a 
user asked to be able to use VIO so I turned it on. Today he comes back with 
test results showing higher chargeback for CPU when using VIO. My question is - 
How is this possible?
 
We are processing the same numbers of records and eliminating some physical I/O and the CPU usage is higher.

The total CPU for the job doubled. I would have thought that eliminating some 
of the channel activity would have reduced CPU usage. Can someone explain this 
to me?
  


VIO is CKD DASD emulated by software.

Some processing that would normally be "offloaded" to the DASD 
controller is now being done by software running on general CPs, the 
storage occupied by the emulated file will need to be paged in/out, etc.


Do you get better elapsed times?

--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Cleanup a unconnected Coupling Facility

2008-05-12 Thread Field, Alan C. 
We did this recently. Removed the old processor without moving the
structures before shutting down. 

We realized we'd seen this situation when going to DR so we ended up
deleting the CFRM datasets and reloading them with the new policy and
then ipling the sysplex. 

For us this was the cleanest and quickest solution.

Alan
-Original Message-
Subject: Cleanup a unconnected Coupling Facility

We migrated our 2094 to 2097 .
We prepared A new CFRM policy containing the new 2097 definition on the
two 
CF lpars, CF2 and CF3.
Now, after the migration we have CF3 defined on 2097 with active
structures, 
but CF2 has still definitions of the old structures and remained pending
with its 
2094 definition and with "NO SYSTEMS CONNECTED to this CF"

How can we CLEANUP the remaining Structures in CF2 so that the new 2097 
difinition will take place so that we will be able to use the CF ??

C. Jeret  Bank- Hapoalim T.A.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Question concerning performance, VIO and chargeback

2008-05-12 Thread O'Brien, David W. (NIH/CIT) [C] 
We are running Z/os 1.7. It recently came to my attention that VIO had been 
implemented in such a way that temp datasets no matter how small ALWAYS went to 
DASD. One of my predessesors used a storclas with Guaranteed Space. Anyway a 
user asked to be able to use VIO so I turned it on. Today he comes back with 
test results showing higher chargeback for CPU when using VIO. My question is - 
How is this possible?
 
We are processing the same numbers of records and eliminating some physical I/O 
and the CPU usage is higher.
The total CPU for the job doubled. I would have thought that eliminating some 
of the channel activity would have reduced CPU usage. Can someone explain this 
to me?
 
Regards,
Dave O'Brien

 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: CA ACF2 SAF HFS Security and COCSTS32

2008-05-12 Thread McKown, John 
> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of John P Donnelly
> Sent: Monday, May 12, 2008 11:06 AM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: CA ACF2 SAF HFS Security and COCSTS32
> 

[snip]

>  
> Has anyone implemented ACF2 CA SAF HFS Security and setup the resource
> rules for the HFS directories?
> Is there a better way to protect the HFS directories from the
> application programming staff?

I don't know ACF2 at all. But why can't you just use the "standard" UNIX
security on your UNIX files? I do and it works well. 

Standard UNIX security on directories / files have three "sets" of
possible matches: "owner", "group", and "other". Each match has 0 to 3
allowable accesses: "read", "execute", and "write". "execute" on a
directory really means "seach", that is the authority to search the
directory for file names. "write" on a directory really means "alter"
access to files in that directory (i.e. create or delete). The "chmod"
command sets the security bits.

Extended UNIX security can be set up via ACLs. They are basically the
same functionality, but are kept in other "meta" data and are maintained
with other commands: getfacl and setfacl.

However, as pointed out already, this assumes that you are assigning
unique UIDs for your programmers and that they have appropriate access
to GROUPS with the appropriate GID values. Not difficult, but different
from what z/OS security people are used to. 

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage
Administrative Services Group
Information Technology

The information contained in this e-mail message may be privileged
and/or confidential.  It is for intended addressee(s) only.  If you are
not the intended recipient, you are hereby notified that any disclosure,
reproduction, distribution or other use of this communication is
strictly prohibited and could, in certain circumstances, be a criminal
offense.  If you have received this e-mail in error, please notify the
sender by reply and delete this message without copying or disclosing
it.  

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Chase, John 
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Howard Brazee
> 
> [ snip ]
> 
> I did work for a company that had to clean up addresses - it 
> had a dirty word file that it used - but I've read of some 
> foreign "dirty
> words" that are valid places and names.  . . .

Ummm  A town in Austria comes immediately to mind.

-jc-

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Where do I find Instruction/Function Defs

2008-05-12 Thread Tom Marchant 
On Fri, 9 May 2008 15:49:02 -0700, Edward Jaffe wrote:

>Tom Marchant wrote:
>> Yuck!
>>
>> ITYM
>>  TMFLCEFACILITIESLISTBYTE2,FLCEEXTENDEDIMMEDIATE
>>
>
>Personally, I prefer to use the mixed case symbols from the PL/X expansions:
>
> TMFlceFacilitiesListByte2,FlceExtendedImmediate

Agreed.

-- 
Tom Marchant

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: CA ACF2 SAF HFS Security and COCSTS32

2008-05-12 Thread Mark Zelden 
On Mon, 12 May 2008 16:05:48 +, John P Donnelly
<[EMAIL PROTECTED]> wrote:


>Has anyone implemented ACF2 CA SAF HFS Security and setup the resource
>rules for the HFS directories?
>Is there a better way to protect the HFS directories from the
>application programming staff?
>

Better?  That is a matter of opinion and need.  Easier?  Yes, but it takes some
planning.  But it can simply be done with unix permissions and being in the
correct security group (GID) or not.   If you stick all users and tasks that
require z/OS unix in the same group, it certainly won't work.

Mark
--
Mark Zelden
Sr. Software and Systems Architect - z/OS Team Lead
Zurich North America / Farmers Insurance Group - ZFUS G-ITO
mailto:[EMAIL PROTECTED]
z/OS Systems Programming expert at http://expertanswercenter.techtarget.com/
Mark's MVS Utilities: http://home.flash.net/~mzelden/mvsutil.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Steve Comstock 

Rick Fochtman wrote:



I hope you're not suggesting javascript is evil and to be avoided at 
all costs. And I do hope you'll trust IBMLink in that regard.


Note: I haven't even bothered to Ctrl+U or Ctrl+Shift+I IBMLInk so 
I've no idea what it's using javascript for. Hopefully dojo.
 



 From what I understand about JAVA vs. JAVASCRIPT, which I freely admit 
may be a faulty understanding, there are important differences. And from 
what I've seen of javascript, it's enough to give a security chap a 
severe case of "The Willies". The capability of javascript to cause a 
serious problem, perhaps a true disaster, seems to be very real and ever 
present. I've got a serious problem with that; I wish I could 
selectively enable/disable javascript, based on the source site, and my 
corresponding level of trust. It would sure be nice if desktop systems 
had protection such that some functions couldn't be accessed by 
javascript, something like z/OS APF facilities.


Bottom line (for me): Java and JavaScript have their places; I'm just 
not sure exactly where.


It's a real dilema for webpage developers. I recently redesigned
our home page. My initial design was to be very minimalist, just
a few lines, but if you clicked a line it was expanded, using
javascript, to a series of bullets and links. It was pretty cool.
My alternate was just to have the bullets fixed in place.

Turns out my wife prefered the second. Based on this thread,
it's the better choice not to be dependent on users allowing
javascript to function.


Kind regards,

-Steve Comstock
The Trainer's Friend, Inc.

303-393-8716
http://www.trainersfriend.com

  z/OS Application development made easier
* Our classes include
   + How things work
   + Programming examples with realistic applications
   + Starter / skeleton code
   + Complete working programs
   + Useful utilities and subroutines
   + Tips and techniques

==> Check out the Trainer's Friend Store to purchase z/OS  <==
==> application developer toolkits. Sample code in four<==
==> programming languages, JCL to Assemble or compile, <==
==> bind and test. <==
==>   http://www.trainersfriend.com/TTFStore/index.html<==



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: ERBPPSRT Gone at z/OS 1.9

2008-05-12 Thread Staller, Allan 
This was documented on pp 236 of the migration guide 


  Went to z/OS 1.9 yesterday on our main DEV system, which also runs
some 
PROD batch.  One of our Capacity & Performance RMF processing jobs got
an 
S806 on module ERBPPSRT.  It was pointed out years ago (in this forum) 
that this sort exit in SYS1.SERBLINK had been replaced by ERBPPE15 and 
ERBPPE35, but the old ERBPPSRT was still being distributed.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread CICS Guy 
John,
 
For multiple states beginning with the same letter, keep pressing the first 
letter Four or five times for Arizonagrin
 
Bill
 
-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of 
Chase, John
Sent: Monday, May 12, 2008 7:55 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Mainframe programming vs the Web
 
snip
 
I find it much easier to simply type IL than to move a hand from the keyboard 
to the mouse, find the drop-down "hotspot" and scroll around trying to 
accurately hit "IL" or "Illinois"; yet invariably if I type IL I find that I've 
"selected" whatever state is first in the segment that starts witl "L".
 
 
_
Windows Live SkyDrive lets you share files with faraway friends.
http://www.windowslive.com/skydrive/overview.html?ocid=TXT_TAGLM_WL_Refresh_skydrive_052008
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

CA ACF2 SAF HFS Security and COCSTS32

2008-05-12 Thread John P Donnelly 
We are currently converting from CICS TS1.3 to CICS TS3.2, and we want
to implement ACF2 CA SAF HFS Security.
There is an ACF2 Tool ACFHFSRP which generates resource rules for all
HFS directories. This tool does not create the
NEXTKEY entries for CICSTS32 XML directories which is over 4000 lines. 
 
You can build a maximum chain of 25 NEXTKEYs. When you specify more than
25, eTrust CA-ACF2 denies access 
and writes an SMF logging record of the event. The ACFRPTRV report
displays the error condition and the $KEYs of all
the rules that eTrust CA-ACF2 checked.
 
Has anyone implemented ACF2 CA SAF HFS Security and setup the resource
rules for the HFS directories?
Is there a better way to protect the HFS directories from the
application programming staff?




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Howard Brazee 
On 12 May 2008 08:21:52 -0700, [EMAIL PROTECTED] (Steve
Comstock) wrote:

>I once met an instructor in San Francisco whose name was
>something_or_other III. He decided the III was the only
>part that gave him uniqueness. He had his name legally
>changed to '3'. Failed a lot of validation tests on many
>computer systems (drivers license, tax forms, credit
>cards, and on and on); fought many, won some. I've lost
>touch with him over the years, but I'll never forget his
>story (he was an excellent instructor, too).

Around 1968 I read a book where this guy had a long hyphenated name
which the computers kept having troubles with.   He invented a
bacterium that ate computer tapes for revenge - which made him an
ecological hero though.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Howard Brazee 
On 12 May 2008 08:20:36 -0700, [EMAIL PROTECTED] (Chase, John) wrote:

>Don't forget the "multi-word" surnames, like Van de Graaf, de la Hoya,
>etc.  I'm sure those folks tire from receiving form-letter
>acknowledgements that start with "Dear Mr. Van:" or "Dear Mr. de:".

I'm doing case conversions of upper case names that weren't entered in
a standard way.

MACNAIR, JOHN JACOB JINGLE IV

I can't assume the IV is a suffix with absolute certainty. And I can't
assume a space in the MACNAIR name.

And Mr. de la Hoya may have an "y Smith" as part of his surname.

If it was entered:

DELAHOYA, I can't assume it isn't like Delany.

I did work for a company that had to clean up addresses - it had a
dirty word file that it used - but I've read of some foreign "dirty
words" that are valid places and names.   We did have to keep up with
world wide postal code changes.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread McKown, John 
> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of Rick Fochtman
> Sent: Monday, May 12, 2008 10:27 AM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: Mainframe programming vs the Web

[snip]

> present. I've got a serious problem with that; I wish I could 
> selectively enable/disable javascript, based on the source 
> site, and my 
> corresponding level of trust. It would sure be nice if 
> desktop systems 
> had protection such that some functions couldn't be accessed by 
> javascript, something like z/OS APF facilities.

Get Firefox and you're golden with the NoScript add-on. It defaults to
"no javascript" and if you need it, then you can allow it either
temporarily (this browser instance only) or permanently for this
particular site.

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage
Administrative Services Group
Information Technology

The information contained in this e-mail message may be privileged
and/or confidential.  It is for intended addressee(s) only.  If you are
not the intended recipient, you are hereby notified that any disclosure,
reproduction, distribution or other use of this communication is
strictly prohibited and could, in certain circumstances, be a criminal
offense.  If you have received this e-mail in error, please notify the
sender by reply and delete this message without copying or disclosing
it.  

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Martin Packer 
Only in chrome. I.e. in a Firefox extension. The capabilities of other 
javascript environments are very much restricted.

Martin Packer
Performance Consultant
IBM United Kingdom Ltd
+44-20-8832-5167
+44-7802-245-584
[EMAIL PROTECTED]






From:
"Arthur T." <[EMAIL PROTECTED]>
To:
IBM-MAIN@BAMA.UA.EDU
Date:
12/05/2008 16:02
Subject:
Re: Mainframe programming vs the Web



On 12 May 2008 01:55:00 -0700, in bit.listserv.ibm-main 
(Message-ID:<[EMAIL PROTECTED]>) 

[EMAIL PROTECTED] (Martin Packer) wrote:

>I hope you're not suggesting javascript is evil and to be 
>avoided at all costs. And I do hope you'll trust IBMLink 
>in that regard.

  Remember, you're not just trusting that IBM doesn't 
want to do something malicious.  You're also trusting that 
they haven't made a mistake in their code that does 
something accidentally nasty.

  More importantly, you're also trusting that their 
site hasn't been hacked.  Since even the sites of security 
gurus have been hacked, that's an awful lot of trust.

  Java is safe, at least theoretically, because it runs 
in its own virtual machine.  Javascript, by design, can do 
damn near anything to your machine.

  What part of "letting a site have nearly full control 
of your own machine" do you think is not evil?


-- 
I cannot receive mail at the address this was sent from.
To reply directly, send to ar23hur "at" intergate "dot" com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html









Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 
741598. 
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU






--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Rick Fochtman 



I hope you're not suggesting javascript is evil and to be avoided at all 
costs. And I do hope you'll trust IBMLink in that regard.


Note: I haven't even bothered to Ctrl+U or Ctrl+Shift+I IBMLInk so I've no 
idea what it's using javascript for. Hopefully dojo.
 



From what I understand about JAVA vs. JAVASCRIPT, which I freely admit 
may be a faulty understanding, there are important differences. And from 
what I've seen of javascript, it's enough to give a security chap a 
severe case of "The Willies". The capability of javascript to cause a 
serious problem, perhaps a true disaster, seems to be very real and ever 
present. I've got a serious problem with that; I wish I could 
selectively enable/disable javascript, based on the source site, and my 
corresponding level of trust. It would sure be nice if desktop systems 
had protection such that some functions couldn't be accessed by 
javascript, something like z/OS APF facilities.


Bottom line (for me): Java and JavaScript have their places; I'm just 
not sure exactly where.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Cleanup a unconnected Coupling Facility

2008-05-12 Thread Ed Finnell 
 
In a message dated 5/12/2008 9:31:02 A.M. Central Daylight Time,  
[EMAIL PROTECTED] writes:

circumvent this rocky road when we come back up with everything else  intact
but for the CFs. OP's experience suggests otherwise. I now have to  rethink
the whole process.


>>
Almost like we need a 'cold start' parameter  for Logger, but you'd loose 
everything. Maybe a 'hop,SKIP, and jump' parm  would be more palatable... 








**Wondering what's for Dinner Tonight? Get new twists on family 
favorites at AOL Food.  
(http://food.aol.com/dinner-tonight?NCID=aolfod000301)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Chase, John 
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Wayne Driscoll
> 
> [ snip ]  Also, it annoys me that (I have done this on occasion) 
> the sites don't validate the combination of state and zip 
> code.  Especially since the drop-downs aren't always in the 
> same order, depending if is built with the state postal 
> abbreviation, or with the state name.

I find it much easier to simply type IL than to move a hand from the
keyboard to the mouse, find the drop-down "hotspot" and scroll around
trying to accurately hit "IL" or "Illinois"; yet invariably if I type IL
I find that I've "selected" whatever state is first in the segment that
starts witl "L".

-jc-

> 
> Wayne Driscoll
> Product Developer
> NOTE:  All opinions are strictly my own.
> 
> 
> 
> 
> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of Paul Gilmartin
> Sent: Sunday, May 11, 2008 10:18 PM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: Mainframe programming vs the Web
> 
> On Sun, 11 May 2008 20:52:44 -0600, Steve Comstock wrote:
> 
> >John McKown wrote:
> >>
> >> (1) for learning and (2) to prove it could be done with 
> z/OS. So many 
> >> PC Weenies preen with pride thinking that z/OS cannot do anything 
> >> "new and nifty". Wrong.
> >
> >Wrong indeed. Good on you.
> >
> But note how many dinos preen with pride their overt contempt 
> of the "new and nifty" for hardly better reason than their 
> (mis-)perception that it bears the indelible taint of the "PC 
> Weenies".  Bad on them.
> 
> -- gil
> 
> --
> For IBM-MAIN subscribe / signoff / archive access 
> instructions, send email to [EMAIL PROTECTED] with the 
> message: GET IBM-MAIN INFO Search the archives at 
> http://bama.ua.edu/archives/ibm-main.html
> 
> --
> For IBM-MAIN subscribe / signoff / archive access 
> instructions, send email to [EMAIL PROTECTED] with the 
> message: GET IBM-MAIN INFO Search the archives at 
> http://bama.ua.edu/archives/ibm-main.html
> 
> 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Red Alert: OA24741 Sysplex-wide impact due to loop in GRS on z/OS 1.9 and higher

2008-05-12 Thread Edward Jaffe 

Mariuca Iftime wrote:

It is no PTF available for ZOS 1.9, only ZOS 1.4
  


z/OS 1.4 is no longer in service. The oldest supported release is z/OS 
1.7; end of service for that release is scheduled for this September.


--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

(OT) java vs javascript (was : Mainframe programming vs the Web)

2008-05-12 Thread Ivan Warren 

Arthur T. wrote:


 Java is safe, at least theoretically, because it runs in its own 
virtual machine.  Javascript, by design, can do damn near anything to 
your machine.



I'm not sure I agree here.

Java is safe only to the point where
- core classes are properly implemented to prevent unauthorized access 
to native classes
- The Bytecode interpreter (JVM) is properly implemented (not allowing 
bytecode it access stuff outside the sandbox - except for properly 
authorized interaction with native classes)
- For example, from within an Applet in a Web Browser container, 
instantiating File I/O class objects that would read/write to the 
filesystem is prohibited unless the Applet containment file is signed
- A Java application instantiated by other JVM containers (for example 
via 'java' or 'javaw') will usually not have those restrictions
- Security bugs happen when a core class doesn't invoke the proper 
security manager - or when there is a problem with the security manager 
- or when the native classes aren't properly defined.


Javascript is safe to the point where
- Interpreted code is not allowed to step out of the interpreter
- The hosting environment only allows access to protected classes and 
methods by authorized code
- For example, javascript code invoked from with an HTML page in a web 
browser won't be allowed to invoke most methods of the 'filesystem' class.
- A Javascript application instantiated from within other script hosts 
may not have that restriction.
- Security bugs happen when an interface doesn't properly verify that 
the invoker of a method is authorized to do so.


Restrictions for unauthorized code (in both cases) usually entail :
- No access to the machine local resources except for the windowing 
system and stdin/stdout.
- No access to network resources other than the host from which the 
application originated.


So basically, the 2 have the same issues : Making sure any interaction 
with the machine is authorized. It's not a design flaw - it's dependent 
on proper interpreter & interface implementations.


I don't see how javascript is less (or more) safe than java (aside from 
bugs)..


but I could be wrong !

--Ivan

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

ERBPPSRT Gone at z/OS 1.9

2008-05-12 Thread Steven Conway 
Morning, All.
  Went to z/OS 1.9 yesterday on our main DEV system, which also runs some 
PROD batch.  One of our Capacity & Performance RMF processing jobs got an 
S806 on module ERBPPSRT.  It was pointed out years ago (in this forum) 
that this sort exit in SYS1.SERBLINK had been replaced by ERBPPE15 and 
ERBPPE35, but the old ERBPPSRT was still being distributed.
  Not any more, it isn't.  Easy fix, but not something we ran into in our 
testing.

  Hope this helps someone else avoid a phone call.


Cheers,,,Steve

Steve Conway
Lead Systems Programmer
Information Systems & Services Division
Computer & Network Operations
Phone:   (703) 450-3156
Fax:(703) 450-3197

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Steve Comstock 

McKown, John wrote:

-Original Message-
From: IBM Mainframe Discussion List 
[mailto:[EMAIL PROTECTED] On Behalf Of Howard Brazee

Sent: Monday, May 12, 2008 9:03 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Mainframe programming vs the Web

On 11 May 2008 14:26:06 -0700, [EMAIL PROTECTED] (David
Alcock) wrote:


Ever since the Web came along I've been annoyed by those web
sites that won't accept spaces or dashes like for credit cards
and phone numbers.  I know that even ancient mainframe COBOL has
support for removing them with one command.   I see that it's
just pure laziness as I suspected all along: 


  http://www.unixwiz.net/ndos-shame.html

I've seen "too much editing" being done in CoBOL as well.   Editing
for stuff that doesn't matter - and which needs to be changed when
conditions change.

I hate the programming to make it hard to enter your credit cards, but
I also dislike it when they don't let me put in a 80301-2472 zip code.
There are foreign postal codes that *require* longer fields.  And the
U.S. postal service wants these as well.

And let me type in phone numbers with dashes and parenthesis if I
want.


True! Validation of "postal codes" is a nightmare. Unlike credit card
numbers and telephone numbers, each individual government makes up its
own rules. The only way to validate is to first get the ISO
(international) country code, then possibly have a validation for each
country.

The other thing that irritates many is the US (and English?) centric
"First Name", "Middle Name (or initial)", "Last Name". I know that
Hispanics often have a LOT of "middle" names, and they are important to
them. But how to allow that is a difficulty that I would prefer to
avoid. Along with the usual "How many characters should I allow for a
name?".


There's lots of international / intercultural habits we in
the West are oblivious to, or choose to ignore. I like the
one where Ethiopians often have the father's first name
become the son's last name! Many Asian countries give
family name first. In some Asian and Middle Eastern cultures
a person may have more than one name, and which name he or
she tells you to use depends on how much they trust you.

I once met an instructor in San Francisco whose name was
something_or_other III. He decided the III was the only
part that gave him uniqueness. He had his name legally
changed to '3'. Failed a lot of validation tests on many
computer systems (drivers license, tax forms, credit
cards, and on and on); fought many, won some. I've lost
touch with him over the years, but I'll never forget his
story (he was an excellent instructor, too).


Kind regards,

-Steve Comstock
The Trainer's Friend, Inc.

303-393-8716
http://www.trainersfriend.com

  z/OS Application development made easier
* Our classes include
   + How things work
   + Programming examples with realistic applications
   + Starter / skeleton code
   + Complete working programs
   + Useful utilities and subroutines
   + Tips and techniques

==> Check out the Trainer's Friend Store to purchase z/OS  <==
==> application developer toolkits. Sample code in four<==
==> programming languages, JCL to Assemble or compile, <==
==> bind and test. <==
==>   http://www.trainersfriend.com/TTFStore/index.html<==



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Ed Finnell 
 
In a message dated 5/11/2008 5:39:18 P.M. Central Daylight Time,  
[EMAIL PROTECTED] writes:

cursor would be in the first field the user needed to fix.  I hate  web 
pages that say "Correct errors in red"  If the error is a blank,  you 
can't find it.  With our technique, you knew which fields were  invalid 
because those are the only ones tab would find.


>>
Dern...guess field editing was invented with  SNA? Seems like we used to have 
goobers running around with 029 drums and the  CE with the 'card punch 
hammer'? Oh well, makes mine head  hurt







**Wondering what's for Dinner Tonight? Get new twists on family 
favorites at AOL Food.  
(http://food.aol.com/dinner-tonight?NCID=aolfod000301)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Chase, John 
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of McKown, John
> 
> > -Original Message-
> > From: IBM Mainframe Discussion List On Behalf Of Howard Brazee
> > 
> > On 11 May 2008 14:26:06 -0700, David Alcock wrote:
> > 
> > >Ever since the Web came along I've been annoyed by those web sites 
> > >that won't accept spaces or dashes like for credit cards and phone 
> > >numbers.  I know that even ancient mainframe COBOL has
> > >support for removing them with one command.   I see that it's
> > >just pure laziness as I suspected all along: 
> > >
> > >   http://www.unixwiz.net/ndos-shame.html
> > 
> > I've seen "too much editing" being done in CoBOL as well.   Editing
> > for stuff that doesn't matter - and which needs to be changed when 
> > conditions change.
> > 
> > I hate the programming to make it hard to enter your credit cards,
but 
> > I also dislike it when they don't let me put in a 80301-2472 zip
code.
> > There are foreign postal codes that *require* longer fields.  And
the 
> > U.S. postal service wants these as well.
> > 
> > And let me type in phone numbers with dashes and parenthesis if I 
> > want.
> 
> True! Validation of "postal codes" is a nightmare. Unlike 
> credit card numbers and telephone numbers, each individual 
> government makes up its own rules. The only way to validate 
> is to first get the ISO
> (international) country code, then possibly have a validation 
> for each country.
> 
> The other thing that irritates many is the US (and English?) 
> centric "First Name", "Middle Name (or initial)", "Last 
> Name". I know that Hispanics often have a LOT of "middle" 
> names, and they are important to them. But how to allow that 
> is a difficulty that I would prefer to avoid. Along with the 
> usual "How many characters should I allow for a name?".

Don't forget the "multi-word" surnames, like Van de Graaf, de la Hoya,
etc.  I'm sure those folks tire from receiving form-letter
acknowledgements that start with "Dear Mr. Van:" or "Dear Mr. de:".

-jc-

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Cleanup a unconnected Coupling Facility

2008-05-12 Thread Skip Robinson 
This thread comes at a pivotal point for us because we're looking at the
same sort of CEC swap-out in the near future. When we conducted our first
DR test 10 years ago, we experienced very much the same problem: fully
mirrored couple data sets were convinced that we had somehow left the old
CFs offline despite having new CFs connected, fully functional, and happily
populated with all requisite structures. While it's true that we muddled
through the test with chronic XCF complaints that did not seem to affect
system operation, it looked ugly and would be hard to explain in a *real*
DR having to live forever with all that whining and moaning, however
non-life-threatening.

Our solution for DR was this set of Draconian measures:

1. Don't bother retaining the production CFRM couple data set at all. We
don't even mirror it now.
2. In preparing the DR environment from the 'driving' system, create a
fresh CFRM couple data set and prime with it a 'default' policy named in
COUPLExx.
3. IPL the first sysplex member pointing to the new CFRM couple data set
while using mirrored copies of the others.
4. Reply 'yeah, OK' to several (but not a lot of) WTORs demanding to know
if we have any idea what we're doing.
5. IPL the other sysplex members normally. No complaints or rude questions
from them.

I had thought that shutting systems down normally and cleanly would
circumvent this rocky road when we come back up with everything else intact
but for the CFs. OP's experience suggests otherwise. I now have to rethink
the whole process.

.
.
JO.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
626-302-7535 Office
323-715-0595 Mobile
[EMAIL PROTECTED]


   
 Cwi Jeret 
 <[EMAIL PROTECTED] 
 COM>   To 
 Sent by: IBM  IBM-MAIN@BAMA.UA.EDU
 Mainframe  cc 
 Discussion List   
 <[EMAIL PROTECTED] Subject 
 .EDU> Re: Cleanup a unconnected Coupling  
   Facility
   
 05/11/2008 09:34  
 PM
   
   
 Please respond to 
   IBM Mainframe   
  Discussion List  
 <[EMAIL PROTECTED] 
   .EDU>   
   
   




In our case, of course the CF phisically does NOT exist because the Machine

Type has changed.

On the other hand I don't want to SETXCF FORCE,STR,STRNAME=xxx
because the Structures are active in production and are located on the
alternative CF's ...

Cwi Jeret .



-


On Sun, 11 May 2008 08:26:51 -0400, Knutson, Sam <[EMAIL PROTECTED]>
wrote:

>Contact IBM support.
>
>OK if you have to proceed without direct advice from IBM an excellent
>session given at SHARE in Orlando might help
>
>2876 - Successful Installation or Upgrade of a Coupling Facility (CF)
>Speakers: Mark Brooks (IBM Corporation)
>
>In this session, the speaker will describe the proper sequence of events
>when installing, removing, or replacing a Coupling Facility (CF) in your
>Sysplex. He will explain how z/OS uses the Coupling Facility Resource
>Manager (CFRM) policy to manage the coupling facilities, structures, and
>structure connectors in a Sysplex. When you perform the necessary
>fundamental operational procedures and configuration changes in the
>proper sequence, you will have success. Failure to perform this work in
>the correct order, at the right time can cause confusion, and in the
>worst case, outages for one, some, or all systems in a Sysplex. The
>speaker will describe the behavior of z/OS when a CF is not installed
>properly, and provide some techniques for resolving the various problems
>that then arise. This is a new session for Orlando.
>
>
>http://shareew.prod.web.sba.com/proceedingmod/abstract.cfm?abstract_id=1
>731

Re: Mainframe programming vs the Web

2008-05-12 Thread Arthur T. 
On 12 May 2008 01:55:00 -0700, in bit.listserv.ibm-main 
(Message-ID:<[EMAIL PROTECTED]>) 
[EMAIL PROTECTED] (Martin Packer) wrote:


I hope you're not suggesting javascript is evil and to be 
avoided at all costs. And I do hope you'll trust IBMLink 
in that regard.


 Remember, you're not just trusting that IBM doesn't 
want to do something malicious.  You're also trusting that 
they haven't made a mistake in their code that does 
something accidentally nasty.


 More importantly, you're also trusting that their 
site hasn't been hacked.  Since even the sites of security 
gurus have been hacked, that's an awful lot of trust.


 Java is safe, at least theoretically, because it runs 
in its own virtual machine.  Javascript, by design, can do 
damn near anything to your machine.


 What part of "letting a site have nearly full control 
of your own machine" do you think is not evil?



--
I cannot receive mail at the address this was sent from.
To reply directly, send to ar23hur "at" intergate "dot" com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Wayne Driscoll 
Gil,
I think in this context, the "new and nifty" and "PC-weenie" comments were
based on the fact that in the eyes of most non-mainframers, these things are
"new and nifty" despite the fact that they have been common-place in CICS
and IMS applications for almost 40 years.  Similar to the contempt many
mainframers feel when listening to VMWare talk about virtualization like it
is a new concept that they invented, despite the fact that it has been
around since the mid 60's.  
On the subject of web data entry, the one that always gets me is the fact
that both the STATE and the ZIPCODE are required.  How hard would it be to
look up the state based on the zip code?  Also, it annoys me that (I have
done this on occasion) the sites don't validate the combination of state and
zip code.  Especially since the drop-downs aren't always in the same order,
depending if is built with the state postal abbreviation, or with the state
name.

Wayne Driscoll
Product Developer
NOTE:  All opinions are strictly my own.




-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf
Of Paul Gilmartin
Sent: Sunday, May 11, 2008 10:18 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Mainframe programming vs the Web

On Sun, 11 May 2008 20:52:44 -0600, Steve Comstock wrote:

>John McKown wrote:
>>
>> (1) for learning and (2) to prove it could be done with z/OS. So many PC
>> Weenies preen with pride thinking that z/OS cannot do anything "new and
>> nifty". Wrong.
>
>Wrong indeed. Good on you.
>
But note how many dinos preen with pride their overt contempt of the
"new and nifty" for hardly better reason than their (mis-)perception
that it bears the indelible taint of the "PC Weenies".  Bad on them.

-- gil

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread McKown, John 
> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of Howard Brazee
> Sent: Monday, May 12, 2008 9:03 AM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: Mainframe programming vs the Web
> 
> On 11 May 2008 14:26:06 -0700, [EMAIL PROTECTED] (David
> Alcock) wrote:
> 
> >Ever since the Web came along I've been annoyed by those web
> >sites that won't accept spaces or dashes like for credit cards
> >and phone numbers.  I know that even ancient mainframe COBOL has
> >support for removing them with one command.   I see that it's
> >just pure laziness as I suspected all along: 
> >
> >   http://www.unixwiz.net/ndos-shame.html
> 
> I've seen "too much editing" being done in CoBOL as well.   Editing
> for stuff that doesn't matter - and which needs to be changed when
> conditions change.
> 
> I hate the programming to make it hard to enter your credit cards, but
> I also dislike it when they don't let me put in a 80301-2472 zip code.
> There are foreign postal codes that *require* longer fields.  And the
> U.S. postal service wants these as well.
> 
> And let me type in phone numbers with dashes and parenthesis if I
> want.

True! Validation of "postal codes" is a nightmare. Unlike credit card
numbers and telephone numbers, each individual government makes up its
own rules. The only way to validate is to first get the ISO
(international) country code, then possibly have a validation for each
country.

The other thing that irritates many is the US (and English?) centric
"First Name", "Middle Name (or initial)", "Last Name". I know that
Hispanics often have a LOT of "middle" names, and they are important to
them. But how to allow that is a difficulty that I would prefer to
avoid. Along with the usual "How many characters should I allow for a
name?".

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage
Administrative Services Group
Information Technology

The information contained in this e-mail message may be privileged
and/or confidential.  It is for intended addressee(s) only.  If you are
not the intended recipient, you are hereby notified that any disclosure,
reproduction, distribution or other use of this communication is
strictly prohibited and could, in certain circumstances, be a criminal
offense.  If you have received this e-mail in error, please notify the
sender by reply and delete this message without copying or disclosing
it.  

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Howard Brazee 
On 11 May 2008 14:26:06 -0700, [EMAIL PROTECTED] (David
Alcock) wrote:

>Ever since the Web came along I've been annoyed by those web
>sites that won't accept spaces or dashes like for credit cards
>and phone numbers.  I know that even ancient mainframe COBOL has
>support for removing them with one command.   I see that it's
>just pure laziness as I suspected all along: 
>
>   http://www.unixwiz.net/ndos-shame.html

I've seen "too much editing" being done in CoBOL as well.   Editing
for stuff that doesn't matter - and which needs to be changed when
conditions change.

I hate the programming to make it hard to enter your credit cards, but
I also dislike it when they don't let me put in a 80301-2472 zip code.
There are foreign postal codes that *require* longer fields.  And the
U.S. postal service wants these as well.

And let me type in phone numbers with dashes and parenthesis if I
want.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: absurd programs that used to be everywhere ...

2008-05-12 Thread David Andrews 
On Fri, 2008-05-09 at 12:59 -0400, Arthur T. wrote:
> On 9 May 2008 06:21:05 -0700, in bit.listserv.ibm-main 
> (Message-ID:<[EMAIL PROTECTED]>) 
> [EMAIL PROTECTED] (F. J. Kelley) wrote:
> 
> >Anyway, I've been asked if I can provide banners ... 
> >sheesh ...
> >The kind printed on fanfold (ie greenbar) paper.
> 
>   Have you considered the CBT tape?  File 88 contains 
> program "poster".

File #163 contains some *really old* stuff that mostly applies to
MVS-370 systems.  CHARGEN is in there, and it does banners.  Maybe it'll
still assemble!

(Props to Jay Ullius, wherever he is.)

-- 
David Andrews
A. Duda and Sons, Inc.
[EMAIL PROTECTED]

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Red Alert: OA24741 Sysplex-wide impact due to loop in GRS on z/OS 1.9 and higher

2008-05-12 Thread Chase, John 
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Mariuca Iftime
> 
> It is no PTF available for ZOS 1.9, only ZOS 1.4

  PTF List:
  Release 740   : UA40682 available 08/05/07 (1000 )  <== 1.9
  Release 750   : PTF not available yet   <== 1.10
  Release 750   : Relief is available in the form of: PTF

-jc-

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: ServerPac and zFS

2008-05-12 Thread Jim Holloway 
>From:John Mattson <[EMAIL PROTECTED]>
>Subject: Re: ServerPac and zFS

>EZZ4203I Z/OS UNIX - TCP/IP CONNECTION ERROR FOR 
>TCPIP-BPX1PCT,800D,,0079,11B3005A
>EZZ4203I Z/OS UNIX - TCP/IP CONNECTION ERROR FOR 
>TCPIP-BPX1PCT,C005,,0079,11B3005A
>EZZ9315E TCP/IP WAITING FOR RESOLVER TO INITIALIZE

IBM added the RESOLVER task in as a requirement round about z/OS 1.4 if 
memory serves.  We added the parm
RESOLVER_PROC(RESOLVER) to BPXPRMxx and added the RESOLVER proc to 
SYS1.PROCLIB, then
added resolv.conf to the /etc directory which contains various TCPIP 
related parms. 
Here's ours:
TCPIPjobname TCPIP 
DATASETPREFIX SYSP.TCPIP 
MESSAGECASE MIXED 
HOSTNAME x 
DOMAIN x.COM 
NAMESERVER 10.9.167.76 
NAMESERVER 10.10.61.91 
NAMESERVER 10.5.20.166 
NAMESERVER 10.1.56.63 
NAMESERVER 10.10.36.66 



Jim Holloway - MetLife
The information contained in this message may be CONFIDENTIAL and is for the 
intended addressee only.  Any unauthorized use, dissemination of the 
information, or copying of this message is prohibited.  If you are not the 
intended addressee, please notify the sender immediately and delete this 
message.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: FTP VB dataset

2008-05-12 Thread Elardus Engelbrecht 
Mullen, Patrick wrote:

>I thought this would be straight forward, but I can't get it to work 
>correctly. 
Trying to FTP a DSORG=VB dataset from one z/OS 1.7 system to another z/OS 
1.7 system. The dataset contains alphabetic and packed decimal data.

>With no special commands, some of the packed data comes out translated 
into different hex values. Adding a 'bin' command resolves the translation, but 
now record structure is lost. Adding a 'quote site rdw' doesn't make any 
difference, but maybe that syntax is incorrect.

>Any ideas?


Try this:

 
LOCSITE RDW
SITERDW
LOCSITE RECFM=VB
SITERECFM=VB  
LOCSITE LRECL=?
SITELRECL=? 
MODE B 
EBCDIC 

Then do either GET or PUT.

Then it is guaranteed both sides know what to expect.

HTH!

Groete / Greetings
Elardus Engelbrecht

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Z10 and ICSF

2008-05-12 Thread Jousma, David 
I have to ask, did you run the PSP bucket for z10?  We just went through
this upgrade, and the list was pretty long, and included ICSF
maintenance. 


___

Dave Jousma
Assistant Vice President
Mainframe Services
[EMAIL PROTECTED]
616.653.8429



This e-mail transmission contains information that is confidential and may be 
privileged.   It is intended only for the addressee(s) named above. If you 
receive this e-mail in error, please do not read, copy or disseminate it in any 
manner. If you are not the intended recipient, any disclosure, copying, 
distribution or use of the contents of this information is prohibited. Please 
reply to the message immediately by informing the sender that the message was 
misdirected. After replying, please erase it from your computer system. Your 
assistance in correcting this error is appreciated.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Anne & Lynn Wheeler 
The following message is a courtesy copy of an article
that has been posted to bit.listserv.ibm-main,alt.folklore.computers as well.


[EMAIL PROTECTED] (Martin Packer) writes:
> As a big Firefox fan (writing extensions and living on the BLEEDING edge 
> by running Nightlies) I wonder if IE even HAS a way to be selective about 
> it. Someone who's an IE fan can perhaps enlighten us.

one of the things i've done is using wget to fetch a list of (news,
article oriented) websites, figure out the difference (since last seen)
... select the individual article URLs that are new/different ... then
check the firefox sqlite history repository ... and get firefox to fetch
the new/unseen URls in different tabs.  A days worth might be 300-600
tabs. the objective is that it eliminates the latency associated with
the traditional point&click on the web. once the URls are fetched ... it
is purely local response ... and in the past year or so, firefox
overhead has gotten significantly better handling hundreds of open tabs.

recent posts mentioning some of the glue for doing this
http://www.garlic.com/~lynn/2008b.html#32 Tap and faucet and spellcheckers
http://www.garlic.com/~lynn/2008b.html#35 Tap and faucet and spellcheckers

there is a little heuristic ... some news/article oriented sites have
countermeasures for multiple hits from the same client address in short
period of time ... i.e. the tab fetches have to be spaced out over time.

once the fetches start ... it is possible to be reading the tabs that
are already local ... while remaining tabs are being fetched in the
background.

for some mainframe related ... old post discussing application
programming of emulated 3270 interface
http://www.garlic.com/~lynn/2001k.html#35 Newbie TOPS-10 7.03 question

on the internal network
http://www.garlic.com/~lynn/subnetwork.html#internalnet

circa 1981 (pre-PC, pre pc3270 terminal emulation, pre hllapi, etc).

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Martin Packer 
I hope you're not suggesting javascript is evil and to be avoided at all 
costs. And I do hope you'll trust IBMLink in that regard.

Note: I haven't even bothered to Ctrl+U or Ctrl+Shift+I IBMLInk so I've no 
idea what it's using javascript for. Hopefully dojo.

Martin

Martin Packer
Performance Consultant
IBM United Kingdom Ltd
+44-20-8832-5167
+44-7802-245-584
[EMAIL PROTECTED]








Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 
741598. 
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU






--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe programming vs the Web

2008-05-12 Thread Martin Packer 
Disabling javascript will leave you disenfranchised from an increasingly 
large number of (increasingly important) websites. But at least you have 
an extension to make this SELECTIVE.

As a big Firefox fan (writing extensions and living on the BLEEDING edge 
by running Nightlies) I wonder if IE even HAS a way to be selective about 
it. Someone who's an IE fan can perhaps enlighten us.

But, back to the original topic... There just doesn't seem to be the 
rigour, does there? But I guess now ANYONE can make a very PUBLIC nuisance 
of themselves by publishing a website "with malice aforethought". :-)

Martin

Martin Packer
Performance Consultant
IBM United Kingdom Ltd
+44-20-8832-5167
+44-7802-245-584
[EMAIL PROTECTED]








Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 
741598. 
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU






--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html