AUTO: Frank Krueger is in vacation. (returning 06/11/2012)

2012-05-28 Thread Frank Krueger 
I am out of the office until 06/11/2012.

Vacation - travelling somewhere in Europe.
No mail access.
In urgent cases try Mobile Phone or contact Peter Kimmel.


Note: This is an automated response to your message  IBM-MAIN Digest - 26
May 2012 to 27 May 2012 (#2012-148) sent on 28/5/2012 6:00:01.

This is the only notification you will receive while this person is away.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Masking Numeric Keys

2012-05-28 Thread Binyamin Dissen 
On Fri, 25 May 2012 11:00:14 -0500 Roberts, John J
jrobe...@dhs.state.ia.us wrote:

:If you have ICSF configured you might be able to use one of the One-Way 
:Hash Generate Callable Services (CSNBOWH or CSNBOWH1 and CSNEOWH or 
:CSNEOWH1)

:I don't know if we have ICSF installed.  But even if we did, I would doubt if 
any hash function could meet my requirement #2 (uniqueness) and may even have 
trouble with #3 (PIC 9(9) result).  And of course if truncation is needed to 
meet requirement #3, this itself would probably defeat #2.

:But I thank you for the suggestion.  If I strike out otherwise, I will ask 
the SYSPROGs about ICSF.

Depending on how many of the numbers may be generated, your best approach to
minimize storage and processing is a hash table where the value comes from an
incrementing number. If not found, add one to the number and store in the
table.

--
Binyamin Dissen bdis...@dissensoftware.com
http://www.dissensoftware.com

Director, Dissen Software, Bar  Grill - Israel


Should you use the mailblocks package and expect a response from me,
you should preauthorize the dissensoftware.com domain.

I very rarely bother responding to challenge/response systems,
especially those from irresponsible companies.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

UUIDGEN?

2012-05-28 Thread Magnus Persson 
Hi.

I'm trying to find what I should use instead of the uuidgen command, since this 
was part of DCE that is withdrawn.

So is there a easy replacement for the uuidgen command to use in a USS script?

Br. Magnus Persson

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Transferring stuff from Mainframe to a RDz/UT clone of itself

2012-05-28 Thread Thomas Conley 

On 5/28/2012 1:26 AM, melvinjac...@iinet.net.au wrote:

On Friday, 25 May 2012 22:13:55 UTC+10, Thomas Conley  wrote:

On 5/25/2012 2:03 AM, mpjac...@comcen.com.au wrote:

Hi all

Can't readily see how to search the group, so apologies if this info is in here 
somewhere

I'm just after opinion as to the best way to transfer files across from a normal MF Lpar , 
including some USS directories, to a copy of this Lpar running on RDz/UT under RedHat linux on a 
VM server. I'm told that shared DASD is not possible between the MF Lpar   the RDz 
instance,   we have FTP or NJE (don't know which is quicker). The basic scenario is to do 
regular incremental refreshes of the RDz/UT environment from it's big brother MF 
instance

I'm posting this last thing on a Fri arvo, so may not get back to it before 
Monday (it's just gone 4pm here in Sydney)

Thx

Melvyn Jacobs


Melvyn,

I would run DFDSS DUMP, TERSE, FTP binary, DETERSE, then DFDSS RESTORE.

Regards,
Tom Conley



dumb question - the plan that I was given just said basically DFDSS DUMP, FTP, 
RESTORE - what advantage does

On Friday, 25 May 2012 22:13:55 UTC+10, Thomas Conley  wrote:

On 5/25/2012 2:03 AM, mpjac...@comcen.com.au wrote:

Hi all

Can't readily see how to search the group, so apologies if this info is in here 
somewhere

I'm just after opinion as to the best way to transfer files across from a normal MF Lpar , 
including some USS directories, to a copy of this Lpar running on RDz/UT under RedHat linux on a 
VM server. I'm told that shared DASD is not possible between the MF Lpar   the RDz 
instance,   we have FTP or NJE (don't know which is quicker). The basic scenario is to do 
regular incremental refreshes of the RDz/UT environment from it's big brother MF 
instance

I'm posting this last thing on a Fri arvo, so may not get back to it before 
Monday (it's just gone 4pm here in Sydney)

Thx

Melvyn Jacobs


Melvyn,

I would run DFDSS DUMP, TERSE, FTP binary, DETERSE, then DFDSS RESTORE.

Regards,
Tom Conley

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN


Hi Tom

Thanks for that - any particular reason for including TERSE, over just DFDSS  
FTP ?

cheers

Melvyn


Melvyn,

The DFDSS dump dataset is a RECFM=U file.  I've had difficulty in 
transferring RECFM=U files with FTP, so TERSEing them creates a nice FB 
1024 format that can FTP cleanly in binary mode.  I also get the 
compression for a faster FTP.  Someone else in this thread recommended 
TSO XMIT which basically does the same thing without compression,  by 
creating an FB 80 format record.


Regards,
Tom Conley

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Masking Numeric Keys

2012-05-28 Thread Gary Weinhold 

John M wrote (snipped):

  A full billion, 5 byte, packed numbers would require 5 billion bytes of 
storage (5 Gb), or about 2^23  bytes. If you wanted to, you could run a program 
and save this in a VSAM Linear dataset. You could then use this dataset as your 
permanent map and access it as a DIV (Data In Virtual) file, using very 
efficient memory mapping. Or create it as an ESDS and access it in RBA mode. Or 
perhaps even an VSAM RRDS. Generating the file may take a while, especially to 
guarantee the uniqueness of the random map. The biggest problem might be 
finding a random number generator which can actually generate uniformly random 
values in the range [0..5,000,000,000]. Do it over a weekend. Or in a low 
priority batch job. The dataset should fit on 3 volumes of 3390-3 space.

Unfortunately, I believe DIV is limited to 2G.

You only need (want) 1 billion random numbers.   I think multiplying each 9 
digit number by a prime greater than 1 billion and dividing by 1 billion will 
generate a unique 9 digit remainder for each number.


John R wrote (snipped):

Another idea could be to have two indexes: one for the first five digits, and 
the other for the last four.  If you break it up like this, the combined result 
is still unique, deterministic, and impossible to reverse engineer unless you 
have access to the translation index.

What if you broke it up into 9 indexes, one for each digit; wouldn't that fit 
the same criteria?

Gary Weinhold
Data Kinetics, Ltd.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

DFSMS SG POOL Enablement

2012-05-28 Thread af dc 
Hello,
I've a SG in the following status:

SCDS Name  . . . . : PROD.SMS.SCDS
Storage Group Name : SGDR
Storage Group Type : POOL
To ALTER Storage Group System/
Sys Group Status, Specify:

 System/Sys  SMS SG   System/Sys  SMS SG
 Group Name  Status   Group Name  Status
 --  --   --  --
 *PARTPLEX   === DISNEW   PA1   === DISNEW
 PA2 === DISNEW   PB1   === DISNEW

doing D SMS,SG(SGDR), I get:
RESPONSE=PA1
 IGD002I 14:16:00 DISPLAY SMS 625

 STORGRP  TYPESYSTEM= 1 2 3 4
 SGDR POOLD D D D

I want to ENABLE this SG onl all systems and I tried:
V SMS,STORGRP(SGDR,ALL),ENABLE
IGD010I STORAGE GROUP (SGDR,ALL ) STATUS IS NOW ENABLED

then:
SETSMS SCDS(PROD.SMS.SCDS)
IGD008I NEW CONFIGURATION ACTIVATED FROM SCDS PROD.SMS.SCDS

but after doing:
D SMS,SG(SGDR), I get:
RESPONSE=PA1
 IGD002I 14:16:00 DISPLAY SMS 625

 STORGRP  TYPESYSTEM= 1 2 3 4
 SGDR POOLD D D D

Can you pls give me an help on what am I missing here ??
Many thx, Antonio Cecilio.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Spool offload

2012-05-28 Thread R.S. 
I'm going to cold start JES2. I would like to preserve my spool content 
by using spool offload.


I changed parameters of OFF* devices to the following values:

OFFLOAD1  DSN=SYS1.OFFLOAD,STATUS=DRAINED,ARCHIVE=ONE,
  CRTIME=RESET,LABEL=SL,PROTECT=NO,RETPD=0,
  TRACE=NO,UNIT=(3390,1),VALIDATE=YES,VOLS=255
Changes: RETPD=0 and unit=3390, dataset preallocated


OFF1.JT  STATUS=STARTABLE,CLASS=,CREATOR=,DISP=KEEP,
 HOLD=,JOBNAME=,LIMIT=(0,*),NOTIFY=NO,
 RANGE=(J1,99),ROUTECDE=(),START=YES,
 SCHENV=,SRVCLASS=,SYSAFF=(NONE),VOLUME=(,,,),
 WS=(/)
OFF1.ST  STATUS=STARTABLE,CREATOR=,DISP=KEEP,
 OUTDISP=(WRITE,KEEP),HOLD=,JOBNAME=,NOTIFY=NO,
 RANGE=(J1,99),ROUTECDE=(),START=YES,
 VOLUME=(,,,),WS=(/),BURST=,FCB=,FLASH=,
 FORMS=(,,,),LIMIT=(0,*),PLIM=(0,*),
 PRMODE(),QUEUE=,UCS=,WRITER=
Changes: WS changed to everything, DISP=KEEP (does not delete or 
change existing entries).



Q: did I miss something?

--
Radoslaw Skorupka
Lodz, Poland






--
Treść tej wiadomości może zawierać informacje prawnie chronione Banku 
przeznaczone wyłącznie do użytku służbowego adresata. Odbiorcą może być jedynie 
jej adresat z wyłączeniem dostępu osób trzecich. Jeżeli nie jesteś adresatem 
niniejszej wiadomości lub pracownikiem upoważnionym do jej przekazania 
adresatowi, informujemy, że jej rozpowszechnianie, kopiowanie, rozprowadzanie 
lub inne działanie o podobnym charakterze jest prawnie zabronione i może być 
karalne. Jeżeli otrzymałeś tę wiadomość omyłkowo, prosimy niezwłocznie 
zawiadomić nadawcę wysyłając odpowiedź oraz trwale usunąć tę wiadomość 
włączając w to wszelkie jej kopie wydrukowane lub zapisane na dysku.

This e-mail may contain legally privileged information of the Bank and is intended solely for business use of the addressee. This e-mail may only be received by the addressee and may not be disclosed to any third parties. If you are not the intended addressee of this e-mail or the employee authorised to forward it to the addressee, be advised that any dissemination, copying, distribution or any other similar activity is legally prohibited and may be punishable. If you received this e-mail by mistake please advise the sender immediately by using the reply facility in your e-mail software and delete permanently this e-mail including any copies of it either printed or saved to hard drive. 


BRE Bank SA, 00-950 Warszawa, ul. Senatorska 18, tel. +48 (22) 829 00 00, fax 
+48 (22) 829 00 33, www.brebank.pl, e-mail: i...@brebank.pl
Sąd Rejonowy dla m. st. Warszawy XII Wydział Gospodarczy Krajowego Rejestru Sądowego, nr rejestru przedsiębiorców KRS 025237, NIP: 526-021-50-88. 
Według stanu na dzień 01.01.2012 r. kapitał zakładowy BRE Banku SA (w całości wpłacony) wynosi 168.410.984 złotych.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Spool offload

2012-05-28 Thread Mark Zelden 
On Mon, 28 May 2012 15:56:24 +0200, R.S. r.skoru...@bremultibank.com.pl wrote:

I'm going to cold start JES2. I would like to preserve my spool content
by using spool offload.

I changed parameters of OFF* devices to the following values:

OFFLOAD1  DSN=SYS1.OFFLOAD,STATUS=DRAINED,ARCHIVE=ONE,
   CRTIME=RESET,LABEL=SL,PROTECT=NO,RETPD=0,
   TRACE=NO,UNIT=(3390,1),VALIDATE=YES,VOLS=255
Changes: RETPD=0 and unit=3390, dataset preallocated


OFF1.JT  STATUS=STARTABLE,CLASS=,CREATOR=,DISP=KEEP,
  HOLD=,JOBNAME=,LIMIT=(0,*),NOTIFY=NO,
  RANGE=(J1,99),ROUTECDE=(),START=YES,
  SCHENV=,SRVCLASS=,SYSAFF=(NONE),VOLUME=(,,,),
  WS=(/)
OFF1.ST  STATUS=STARTABLE,CREATOR=,DISP=KEEP,
  OUTDISP=(WRITE,KEEP),HOLD=,JOBNAME=,NOTIFY=NO,
  RANGE=(J1,99),ROUTECDE=(),START=YES,
  VOLUME=(,,,),WS=(/),BURST=,FCB=,FLASH=,
  FORMS=(,,,),LIMIT=(0,*),PLIM=(0,*),
  PRMODE(),QUEUE=,UCS=,WRITER=
Changes: WS changed to everything, DISP=KEEP (does not delete or
change existing entries).


Q: did I miss something?

--
Radoslaw Skorupka
Lodz, Poland


I assume you are asking if they are correct prior to starting the offload.  If 
so,
it looks okay.   If not, then of course you need to start offload1.  

Are you sure you disk output is big enough to hold everything?  If you have
tape output available, you can use that and avoid a potential space
abend. 

Just out of curiosity, why do you need to cold start?   

Regards,

Mark
--
Mark Zelden - Zelden Consulting Services - z/OS, OS/390 and MVS   
mailto:m...@mzelden.com
Mark's MVS Utilities: http://www.mzelden.com/mvsutil.html 
Systems Programming expert at http://expertanswercenter.techtarget.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: DFSMS SG POOL Enablement

2012-05-28 Thread af dc 
Well, I guess this will do it:

//MYLIBJCLLIB ORDER=SYS1.SACBCNTL
//*
//STEP1   EXEC ACBJBAOB,
//TABL2=PROD.TEST.ISPTABL
//SYSUDUMP DD  SYSOUT=*
//SYSTSIN  DD *
  PROFILE PREFIX(MYUSER)
  ISPSTART CMD(ACBQBAJ2 +
  ALTER +
  SCDS('PROD.SMS.SCDS') +
  STORGRP(SGDR) +
  SGSTSALL(ENABLE) +
  )
/*
//TEMPFILE  DD  DSN=TEMPFILE,DISP=(MOD,PASS),
//  SPACE=(TRK,(1,1)),LRECL=300,RECFM=F,BLKSIZE=300
//*
//STEP2   EXEC ACBJBAOB,
//TABL2=PROD.TEST.ISPTABL
//SYSUDUMP DD  SYSOUT=*
//SYSTSIN  DD DSN=TEMPFILE,DISP=(OLD,DELETE,DELETE)
//*
//STEP3   EXEC PGM=ICEGENER
//SYSPRINT DD  SYSOUT=*
//SYSUT2   DD  SYSOUT=(*,INTRDR)
//SYSINDD  DUMMY
//SYSUT1   DD  DATA,DLM='$$'
/*$VS,'SETSMS SCDS(PROD.SMS.SCDS)'
$$
/*

Ok, many thx to all and me, A.Cecilio.

On Mon, May 28, 2012 at 2:22 PM, af dc acbi...@gmail.com wrote:

 Hello,
 I've a SG in the following status:

 SCDS Name  . . . . : PROD.SMS.SCDS
 Storage Group Name : SGDR
 Storage Group Type : POOL
 To ALTER Storage Group System/
 Sys Group Status, Specify:

  System/Sys  SMS SG   System/Sys  SMS SG
  Group Name  Status   Group Name  Status
  --  --   --  --
  *PARTPLEX   === DISNEW   PA1   === DISNEW
  PA2 === DISNEW   PB1   === DISNEW

 doing D SMS,SG(SGDR), I get:
 RESPONSE=PA1
  IGD002I 14:16:00 DISPLAY SMS 625

  STORGRP  TYPESYSTEM= 1 2 3 4
  SGDR POOLD D D D

 I want to ENABLE this SG onl all systems and I tried:
 V SMS,STORGRP(SGDR,ALL),ENABLE
 IGD010I STORAGE GROUP (SGDR,ALL ) STATUS IS NOW ENABLED

 then:
 SETSMS SCDS(PROD.SMS.SCDS)
 IGD008I NEW CONFIGURATION ACTIVATED FROM SCDS PROD.SMS.SCDS

 but after doing:
 D SMS,SG(SGDR), I get:
 RESPONSE=PA1
  IGD002I 14:16:00 DISPLAY SMS 625

  STORGRP  TYPESYSTEM= 1 2 3 4
  SGDR POOLD D D D

 Can you pls give me an help on what am I missing here ??
 Many thx, Antonio Cecilio.



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Masking Numeric Keys

2012-05-28 Thread Paul Gilmartin 
On Mon, 28 May 2012 09:17:04 -0400, Gary Weinhold wrote:

You only need (want) 1 billion random numbers.   I think multiplying each 9 
digit number by a prime greater than 1 billion and dividing by 1 billion will 
generate a unique 9 digit remainder for each number.

(Why didn't I think of that!?)  Of course, the multiplier, M, needn't be greater
than 1 billion.  For any M, M mod 1 billion produces identical results.  And it
needn't be prime; only relatively prime to 1 billion, i.e. any number whose
final  decimal digit is 1, 3, 7, or 9.

M must be kept secret.  But I suspect it can easily be inferred, even if only
by exhaustion, given any single key in its clear and masked forms.  If
there is no requirement that the masked key be numeric, the search space
can be enlarged, however slightly, by using a base85 encoding (see RFC
1924, April 1, 1996).

Even if the intruder knows no key in its clear and masked representations,
but knows that keys in some set are invalid, he might be able to make a
good guess at M by the absence of certain masked values in a sufficiently
large sample.

-- gil

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Spool offload

2012-05-28 Thread R.S. 

W dniu 2012-05-28 17:10, Mark Zelden pisze:
[...]




I assume you are asking if they are correct prior to starting the offload.  If 
so,
it looks okay.   If not, then of course you need to start offload1.


Good assumption!
My explanations weren't good enough. :-)



Are you sure you disk output is big enough to hold everything?  If you have
tape output available, you can use that and avoid a potential space
abend.


Yes, I'm sure, the spool is small, it's not production system.




Just out of curiosity, why do you need to cold start?


Change some parameters in JES2PARM.


--
Radoslaw Skorupka
Lodz, Poland






--
Tre tej wiadomoci moe zawiera informacje prawnie chronione Banku 
przeznaczone wycznie do uytku subowego adresata. Odbiorc moe by jedynie 
jej adresat z wyczeniem dostpu osób trzecich. Jeeli nie jeste adresatem 
niniejszej wiadomoci lub pracownikiem upowanionym do jej przekazania 
adresatowi, informujemy, e jej rozpowszechnianie, kopiowanie, rozprowadzanie 
lub inne dziaanie o podobnym charakterze jest prawnie zabronione i moe by 
karalne. Jeeli otrzymae t wiadomo omykowo, prosimy niezwocznie 
zawiadomi nadawc wysyajc odpowied oraz trwale usun t wiadomo 
wczajc w to wszelkie jej kopie wydrukowane lub zapisane na dysku.

This e-mail may contain legally privileged information of the Bank and is intended solely for business use of the addressee. This e-mail may only be received by the addressee and may not be disclosed to any third parties. If you are not the intended addressee of this e-mail or the employee authorised to forward it to the addressee, be advised that any dissemination, copying, distribution or any other similar activity is legally prohibited and may be punishable. If you received this e-mail by mistake please advise the sender immediately by using the reply facility in your e-mail software and delete permanently this e-mail including any copies of it either printed or saved to hard drive. 


BRE Bank SA, 00-950 Warszawa, ul. Senatorska 18, tel. +48 (22) 829 00 00, fax 
+48 (22) 829 00 33, www.brebank.pl, e-mail: i...@brebank.pl
Sd Rejonowy dla m. st. Warszawy XII Wydzia Gospodarczy Krajowego Rejestru Sdowego, nr rejestru przedsibiorców KRS 025237, NIP: 526-021-50-88. 
Wedug stanu na dzie 01.01.2012 r. kapita zakadowy BRE Banku SA (w caoci wpacony) wynosi 168.410.984 zotych.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Spool offload

2012-05-28 Thread Skip Robinson 
OK, I'll bite. Which parameters cannot be changed dynamically? I think you 
mentioned in another thread about having to resolve name conflicts. There 
ways to juggle things around via multiple incremental changes to achieve 
the desired result. I have systems last cold started in 1995. 

.
.
JO.Skip Robinson
SCE Infrastructure Technology Services
Electric Dragon Team Paddler 
SHARE MVS Program Co-Manager
626-302-7535 Office
323-715-0595 Mobile
jo.skip.robin...@sce.com



From:   R.S. r.skoru...@bremultibank.com.pl
To: IBM-MAIN@bama.ua.edu
Date:   05/28/2012 08:35 AM
Subject:Re: Spool offload
Sent by:IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu



W dniu 2012-05-28 17:10, Mark Zelden pisze:
[...]


 I assume you are asking if they are correct prior to starting the 
offload.  If so,
 it looks okay.   If not, then of course you need to start offload1.

Good assumption!
My explanations weren't good enough. :-)


 Are you sure you disk output is big enough to hold everything?  If you 
have
 tape output available, you can use that and avoid a potential space
 abend.

Yes, I'm sure, the spool is small, it's not production system.



 Just out of curiosity, why do you need to cold start?

Change some parameters in JES2PARM.


-- 
Radoslaw Skorupka
Lodz, Poland


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Masking Numeric Keys

2012-05-28 Thread Peter Sylvester 

IMO the risk is not to have a non reversible key, but to hide
this a bit. with a small number of output bits there are
not many options.

some approaches

- take a prime number p large then the name space and smaller
than the space to hold the result, take a generator g of the
multiplicative group,  and compute  output = (g ** input) mod p.
for all 1  input  p
you can iterate this using different primes, add some
magic bijectif functions, permutation of bits etc.

- take a fixed secret, and encrypt with des = 8 octets.

-  if your key space is large, 16 octets, you an hmac with
   1 billion times md5 of the input or something like than.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: DFSMS SG POOL Enablement

2012-05-28 Thread retired mainframer 
The VARY command updates the active configuration in the SMS address space,
not the SCDS dataset.  By issuing the SETSMS after the VARY, you restored
everything back the way it was, in effect undoing the vary.

Either
 1 - update an SCDS and then activate it
or
 2 - update the active configuration with VARY commands and then perform
SETSMS SAVESCDS(dsn) to save the updated configuration in an SCDS.

:: -Original Message-
:: From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On
:: Behalf Of af dc
:: Sent: Monday, May 28, 2012 6:23 AM
:: To: IBM-MAIN@bama.ua.edu
:: Subject: DFSMS SG POOL Enablement
::
:: Hello,
:: I've a SG in the following status:
::
:: SCDS Name  . . . . : PROD.SMS.SCDS
:: Storage Group Name : SGDR
:: Storage Group Type : POOL
:: To ALTER Storage Group System/
:: Sys Group Status, Specify:
::
::  System/Sys  SMS SG   System/Sys  SMS SG
::  Group Name  Status   Group Name  Status
::  --  --   --  --
::  *PARTPLEX   === DISNEW   PA1   === DISNEW
::  PA2 === DISNEW   PB1   === DISNEW
::
:: doing D SMS,SG(SGDR), I get:
:: RESPONSE=PA1
::  IGD002I 14:16:00 DISPLAY SMS 625
::
::  STORGRP  TYPESYSTEM= 1 2 3 4
::  SGDR POOLD D D D
::
:: I want to ENABLE this SG onl all systems and I tried:
:: V SMS,STORGRP(SGDR,ALL),ENABLE
:: IGD010I STORAGE GROUP (SGDR,ALL ) STATUS IS NOW ENABLED
::
:: then:
:: SETSMS SCDS(PROD.SMS.SCDS)
:: IGD008I NEW CONFIGURATION ACTIVATED FROM SCDS PROD.SMS.SCDS
::
:: but after doing:
:: D SMS,SG(SGDR), I get:
:: RESPONSE=PA1
::  IGD002I 14:16:00 DISPLAY SMS 625
::
::  STORGRP  TYPESYSTEM= 1 2 3 4
::  SGDR POOLD D D D

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Snap dump question

2012-05-28 Thread Charles Mills 
Aw John, don't be grumpy. By obtuse I just meant you merely alluded to the
solution, you didn't explicitly say if you really coded LECL you need to
correct it to LRECL. No harm intended. Sorry for the offense.

Charles

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf
Of John Gilmore
Sent: Friday, May 25, 2012 5:47 PM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Snap dump question

Charles Mills writes

begin extract
DBB LECL will almost certainly not assemble (as John G. was pointing
out, a bit obtusely). Should be LRECL
/end extract

Equally, 'DBB' should of course be 'DCB'.

My point--serendipitously well illustrated by what you typed--was
that, since the OP obviously knows that 'LECL'. should be 'LRECL',
there was a strong possibility that his typo was a transcription
error, defective in his post but not in his code.  In reviewing the
language I used to make this point I find no basis for the notion that
it is obtuse

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Masking Numeric Keys

2012-05-28 Thread Phil Smith 
Peter Sylvester wrote:
IMO the risk is not to have a non reversible key, but to hide
this a bit. with a small number of output bits there are
not many options.

Well, if the goal is to protect the data, then it needs to be cryptographically 
secure. Security through obscurity isn't security.

plug
Voltage SecureData is an encryption platform that provides Format-Preserving 
Encryption, using a mode of AES (almost but not quite through the NIST 
approvals process-awaiting final comments only) that does what it sounds like: 
preserves the format of the input. So if you encrypt a 9-digit number, you get 
back a 9-digit number. If you encrypt Peter Sylvester, 123 Main St, you get 
back X X, nnn Xxxx Xx, where the Xs and Ns are characters and 
digits, respectively. And there are lots more options.

Using this technology is a great way to mask data: it requires no 
maintenance-intensive back-end databases (as do traditional masking products) 
and can be added to an existing procedure as a single extra step. The fact that 
the data is obviously masked (that is, Peter is unlikely to encrypt to 
something that actually LOOKS like a regular name) is actually a plus, since it 
makes the auditors happy to be able to verify that the data is protected by 
sampling, rather than having to test or read code.
/plug

I'm not a crypto guy, but I know enough to be very uncomfortable with some of 
the suggestions that have been made on this topic from a security standpoint. 
This hiding-data-for-test isn't just A Good Idea: it's mandated by various 
regulations. And given the number of breaches we read about daily, coupled with 
the (typically) lower security on test systems (or unknown security on partner 
systems!), it isn't something to take casually: it's playing 
you-bet-your-company (or at least your job) in many cases.

Cheers,
--
...phsiii

Phil Smith III
p...@voltage.commailto:p...@voltage.com
Voltage Security, Inc.
www.voltage.comhttp://www.voltage.com
(703) 476-4511 (home office)
(703) 568-6662 (cell)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Masking Numeric Keys

2012-05-28 Thread Paul Gilmartin 
On Fri, 25 May 2012 10:30:45 -0500, Roberts, John J wrote:

So all Personally Identifiable Information (PII) fields must be masked.  I 
have figured out techniques to mask names and addresses.  But I now need to 
figure out a technique to mask a nine digit numeric key.  This field is used 
as either a primary or secondary key in many files.  So I can't just 
substitute a random number, since the relationships need to be maintained.  I 
have identified some requirements for the masking algorithm:

(1) It must be deterministic (same input produces same output always).

(2) Uniqueness must be maintained.  Therefore no two original values can 
translate to the same masked value.

(3) The masked result must also be a nine digit numeric value.

(4) It must not be possible to calculate the original value from the masked 
value (i.e. a one-way transformation).
 
Is there any validity check performed on these keys?  Will that validity check
be performed on the masked keys, requiring a mapping into the valid subset
of the 9-digit key space.

Just curious: how would you mask names and addresses?  Of course, if these
are not used as keys some constraints such as uniqueness are relaxed.

-- gil

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Masking Numeric Keys

2012-05-28 Thread Paul Gilmartin 
On Mon, 28 May 2012 11:19:01 -0700, Phil Smith a...@efghijk.lmn wrote:

Well, if the goal is to protect the data, then it needs to be 
cryptographically secure. Security through obscurity isn't security.

plug
Voltage SecureData is an encryption platform that provides Format-Preserving 
Encryption, using a mode of AES (almost but not quite through the NIST 
approvals process-awaiting final comments only) that does what it sounds like: 
preserves the format of the input. So if you encrypt a 9-digit number, you get 
back a 9-digit number. If you encrypt Peter Sylvester, 123 Main St, you get 
back X X, nnn Xxxx Xx, where the Xs and Ns are characters and 
digits, respectively. And there are lots more options.
...
/plug

Can it deal with validity constraints such as the credit card check digit:

http://en.wikipedia.org/wiki/Luhn_algorithm

...?  And I understand that some 9-digit keys eschew any values
that contain the sequence 666 as a courtesy to the client.
(Actually at the client's option, but suppose it were to be made a
rule.)

-- gil

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: TS7700 Scheduled Downtime Procedures

2012-05-28 Thread af dc 
Hello,
basically those are main issues to take care, what i usually do on ts7740
is:

1) 30mins before outage, vary all virtual addresses offline. Maybe there's
jobs still running.
2) Put on hold all dfhsm tape functions
3)Verify is all virtual addresses are offline
4) Libs off
5) Channels off
6) inihibt reclaim

Deliver box to hw.
A.Cecilio.


On Wed, May 16, 2012 at 10:29 PM, David G. Schlecht
dschle...@admin.nv.govwrote:

 We’ve switched to using the TS7720 as a stand-alone VTS and are planning
 an outage this weekend for microcode upgrade.

 In the old days, for an outage we had to:

 1.   Vary the libraries offline

 2.   Vary the drives offline

 3.   Vary the chanel paths offline

 4.   When varying the final drives off line, we had to use Force
 because they were the last attached devices.

 Looking over the Planning and Intro book and the Virtual Engine book
 (SG24-7712-02) it appears the same procedures are needed for today’s VTS.
 Is there anything else that is required or something else to watch for with
 today’s TS7700?


 David G. Schlecht | Information Technology Professional
 State of Nevada | Department of Administration | Enterprise IT Services
 T:(775)684-4328 | F: (775) 684‐4324 | E:dschle...@admin.nv.gov -- New
 Address


 
 This communication, including any attachments, may contain confidential
 information and is intended only for the individual or entity to which it
 is addressed. Any review, dissemination or copying of this communication by
 anyone other than the intended recipient is strictly prohibited. If you are
 not the intended recipient, please contact the sender by reply e-mail and
 delete all copies of the original message.

 --
 For IBM-MAIN subscribe / signoff / archive access instructions,
 send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: TS7700 Scheduled Downtime Procedures

2012-05-28 Thread af dc 
and wait 7 hours.

On Mon, May 28, 2012 at 9:30 PM, af dc acbi...@gmail.com wrote:

 Hello,
 basically those are main issues to take care, what i usually do on ts7740
 is:

 1) 30mins before outage, vary all virtual addresses offline. Maybe there's
 jobs still running.
 2) Put on hold all dfhsm tape functions
 3)Verify is all virtual addresses are offline
 4) Libs off
 5) Channels off
 6) inihibt reclaim

 Deliver box to hw.
 A.Cecilio.



 On Wed, May 16, 2012 at 10:29 PM, David G. Schlecht 
 dschle...@admin.nv.gov wrote:

 We’ve switched to using the TS7720 as a stand-alone VTS and are planning
 an outage this weekend for microcode upgrade.

 In the old days, for an outage we had to:

 1.   Vary the libraries offline

 2.   Vary the drives offline

 3.   Vary the chanel paths offline

 4.   When varying the final drives off line, we had to use Force
 because they were the last attached devices.

 Looking over the Planning and Intro book and the Virtual Engine book
 (SG24-7712-02) it appears the same procedures are needed for today’s VTS.
 Is there anything else that is required or something else to watch for with
 today’s TS7700?


 David G. Schlecht | Information Technology Professional
 State of Nevada | Department of Administration | Enterprise IT Services
 T:(775)684-4328 | F: (775) 684‐4324 | E:dschle...@admin.nv.gov -- New
 Address


 
 This communication, including any attachments, may contain confidential
 information and is intended only for the individual or entity to which it
 is addressed. Any review, dissemination or copying of this communication by
 anyone other than the intended recipient is strictly prohibited. If you are
 not the intended recipient, please contact the sender by reply e-mail and
 delete all copies of the original message.

 --
 For IBM-MAIN subscribe / signoff / archive access instructions,
 send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: Masking Numeric Keys

2012-05-28 Thread Phil Smith 
Paul Gilmartin wrote:
Can it deal with validity constraints such as the credit card check digit:
   http://en.wikipedia.org/wiki/Luhn_algorithm

Of course...it will optionally recalculate it, leave it as-is, or force it 
invalid (another way to tell that the data is masked-although it turns out that 
there are actually cards in the wild with invalid Luhn checksums, but most 
companies won't accept those anyway). You can also tell it to just mask 
specific parts of a card number-for example, leave the BIN (first n digits) and 
the last 4 in plaintext, and just encrypt the middle 6, which are the actual 
account number. Lots of options.

...?  And I understand that some 9-digit keys eschew any values
that contain the sequence 666 as a courtesy to the client.
(Actually at the client's option, but suppose it were to be made a
rule.)

Never seen that requirement from any of our customers, including Fortune 50 and 
three of the top ten card processors. Actually, since the masked data is never 
seen by any customers, I'm not sure that it would even matter-would it?
--
...phsiii

Phil Smith III
p...@voltage.commailto:p...@voltage.com
Voltage Security, Inc.
www.voltage.comhttp://www.voltage.com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: How to leave ISPF

2012-05-28 Thread Shmuel Metz (Seymour J.) 
In 4f439d1e-1523-49ed-815c-6fa3dcd87...@comcast.net, on 05/27/2012
   at 10:36 AM, Ed Gould edgould1...@comcast.net said:

I think that was because that way back when IBM had a TSO 
product called PCF.  If memory serves me one of the feature that 
PCF offered was to be able to stack commands and to separate them 
it used the field mark key as a delimiter.

No; you could use FM as a separator without PCF. As I recall, PCF
allowed you to use other characters, e.g., semicolon, as a separator,
but did not disable the recognition of the FM.

Although admittedly the biggest  feature of PCF was to do data 
set  dasd pooling 

Not command accounting?

-- 
 Shmuel (Seymour J.) Metz, SysProg and JOAT
 ISO position; see http://patriot.net/~shmuel/resume/brief.html 
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN

Re: How to leave ISPF

2012-05-28 Thread Shmuel Metz (Seymour J.) 
In 0898286174563950.wa.markmzelden@bama.ua.edu, on 05/25/2012
   at 06:44 PM, Mark Zelden m...@mzelden.com said:

I don't know.  But when used the way I described, you are in TSO
READY from the =x;;x prior to the field mark, so it is SO at that
point, not ISPF.

No, you are not at the READY prompt; ISPF puts the residual data on
the stack. Is the FM recognition done by the TMP or by the VTIOC?
 
-- 
 Shmuel (Seymour J.) Metz, SysProg and JOAT
 ISO position; see http://patriot.net/~shmuel/resume/brief.html 
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN