Re: Binder API...broke or working as designed

On Tue, Aug 25, 2009 at 4:01 PM, Tony Harminc tz...@attglobal.net wrote: 2009-08-25 William H. Blair wmhbl...@comcast.net wrote: Until the binder API can function as a full-fledged system service, it can't be used by any code that, itself, has to adhere to the previously-established and

Re: Need new 3270 emulator: SSH, inexpensive, reliable

We've got Tectia SSH as a replacement for telnet to login to a z/OS UNIX shell. Unfortunately, Tectia doesn't support the chcp command, which makes it pretty much unusable for me. We've got an elder release (5.3.7.21) so this may well have changed. I tried to find a hint in the doc on their web

Re: Need new 3270 emulator: SSH, inexpensive, reliable

John Mattson pisze: I would recommend Nexus which is cheap and has great support. http://www.nexit.com/ Or free x3270. http://x3270.bgp.nu/ -- Radoslaw Skorupka Lodz, Poland -- BRE Bank SA ul. Senatorska 18 00-950 Warszawa www.brebank.pl Sd Rejonowy dla m. st. Warszawy XII Wydzia

Re: Sysplex dis/advantages

I *think* bubbling up from these threads are complaints about hurdles to getting to Sysplex from an established environment. Or from having to combine systems/sysplexes into a bigger sysplex that are already units unto themselves, with disparate environments (pervasively different naming

Re: Software delivery via internet or tape

But the thing that bothers us is that every vendor now has a different process for internet delivery. Instead of getting a tape and running the same pre-configured jobs to load the contents of the tape, each vendor has a completely different process for getting the product to us. At our ages, the

Re: Who has z/Linux, z/VM and Oracle

My management has asked me to see if anyone is using this configuration, Oracle running under z/Linux with z/VM. If so, would you be willing to talk to me offlist about it? z/VM 5.3 5.3 SuSe Linux1-IFL Oracle Database on Linux, Application Server on Windows someplace (hey the data

IOS506I

What is CHANNEL MEASUREMENT BLOCK FACILITY ? D IOS,CONFIG answers with IOS506I and one of the statements informs about the facility. I did RTFM - unfortunately found no further description Any clue? -- Radoslaw Skorupka Lodz, Poland -- BRE Bank SA ul. Senatorska 18 00-950 Warszawa

Re: Need new 3270 emulator: SSH, inexpensive, reliable

John, if you need a cheap and reliable 3270 Emulation then give Vista tn3270 a try. see www.tombrennansoftware.com Since V1.26 it supports secure connections over a SSL connection - I guess this is what you need. The pros and cons of (all) 3270 emulations have been discussed here before.

# of subchannels

Recently two subchannels sets became available on new mainframes. However my question regards how the number of subchannels is defined. For example: 1 LPAR on CPC(single CSS) and 2000 devices gives 2000 subchannels consumed True/False? 3 LPARs and 2000 devices available to any of them gives

Re: Enterprise Cobol 4.2

Frank Swarbrick of the IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu wrote on 08/25/2009 08:14:22 PM: I was pleased to attend the SHARE session for the just announced Enterprise Cobol for z/OS 4.2. I was especially pleased because it has satisfied a marketing requirement that I submitted

Re: IOS506I

Here are the bullets from an old Bit Bucket we presented at SHARE. It should get you started. CMBs maintain information about I/O requests to devices: A CMB exists for each defined DASD or tape device Each entry is 32 bytes long Reside in SQA Locating a CMB for a device: CMCTCMBV points to

Re: WHOIS

Attached, is the WHOIS PROC that we use. It works for both 6 7 character User IDs. That is as long as the referenced data set is kept up-to-date. Hope this helps, Duane On Tue, 25 Aug 2009 15:37:17 -0500, gsg gsg_...@yahoo.com wrote: Does anyone use the WHOIS proc that you can provides

Re: SHARE comments

Mark Zelden wrote: And I got snubbed by Scott Rowe who told me he hadn't been to SHARE in 9 years. I've also run into some first timers (not zNextGeners or people new to the platform). That includes someone from my company that is at SHARE for the first time. In one of the keynotes,

Re: WHOIS

Years ago in a small shop with no RACF add on tools were faced with the same challenge. Various support groups knew the user profile but wanted to look up the name. No doubt many various apps were developed over the years to read the RACF type 0200 record, or some derivation of it. Being the

Re: WHOIS

True. Once upon a time, ID's and associated names were not considered sensitive data. Nowadays, many shops have to protect that data and thus the profile. -Original Message- From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of Tony B. Sent: Wednesday,

Re: WHOIS

But then the user must have admin scope (or IRR.LISTUSER profile) over the user to be listed. -Original Message- From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of Eric Spencer Sent: Wednesday, August 26, 2009 10:03 AM To: IBM-MAIN@bama.ua.edu Subject: Re:

Re: WHOIS

We use the ListUser command to list the RACF profile. This way there is no external database to keep in sync with RACF. Here is a small example: /*REXX*/ parse upper arg ruserid /*trace ?I

Re: Need new 3270 emulator: SSH, inexpensive, reliable

On Tue, 25 Aug 2009 16:13:28 -0500, Hal Merritt hmerr...@jackhenry.com wrote: ... VPN is a good solution, but not PCI compliant. You shouldn't have sensitive data flowing over a network in the open. Period. You would use VPN to gain access to the network, but layer another solution such as

Re: Need new 3270 emulator: SSH, inexpensive, reliable

On Tue, 25 Aug 2009 16:13:28 -0500, Hal Merritt hmerr...@jackhenry.com wrote: VPN is a good solution, but not PCI compliant. You shouldn't have sensitive data flowing over a network in the open. Period. You would use VPN to gain access to the network, but layer another solution such as TLS on

Re: Enterprise Cobol 4.2

I have to be there. The conference is only a few miles away. Actually I am at work today, but I will be there again on Thursday and Friday. But it sounds like you've already snubbed me, so... :-) On 8/25/2009 at 7:46 PM, in message 4a945c4502d800058...@corp.jo-annstores.com, Scott Rowe

Re: Enterprise Cobol 4.2

On 8/25/2009 at 9:08 PM, in message 4a94a715.6010...@trainersfriend.com, Steve Comstock st...@trainersfriend.com wrote: Frank Swarbrick wrote: I was pleased to attend the SHARE session for the just announced Enterprise Cobol for z/OS 4.2. I was especially pleased because it has satisfied a

Re: WHOIS

So what better place to keep and secure sensitive data than RACF itself... Eric Spencer -Original Message- From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of Hal Merritt Sent: Wednesday, August 26, 2009 10:11 AM To: IBM-MAIN@bama.ua.edu Subject: Re:

Re: Need new 3270 emulator: SSH, inexpensive, reliable

On 25 Aug 2009 14:14:56 -0700, hmerr...@jackhenry.com (Hal Merritt) wrote: VPN is a good solution, but not PCI compliant. That statement just doesn't make sense, and even verges on being factually incorrect. The current PCI DSS document, version 1.2.1, _explicitly_ mentions VPN as an approved

Re: Software delivery via internet or tape

Has anyone pointed out in this discussion that there might be a financial benefit to the customer to download via the internet. We recently got all our IBM licensing changed so we could download by the internet because then we don't have to pay sales tax as we did when receiving tapes. That

Re: Need new 3270 emulator: SSH, inexpensive, reliable

On Tue, 25 Aug 2009 10:35:18 -0700, John Mattson john_matt...@ea.epson.com wrote: Management is jumping for PCI and JSOX, and now wants a SSH based 3270 emulation for accessing mainframe TSO, CICS, and such apps. Please You could keep your same emulator and use ssh to tunnel the

Re: WHOIS

That's a good idea. Which id/name dataset are you referring to? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at

Re: Need new 3270 emulator: SSH, inexpensive, reliable

IMHO: Data has to flow in the open over a network from the host to get to the VPN appliance (firewall). During that transit, the data can be readily viewed by suitable network diagnostic tools. Indeed, it would be reasonable to assume that the data would take a couple of hops in the internal

Re: WHOIS

-Original Message- From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of gsg Sent: Wednesday, August 26, 2009 11:50 AM To: IBM-MAIN@bama.ua.edu Subject: Re: WHOIS That's a good idea. Which id/name dataset are you referring to? The one that __YOU__

Re: Need new 3270 emulator: SSH, inexpensive, reliable

You are more correct than I. I misspoke in my statement. I am not an expert on PCI and should have made that clear. But you are looking at current requirements, and they are a moving target with each iteration being more onerous than before. More, conversations with auditors lead me to

Re: Need new 3270 emulator: SSH, inexpensive, reliable

Most VPNs do not encrypt the connection from endpoint to endpoint, which is what is PCI requires. The VPN would need to start on the mainframe and go all the way to the PC. Most VPN run on a appliance (server), a hop away from the mainframe. The last hop' blows' the PCI Steve Finch EDS, an HP

Re: Enterprise Cobol 4.2

On 26 Aug 2009 09:15:35 -0700, frank.swarbr...@efirstbank.com (Frank Swarbrick) wrote: And, the new compiler features will be included in our COBOL courses by next week. I have to admit, I don't think I'll need any training on how to use BLOCK0. :-) No. My difficulty will be in getting it

Re: Enterprise Cobol 4.2

On 8/26/2009 at 11:40 AM, in message dosa9511iv9sdocm6vtq42nq17c0eju...@4ax.com, Howard Brazee howard.bra...@cusys.edu wrote: On 26 Aug 2009 09:15:35 -0700, frank.swarbr...@efirstbank.com (Frank Swarbrick) wrote: And, the new compiler features will be included in our COBOL courses by next

Re: Enterprise Cobol 4.2

Howard Brazee wrote: On 26 Aug 2009 09:15:35 -0700, frank.swarbr...@efirstbank.com (Frank Swarbrick) wrote: And, the new compiler features will be included in our COBOL courses by next week. I have to admit, I don't think I'll need any training on how to use BLOCK0. :-) Of course, there's

Enterprise Cobol 4.2

For those who want a PDF version of the Announcement see: http://www-01.ibm.com/common/ssi/rep_ca/4/897/ENUS209-244/ENUS209-244.PDF Of possible special interest to some sites, you may want to notice that there is NO drop date for support for V3.4 (V3.3 and earlier already have support

Re: Enterprise Cobol 4.2

I have a feeling that many shops went to PL/I because it was easier than persuading standards people to add SSRANGE. 8^) As a performance capacity analyst since 1981, I don't believe the heartache over options such as SSRANGE is worth the (supposedly) saved CPU. Most (so-called) savings

Re: Who has z/Linux, z/VM and Oracle

Hi Jim, We are also considering options, including z/VM, zLinux, etc.  May I have a copy of the notes too? Thanks, Linda Mooney - Original Message - From: Jim Marshall jim.marsh...@opm.gov To: IBM-MAIN@bama.ua.edu Sent: Wednesday, August 26, 2009 4:38:18 AM GMT -08:00

Re: Enterprise Cobol 4.2

On 8/26/2009 at 11:52 AM, in message 1678057537-1251309119-cardhu_decombobulator_blackberry.rim.net-1839326...@bxe12 7.bisx.prod.on.blackberry, Ted MacNEIL eamacn...@yahoo.ca wrote: I have a feeling that many shops went to PL/I because it was easier than persuading standards people to add

Re: WHOIS

Agreed. I'll repeat my tiresome mantra that anyone with a list of all RACF users can mechanically revoke almost all of them as fast as initiators are available. -Original Message- From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of Hal Merritt Sent:

Re: Software delivery via internet or tape

First, the security group is a management issue, not a technical one. All you need is a suitable signature and the security group has little to say. As you climb the ladder looking for that signature, just silently point to the IBM statement and keep a confused look in your eyes. Don't defend

Re: WHOIS

Don't need an initiator. Just access to any terminal with TN3270 or FTP capability. -Original Message- From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of Tony B. Sent: Wednesday, August 26, 2009 1:23 PM To: IBM-MAIN@bama.ua.edu Subject: Re: WHOIS Agreed.

Re: Enterprise Cobol 4.2

We don't currently use SSRANGE in our VSE production but we've decided to make SSRANGE the default on z/OS (along with CHECK(ON) for LE). So we'll see what happens! Frankly, Frank [(8-{]}], I don't think you'll see a difference, and the CPU cost will be a lot less than the cost of your apps

Re: WHOIS

Indeed, creation of such a dataset would expose sensitive data. Ergo, access to that dataset would be the same as to the RACF facility. Which brings us to the question: why not just use the LU command? -Original Message- From: IBM Mainframe Discussion List

SoftwareAG Cluster Services

Been planning to implement SoftwareAG's Cluster Services for ADABAS on an IBM 2096-O02 and IBM 2096-T03 in a z/OS Parallel Sysplex. It has been moving along until the person responsible for ADABAS (works in another area) says implementing it will kill performance and besides, what is worse, is

Re: WHOIS

-Original Message- From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of Tony B. Sent: Wednesday, August 26, 2009 1:23 PM To: IBM-MAIN@bama.ua.edu Subject: Re: WHOIS Agreed. I'll repeat my tiresome mantra that anyone with a list of all RACF users can

Re: Software delivery via internet or tape

On Wed, 26 Aug 2009 11:24:11 -0500, Kelman, Tom thomas.kel...@commercebank.com wrote: Has anyone pointed out in this discussion that there might be a financial benefit to the customer to download via the internet. We recently got all our IBM licensing changed so we could download by the internet

Re: Enterprise Cobol 4.2

On 8/26/2009 at 12:09 PM, in message 1634853764-1251310151-cardhu_decombobulator_blackberry.rim.net-18498444...@bxe1 87.bisx.prod.on.blackberry, Ted MacNEIL eamacn...@yahoo.ca wrote: We don't currently use SSRANGE in our VSE production but we've decided to make SSRANGE the default on z/OS

Re: Need new 3270 emulator: SSH, inexpensive, reliable

steve.fi...@eds.com (Finch, Steve) writes: Most VPNs do not encrypt the connection from endpoint to endpoint, which is what is PCI requires. The VPN would need to start on the mainframe and go all the way to the PC. Most VPN run on a appliance (server), a hop away from the mainframe. The last

Re: Sysplex dis/advantages

Or from having to combine systems/sysplexes into a bigger sysplex that are already units unto themselves, with disparate environments (pervasively different naming conventions, for instance). [..] Same here. Disparate naming conventions are a double-edged sword. RNL management is key. [..]

chdir to home directory gives Permission Denied

I've got a user who, when they attempt to access OMVS, receives: FSUM2384 No session was started. The system cannot set the current working dire ctory to the specified home directory for this user ID. Function = chdir(), directory name = '/u/jung', return value = -1, errno = 111 ( X'006F'),

Re: chdir to home directory gives Permission Denied

The user needs the OMVS segment in the RACF user profile. -Original Message- From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of Ian S. Worthington Sent: Wednesday, August 26, 2009 4:37 PM To: IBM-MAIN@bama.ua.edu Subject: chdir to home directory gives

Re: chdir to home directory gives Permission Denied

-Original Message- snip Looking at their home directory it appears to be set up the same as all other users, viz: IBMUSER:/u/ibmuser: ls -al /u total 224 drwx-- 14 START1 SYS18192 Aug 26 11:01 . drwxr-xr-x 13 START1 SYS18192 Mar 3 07:21 .. . . .

Re: chdir to home directory gives Permission Denied

I should have included that: OMVS INFORMATION UID= 000907 HOME= /u/jung PROGRAM= /bin/sh CPUTIMEMAX= NONE ASSIZEMAX= NONE FILEPROCMAX= NONE PROCUSERMAX= NONE THREADSMAX= NONE MMAPAREAMAX= NONE i -- Original

Re: chdir to home directory gives Permission Denied

Thanks John, that fixed it! My only question would be why has this suddenly become a problem for jung when all other users set up with the same script work fine? i -- Original Message -- Received: 03:45 PM COT, 08/26/2009 From: McKown, John jmck...@healthmarkets.com To:

Forcing connection limits on CICS Sockets

Hello, Here at my work we have an Test environment that actually serves for two purposes: 1) test of software under development and 2) stress tests. Many external systems (J2EE based) that are stress-tested rely on CICS/Sockets communication to call some mainframe (Natural) routines. The

Re: Who has z/Linux, z/VM and Oracle

Can I 3rd that? Please send to bob.co...@usda.gov -Original Message- From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of Linda Mooney Sent: Wednesday, August 26, 2009 12:57 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Who has z/Linux, z/VM and Oracle Hi Jim,

Re: Enterprise Cobol 4.2

I don't think we will either. And to be honest, we won't notice even if there are differences, because it would be comparing VSE times to z/OS times even if the options were the same. You could waste your time and compare z/OS to z/OS. (8-{]} And, I truly mean it would be a waste! - Too busy

Re: Forcing connection limits on CICS Sockets

On Wed, 26 Aug 2009 16:14:03 -0500, Henrique Seganfredo henri...@seganfredo.com wrote: ... I am thinking on a way of limiting the % of acceptance of sockets calls to the mainframe coming from the J2EE 'stress-test' servers. Is there anything that provides a way of forcing connection limits on

Re: SoftwareAG Cluster Services

-Original Message- From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of Jim Marshall Sent: Wednesday, August 26, 2009 11:45 AM To: IBM-MAIN@bama.ua.edu Subject: SoftwareAG Cluster Services Been planning to implement SoftwareAG's Cluster Services for

HSM VTOC data sets on ML1 DASD volume

* I am trying to empty one ML1 volume by moving the datasets to a new ML1 volume or if I must delete these datasets since many of the volume names are obsolete. * DFHSM.VTOC.T015300.VRESA15.D05231 * Can someone please tell me exactly what this dataset represents and how can I move it from the

Re: HSM VTOC data sets on ML1 DASD volume

IIRC, these are VTOC backups of volumes taken during BACKUP processing from 2005.231, shortly after midnight (00:53:01 I think). I think these are only needed to recover volume RESA15 to that date/time, so I seriously doubt you need them. But don't take my word as gospel, I am a relative HSM

AUTO: Werner Pause is out of the office. (returning 29.08.2009)

I am out of the office until 29.08.2009. I will respond to your message when I return. Note: This is an automated response to your message Re: Who has z/Linux, z/VM and Oracle sent on 26/8/09 23:58:44. This is the only notification you will receive while this person is away.

Re: # of subchannels

On Wed, 26 Aug 2009 14:04:46 +0200, R.S. r.skoru...@bremultibank.com.pl wrote: Recently two subchannels sets became available on new mainframes. However my question regards how the number of subchannels is defined. For example: 1 LPAR on CPC(single CSS) and 2000 devices gives 2000 subchannels

Re: Need new 3270 emulator: SSH, inexpensive, reliable

z/OS can certainly be a VPN endpoint. z/OS supports IPSec, for example, and much IPSec-related processing can run on zIIP(s). I agree with the other posters, though, that (at least as the original question was phrased *) TLS/SSL is the way to go, and mainframe-direct. Yes, it is possible to use