On Tue, Aug 25, 2009 at 4:01 PM, Tony Harminc tz...@attglobal.net wrote:
2009-08-25 William H. Blair wmhbl...@comcast.net wrote:
Until the binder API can function as a full-fledged system
service, it can't be used by any code that, itself, has to
adhere to the previously-established and
We've got Tectia SSH as a replacement for telnet to login to a
z/OS UNIX shell. Unfortunately, Tectia doesn't support the chcp
command, which makes it pretty much unusable for me.
We've got an elder release (5.3.7.21) so this may well have changed.
I tried to find a hint in the doc on their web
John Mattson pisze:
I would recommend Nexus which is cheap and has great support.
http://www.nexit.com/
Or free x3270.
http://x3270.bgp.nu/
--
Radoslaw Skorupka
Lodz, Poland
--
BRE Bank SA
ul. Senatorska 18
00-950 Warszawa
www.brebank.pl
Sd Rejonowy dla m. st. Warszawy
XII Wydzia
I *think* bubbling up from these threads are complaints about hurdles to
getting to Sysplex from an established environment.
Or from having to combine systems/sysplexes into a bigger sysplex that are
already units unto themselves, with disparate environments (pervasively
different naming
But the thing that bothers us is that every vendor now has a different
process for internet delivery. Instead of getting a tape and running the same
pre-configured jobs to load the contents of the tape, each vendor has a
completely different process for getting the product to us. At our ages, the
My management has asked me to see if anyone is using this configuration,
Oracle running under z/Linux with z/VM. If so, would you be willing to talk
to me offlist about it?
z/VM 5.3 5.3 SuSe Linux1-IFL
Oracle Database on Linux, Application Server on Windows someplace (hey the
data
What is CHANNEL MEASUREMENT BLOCK FACILITY ?
D IOS,CONFIG answers with IOS506I and one of the statements informs
about the facility.
I did RTFM - unfortunately found no further description
Any clue?
--
Radoslaw Skorupka
Lodz, Poland
--
BRE Bank SA
ul. Senatorska 18
00-950 Warszawa
John,
if you need a cheap and reliable 3270 Emulation then give Vista tn3270 a
try.
see www.tombrennansoftware.com
Since V1.26 it supports secure connections over a SSL connection - I
guess this is what you need.
The pros and cons of (all) 3270 emulations have been discussed here
before.
Recently two subchannels sets became available on new mainframes.
However my question regards how the number of subchannels is defined.
For example:
1 LPAR on CPC(single CSS) and 2000 devices gives 2000 subchannels
consumed
True/False?
3 LPARs and 2000 devices available to any of them gives
Frank Swarbrick of the IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu
wrote on 08/25/2009 08:14:22 PM:
I was pleased to attend the SHARE session for the just announced
Enterprise Cobol for z/OS 4.2. I was especially pleased because it
has satisfied a marketing requirement that I submitted
Here are the bullets from an old Bit Bucket we presented at SHARE. It should
get you started.
CMBs maintain information about I/O requests to devices:
A CMB exists for each defined DASD or tape device
Each entry is 32 bytes long
Reside in SQA
Locating a CMB for a device:
CMCTCMBV points to
Attached, is the WHOIS PROC that we use. It works for both 6 7 character
User IDs. That is as long as the referenced data set is kept up-to-date.
Hope this helps,
Duane
On Tue, 25 Aug 2009 15:37:17 -0500, gsg gsg_...@yahoo.com wrote:
Does anyone use the WHOIS proc that you can provides
Mark Zelden wrote:
And I got snubbed by Scott Rowe who told me he hadn't been to SHARE
in 9 years. I've also run into some first timers (not zNextGeners or
people new to the platform). That includes someone from my company
that is at SHARE for the first time.
In one of the keynotes,
Years ago in a small shop with no RACF add on tools were faced with the same
challenge. Various support groups knew the user profile but wanted to look
up the name. No doubt many various apps were developed over the years to
read the RACF type 0200 record, or some derivation of it.
Being the
True.
Once upon a time, ID's and associated names were not considered sensitive data.
Nowadays, many shops have to protect that data and thus the profile.
-Original Message-
From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of
Tony B.
Sent: Wednesday,
But then the user must have admin scope (or IRR.LISTUSER profile) over the
user to be listed.
-Original Message-
From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf
Of Eric Spencer
Sent: Wednesday, August 26, 2009 10:03 AM
To: IBM-MAIN@bama.ua.edu
Subject: Re:
We use the ListUser command to list the RACF profile.
This way there is no external database to keep in sync with RACF.
Here is a small example:
/*REXX*/
parse upper arg ruserid
/*trace ?I
On Tue, 25 Aug 2009 16:13:28 -0500, Hal Merritt
hmerr...@jackhenry.com wrote:
...
VPN is a good solution, but not PCI compliant. You shouldn't
have sensitive data flowing over a network in the open. Period.
You would use VPN to gain access to the network, but layer
another solution such as
On Tue, 25 Aug 2009 16:13:28 -0500, Hal Merritt hmerr...@jackhenry.com wrote:
VPN is a good solution, but not PCI compliant. You shouldn't have sensitive
data flowing over a network in the open. Period. You would use VPN to gain
access to the network, but layer another solution such as TLS on
I have to be there. The conference is only a few miles away. Actually I am at
work today, but I will be there again on Thursday and Friday. But it sounds
like you've already snubbed me, so... :-)
On 8/25/2009 at 7:46 PM, in message
4a945c4502d800058...@corp.jo-annstores.com, Scott Rowe
On 8/25/2009 at 9:08 PM, in message 4a94a715.6010...@trainersfriend.com,
Steve Comstock st...@trainersfriend.com wrote:
Frank Swarbrick wrote:
I was pleased to attend the SHARE session for the just announced Enterprise
Cobol for z/OS 4.2. I was especially pleased because it has satisfied a
So what better place to keep and secure sensitive data than RACF
itself...
Eric Spencer
-Original Message-
From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On
Behalf Of Hal Merritt
Sent: Wednesday, August 26, 2009 10:11 AM
To: IBM-MAIN@bama.ua.edu
Subject: Re:
On 25 Aug 2009 14:14:56 -0700,
hmerr...@jackhenry.com (Hal Merritt) wrote:
VPN is a good solution, but not PCI compliant.
That statement just doesn't make sense, and even verges on being
factually incorrect. The current PCI DSS document, version 1.2.1,
_explicitly_ mentions VPN as an approved
Has anyone pointed out in this discussion that there might be a
financial benefit to the customer to download via the internet. We
recently got all our IBM licensing changed so we could download by the
internet because then we don't have to pay sales tax as we did when
receiving tapes. That
On Tue, 25 Aug 2009 10:35:18 -0700, John Mattson john_matt...@ea.epson.com
wrote:
Management is jumping for PCI and JSOX, and now wants a SSH based
3270 emulation for accessing mainframe TSO, CICS, and such apps. Please
You could keep your same emulator and use ssh to tunnel the
That's a good idea. Which id/name dataset are you referring to?
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO
Search the archives at
IMHO:
Data has to flow in the open over a network from the host to get to the VPN
appliance (firewall). During that transit, the data can be readily viewed by
suitable network diagnostic tools.
Indeed, it would be reasonable to assume that the data would take a couple of
hops in the internal
-Original Message-
From: IBM Mainframe Discussion List
[mailto:ibm-m...@bama.ua.edu] On Behalf Of gsg
Sent: Wednesday, August 26, 2009 11:50 AM
To: IBM-MAIN@bama.ua.edu
Subject: Re: WHOIS
That's a good idea. Which id/name dataset are you referring to?
The one that __YOU__
You are more correct than I. I misspoke in my statement. I am not an expert on
PCI and should have made that clear.
But you are looking at current requirements, and they are a moving target with
each iteration being more onerous than before. More, conversations with
auditors lead me to
Most VPNs do not encrypt the connection from endpoint to endpoint, which
is what is PCI requires. The VPN would need to start on the mainframe
and go all the way to the PC. Most VPN run on a appliance (server), a
hop away from the mainframe. The last hop' blows' the PCI
Steve Finch
EDS, an HP
On 26 Aug 2009 09:15:35 -0700, frank.swarbr...@efirstbank.com (Frank
Swarbrick) wrote:
And, the new compiler features will be included in our
COBOL courses by next week.
I have to admit, I don't think I'll need any training on how to use BLOCK0.
:-)
No. My difficulty will be in getting it
On 8/26/2009 at 11:40 AM, in message
dosa9511iv9sdocm6vtq42nq17c0eju...@4ax.com, Howard Brazee
howard.bra...@cusys.edu wrote:
On 26 Aug 2009 09:15:35 -0700, frank.swarbr...@efirstbank.com (Frank
Swarbrick) wrote:
And, the new compiler features will be included in our
COBOL courses by next
Howard Brazee wrote:
On 26 Aug 2009 09:15:35 -0700, frank.swarbr...@efirstbank.com (Frank
Swarbrick) wrote:
And, the new compiler features will be included in our
COBOL courses by next week.
I have to admit, I don't think I'll need any training on how to use BLOCK0. :-)
Of course, there's
For those who want a PDF version of the Announcement see:
http://www-01.ibm.com/common/ssi/rep_ca/4/897/ENUS209-244/ENUS209-244.PDF
Of possible special interest to some sites, you may want to notice that
there is NO drop date for support for V3.4 (V3.3 and earlier already have
support
I have a feeling that many shops went to PL/I because it was easier than
persuading standards people to add SSRANGE. 8^)
As a performance capacity analyst since 1981, I don't believe the heartache
over options such as SSRANGE is worth the (supposedly) saved CPU.
Most (so-called) savings
Hi Jim,
We are also considering options, including z/VM, zLinux, etc. May I have a
copy of the notes too?
Thanks,
Linda Mooney
- Original Message -
From: Jim Marshall jim.marsh...@opm.gov
To: IBM-MAIN@bama.ua.edu
Sent: Wednesday, August 26, 2009 4:38:18 AM GMT -08:00
On 8/26/2009 at 11:52 AM, in message
1678057537-1251309119-cardhu_decombobulator_blackberry.rim.net-1839326...@bxe12
7.bisx.prod.on.blackberry, Ted MacNEIL eamacn...@yahoo.ca wrote:
I have a feeling that many shops went to PL/I because it was easier than
persuading standards people to add
Agreed. I'll repeat my tiresome mantra that anyone with a list of all RACF
users can mechanically revoke almost all of them as fast as initiators are
available.
-Original Message-
From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf
Of Hal Merritt
Sent:
First, the security group is a management issue, not a technical one. All you
need is a suitable signature and the security group has little to say. As you
climb the ladder looking for that signature, just silently point to the IBM
statement and keep a confused look in your eyes. Don't defend
Don't need an initiator. Just access to any terminal with TN3270 or FTP
capability.
-Original Message-
From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of
Tony B.
Sent: Wednesday, August 26, 2009 1:23 PM
To: IBM-MAIN@bama.ua.edu
Subject: Re: WHOIS
Agreed.
We don't currently use SSRANGE in our VSE production but we've decided to make
SSRANGE the default on z/OS (along with CHECK(ON) for LE). So we'll see what
happens!
Frankly, Frank [(8-{]}], I don't think you'll see a difference, and the CPU
cost will be a lot less than the cost of your apps
Indeed, creation of such a dataset would expose sensitive data. Ergo, access to
that dataset would be the same as to the RACF facility.
Which brings us to the question: why not just use the LU command?
-Original Message-
From: IBM Mainframe Discussion List
Been planning to implement SoftwareAG's Cluster Services for ADABAS on an
IBM 2096-O02 and IBM 2096-T03 in a z/OS Parallel Sysplex. It has been
moving along until the person responsible for ADABAS (works in another area)
says implementing it will kill performance and besides, what is worse, is
-Original Message-
From: IBM Mainframe Discussion List
[mailto:ibm-m...@bama.ua.edu] On Behalf Of Tony B.
Sent: Wednesday, August 26, 2009 1:23 PM
To: IBM-MAIN@bama.ua.edu
Subject: Re: WHOIS
Agreed. I'll repeat my tiresome mantra that anyone with a
list of all RACF
users can
On Wed, 26 Aug 2009 11:24:11 -0500, Kelman, Tom
thomas.kel...@commercebank.com wrote:
Has anyone pointed out in this discussion that there might be a
financial benefit to the customer to download via the internet. We
recently got all our IBM licensing changed so we could download by the
internet
On 8/26/2009 at 12:09 PM, in message
1634853764-1251310151-cardhu_decombobulator_blackberry.rim.net-18498444...@bxe1
87.bisx.prod.on.blackberry, Ted MacNEIL eamacn...@yahoo.ca wrote:
We don't currently use SSRANGE in our VSE production but we've decided to
make SSRANGE the default on z/OS
steve.fi...@eds.com (Finch, Steve) writes:
Most VPNs do not encrypt the connection from endpoint to endpoint, which
is what is PCI requires. The VPN would need to start on the mainframe
and go all the way to the PC. Most VPN run on a appliance (server), a
hop away from the mainframe. The last
Or from having to combine systems/sysplexes into a bigger sysplex that are
already units unto themselves, with disparate environments (pervasively
different naming conventions, for instance). [..]
Same here. Disparate naming conventions are a double-edged sword. RNL
management is key.
[..]
I've got a user who, when they attempt to access OMVS, receives:
FSUM2384 No session was started. The system cannot set the current working
dire
ctory to the specified home directory for this user ID.
Function = chdir(), directory name = '/u/jung', return value = -1, errno = 111
(
X'006F'),
The user needs the OMVS segment in the RACF user profile.
-Original Message-
From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of
Ian S. Worthington
Sent: Wednesday, August 26, 2009 4:37 PM
To: IBM-MAIN@bama.ua.edu
Subject: chdir to home directory gives
-Original Message-
snip
Looking at their home directory it appears to be set up the
same as all other
users, viz:
IBMUSER:/u/ibmuser: ls -al /u
total 224
drwx-- 14 START1 SYS18192 Aug 26 11:01 .
drwxr-xr-x 13 START1 SYS18192 Mar 3 07:21 ..
.
.
.
I should have included that:
OMVS INFORMATION
UID= 000907
HOME= /u/jung
PROGRAM= /bin/sh
CPUTIMEMAX= NONE
ASSIZEMAX= NONE
FILEPROCMAX= NONE
PROCUSERMAX= NONE
THREADSMAX= NONE
MMAPAREAMAX= NONE
i
-- Original
Thanks John, that fixed it!
My only question would be why has this suddenly become a problem for jung when
all other users set up with the same script work fine?
i
-- Original Message --
Received: 03:45 PM COT, 08/26/2009
From: McKown, John jmck...@healthmarkets.com
To:
Hello,
Here at my work we have an Test environment that actually serves for two
purposes: 1) test of software under development and 2) stress tests.
Many external systems (J2EE based) that are stress-tested rely on
CICS/Sockets communication to call some mainframe (Natural) routines.
The
Can I 3rd that?
Please send to bob.co...@usda.gov
-Original Message-
From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On
Behalf Of Linda Mooney
Sent: Wednesday, August 26, 2009 12:57 PM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Who has z/Linux, z/VM and Oracle
Hi Jim,
I don't think we will either. And to be honest, we won't notice even if there
are differences, because it would be comparing VSE times to z/OS times even if
the options were the same.
You could waste your time and compare z/OS to z/OS. (8-{]}
And, I truly mean it would be a waste!
-
Too busy
On Wed, 26 Aug 2009 16:14:03 -0500, Henrique Seganfredo
henri...@seganfredo.com wrote:
...
I am thinking on a way of limiting the % of acceptance of sockets
calls to the mainframe coming from the J2EE 'stress-test' servers.
Is there anything that provides a way of forcing connection limits
on
-Original Message-
From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On
Behalf Of Jim Marshall
Sent: Wednesday, August 26, 2009 11:45 AM
To: IBM-MAIN@bama.ua.edu
Subject: SoftwareAG Cluster Services
Been planning to implement SoftwareAG's Cluster Services for
*
I am trying to empty one ML1 volume by moving the datasets to a new ML1
volume or if I must delete these datasets since many of the volume names are
obsolete.
*
DFHSM.VTOC.T015300.VRESA15.D05231
*
Can someone please tell me exactly what this dataset represents and how can
I move it from the
IIRC, these are VTOC backups of volumes taken during BACKUP processing from
2005.231, shortly after midnight (00:53:01 I think). I think these are only
needed to recover volume RESA15 to that date/time, so I seriously doubt you
need them. But don't take my word as gospel, I am a relative HSM
I am out of the office until 29.08.2009.
I will respond to your message when I return.
Note: This is an automated response to your message Re: Who has z/Linux,
z/VM and Oracle sent on 26/8/09 23:58:44.
This is the only notification you will receive while this person is away.
On Wed, 26 Aug 2009 14:04:46 +0200, R.S. r.skoru...@bremultibank.com.pl wrote:
Recently two subchannels sets became available on new mainframes.
However my question regards how the number of subchannels is defined.
For example:
1 LPAR on CPC(single CSS) and 2000 devices gives 2000 subchannels
z/OS can certainly be a VPN endpoint. z/OS supports IPSec, for example, and
much IPSec-related processing can run on zIIP(s). I agree with the other
posters, though, that (at least as the original question was phrased *)
TLS/SSL is the way to go, and mainframe-direct.
Yes, it is possible to use
63 matches
Mail list logo