Lizette,
SMF 119 does contain fields that do identify if the client session was using
a secure mechanism. In addition, if the job(s) are specifying the SYSFTPD
DD, check in the member(s) being referenced and see if the SECURE_MECHANISM
parm is uncommented, and set to TLS. If that parm, and the a
John,
If the dataset you're trying to recover was originally on tape, then it will
not be in the .D. file, as that would only be for datasets that were
originally on disk. I believe that any migrated or tape datasets get
written to .O. dataset, which you will have to run a single dataset ARECOVER
We've got some luminex gateway appliances for virtual tape processing and
are running into issues where between the time we generate the listing of
scratch tapes, run update of the volcat, and send the scratch list to the
luminex, some tapes are used and changed to master status in rmm. The
window
Dave,
In TSM, when changing the device type for a storage pool, I would recommend,
creating a new device class, for pointing to the new esoteric. Then create
a new stgpool, using that new device class. Update the stgpool hierarchy to
refer to the new stgpool (or if writing direct to it, update t
Wed, 6 Jan 2010 08:04:36 -0800, Donald Russell
wrote:
>On Wed, Jan 6, 2010 at 06:15, Peter Vander Woude
wrote:
>
>> Don,
>>
>> If your firewall folks just recently upgraded the firewall, it could be
>> that the
>> upgrade "defaulted", or reset some config
Don,
If your firewall folks just recently upgraded the firewall, it could be that
the
upgrade "defaulted", or reset some configuration settings. For FTPS, the
firewall cannot do what's referred to as "stateful checking". I know ours does
that, and if it does that on the control connection
Martin,
I really would prefer to continue using Bookmaster for producing this
document, and printing it, but with IBM dropping support for it, I would like
to
continue printing this using a supported method.
Yes, I am aware of B2H, and do utilize it, but that doesn't allow for
printing
v
Another option is the Tectia SSH server for z/OS (www.ssh.com)
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO
Search the archives at http:/
Kurt,
We too, have a front-end in our build process to handle ++include members.
I just wish there was a parser sample, not written in rexx, that we could
compile and have sclm flag it at that time. We did try the rexx sample a few
years ago, and for one of the programs that has a large num
My original question was about upgrading a cpu, by increasing the capacity of
existing engines. If I am understanding the posts so far, this additional
capacity is available immediately, correct?
Any feedback on how ISV products, that have passwords, based on the cpu,
handle the increase?
Tha
Nowadays, if you upgrade the cpu capacity, by having ibm just apply the
feature code to the box, does this take effect immediately on all the lpars, or
must each lpar be ipl'd to pick up the new capacity?
peter
--
For IBM-MAIN
We had a job failure, during submission, recently, that got the following
message:
IEFC614I PROCLIB DEVICE I/O ERROR SEARCHING FOR PROCEDURE/INCLUDE
I know that just a few seconds before this job was submitted, a daily defrag
ran, and had completed, on the volume, that one of the proclibs is on.
Lizette,
If the CC # is encrypted, then the PCI standard is met, and yes it would be
much more difficult to identify. Validation that a string of numbers is a CC #
can be done by running a specific function against the 16 digits (I can't
recall
right now what it's called). If there are ANY
Doc,
Actually, I dont' think this is accurate. From past audits, the PCI standard
is
very clear that the card #, stored "at rest" (either on disk, or tape), cannot
be stored in the clear at all. If at least one person, or userid, can access
this
dataset, the card # MUST be encrypted. If
I'm not sure where you're management got their information about SSL being
less secure than SSH. With the SSL configuration, you can configure it to use
different ciphers, one of them being AES.
Yes, as stated by others, SSH and SSL use Public key processing. And no you
do not have to pay V
Andy,
I believe that Library Server still will only work with XML Toolkit V1.6. I
know
1.6 of the xml toolkit is out of support, but library server has not been
updated
to use the newer versions yet. I'm just getting to working on 1.7, and
although I had the XML toolkit (v1.7-v1.9) on my
John,
I have run into somewhat the same situations. As someone else said,
FTP-TLS and firewalls do not play nicely with each other. Primarily, some
firewalls do what is called "stateful inspection". The client always
(unless told to differently) tries to open the command channel to port 2
For those of you that are using the crypto facility for business purposes, I am
curious on how your are managing the master key(s) or application keys for when
you go to your d.r. site?
For those willing to share this information, you can e-mail me offlist.
Thanks,
Pete
-
When the VTS ejects a volume as read-only, it means that the VTS has determined
that the tape volume needs to be replaced. We were told that the volume is
empty, and VTS had placed it in read-only status until there was no valid data
on it.
You need to get a new tape that will replace the on
Steve,
You might want to take a look RESMIL value in the GRS config. If you went
with the default config parm, that value would be RESMIL(10). Although we
don't run DB2 here, we did see a performance improvement when we lowered this
value to RESMIL(1).
If you're able, take a look at GRS
I'm doing an analysis of one of our application programs. As part of this, I'm
seeing the COBOL code generate a lot of PACK/UNPACK instruction pairs.
Does anyone have an idea on the performance impact of all these (potential
millions of executions in a single run)?
What's the impact of just
Peter,
It does work great, doesn't it? No worries about having the wrong HFS
mounted to go with your RESVOL, and always IPL with the correct root (or
version, if you have a Sysplex shared HFS structure implemented).
Do you have any other products installed in their own HFS? I know that
JAVA do
Still, the problem remains with
applications that need to have their HFS mounted at /service/usr/lpp/,
as clearly recommended in the SMP/E documentation.
It seems as if we have an SMP/E that can handle an arbitrary large number
of target zones and always access the correct target data sets t
Joel,
I would suspect that the issue you're running into is that your firewall is
doing "stateful inspection". The problem is not that the firewall doesn't
recognize AUTH TLS, but that it's having a problem during the TLS negotiation.
It is something that we ran into when first starting wit
Mark,
Just was at an IBM storage briefing. A couple more things relating
to the ds8000 series. If you buy a DS8100 and then want to upgrade, in
place, to a ds8300 box, you must backup all data, because the upgrade
wipes out ALL data on the disk.
Also, on the ds8000's, if you first just buy
25 matches
Mail list logo
