19 6:44 AM, Roach, Dennis wrote:
> Is the last release planned to be 2.3 or 2.5?
z/OS 2.5 (or whatever it will be called) aka "the release following z/OS
V2R4" will be the last one to include the JES3 feature.
That means a) IBM has until September 2023 to fully bring JES2 up to
JE
Is the last release planned to be 2.3 or 2.5?
Dennis Roach, CISSP
AIG
Identity & Access Management | Infrastructure Services
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Work: 713-831-8799 Cell: 713-591-1059 (cell)
dennis.ro...@aig.com | www.aig.com
Away Schedule
---
If you use something like RACF you can look at the product logs or SMF and see
who created it if the log option for the covering profile.
I have used RACF to create a full generic profile with no the same access as
the current controlling profile and audit(all(read)).
Dennis Roach, CISSP
AIG
Id
you want from the complete list of settings it produces.
> -Original Message-
> From: IBM Mainframe Discussion List On
> Behalf Of Roach, Dennis
> Sent: Wednesday, April 18, 2018 10:14 AM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: FW: Does anyone have a sample prog
I am looking for something to list the in storage RACLISTED profiles.
What I am trying to do is get a final merged version of a member/group profile.
Dennis Roach, CISSP
AIG
Identity & Access Management | Technology Services
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Pho
Since the majority of us use a PC with TN3270 to access the mainframe, I think
this is relevant.
I assume you are talking about a USB mouse that you have to move.
I use a Logitech K800 with an M570. The M570 is a trackball type mouse with 4
buttons and a wheel/button.
With both being Logitech, o
The RACD SMF type 80 records contains flags to indicate when a record was
logged due to SPRCIAL of OPERATIONS.
I know the flags are set when the access is at the system level authority.
Are they set when the access is at the group level?
If they are set at the group level:
How does one differenti
If you have it in a data set you do not have to go to ready.
If it is a member bring up the member list and enter sub in the command column.
If it is not a member, go to 3.4 and enter sub in the command column.
Dennis Roach, CISSP
AIG
Identity & Access Management | Technology Services
2929 Alle
Using R13 can be an issue if the linkage stack is used instead of the save area.
Dennis Roach, CISSP
AIG
Identity & Access Management | Technology Services
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713-591-1059 (cell)
dennis.ro...@aig.com | www.aig.com
-O
I have always kept the production system clock settings so the users see no
difference. If the user sets a TZ value, it would be off due to the clock
change. Job schedulers would also be off as far as the users and operations
view.
Dennis Roach, CISSP
AIG
Identity & Access Management | Technol
My favorite is to use IRRHFSU to produce a file of everything currently
mounted. Process the file with OBROWSE or OEDIT an use the find command.
Dennis Roach, CISSP
AIG
Identity & Access Management | Technology Services
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone:
Love it.
Cross posted to RACF-L
Dennis Roach, CISSP
AIG
Identity & Access Management | Technology Services
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713-831-8799
dennis.ro...@aig.com | www.aig.com
-Original Message-
From: IBM Mainframe Discussion Lis
We are running a z13 with ICSF HCR77B1.
Is there a way to programmatically display the status?
What I need is:
From ICSF main menu the Crypto Domain
From ICSF option 1, COPROCESSOR MGMT, all data.
I am attempting to set up an automated way to get the status without manually
going into ICSF
Check with your vendor or CE. Most vendors have the ability for the CE to do a
secure erase that meets most requirements.
I had to excess a virtual tape system that did not support the erase. We wound
up pulling the drives and send them to be shredded.
Dennis Roach, CISSP
AIG
Identity & Access
Did you ever get a workable solution?
I have to do the same thing.
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
I would vote for it
Dennis Roach, CISSP, PMP
AIG
IAM Platform Administration | Identity & Access Management
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713-831-8799
dennis.ro...@aig.com | www.aig.com
-Original Message-
From: IBM Mainframe Discussion Lis
Things to consider
SQA can expand into CSA but not the other way around.
You need enough SQA to get up and running.
I would have no issue with trying half of the existing SQA
CSA has become pretty stable, with most of the growth in ECSA.
With this in mind, I would feel comfortable reducing CSA by
Does anyone know of a paper of recommendations or best practices for CSFSERV?
I can see two cases:
1. Allow all users to use but not administer the feature.
2. Restrict access to only those products/users we want to use the
feature.
Questions:
1. What profiles control the adm
This makes no sense.
ls lists the directory at the remote end.
The ls command you provided looks like it should be a site command, providing
lrecl, recfm, and space information.
The // in the put command directs the output to an MVS file instead of USS.
Dennis Roach, CISSP, PMP
AIG
IAM Platfo
Does anyone know of a good USS ACL presentation?
We have outgrown the USS permission bits due to limitations.
What is the minimum required to give read/write/exec to users/groups for a
particular directory? ie /public and everything below it.
In the macro that issues the save issue
"ISREDIT AUTOSAVE ON"
See ISPF Edit and EDIT Macros for full syntax
Dennis Roach, CISSP, PMP
AIG
IAM Platform Administration | Identity & Access Management
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713-831-8
0000, Roach, Dennis wrote:
>The MVS DSN is
> TEST1.ZFS.PROD
>test1.ZFS.PROD
>Since MVS DSNs are not case sensitive, yet, they result is the same.
Are you sure? As far as I know, MVS data set names always had to be upper case.
From the z/OS Unix System Services C
The directory name keeps the case as referenced.
/home/test1 or /home/TEST1
The MVS DSN is
TEST1.ZFS.PROD
test1.ZFS.PROD
Since MVS DSNs are not case sensitive, yet, they result is the same.
In addition, if user test123 uses test1 and user test456 uses TEST1 at the same
Do you know who the vendor is or have a link?
Dennis Roach, CISSP, PMP
AIG
IAM Access Administration – Infrastructure | Identity & Access Management
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713-831-8799
dennis.ro...@aig.com | www.aig.com
-Original Message
Look at the CVT. CVTLINK points to the DCB for link list.
Dennis Roach, CISSP, PMP
AIG
IAM Access Administration – Infrastructure | Identity & Access Management
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713-831-8799
dennis.ro...@aig.com | www.aig.com
-Ori
I use "Perl by Example" by Ellie Quigley. It is easy to follow and has lots of
examples.
https://www.amazon.com/Perl-Example-5th-Ellie-Quigley/dp/0133760812/ref=sr_1_1?ie=UTF8&qid=1482331141&sr=8-1&keywords=perl+by+example
I have the third edition and use it often. The third edition came with a
I have only seen fb80 and vb255. Never saw vb259.
Dennis Roach, CISSP, PMP
AIG
IAM Access Administration – Infrastructure | Identity & Access Management
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713-831-8799
dennis.ro...@aig.com | www.aig.com
-Original Me
It is defined in the IDCMS manual (DFSMS Access Method Services Commands).
I would say no quotes on a masked data set.
Dennis Roach, CISSP, PMP
AIG
IAM Access Administration - Consumer | Identity & Access Management
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713-
TFM about Tectia and ssh-certview ;-)
That is an interesting product, not too bad. (www.ssh.com)
Roach, Dennis wrote:
>>We need to verify that our certificates are not about to expire. I tried
>>ssh-certview and get the following messages:
>>1. ssh2/id_rsa_2048_a
We need to verify that our certificates are not about to expire. I tried
ssh-certview and get the following messages:
1. ssh2/id_rsa_2048_a.pub: Failed to open `.ssh2/id_rsa_2048_a.pub':
Character set conversions not initialized: cannot convert from 'IBM-1047' to
'ISO8859-1'.
2. ssh-
Since it can, and did, cause a production outage, I voted for it.
I would think that a production outage would rate higher than a medium priority.
Dennis Roach, CISSP, PMP
AIG
IAM Access Administration – Consumer | Identity & Access Management
2929 Allen Parkway, America Building, 3rd Floor | Ho
You may want to ask on CICS-L also
Dennis Roach, CISSP, PMP
AIG
IAM Access Administration - Consumer | Identity & Access Management
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713-831-8799
dennis.ro...@aig.com | www.aig.com
-Original Message-
From: IBM M
In the USS Command Reference under automoune, options allocuser and allocany,
it states "Do not use this option with HFS-compatible zFS file systems if file
system aggregates are mounted with the same automount policy because unused
data sets is likely to be created."
We use aggregate and compa
RCTLACS contains the current running average for the LPAR.
Assuming a single LAPR, it is possible to monitor and adjust the cap by
changing the WLM policy (V WLM,policyname).
This requires at least 2 policies. 1 with no caps and 1 without caps. You may
need another with tighter caps in order to f
Use RECFM=U to see the BDW and RDW.
Dennis Roach, CISSP, PMP
AIG
IAM Access Administration – Consumer | Identy & Access Management
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713-831-8799
dennis.ro...@aig.com | www.aig.com
-Original Message-
From: IBM Ma
What makes you think it is part of RMF?
Did you look at the SMF manual?
It is product usage for capacity level billing.
Dennis Roach, CISSP, PMP
AIG
IAM Access Administration – Consumer | Identy & Access Management
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713
quot;EXTRACT" permission was not covered by the
> generic profile. may be it is a non-generic check? Other users was
> able to use the service, but not the protected one.
>
> ITschak
>
>
> ITschak Mugzach
> Z/OS, ISV Products and Application Security & Risk Asses
FACILITY is RACLISTd. Did you refresh?
Dennis Roach, CISSP, PMP
AIG
IAM Access Administration – Consumer | Identy & Access Management
2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713-831-8799
dennis.ro...@aig.com | www.aig.com
All opinions expressed by me are min
Since almost all "3390" DASD resides on FBA arrayed disks, the software exists
and is running in the control units to convert ECKD to FBA requests.
Dennis Roach, CISSP, PMP
IAM Access Administration - Consumer - Senior Analyst
2929 Allen Parkway, America Building, 3rd Floor, Houston, TX 77019
Wo
, you are right.
I only read the explanation, but not the 'prgrammess response'.
Could it be, that customer' prefix NEW ( in reality it is another one) somehow
is not correctly defined in SMS ?
Leo
On 10.05.2016 14:55, Roach, Dennis wrote:
> You need to read the entire me
You need to read the entire message. There is an application programmer
response section that says
If you expect the target data set to be SMS-managed, ensure the ACS
routine assigns a storage class or use the BYPASS ACS and STORCLAS
keywords to force the data set to b
We would need to see the entire map: Nucleus, SQA, xLPA, and CSA along with the
size specifications for SQA and CSA and the IPL syslog to see if there were any
overflow messages for both production and DR to begin to determine where the
storage went.
Dennis Roach, CISSP, PMP
IAM Access Adminis
You cannot do a full volume restore, so stated in the messages manual.
What you can safely do is a selective data set restore.
If you want to live dangerously, you could restore by track address.
Dennis Roach, CISSP, PMP
IAM Access Administration – Consumer – Senior Analyst
2929 Allen Parkway,
, since the
beginning of time.
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Pinnacle
Sent: Monday, May 02, 2016 9:42 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Helpful tip for z/OS consultants
On 5/2/2016 10:28 AM, Roach, Dennis
It can go both ways. I did a decommission gig where my job was to keep an
unsupported z/OS 1.7 system up and running, assist with transition, and provide
reporting of what was still running. The main reason I was brought in was to
allow the existing staff to transition to new positions within th
Worked on mine
Dennis Roach, CISSP, PMP
IAM Access Administration - Consumer - Senior Analyst
2929 Allen Parkway, America Building, 3rd Floor, Houston, TX 77019
Work: 713-831-8799
Cell: 713-591-1059
Email: dennis.ro...@aig.com
All opinions expressed by me are mine and may not agree with my e
Has anyone verified this? The scuttlebutt was that they were going to remove
the chip, copy it to a backup, clone several, and brute force them. If so, they
should still have the backup and be able to do it again.
Dennis Roach, CISSP, PMP
IAM Access Administration - Consumer - Senior Analyst
29
As long as they stay with their applications there should be no issue.
A standalone dump can contain passwords.
A multi-session manager, like CA/TPX, can also contain passwords.
SVC, SLIP, etc. can contain passwords.
Dennis Roach, CISSP, PMP
IAM Access Administration - Consumer - Senior Analyst
If you try the 28th it says it is on Sunday. March 1st it says is on Tuesday.
Both are correct. Monday just doesn't exist.
Dennis Roach, CISSP, PMP
IAM Access Administration – Consumer – Senior Analyst
2727 Allen Parkway, Wortham Building 3rd Floor, Houston, TX 77019
Work: 713-831-8799
Cell:
As someone already mentioned, the JECL is different. It shouldn't be hard to
write code to translate.
The other issue is the class structure. JES2 uses an one character class on the
JOB card. JES3 used the class on the JOB card or an eight character class on
the //*MAIN JECL statement.
Ed J
And the answer is RTFM. It is setup in the Tectia config file which has both a
system and user level.
Dennis Roach, CISSP, PMP
IAM Access Administration - Consumer - Senior Analyst
2727 Allen Parkway, Wortham Building 3rd Floor, Houston, TX 77019
Work: 713-831-8799
Cell: 713-591-1059
Email: d
We currently use Reflection FTP Client for standard, non-secure, ftp. We
installed Tectia secure shell ftp. I can get Reflection to sign-on to Tectia
using certificates. It works great for binary transfers, but I cannot get it to
translate EBCDIC/ASCII. Has anyone been successful with this?
---
There is no API that I am aware of. It is not hard to find.
CVTOPCTP points to the RMCT
RMCTRCT points to the RCT
The RCT contains a lot of interesting stuff
RCTCECWMCDC capacity
RCTIMGWULPAR defined capacity
RCTLACS 4 hour average
Dennis Roach, CISSP, PMP
IT Security Administrati
Check your console route codes.
Also check any automation, message processing products, or MPF exits to make
sure they are not suppressing the messages.
Dennis Roach, CISSP, PMP
IT Security Administration Senior Analyst
2727 Allen Parkway, Wortham Building 3rd Floor, Houston, TX 77019
Work: 7
How different was the I/O configuration? Adding devices can reduce private.
Different devices can take different storage amounts for UCB and drivers.
Different hardware can have different recovery modules loaded, changing private
size.
We recently dynamically added DASD. O problem, even over a
V=R won't help anyway since every virtual page is backed by a real page, hence
no paging.
Dennis Roach, CISSP, PMP
IT Security Administration Senior Analyst
2727 Allen Parkway, Wortham Building 3rd Floor, Houston, TX 77019
Work: 713-831-8799
Cell: 713-591-1059
Email: dennis.ro...@aig.com
Rep
You can use a VBS macro to save each sheet as a .cvs and then ftp the .cvs
file(s)
Sub export_cvs(sheet_to_export,export_file_name)
Sheets(sheet_to_export).Select ' select the sheet to export
Application.DisplayAlerts = False'suppress error prompts
ActiveWorkbook.SaveAs _
Take a look at
http://www.rshconsulting.com/RSHpres/RSH_Consulting__FACILITY_Class__June_2012.pdf
Do a find for IRR.LISTUSER. It has some restrictions.
Robert has many handy papers on RACF.
Dennis Roach, CISSP, PMP
IT Security Administration Senior Analyst
2727 Allen Parkway, Wortham Building
58 matches
Mail list logo