Hello,
We have zLinux(Redhat V5.5) running under z/VM V6.1 on z196.
zLinux is coupled to VSWITCH which is defined IP and has two separate OSA
adater devices for VSWITCH failover.
and two OSA adapter are connected same CISCO L2 switch.
We tested VSWITCH failover, and it worked well.
But after
TaeMin Baek writes:
We have zLinux(Redhat V5.5) running under z/VM V6.1 on z196.
zLinux is coupled to VSWITCH which is defined IP and has two separate OSA
adater devices for VSWITCH failover.
and two OSA adapter are connected same CISCO L2 switch.
We tested VSWITCH failover, and it worked
Hi,
i am not a networking expert, but need to build a layer 2 vlan in z/VM
5.4. Linux is Suse SLES 11 SP1.
I was told to use layer 2 for VLAN 485 so i used these commands to create
vswitch / vlan
DEFINE VSWITCH VMT1VSW0 RDEV E606 E706 CONTROLLER * ETHERNET VLAN 485
native 485
DEFINE LAN
Stefan,
you have connected your NIC device to a z/VM virtual LAN.
Virt. LAN has no VLAN support nor can it connect to an OSA Adapter.
Only the z/VM VSWITCH has both Layer 2 and VLAN support.
So if you want to connect to a externel switch via a OSA adapter using
VLAN tagging you must use a VSWITCH
Hello Joerg,
thanks for the answer. Yes, the NIC is connected to the LAN, the LAN is
connected via VSWITCH to the OSA. We also changed from layer 2 to layer 3
(IP), but still no connection to the outside world.
i am able to ping another linux within the same vlan. this is how it
looks
to guest communications.
From: Stefan Raabe stefan.ra...@deutsche-boerse.com
To: IBMVM@LISTSERV.UARK.EDU
Date: 05/23/2011 05:38 AM
Subject:Create z/VM Layer 2 VLAN / VSwitch
Sent by:The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU
Hi,
i am not a networking expert
.
Regards,
Alan Altmark
IBM Lab Services
-
Sent from my BlackBerry Handheld.
- Original Message -
From: Stefan Raabe [stefan.ra...@deutsche-boerse.com]
Sent: 05/23/2011 11:39 AM ZE2
To: IBMVM@LISTSERV.UARK.EDU
Subject: [IBMVM] Create z/VM Layer 2 VLAN / VSwitch
Hi,
i am
Hi Stefan,
you wrote
the Linux guest nic is defined in the directory
NICDEF 9000 TYPE QDIO DEVICES 3 LAN SYSTEM VMT1LN01 MACID E32200
So that NIC is connected to LAN VMT1LN01 not a VSWITCH od did I miss
something ?
What do you mean with
Yes, the NIC is connected to the LAN, the LAN
Hello,
yes we tried that too, and now this is working.
so now we use NICDEF - VSWITCH with VLAN 001
What i tried was NICDEF - LAN - VSWITCH with VLNAN 485 which did not
work, even when trying with VLAN 001. Is this gerneral not possible? Is
the VM LAN for internal commuication only
to
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU
To
IBMVM@LISTSERV.UARK.EDU
cc
Subject
Re: Create z/VM Layer 2 VLAN / VSwitch
Hello,
yes we tried that too, and now this is working.
so now we use NICDEF - VSWITCH with VLAN 001
What i tried was NICDEF - LAN - VSWITCH
On Monday, 05/23/2011 at 08:52 EDT, Stefan Raabe
stefan.ra...@deutsche-boerse.com wrote:
yes we tried that too, and now this is working.
so now we use NICDEF - VSWITCH with VLAN 001
What i tried was NICDEF - LAN - VSWITCH with VLNAN 485 which did not
work,
even when trying
[mailto:IBMVM@LISTSERV.UARK.EDU] On Behalf
Of Alan Altmark
Sent: Monday, April 04, 2011 5:03 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: New VSWITCH definition Best Practice
It's time for me to update my Best Practice for VSWITCH definition With
the changes that were made to z/VM 6.1 for zEnterprise
(I'm guessing he uses it to line the bottom of Chuckie's cage g)
On Tuesday, 04/05/2011 at 10:46 EDT, Jeff Gribbin jeff.grib...@gmail.com
wrote:
(I'm guessing he uses it to line the bottom of Chuckie's cage g)
I am taking names. Irrelevantly, one notes that it is common in some
parts of the world to discover scorpions in your shoes. Hey, let's be
careful
On Tuesday, 04/05/2011 at 10:37 EDT, Martin, Terry R. (CMS/CTR) (CTR)
terry.mar...@cms.hhs.gov wrote:
Can you tell me where you have the Best Practices document?
Document? What document? That's like asking for the complete list of
Alan's Rules for Networking. This listserver is part of
On 4/5/2011 at 12:04 PM, Alan Altmark alan_altm...@us.ibm.com wrote:
And if I wrote all my ideas down, no one would ever hire me. ;-)
Even though scorpions are not known in Michigan, I'll refrain from comment
anyway.
Mark Post
It's time for me to update my Best Practice for VSWITCH definition With
the changes that were made to z/VM 6.1 for zEnterprise ensembles, but
which benefit non-ensemble configurations, there's a new sheriff in town.
Forget VLAN 666. Here's what you really want to see:
DEFINE VSWITCH
Hi Folks
I currently have a layer3 VSWITCH defined. This vswitch has been used
for production guest machines so I don't want to break this.
I have a need for a layer2 VSWITCH.
My Layer2 VSWITCH is on CHPID 01, using devices 0D10-0D12. Current subnet
is 10.207.1.x
I want to add a Layer2
though.
Regards,
Mike
Barclays Bank
_
From: The IBM z/VM Operating System [mailto:IBMVM@LISTSERV.UARK.EDU] On
Behalf Of Karl Kingston
Sent: 21 March 2011 17:00
To: IBMVM@LISTSERV.UARK.EDU
Subject: VSWITCH Layer2 Layer3
Hi Folks
I currently have a layer3 VSWITCH defined
Tom,
Can I use devices 0D13-0D15 on CHPID 01
Be sure Q D13-D15 replies with OSA FREE. Or conversely, use Q OSA
FREE to be sure these devices are available.
Mike MacIsaac mike...@us.ibm.com (845) 433-7061
: Monday, March 21, 2011 1:00 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: VSWITCH Layer2 Layer3
Hi Folks
I currently have a layer3 VSWITCH defined. This vswitch has been used
for production guest machines so I don't want to break this.
I have a need for a layer2 VSWITCH.
My Layer2 VSWITCH
time, though you will
find that restriction still in some host software. DEFINE VSWITCH does
not have such a restriction.
Alan Altmark
z/VM and Linux on System z Consultant
IBM System Lab Services and Training
ibm.com/systems/services/labservices
office: 607.429.3323
mobile; 607.321.7556
, March 21, 2011 1:18 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: VSWITCH Layer2 Layer3
On Monday, 03/21/2011 at 02:14 EDT, Bob McCarthy
bob.mccar...@custserv.com wrote:
I run layer 2 and layer 3 on the same OSA. I believe that the
addresses must
begin on an even boundary, therefore you
I realize that this is a year old but I am trying to get a definitive
answer about the earliest release of z/OS that will successfully use a
VSWITCH as a guest.
We sometimes have to resurrect an old z/OS release to solve a customer
issue. I have been successful with z/OS 1.4 but now we
] On Behalf
Of Rob Holtz
Sent: Friday, February 25, 2011 11:41 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: VSWITCH
I realize that this is a year old but I am trying to get a definitive answer
about the earliest release of z/OS that will successfully use a VSWITCH as a
guest.
We sometimes have
guys, i have tryed set up a vswitch on ip routing mode to use port group,
but i can't i get group paramenter invalid...
when i set up vswtich to ETHERNET, and make SET VSWITCH VSWSVC01 GROUP
GRPSRV01 , i receive the error: HCPSWS2799E VSWITCH change is not allowed
but after some seconds
You should have gotten another message (HCP2830I) to explain what the state
of the virtual switch is .. the message you got indicates the command
couldn't complete because of the current state of the vswitch.
HELP HCP2830I will show several different variations of the possible states
On Monday, 01/31/2011 at 05:35 EST, Rogério Soares
rogerio.soa...@gmail.com wrote:
guys, i have tryed set up a vswitch on ip routing mode to use port
group, but i
can't i get group paramenter invalid...
when i set up vswtich to ETHERNET, and make SET VSWITCH VSWSVC01 GROUP
GRPSRV01 , i
Thanks Alan... :)
On Mon, Jan 31, 2011 at 9:07 PM, Alan Altmark alan_altm...@us.ibm.comwrote:
On Monday, 01/31/2011 at 05:35 EST, Rogério Soares
rogerio.soa...@gmail.com wrote:
guys, i have tryed set up a vswitch on ip routing mode to use port
group, but i
can't i get group paramenter
Did VSWSVC01 used to be an IP VSWITCH? Have you made the appropriate
change in the Linux configuration files to make the interface Layer 2?
Regarding the Q NIC output, it looks like you must have all the latest 6.
1
service on because there's now a QUERY NIC Class B command. If you wish
Hi Sue,
I got the problem, when i created the vswitch i set it to ETHERNET, it can
be IP VSWITCH without problem?
I reinstall the linux enabling LAYER 2 SUPPORT and works great!..
if possible, can you tell me how enable layer 2 support after installed ?
i found option
Glad it's working now.
I believe all you need to do to enable Layer 2 is what you already did -
setting QETH_LAYER2_SUPPORT to '1'.
Leave LLADDR blank. Then Linux will use the MAC address assigned to the
virtual NIC.
abou IP VSWITCH i can set it to IP ou i should keep it on ETHERNET ?
i have no problem today with ip vswitch, what you think? i enjoy the moment
and change it to ethernet or i can still using ip vswitch ?
thanks for help , and forgive if is a noob question..
On Fri, Jan 21, 2011 at 1:13 PM
abou IP VSWITCH i can set it to IP ou i should keep it on ETHERNET ?
i have no problem today with ip vswitch, what you think? i enjoy the moment
and change it
to ethernet or i can still using ip vswitch ?
For Linux systems, I generally recommend ETHERNET. That uses slightly more CPU
I agree with what David said about using ETHERNET. In addition, if you
want to use Link Ag, you have to use ETHERNET. :-)
Sue
If you are using LACP, must be ETHERNET. (Layer 2)
Marcy
From: The IBM z/VM Operating System [mailto:IBMVM@LISTSERV.UARK.EDU] On Behalf
Of Rogério Soares
Sent: Friday, January 21, 2011 7:18 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: [IBMVM] definition of guest using port group and vswitch
Great David, i haven't zos today, when it comes, we create a new vswitch...
i will get you advice, i will enjoy the moment to change it to ethernet...
:)
thanks again :)
On Fri, Jan 21, 2011 at 1:24 PM, David Boyes dbo...@sinenomine.net wrote:
abou IP VSWITCH i can set it to IP ou i should
Soares
*Sent:* Friday, January 21, 2011 7:18 AM
*To:* IBMVM@LISTSERV.UARK.EDU
*Subject:* Re: [IBMVM] definition of guest using port group and vswitch
(link aggregation
abou IP VSWITCH i can set it to IP ou i should keep it on ETHERNET ?
i have no problem today with ip vswitch, what you
Dear friends,
i have a new problem today..
For the first time i tryed set a vswitch using port group definitions
using:
set port group grpsrv01 join 1D00.P0 1E00.P0
Port group GRPSRV01 is created
Ready; T=0.01/0.01 11:19:10
DEFINE VSWITCH VSWSVC01 ETHERNET RDEV 0800.P0 GROUP GRPSRV01
There is nothing special on the NIC to use a VSWITCH that has LACP.
Did you do the grant?
Marcy
From: The IBM z/VM Operating System [mailto:IBMVM@LISTSERV.UARK.EDU] On Behalf
Of Rogério Soares
Sent: Thursday, January 20, 2011 12:07 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: [IBMVM
have a new problem today..
For the first time i tryed set a vswitch using port group definitions
using:
set port group grpsrv01 join 1D00.P0 1E00.P0
Port group GRPSRV01 is created
Ready; T=0.01/0.01 11:19:10
DEFINE VSWITCH VSWSVC01 ETHERNET RDEV 0800.P0 GROUP GRPSRV01
VSWITCH SYSTEM
special on the NIC to use a VSWITCH that has LACP.
Did you do the grant?
Marcy
From: The IBM z/VM Operating System [mailto:IBMVM@LISTSERV.UARK.EDU] On
Behalf Of Rogério Soares
Sent: Thursday, January 20, 2011 12:07 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: [IBMVM] definition of guest
You really need to see this from the z/VM logon - before Linux is even
booted. We need to see if CP complains about anything when it creates the
NIC. We need to know why address 800 is not created (or is not coupled to
the vswitch) - the messages at z/VM guest logon will provide valuable clues
address 800 is not created (or is not coupled to
the vswitch) - the messages at z/VM guest logon will provide valuable clues.
Scott Rohling
2011/1/20 Rogério Soares rogerio.soa...@gmail.com
on boot i have only
lo
..doneWaiting for mandatory devices: eth0 __NSC__
30 29 28 27 26 25 24 23 22
Have you actually rebooted the guest from logon? This is saying your NIC
is defined as an IP transport -- but the VSWITCH is ETHERNET. Did you mean
to use ETHERNET or IP transport?
From HELP HCP6024E:
o The transport type of the NIC is set when either it has been coupled to
a
Guest LAN
yes, i have logoff and logon this machine after set up...
on user direct, i do this definition:
02129 NICDEF 0800 TYPE QDIO LAN SYSTEM VSWSVC01
to use port group, i should set the vswitch to ETHERNET...
:-/
On Thu, Jan 20, 2011 at 6:58 PM, Scott Rohling scott.rohl...@gmail.comwrote:
Have
DET VSWITCH VSW1
Regards,
Paul Garment
Global z/OS Virtual Host Environment
Global z/OS Core Engineering
Ground Floor - B3 Block 10 - Radbroke Hall Knutsford, Cheshire WA16 9EU
Mail Van 49
Tel: 0044 (0)1565-614429
Clearway 7-2000-4429
Mobile 07824527131
Sorry to pose a seemingly simple question here, but I have now spent over an
hour looking for the command. How do I delete a vswitch? i.e. the opposite of
DEFINE VSWITCH VSW1 RDEV D905 AC00 CONTROLLER *
David M. Dean
Information Systems
BlueCross BlueShield Tennnessee
David
DETACH VSWITCH VSW1
Bob
From: The IBM z/VM Operating System [mailto:ib...@listserv.uark.edu] On
Behalf Of Dean, David (I/S)
Sent: Wednesday, January 12, 2011 1:14 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: vswitch delete
Sorry to pose a seemingly simple
Back in the old days, I recall a finance type person saying something like: The
Gold Standard is that it should take collusion between two or more people to
defraud the company.
If we apply that to IT, then shouldn't pswds for privileged userids that can
access/change financial data be long
Does anyone run applications in z/VM? Isn't the 'protected data' owned by
some other OS (z/OS, z/VSE, zLINUX). It seems that the high level security
effort belongs in those OS's. z/VM just needs to keep those systems isolated
and NOT be able to circumvent their security procedures.
On Fri, Dec
To
IBMVM@LISTSERV.UARK.EDU
cc
Subject
Re: Vswitch Grant as a CMD in User's Directory?
Does anyone run applications in z/VM? Isn't the 'protected data' owned by
some other OS (z/OS, z/VSE, zLINUX). It seems that the high level security
effort belongs in those OS's. z/VM just needs to keep
to another
guest minidisk if they are used and known, regardless of the OS they are
running. Same with allowing any guest access to a network path (our vswitch
conversation). To 'just keep those systems isolated' - an ESM is the only
way you can avoid violating most modern security requirements
have other VM's for running LINUX or VSE .
Granted it is a vast minority of what it was 10, 15, and 20 years ago.
munson
From: Tom Huegel tehue...@gmail.com
To: IBMVM@LISTSERV.UARK.EDU
Date: 12/10/2010 09:16 AM
Subject:Re: Vswitch Grant as a CMD in User's Directory?
Sent
Tom Huegel tehue...@gmail.com wrote :-
Does anyone run applications in z/VM? :-
Speaking for ourselves - yes. We recently did an exercise to look at the
support effort required to maintain our VM system and came to the
conclusion that at least 80% was related to local applications and local
: 12/10/2010 09:16 AM
Subject:Re: Vswitch Grant as a CMD in User's Directory?
Sent by:The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU
Does anyone run applications in z/VM? Isn't the 'protected data' owned by
some other OS (z/OS, z/VSE, zLINUX). It seems
[mailto:ib...@listserv.uark.edu] On
Behalf Of Tom Huegel
Sent: Friday, December 10, 2010 8:16 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Vswitch Grant as a CMD in User's Directory?
Does anyone run applications in z/VM? Isn't the 'protected data' owned
by some other OS (z/OS, z/VSE, zLINUX). It seems
On Friday, 12/10/2010 at 05:46 EST, Les Koehler vmr...@tampabay.rr.com
wrote:
Back in the old days, I recall a finance type person saying something
like: The
Gold Standard is that it should take collusion between two or more
people to
defraud the company.
Preventing collusion between two
Subject
Re: Vswitch Grant as a CMD in User's Directory?
Tom,
as Mike said there are a lot of companies I know of that are using CMS
applications for day to day work and the DATA resides on VM
they are using FOCUS for report generation , as well as MAILBOOK for
e-mail and interoffice file
...@listserv.uark.edu] On Behalf Of George Henke/NYLIC
Sent: Friday, December 10, 2010 10:53 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Vswitch Grant as a CMD in User's Directory?
Some companies in the past preferred to confine application
programmers to CMS due to the large overhead of TSO address
[mailto:ib...@listserv.uark.edu] On Behalf Of George Henke/NYLIC
Sent: Friday, December 10, 2010 10:53 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Vswitch Grant as a CMD in User's Directory?
Some companies in the past preferred to confine application
programmers to CMS due to the large overhead
On Friday, 12/10/2010 at 09:17 EST, Tom Huegel tehue...@gmail.com wrote:
Does anyone run applications in z/VM? Isn't the 'protected data' owned
by some
other OS (z/OS, z/VSE, zLINUX). It seems that the high level security
effort
belongs in those OS's. z/VM just needs to keep those systems
It is a hard sell to management to buy an ESM if there is no audit
requirement.
Thus my point about IBM quitting whining to us about buying one and start
supplying one by default as the Right and Proper Way.
On 12/9/10 3:27 AM, Alan Altmark alan_altm...@us.ibm.com wrote:
In order to achieve the savings you imply, then z/VM must move to the
z/OS
model in which, except for a few specific functions, an ESM is required
for proper operation. NO native CP security controls beyone those
required to
On Wed, Dec 8, 2010 at 7:38 PM, Alan Altmark alan_altm...@us.ibm.com wrote:
I've been saying for several years, You need an ESM. More and more
z/VM security management will be focused on ESMs, not native CP. If your
fave ESM doesn't simplify things for you, gripe to the vendor.
That's
Of Alan Altmark
Sent: Wednesday, December 08, 2010 8:32 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Vswitch Grant as a CMD in User's Directory?
On Wednesday, 12/08/2010 at 03:11 EST, RPN01
nix.rob...@mayo.edu wrote:
But, should you have to have an external security manager
for a system
where
[mailto:ib...@listserv.uark.edu] On Behalf Of Alan Altmark
Sent: Wednesday, December 08, 2010 8:32 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Vswitch Grant as a CMD in User's Directory?
On Wednesday, 12/08/2010 at 03:11 EST, RPN01
nix.rob...@mayo.edu wrote:
But, should you have
-Original Message-
From: The IBM z/VM Operating System
[mailto:ib...@listserv.uark.edu] On Behalf Of Tom Huegel
Sent: Thursday, December 09, 2010 11:01 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Vswitch Grant as a CMD in User's Directory?
snip
Don't you just love the airport
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Vswitch Grant as a CMD in User's Directory?
Does it really matter? SOX is just another way congress has come up with to
destroy the American economy, and in fact the American way of life. Besides all
of our passwords are probably available on Wikileaks anyway
12:00 PM
Please respond to
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU
To
IBMVM@LISTSERV.UARK.EDU
cc
Subject
Re: Vswitch Grant as a CMD in User's Directory?
Does it really matter? SOX is just another way congress has come up with
to destroy the American economy, and in fact
by: The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU
12/09/2010 12:00 PM
Please respond to
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU
To
IBMVM@LISTSERV.UARK.EDU
cc
Subject
Re: Vswitch Grant as a CMD in User's Directory?
Does it really matter? SOX is just another way congress has
On Thursday, 12/09/2010 at 12:01 EST, Tom Huegel tehue...@gmail.com
wrote:
Does it really matter? SOX is just another way congress has come up with
to
destroy the American economy, and in fact the American way of life.
When you read the law, you find that SOX is simply a way to hold
On 12/9/2010 at 01:36 PM, George Henke/NYLIC george_he...@newyorklife.com
wrote:
Does it really matter? SOX is just another way congress has come up with
to destroy the American economy, and in fact the American way of life.
Given the current real life demands on our moderator, could we kill
good point Mark
Bill Munson
From: Mark Post mp...@novell.com
To: IBMVM@LISTSERV.UARK.EDU
Date: 12/09/2010 01:46 PM
Subject:Re: Vswitch Grant as a CMD in User's Directory?
Sent by:The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU
On 12/9/2010 at 01:36 PM
System IBMVM@LISTSERV.UARK.EDU
To
IBMVM@LISTSERV.UARK.EDU
cc
Subject
Re: Vswitch Grant as a CMD in User's Directory?
On Thursday, 12/09/2010 at 12:01 EST, Tom Huegel tehue...@gmail.com
wrote:
Does it really matter? SOX is just another way congress has come up with
to
destroy the American
On Thursday, 12/09/2010 at 11:41 EST, Schuh, Richard rsc...@visa.com
wrote:
Not necessarily, there is LOGONBY. They need only know their own
passwords.
They logon and access USER DIRECT. Now they know ALL the passwords. Of
course, you can have LBYONLY for everyone. But that misses the
You would HAVE to buy an ESM, whether from IBM or CA.
Or have IBM include a basic awful one (eg, RACF) in the price of VM and be
done with it. Including a basic one that can be replaced with Something
Else would make everybody (IMHO) happy. The internal cost of including
RACF can't be that large.
.
Is there anyone out there that actually gains security from CP users not
being granted onto their vSwitches? How many people would like to be able to
define a vSwitch as open to the public or not requiring a grant to be
accessed?
--
Robert P. Nix Mayo Foundation.~.
RO-OC-1-18
Hi,
CP DEFINE LAN have a UNRESTRICTED option, that don't need the grants.
My suggestion:
If the environment is stable, fix the VSWITCH and GRANTS into SYSTEM
CONFIG.
If the system is unstable or is in the test phase, test with the
unrestricted lan.
Only NICDEF changes in directory
/2010 8:29 PM, Marcy Cortes wrote:
Add the couple command in there too.
Marcy. Sent from my BlackBerry.
- Original Message -
From: The IBM z/VM Operating SystemIBMVM@LISTSERV.UARK.EDU
To: IBMVM@LISTSERV.UARK.EDUIBMVM@LISTSERV.UARK.EDU
Sent: Tue Dec 07 21:25:07 2010
Subject: [IBMVM] Vswitch
I don't. I don't have any human beings on my systems except for system
programmers that have full authority anyway. Having to GRANT linux
servers is an extra thing that has to be managed. I would like to
define a vswitch as unrestricted.
-Original Message-
From: The IBM z/VM Operating
Or maybe put a password on the VSWITCH that would allow a class G user to
connect if he knew the password.
On Wed, Dec 8, 2010 at 8:15 AM, Quay, Jonathan (IHG)
jonathan.q...@ihg.comwrote:
I don't. I don't have any human beings on my systems except for system
programmers that have full
On Wednesday, 12/08/2010 at 08:31 EST, RPN01 nix.rob...@mayo.edu wrote:
Is there anyone out there that actually gains security from CP users not
being granted onto their vSwitches? How many people would like to be
able to
define a vSwitch as open to the public or not requiring a grant
On 12/8/10 4:15 PM, Quay, Jonathan (IHG) jonathan.q...@ihg.com wrote:
I don't. I don't have any human beings on my systems except for system
programmers that have full authority anyway. Having to GRANT linux
servers is an extra thing that has to be managed. I would like to
define a vswitch
have to go grant a
virtual machine into the virtual switch.) We even have jacks and wireless in
the patent waiting areas so that they can get internet access, and they
don't need to be granted in either.
The vSwitch grant is not in any way mimicking a real life scenario. It
doesn't compare
for system
programmers that have full authority anyway. Having to GRANT linux
servers is an extra thing that has to be managed. I would like to
define a vswitch as unrestricted.
Is there anyone out there that actually gains security from CP users not
being granted onto their vSwitches? How many
first.
Tom Huegel tehue...@gmail.com
Sent by: The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU
12/08/2010 03:10 PM
Please respond to
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU
To
IBMVM@LISTSERV.UARK.EDU
cc
Subject
Re: Vswitch Grant as a CMD in User's Directory
On Wednesday, 12/08/2010 at 02:35 EST, David Boyes dbo...@sinenomine.net
wrote:
OTOH, I think this also argues for a bigger step: for IBM to supply a
default ESM and quit having to do it two different ways. We can always
replace the default one with something better, but there's a lot of
I have to go grant a
virtual machine into the virtual switch.) We even have jacks and
wireless in
the patent waiting areas so that they can get internet access, and they
don't need to be granted in either.
The vSwitch grant is not in any way mimicking a real life scenario. It
doesn't compare
It seems to me...
Rather than putting a Vswitch Grant for each Linux guest somewhere like
AUTOLOG1's PROFILE EXEC, I thought I'd try putting a
CMD SET VSWITCH VSW1 GRANT USERID
in the directory profile for the Linux guests...
Alas, it seems that the GRANT isn't processed till after
Add the couple command in there too.
Marcy. Sent from my BlackBerry.
- Original Message -
From: The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU
To: IBMVM@LISTSERV.UARK.EDU IBMVM@LISTSERV.UARK.EDU
Sent: Tue Dec 07 21:25:07 2010
Subject: [IBMVM] Vswitch Grant as a CMD in User's
...@attglobal.net
It seems to me...
Rather than putting a Vswitch Grant for each Linux guest somewhere like
AUTOLOG1's PROFILE EXEC, I thought I'd try putting a
CMD SET VSWITCH VSW1 GRANT USERID
in the directory profile for the Linux guests...
Alas, it seems that the GRANT isn't processed
Stewart
lstewart.dsgr...@attglobal.netwrote:
It seems to me...
Rather than putting a Vswitch Grant for each Linux guest somewhere like
AUTOLOG1's PROFILE EXEC, I thought I'd try putting a
CMD SET VSWITCH VSW1 GRANT USERID
in the directory profile for the Linux guests...
Alas, it seems
What Kris said is right.
The 2nd time through you already have the access so it appears to work
After you IPL or destroy your vswitch, it wouldn’t work on the first login.
Drove me crazy.
Of course, I hate Grants ☺
Marcy
This message may contain confidential and/or privileged information
On Tuesday, 12/07/2010 at 11:27 EST, Marcy Cortes
marcy.d.cor...@wellsfargo.com wrote:
What Kris said is right.
The 2nd time through you already have the access so it appears to work
After you IPL or destroy your vswitch, it wouldnât work on the first
login.
Drove me crazy.
Of course, I
If you use RACF - permitting user's to the VSWITCH only needs to be done
once. :-) Say goodbye to GRANT.
Scott Rohling
On Tue, Dec 7, 2010 at 9:26 PM, Marcy Cortes
marcy.d.cor...@wellsfargo.comwrote:
What Kris said is right.
The 2nd time through you already have the access so it appears
z/VM Operating System [mailto:ib...@listserv.uark.edu] On Behalf
Of Alan Altmark
Sent: Tuesday, December 07, 2010 8:32 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: [IBMVM] Vswitch Grant as a CMD in User's Directory?
On Tuesday, 12/07/2010 at 11:27 EST, Marcy Cortes
marcy.d.cor...@wellsfargo.com
On Tuesday, 12/07/2010 at 11:37 EST, Marcy Cortes
marcy.d.cor...@wellsfargo.com wrote:
Well, you know... there's only the 1 ESM that uses them and we don't use
*that*
one. I'll tolerate the grants rather than switch ESMs :)
My mistake. I would have figured that by now all ESMs would
Just a coda on this problem and a special thank you to both Alan and Sue
Farrell who hit the bull's eye.
Portname in the define VSWITCH was indeed the problem as Sue explains:
If you have defined your VSWITCH exactly like you first mentioned:
define vswitch lnxvsw1 portname lnxvsw1 rdev 9004
Same here.
Peter
-Original Message-
From: The IBM z/VM Operating System [mailto:ib...@listserv.uark.edu] On
Behalf Of Ron Schmiedge
Sent: November 3, 2010 18:21
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: No IPL VSWITCH Connectivity
Or if I weren't such a bad typer, TCVM1.zip
1 - 100 of 751 matches
Mail list logo
