Have to have a segment to use any IP services on the mainframe side. We are going through the conversion off of BPX.DEFAULT user now. We just decided that everything will get a omvs segment. Retro fitting the more critical stuff now, will turn on the autoassign soon to get the rest.
_________________________________________________________________ Dave Jousma Assistant Vice President, Mainframe Engineering david.jou...@53.com 1830 East Paris, Grand Rapids, MIĀ 49546 MD RSCB2H p 616.653.8429 f 616.653.2717 -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Paul Gilmartin Sent: Friday, June 05, 2015 12:58 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: OMVS segments created on demand On 2015-06-05, at 10:14, Jousma, David wrote: > Unless I am missing something, how is it a security issue? You had to logon > with an id and password. It can access its own home directory, and was > created based on a template I am assuming you or someone in your shop setup. > o Agreed. It might be a resource issue, but hardly if the default home directory is small. What's one cylinder, nowadays, anyway? o But in our environment, we have enough other UNIX network that we want to ensure that z/OS UIDs match other UNIX UIDs. Can this be automated? Perhaps with LDAP for z/OS? (This might be a lot easier if it weren't for the asinine 7-character constraint. USERIDALIASTABLE?) > -----Original Message----- > From: IBM Mainframe Discussion List On Behalf Of David Magee > Sent: Friday, June 05, 2015 9:27 AM > > Have I missed something? This seems to be a security issue to me. Other than > going out and adding OMVS(NOUID) to a LOT of RACF USER profiles ... > Must that be done individually? Can't it be set as a default? > (which disables the dynamic creation of a new OMVS segment), what else is > available to control this? > Does that curtail use of FTP, either as server or client? (But that might be your intent anyway.) -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN