Speaking as a vendor here -- and at the risk of flames -- it's not just "bad" customers. With the amount of outsourcing, turnover, overwork and layoffs of skilled people we were seeing a fair amount of "inadvertent" license violation before we implemented the serial number check. Junior sysprogs or managers who just assumed they could install the software on another LPAR.
Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of John McKown Sent: Wednesday, September 14, 2016 9:37 AM To: [email protected] Subject: Re: serial numbers ... real and imagine On Wed, Sep 14, 2016 at 11:04 AM, Adams, Anne (DTI) <[email protected]> wrote: > Hello friends, > > How can I determine where a software product is pulling the serial > number of the hardware? We'd like to be able to run a z/VM guest (for > DR) with the same serial number as our current mainframe. That way we > don’t have to call for temporary license keys. However, our DR > provider has warned us that some products will interrogate the > physical hardware rather than what the OS is holding or what I have in > the iodf. Any way beforehand to see where those values are coming from? > Of course, I can't say for certain, but my best guess (FWIW) is that most products today use the Store System Information instruction (STSI). Most of this information is available to z/OS program via the CSRSI callable service. https://www.ibm.com/support/knowledgecenter/SSLTBW_2.2.0/com.ibm.zos.v2r2.ieaa100/CSRSI_Description.htm https://www.ibm.com/support/knowledgecenter/SSLTBW_2.2.0/com.ibm.zos.v2r2.iead100/iead100476.htm How to really tell for a particular piece of software? Well, being a very old time, low-level, sort of person, I'd likely run the software (or the key validation part if that is separate) under a program I would write which would use the PER hardware to do an instruction trace. Figuring out how to do this is an exercise (in futility?) left to the reader. As others have said, doing this would most likely violate your licensing agreement, even if it is possible. It would be no different from disassembling the code and simply zapping the license check to return "valid". Many vendors are now making it possible to get emergency keys via a web portal so you don't need to actually talk to a human immediately. If getting a D.R. key is a problem, that is a vendor customer support issue. I'd basically tell them "fix it or I will do my best to replace all your products." I understand the need for keys due to "bad" customers (not paying or paying late), but I still dislike keys. I loved how one book publisher did their DRM. They would take an order from you and you'd get a download URL for the book. It was customized with your name, a serial number, and a note at the back that they paid if told about piracy of their material. So you really needed to trust anybody you "gave" the book to. > Thanks. > > Anne R Adams, CISSP > DTI, Systems Engineering > Sr. Mainframe Services Analyst > 302.298.3196 > > -- Unix: Some say the learning curve is steep, but you only have to climb it once. -- Karl Lehenbauer Unicode: http://xkcd.com/1726/ Maranatha! <>< John McKown ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
