On 08/19/2017 08:34 PM, Tony Thigpen wrote:
> I am attempting to use FTP under VM to grab some job output from JES2.
> I am getting a strange error that I don't know where to start trying
> to resolve it. I also get the same messages when I try to ftp from a
> local pc.
>
> Command:
> site filetype=jes
> >>>SITE filetype=jes
> 200 SITE command was accepted
> Command:
> get JOB01106.2
> >>>EPRT |1|10.10.50.141|1170|
> 500 unknown command EPRT
> >>>PORT 10,10,50,141,4,146
> 200 Port request OK.
> >>>RETR JOB01106.2
> 451 Nlst failed due to internal error
> Command:
>
>
> thoughts?
>
There is an FTP exit the installation can use to restrict what can be
done by users via FTP. Our installation used that exit and permissions
to installation-specific RACF profiles to restrict what RACF userids
(which were primarily CICS and TSO users) were authorized to login to
FTP and which of those were further authorized to use filetype=jes, so
that users who hadn't been properly trained or whose job function gave
them no legitimate reason to access FTP or FTP filetype=jes wouldn't be
given these tools and create unanticipated exposures. Someone with a
RACF userid who hasn't been granted TSO access and trained in TSO/ISPF
would be less likely to have the training to know whether jobs they
might submit to MVS via FTP were reasonable; and those with TSO/ISPF
access have much better interfaces than FTP to submit and access JES
jobs. At least before my retirement, there had never had any need or
requests for more than one or two userids to use FTP filetype=jes (and
those were in Tech Services, because some vendor made part of their MVS
product maintenance support dependent on that feature).
Not saying the site in question has done something like this, but that's
one possibility.
Joel C. Ewing.
--
Joel C. Ewing, Bentonville, AR [email protected]
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
