Regarding the IOCP.txt import. Prior to 2.14.0, your choices were USB or FTP to/from the SE itself. Starting with 2.14.0, the SE will not directly connect to an FTP server but instead will route thru an HMC.
The changes to route FTP (and SFTP and FTPS) thru an HMC apply to all SE-based operations and not just the IOCP import task. Also, all tasks that supported "FTP" were enhanced to support SFTP and FTPS. For example, the "Load from Removable Media or Server" task also now supports SFTP/FTPS in addition to FTP and it also now routes its requests to the server via an HMC. This means your 2.14.0 SE's do not have to have a direct path to the FTP server anymore. As for user ids and Single Object Operations, there are two important things to know. The first is that the set of user IDs and roles is separate between the SE and the HMC(s). When you use Single Object Operations to connect to an SE, if the user ID you used is found on the SE, then that one is used. So, if you are logged onto the HMC as SYSPRG2 and there is a SYSPRG2 userid on the SE, then that is used. But, in the more typical case, if there is no user ID that matches on the SE, then you will use the default userid upon which your HMC userid is based. So, for example, if you are SYSPRG2 on the HMC and no SYSPRG2 userid exists on the SE, then you will use "SYSPROG" on the SE. Finally, I am not sure what you are trying to ask with regards to a hostile HMC. Any HMC that is at a level equal to or higher than an SE and that can see the SE can define it in. If you want to keep things more isolated, then as you say, you can set up Domain Security and/or you can set up your network to limit who can see your SE. Tom Mathias ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
