Here is IBM's recommended workaround for the TCPIP problem in PUT2PROD that bypasses BFS.
Comment out with a '-' in column 1 the BFS load (in tag :TCPBFS) in 5VMTCP40.CATALOG on 5VMTCP40 491 and your TCPIP processing in PUT2PROD will finish normally. Evidently the BFS load is done for LDAP. If you do not want to bypass BFS, that is another question. Jim Bohnsack <[email protected]> Sent by: The IBM z/VM Operating System <[email protected]> 10/28/2010 12:24 PM Please respond to The IBM z/VM Operating System <[email protected]> To [email protected] cc Subject BFS for Dummies I'm still struggling in my attempt to set up or correct something that I've screwed up in BFS and/or RACF to allow BFS to be able to support SSL on z/VM 5.4. I've been told by IBM I need to work thru the Controlling OpenExtensions and BFS Security chapter in the RACF Security Admin. Gde, ch 14 for the 5.4 doc or ch 12 for the 6.1 doc. IBM referenced the 6.1 doc even tho I told them I'm working with 5.4. My immediate question is under the heading, "Setting up Support for OpenExtensions" , p 214 of the 6.1 level manual, where it says: 3. Identify your BFS service machine user IDs to RACF: a. Create a profile called POSIXOPT.SETIDS in the VMPOSIX class. b. Permit the BFS service machine user IDs. c. If it is not active already, activate the VMPOSIX class. This is where the Dummies question arises. What are the BFS service machines as they relate to SSL use. Are they the VMSERVS, U, and R userids? Are they GSKADMIN and/or SSLSERV. Is TCPIP involved since it's in the area of TCPIP where my PUT2PROD fails. Jim -- James Bohnsack (972) 596-6377 home/office (972) 342-5823 cell
