Share registration

[Roland Schiradin]

Is it just me? After the first step I get always (exclude french text). 
I already email support and they told me retry but results remains the same 

 The page you have requested is temporarily unavailable.
  We apologize for any inconvenience this may cause.

  Error Status:
  An email has been sent to Support.
  For inquiries, please send an email to [EMAIL PROTECTED]
  and quote the following timestamp: 12/11/2007 2:53:08 AM
  Thank You,
  Support Staff

Roland

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Problem trsansaction using FEPI

[Roland Schiradin]

Hi, 

I believe you better post this at CICS-L.
Look at 
http://listserv.uga.edu/cgi-bin/wa?SUBED1=cics-l&A=1
to join and
http://listserv.uga.edu/archives/cics-l.html
for the archive.

Roland

>We have problem for transaction Using FEPI.
>
>I have problem for specific branch/Pool-id ( One branch  one POOL-id).  The
>problem was  all user in one branch can not transaction with message "HOST
>MESSAGE".  The Problem solve after release/disable the last
>node/terminal-id/LU in one POOL-id.
>
>why problem can happened ?
>
>how preventive so that the problem do not happened ?

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Problem trsansaction using FEPI

[Nofri]

We have problem for transaction Using FEPI. 

I have problem for specific branch/Pool-id ( One branch  one POOL-id).  The
problem was  all user in one branch can not transaction with message "HOST
MESSAGE".  The Problem solve after release/disable the last
node/terminal-id/LU in one POOL-id. 

why problem can happened ? 

how preventive so that the problem do not happened ? 

 

Thanks 

 

 

Nofri 



--- 



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: What can be possible deployment schema for Websphere and DB2 on a mainframe?

[Bruce Hewson]

Hello Legolas :-D

Look into "Network Deployment" nodes in a Parallel Sysplex, with DB2 in a Data 
Sharing Group, also with CICS in CICSPLEX enabled environment, to see how 
WebSphere Application Server for z/OS exploits the capabilities of sysplex and 
WLM.

It is a bit different from clustering, in fact I would say it was a big step up 
from clustering.

Regards
Bruce Hewson

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: how much difference is between deploying a j2ee application in Z/Os and in windows?

[Rob Wunderlich]

On Sat, 8 Dec 2007 12:22:31 +0330, legolas wood <[EMAIL PROTECTED]> 
wrote:

>Does DB2 work in the same manner, I mean db2 for windows and linux are
>alike?
>I know that some features that are available in windows and *nix based
>version are not available in zOS. I will not use them.

z/OS DB2 tends to lag behind Windows in function. Check which version you 
are running on z/OS compared to the Windows version. 

In my experience, as long as you are doing "basic" SQL stuff, it ports fairly 
well. I don't use Windows DB2 but I frequently develop J2EE apps using MySql 
on the desktop and deploy to z/OS DB2 for production -- no problem. 

-Rob

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[Edward Jaffe]

George Fogg wrote:

OK, MGCEFAST has a purpose in certain conditions but I could set this bit on
in a simple MGCRE call to issue a command without using CPF and CMDSYS
processing and it will bypass the command exits and CMDAUTH (OPERCMDS
checking)processing?
  


Yes.

--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[George Fogg]

> Edward Jaffe wrote:
>
>>George Fogg wrote:
>>> Seems like MGCEFAST is kind of like RACF truested where authority exits are
>>> bypassed and 99% of authority checks are passed just for issuing commands
> from
>>> MGCRE.
>>>
>>> MGCEFAST = Bypass SSI, command exits, and CMDAUTH.
>>>
>>
>>MGCEFAST should be used only when that processing has already been done.
>
> Precisely, Ed.  MGCEFAST was created for things like cross system CPF and
> CMDSYS processing to prevent such 'extra' processing.  Checking and auditing
> twice wouldn't be too useful (and might be confusing!).  Even worse would be
> the possibility of a command being infinitely routed about the sysplex as a
> command exit continually changed and caused the command to be forwarded
> elsewhere...

OK, MGCEFAST has a purpose in certain conditions but I could set this bit on
in a simple MGCRE call to issue a command without using CPF and CMDSYS
processing and it will bypass the command exits and CMDAUTH (OPERCMDS
checking)processing?
I agree this not apporiate but I'm just curious if it would work.
Just another goodie to add to my "gosh, that's interesting" list.
George Fogg

>
> Since MGCRE is an authorized service, enabling users to decide whether or
> not such things are done is appropriate, since an authorized task could
> likely do anything it wanted in determining its own security environment
> (both for SAF and default MCS checking).
>
> Scott Fagen
> Enterprise Systems Mangement
> (and one-time coder of MGCEFAST)
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
> Search the archives at http://bama.ua.edu/archives/ibm-main.html
>
>

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[Edward Jaffe]

Pinnacle wrote:
Referee Scott Fagen halts the contest at 2:30 of the 3rd round, for 
the winner by TKO and STILL champen, Ki 
Jaee!


Tom, maybe it's time to cut back a bit on the caffeine. ;-)

--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: What can be possible deployment schema for Websphere and DB2 on a mainframe?

[Mark Post]

>>> On Tue, Dec 11, 2007 at  3:35 PM, in message <[EMAIL PROTECTED]>,
legolas wood <[EMAIL PROTECTED]> wrote: 
-snip-
> If we have an J2EE based application which we need to deploy on 
> WebSphere application server, and our J2EE application uses DB2 as its 
> database, what can be possible deployment schema if our system need to 
> be highly available, assume that we have redundant network 
> infrastructures, power supply and a secondary site in another 
> geographical location.

Architecting High Availability Using WebSphere V6 on z/OS
http://www.redbooks.ibm.com/abstracts/sg246850.html

High Availability Architectures For Linux on IBM System z
http://linuxvm.org/Present/misc/halinux.pdf


Mark Post

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe Funeral

[Harbeck, Reg]

I heard it too: there will be a segment about it on the CBC (Canadian 
Broadcasting Corporation) Radio One on Wednesday at 11:30am, on a program 
called "Spark". So I contacted the show's producer (Elizabeth Bowie - contact 
information below) to express my concern that this might misrepresent the 
mainframe and its critical importance to the business world. She was very good 
about replying right away, but insisted that my concerns were misplaced.

If, after reviewing the 4+ minute MP3 at the below URL that Mike Baldwin sent 
(or listening to the program on Wednesday, which should be available on-line at 
cbc.ca if you don't receive that broadcast where you live), you feel Elizabeth 
would benefit from any thoughts you can offer her, here's her contact 
information:

Elizabeth Bowie 

Producer, Spark
Canadian Broadcasting Corporation
Toronto, Ontario
416-205-8974
[EMAIL PROTECTED]
www.cbc.ca/spark

Reg Harbeck
ca
Product Management Director for Mainframe Strategy 
tel: +1-403-605-7986
 

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Mike 
Baldwin
Sent: Monday, December 10, 2007 2:39 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Mainframe Funeral

Hi listers,

This morning on the way to work, to my surprise I heard something on the 
radio about the death of "the" mainframe.  No, I didn't turn around and head 
home!

But I did find this:

http://www.cbc.ca/spark/blog/2007/11/manitoba_mainframe_funeral.html

Manitoba Mainframe Funeral
Posted by Dan Misener on November 29 at 04:48 PM

On November 21, 2007, the University of Manitoba said goodbye to its
beloved mainframe by holding a New Orleans Style Jazz Funeral, complete with 
a piñata
Spark's microphones were at the funeral, and you can hear the ceremony or 
download the mp3.

and:

http://umanitoba.ca/mainframe/

In the following video Marvin Kocay, director of Administrative Systems, 
proceeds over the "burial" portion of the memorial service.
A transcript of the eulogy is available.

On Monday, October 22, 2007 at 15:45, the mainframe (Betelgeuse) was 
unplugged from the internet. 
It is with deep sadness that the IT family announces the end of a generation 
of mainframe computing.
The first mainframe, an IBM 650 was installed in the year 1960 and went 
through many upgrades 
and changes to the final hardware of an Amdahl Millennium 1015. In its many 
forms the mainframe 
has supported the Student Records systems, Payroll, Human Resources, 
Finance, Research, 
student labs, etc.
The mainframe was predeceased by the Huron Object Star database, 
telephone registration, 
punch cards, card readers, DT80 terminals connected by the pink wire, and 
Mantes, the 
beloved file management system.
It leaves behind some 25 servers that are now needed to run these systems 
and will be 
lovingly remembered by users from across campus.
In lieu of flowers, please send donations to The Retired Programmers 
Association or the 
IST Christmas Party Foundation. 

--

Regards,
Mike Baldwin
Cartagena Software Ltd.
www.cartagena.com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Possible change to MCSOPER processing

[Shmuel Metz (Seymour J.)]

In <[EMAIL PROTECTED]>, on 12/06/2007
   at 09:35 PM, "W. Kevin Kelley" <[EMAIL PROTECTED]> said:

>We are contemplating making a change to MCSOPER processing to prevent 
>user's from specifying a console that has been defined as a system
>console.

Sounds good to me, assuming that you're just referring to the console id
used for the EMCS session.

>The intent of this change would be to further protect the 
>system console (the console of last resort) from being inadvertently
>activated  or deactivated.

Are you also going to prohibit a VARY command from having the HMC as a
target? If so, that would be a problem.
 
-- 
 Shmuel (Seymour J.) Metz, SysProg and JOAT
 ISO position; see  
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[R.S.]

Maybe I shouldn't say anything after Scott, however I'll dare to. 
I don't know "guts" of subsytems and commands, but I know more or less 
how RACF (or ACF) protection works for them:
If we're talking about MVS commands, I mean START, STOP, CANCEL, FORCE, 
MODIFY - all those commands *are* protected, despite of application design.
If we're talking about "CMDPRFX command" , then it is up to the 
application whether SAF is called or not. Subsystems like SDSF, RACF, 
MQ, JES2, STK HSC use their own command prefix and do call SAF for 
authorization. It can be, but need not to be OPERCMDS class resource. 
Others, like DB2 (older versions) do not call SAF.


Many subsystems/applications, like CICS, BMC ControlM, VTAM, RMM, HSM do 
not use its own command prefix - all the control is provided through 
MODIFY/other commands. In such case relevant OPERCMDS profile will 
always be called.


My $0.02
--
Radoslaw Skorupka
Lodz, Poland


--
BRE Bank SA
ul. Senatorska 18
00-950 Warszawa
www.brebank.pl

Sd Rejonowy dla m. st. Warszawy 
XII Wydzia Gospodarczy Krajowego Rejestru Sdowego, 
nr rejestru przedsibiorców KRS 025237

NIP: 526-021-50-88
Wedug stanu na dzie 01.01.2007 r. kapita zakadowy BRE Banku SA (w caoci 
opacony) wynosi 118.064.140 z. W zwizku z realizacj warunkowego 
podwyszenia kapitau zakadowego, na podstawie uchwa XVI WZ z dnia 21.05.2003 
r., kapita zakadowy BRE Banku SA moe ulec podwyszeniu do kwoty 118.760.528 
z. Akcje w podwyszonym kapitale zakadowym bd w caoci opacone.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe Funeral

[Lindy Mayfield]

Yeah, well, it's all fun and games until someone installs and replaces
it with Vista...


> -Original Message-
> From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
> Behalf Of Mike Baldwin
> Sent: 10. joulukuuta 2007 23:39
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Mainframe Funeral
> 
> Hi listers,
> 
> This morning on the way to work, to my surprise I heard something on
the
> radio about the death of "the" mainframe.  No, I didn't turn around
and
> head
> home!
> 
> But I did find this:
> 
> http://www.cbc.ca/spark/blog/2007/11/manitoba_mainframe_funeral.html
> 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Mainframe Funeral

[Ken Porowski]

>From my CPU charts the Amdahl 1015 was around a 9 MSU / 55 MIP box 

With the exception of the last line the eulogy is nice.

Eulogy  http://umanitoba.ca/mainframe/eulogy.php

For forty-seven years you've served us well, you cast us in your
green spell. You processed transactions without complaint, we've asked
the Pope to make you a saint. 

The users you were always able to please, with a little training they
could enter with ease, all the data they needed in 2 or 3 screens
instead of the 57 in VIP.

And getting data was easy in IMS, there were six hundred reports in
the RS. And Finance was easy with FRGLA, in the time when the 
mainframe held sway.

And the programmers they had all the tools they need, Easytrieve
and Cobal made programming a breeze. And Mantes were there to
manage the files, and to help with debugging if it wouldn't compile.

Now gone are the punch cards and card readers of yore, and
mainframe computers that used up the whole floor. With tape drive
controllers and large stacks of tapes, that kept operators scrambling
all over the place.

Farewell IMS, we'll remember you well. After forty-seven years,
there are many stories to tell. Like when Tel Reg nearly shut down
MTS, and when the Y2K bug put us under duress.

You helped us achieve our academic objectives, and gave our admin
processes a proper perspective. But now we must lay you under the
flora, because we have to go deal with this bloody Aurora. 

So we commit your parts to be recycled.
Earth to Earth
Ashes to Ashes
Dust to Dust
To the god of computers, please bless it and keep it
And give it grace and peace
But please do not resurrect it. 


-Original Message-
Mike Baldwin

Hi listers,

This morning on the way to work, to my surprise I heard something on the radio 
about the death of "the" mainframe.  No, I didn't turn around and head home!

But I did find this:

http://www.cbc.ca/spark/blog/2007/11/manitoba_mainframe_funeral.html

Manitoba Mainframe Funeral
Posted by Dan Misener on November 29 at 04:48 PM

On November 21, 2007, the University of Manitoba said goodbye to its beloved 
mainframe by holding a New Orleans Style Jazz Funeral, complete with a piñata 
Spark's microphones were at the funeral, and you can hear the ceremony or 
download the mp3.

and:

http://umanitoba.ca/mainframe/

In the following video Marvin Kocay, director of Administrative Systems, 
proceeds over the "burial" portion of the memorial service.
A transcript of the eulogy is available.

On Monday, October 22, 2007 at 15:45, the mainframe (Betelgeuse) was unplugged 
from the internet. 
It is with deep sadness that the IT family announces the end of a generation of 
mainframe computing.
The first mainframe, an IBM 650 was installed in the year 1960 and went through 
many upgrades and changes to the final hardware of an Amdahl Millennium 1015. 
In its many forms the mainframe has supported the Student Records systems, 
Payroll, Human Resources, Finance, Research, student labs, etc.
The mainframe was predeceased by the Huron Object Star database, telephone 
registration, punch cards, card readers, DT80 terminals connected by the pink 
wire, and Mantes, the beloved file management system.
It leaves behind some 25 servers that are now needed to run these systems and 
will be lovingly remembered by users from across campus.
In lieu of flowers, please send donations to The Retired Programmers 
Association or the IST Christmas Party Foundation. 

Regards,
Mike Baldwin
Cartagena Software Ltd.
www.cartagena.com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[Pinnacle]

Referee Scott Fagen halts the contest at 2:30 of the 3rd round, for the 
winner by TKO and STILL champen, Ki 
Jaee!


- Original Message - 
From: "Scott Fagen" <[EMAIL PROTECTED]>

Newsgroups: bit.listserv.ibm-main
Sent: Monday, December 10, 2007 4:43 PM
Subject: Re: MVS Command Authorization



Edward Jaffe wrote:


George Fogg wrote:
Seems like MGCEFAST is kind of like RACF truested where authority exits 
are
bypassed and 99% of authority checks are passed just for issuing 
commands

from

MGCRE.

MGCEFAST = Bypass SSI, command exits, and CMDAUTH.



MGCEFAST should be used only when that processing has already been done.


Precisely, Ed.  MGCEFAST was created for things like cross system CPF and
CMDSYS processing to prevent such 'extra' processing.  Checking and 
auditing
twice wouldn't be too useful (and might be confusing!).  Even worse would 
be
the possibility of a command being infinitely routed about the sysplex as 
a

command exit continually changed and caused the command to be forwarded
elsewhere...

Since MGCRE is an authorized service, enabling users to decide whether or
not such things are done is appropriate, since an authorized task could
likely do anything it wanted in determining its own security environment
(both for SAF and default MCS checking).

Scott Fagen
Enterprise Systems Mangement
(and one-time coder of MGCEFAST)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html 


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: SMS Construct last referenced

[Traylor, Terry]

Storgroups are easy.  No more datasets on volumes.  No ACS dataset
filter assignments.  Not an extend storgroup.

Dataclass, Storclass, and Mgmtclass have much further reaching
implications.  With these you may have to search catalogs for datasets
with these assignments and including the tape management catalog.
DFHSM's EXPIREBV doesn't know what to do with obsolete backup version if
the mgmtclass no longer exists.  Those you would have to HBDELETE or
redefine the mgmtclas temporarily.

However, I do applaud your effort to cleanup your corner of the world.


Terry Traylor
charlesSCHWAB
TIS Mainframe Storage Management
Remedy Queue: tis-hs-mstg
(602) 977-5154 

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Art
Sent: Monday, December 10, 2007 1:21 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: SMS Construct last referenced

Is there a way to tell when a member of a Construct was referenced? I
can see when they were last modified. But, would like to know when they
were last referenced. I am hoping that finding that out would help in
the cleanup of the Constructs Groups( Dataclas, Mgmtclas, Storclas, and
storgrp).  

If there is no way of telling, what would you all suggest/recommend to
obtain this information? To see if I can eliminate members that are no
longer used. 

--
For IBM-MAIN subscribe / signoff / archive access instructions, send
email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search
the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[Scott Fagen]

Edward Jaffe wrote:

>George Fogg wrote:
>> Seems like MGCEFAST is kind of like RACF truested where authority exits are
>> bypassed and 99% of authority checks are passed just for issuing commands
from
>> MGCRE.
>>
>> MGCEFAST = Bypass SSI, command exits, and CMDAUTH.
>>
>
>MGCEFAST should be used only when that processing has already been done.

Precisely, Ed.  MGCEFAST was created for things like cross system CPF and
CMDSYS processing to prevent such 'extra' processing.  Checking and auditing
twice wouldn't be too useful (and might be confusing!).  Even worse would be
the possibility of a command being infinitely routed about the sysplex as a
command exit continually changed and caused the command to be forwarded
elsewhere...

Since MGCRE is an authorized service, enabling users to decide whether or
not such things are done is appropriate, since an authorized task could
likely do anything it wanted in determining its own security environment
(both for SAF and default MCS checking).

Scott Fagen
Enterprise Systems Mangement
(and one-time coder of MGCEFAST)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Mainframe Funeral

[Mike Baldwin]

Hi listers,

This morning on the way to work, to my surprise I heard something on the 
radio about the death of "the" mainframe.  No, I didn't turn around and head 
home!

But I did find this:

http://www.cbc.ca/spark/blog/2007/11/manitoba_mainframe_funeral.html

Manitoba Mainframe Funeral
Posted by Dan Misener on November 29 at 04:48 PM

On November 21, 2007, the University of Manitoba said goodbye to its
beloved mainframe by holding a New Orleans Style Jazz Funeral, complete with 
a piñata
Spark's microphones were at the funeral, and you can hear the ceremony or 
download the mp3.

and:

http://umanitoba.ca/mainframe/

In the following video Marvin Kocay, director of Administrative Systems, 
proceeds over the "burial" portion of the memorial service.
A transcript of the eulogy is available.

On Monday, October 22, 2007 at 15:45, the mainframe (Betelgeuse) was 
unplugged from the internet. 
It is with deep sadness that the IT family announces the end of a generation 
of mainframe computing.
The first mainframe, an IBM 650 was installed in the year 1960 and went 
through many upgrades 
and changes to the final hardware of an Amdahl Millennium 1015. In its many 
forms the mainframe 
has supported the Student Records systems, Payroll, Human Resources, 
Finance, Research, 
student labs, etc.
The mainframe was predeceased by the Huron Object Star database, 
telephone registration, 
punch cards, card readers, DT80 terminals connected by the pink wire, and 
Mantes, the 
beloved file management system.
It leaves behind some 25 servers that are now needed to run these systems 
and will be 
lovingly remembered by users from across campus.
In lieu of flowers, please send donations to The Retired Programmers 
Association or the 
IST Christmas Party Foundation. 

--

Regards,
Mike Baldwin
Cartagena Software Ltd.
www.cartagena.com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Connections dropped for backlog exceeded

[Cynthia Davis]

In our IP stack we currently have SOMAXCONN set to 1500, however, we are 
still running into problems with certain applications exceeding backlog limit 
and 
connections being dropped.  When I look at the Maximum in backlog I show 
many different numbers other than the 1500.  Last week a DB2 application 
which is showing maximum in Backlog of 50, exceeded this by 2 so those 2 
connections were dropped due to backlog exceeded.  Today we have 28 
connections dropped for our FTPD1 application.  The maximum backlog for 
FTPD1 is showing 50 as well.  Can anyone tell me where I change the 
Maximum in backlog for FTPD1 and DB2 applications? 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Strange ISPF Numbers in ML Display

[Imbriale, Donald]

If you check the online help it will indicate that 65535 is the max
displayed for size.

Don Imbriale

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Lizette Koehler
Sent: Monday, December 10, 2007 4:19 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Strange ISPF Numbers in ML Display

Maybe I missed some maintanence, but I just added a 70,000 line member
to a TEXT file (Lrecl=133) and the Member listing shows as follows

EDIT  TSO.LK41591.PDF.TEXT  Row 00029 of
00108 
Command ===>  Scroll
===> CSR  
   Name Prompt   Size   Created  Changed
ID   
_ EMCCGRP1  65535  2007/12/10  2007/12/10 16:13:26
LK41591
_ EMCDASD1   4001  2007/09/06  2007/09/06 11:58:14
LK41591

Should not the EMCCGRP1 member show the true number of lines and not
64K?  70684 Line(s) not Displayed 


Lizetet



***
Bear Stearns is not responsible for any recommendation, solicitation, 
offer or agreement or any information about any transaction, customer 
account or account activity contained in this communication.
***

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Strange ISPF Numbers in ML Display

[Wayne Driscoll]

Lizzette,
ISPF stores the number of lines in a 2 byte hex field, so 65535 is the largest 
value it can store.  
HTH

Wayne Driscoll
Product Developer
JME Software LLC
NOTE:  All opinions are strictly my own.




-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of 
Lizette Koehler
Sent: Monday, December 10, 2007 3:19 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Strange ISPF Numbers in ML Display

Maybe I missed some maintanence, but I just added a 70,000 line member to a 
TEXT file (Lrecl=133) and the Member listing shows as follows

EDIT  TSO.LK41591.PDF.TEXT  Row 00029 of 00108 
Command ===>  Scroll ===> CSR  
   Name Prompt   Size   Created  Changed  ID   
_ EMCCGRP1  65535  2007/12/10  2007/12/10 16:13:26  LK41591
_ EMCDASD1   4001  2007/09/06  2007/09/06 11:58:14  LK41591

Should not the EMCCGRP1 member show the true number of lines and not 64K?  
70684 Line(s) not Displayed 


Lizetet

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Strange ISPF Numbers in ML Display

[Lizette Koehler]

Maybe I missed some maintanence, but I just added a 70,000 line member to a 
TEXT file (Lrecl=133) and the Member listing shows as follows

EDIT  TSO.LK41591.PDF.TEXT  Row 00029 of 00108 
Command ===>  Scroll ===> CSR  
   Name Prompt   Size   Created  Changed  ID   
_ EMCCGRP1  65535  2007/12/10  2007/12/10 16:13:26  LK41591
_ EMCDASD1   4001  2007/09/06  2007/09/06 11:58:14  LK41591

Should not the EMCCGRP1 member show the true number of lines and not 64K?  
70684 Line(s) not Displayed 


Lizetet

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: What can be possible deployment schema for Websphere and DB2 on a mainframe?

[Aaron Walker]

Everything that applies to creating a reasonable, maintainable 
WebSphere Application Server environment on distributed platforms 
(AIX, Linux, Windows, whatever) also applies to the mainframe.  You 
should have a cluster, preferably with the cluster members on different 
LPARs on different boxes.  If that's not possible, then have the cluster 
members on different LPARs on the same box.  If that's not possible, I 
recommend that you have a cluster (of perhaps just 2 nodes) on a 
single LPAR.  Why?  Even though it adds a few extra address spaces, I 
think the benefits of maintainability are significant.  With a cluster, you 
can apply maintenance, either to Java, WebSphere, or your application, 
to one of the nodes, and leave the other node up, handling requests.  
No down time.  You don't get that benefit if you are running with a 
single controller with multiple servants.

The document which you referenced is for WebSphere XD, and it's not 
clear that you need to go down that path (although it definitely has 
some cool functionality).  One place to go is to the IBM Techdocs site 
(http://www.ibm.com/support/techdocs/atsmastr.nsf/Web/Techdocs - 
watch for wrap), and search for "WebSphere and z/OS", and any 
documents by Bagwell or Hutchinson are usually going to be very 
valuable.

Load balancing - Sysplex Distributor provides good load balancing on 
the front end, plus if they are webapp requests, using the WebSphere 
plug-in in the HTTP server works great.  If you are balancing EJB 
requests, if you are running a cluster it's pretty much built in to the 
ORB.  You may have to do a little tuning to get it perfect.

Should you have the WebSphere Application server on the same LPAR 
as DB2?  Probably.  If you do, then you can use jdbc type 2 
connections, which provide better performance than type 4.  However, 
if you have zIIP(s), I don't know if you would get a better ROI by using 
the type 4 driver.  I was told at least a year ago that there was going 
to be a paper coming out comparing the two, but I have yet to see it.

Aaron

On Wed, 12 Dec 2007 00:05:28 +0330, legolas wood 
<[EMAIL PROTECTED]> wrote:

>Hi,
>Again it's me, with my newbie like questions.
>I have no experience with mainframes so I always think to map 
mainframe
>world with intel based servers world.
>If we have an J2EE based application which we need to deploy on
>WebSphere application server, and our J2EE application uses DB2 as 
its
>database, what can be possible deployment schema if our system 
need to
>be highly available, assume that we have redundant network
>infrastructures, power supply and a secondary site in another
>geographical location.
>
>What I am looking to understand is how our application server 
instances
>and DB2 instances will run inside the each mainframe.
>
>I find some information from the articles available in IBM web site,
>articles like :
>https://www6.software.ibm.com/developerworks/education/webspher
e/0708_faulhaber/index.html
>
>I found that ODR will act as load balancer instead of web server that I
>used with dell servers.
>But I can not understand do we install all ODR instances and real 
work
>load servers into one single operating system?
>Or we should install several instance of zOS into mainframe LPARs and
>then install each of these instances into a separate operating system

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Common Dataspace

[(IBM Mainframe Discussion List)]

 
 
In a message dated 12/10/2007 2:41:53 P.M. Central Standard Time,  
[EMAIL PROTECTED] writes:
>How could runing a SRB and anchor a CADS cause any problems beside  
problems for the SRB itself. 
My coding runs now for several customers  without any problem/ticket so far. 
I didn't modify anything I just  create/delete the CADS while running under 
*MASTER*.
Also no complains  about this issue, perhaps because it's hidden. I believe
I would get more  feedback creating an new STC because this requires some  
actions.
 
I agree totally.  I was asking Sam for corroboration of my earlier  opinion, 
which was to do it the way you did.  What happens after a customer  gets your 
perfectly debugged code depends on (1) other products that might cause  a 
problem inside *MASTER*, (2) if anyone even notices your CADS in  there, (3) 
how 
paranoid the customer is, and (4) how prone the other  vendors are to try to 
shift the blame.  Your customers have not yet  complained.  Other posters may 
have different experiences with different  customers.
 
Bill  Fairchild
Franklin, TN





**See AOL's top rated recipes 
(http://food.aol.com/top-rated-recipes?NCID=aoltop000304)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Common Dataspace

[Roland Schiradin]

How could runing a SRB and anchor a CADS cause any problems beside 
problems for the SRB itself. 
My coding runs now for several customers without any problem/ticket so far. 
I didn't modify anything I just create/delete the CADS while running under 
*MASTER*.
Also no complains about this issue, perhaps because it's hidden. I believe
I would get more feedback creating an new STC because this requires some 
actions.

I feel save with my code even some state don't agree. The future will prove

Roland

>
>
>In a message dated 12/10/2007 2:12:51 P.M. Central Standard Time,
>[EMAIL PROTECTED] writes:
>>We have a number of vendor and IBM SCOPE=COMMON data spaces that  
are
>anchored off *MASTER*.  None have ever caused a problem so  far.
>
>Have any of these vendors even been asked to look at a problem and prove
>that it was not caused by their product?
>
>Bill  Fairchild
>Franklin, TN
>
>
>
>
>
>**See AOL's top rated 
recipes
>(http://food.aol.com/top-rated-recipes?NCID=aoltop000304)
>
>--
>For IBM-MAIN subscribe / signoff / archive access instructions,
>send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
>Search the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

What can be possible deployment schema for Websphere and DB2 on a mainframe?

[legolas wood]

Hi, 
Again it's me, with my newbie like questions.
I have no experience with mainframes so I always think to map mainframe 
world with intel based servers world.
If we have an J2EE based application which we need to deploy on 
WebSphere application server, and our J2EE application uses DB2 as its 
database, what can be possible deployment schema if our system need to 
be highly available, assume that we have redundant network 
infrastructures, power supply and a secondary site in another 
geographical location.


What I am looking to understand is how our application server instances 
and DB2 instances will run inside the each mainframe.


For now, I have two dell servers each one has two instance of 
application server, so I have four instance of application server with a 
load balancer in front of them to route the request and keep each server 
busy enough. I have two Database server instances which handle all 
database requests.


I find some information from the articles available in IBM web site, 
articles like :

https://www6.software.ibm.com/developerworks/education/websphere/0708_faulhaber/index.html

I found that ODR will act as load balancer instead of web server that I 
used with dell servers.
But I can not understand do we install all ODR instances and real work 
load servers into one single operating system?
Or we should install several instance of zOS into mainframe LPARs and 
then install each of these instances into a separate operating system?


Please, If there are some articles or presentation that can help me 
learn more about this schema, give me a link to it.


Thank you.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

SMS Construct last referenced

[Art]

Is there a way to tell when a member of a Construct was referenced? I can 
see when they were last modified. But, would like to know when they were 
last referenced. I am hoping that finding that out would help in the cleanup of 
the Constructs Groups( Dataclas, Mgmtclas, Storclas, and storgrp).  

If there is no way of telling, what would you all suggest/recommend to obtain 
this information? To see if I can eliminate members that are no longer used. 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Common Dataspace

[(IBM Mainframe Discussion List)]

 
 
In a message dated 12/10/2007 2:12:51 P.M. Central Standard Time,  
[EMAIL PROTECTED] writes:
>We have a number of vendor and IBM SCOPE=COMMON data spaces that  are
anchored off *MASTER*.  None have ever caused a problem so  far.
 
Have any of these vendors even been asked to look at a problem and prove  
that it was not caused by their product?
 
Bill  Fairchild
Franklin, TN





**See AOL's top rated recipes 
(http://food.aol.com/top-rated-recipes?NCID=aoltop000304)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Common Dataspace

[Knutson, Sam]

We have a number of vendor and IBM SCOPE=COMMON data spaces that are
anchored off *MASTER*.  None have ever caused a problem so far.  

Best Regards, 

Sam Knutson, GEICO 
System z Performance and Availability Management 
mailto:[EMAIL PROTECTED] 
(office)  301.986.3574 

"Think big, act bold, start simple, grow fast..." 

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Roland Schiradin
Sent: Friday, December 07, 2007 1:38 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Common Dataspace

Wayne, 
there is no code is in the MASTER asid. Just a SRB to create and delete
the 
CADS no more.
Roland

>Roland,
>While the SRB to MASTER approach may be taken by a number of IBM
>products (DB2 and RACF come to mind), for a vendor product, I would
have
>to agree with Rob and Shane, do it the right way, if only to save
>yourself having to deal with calls from IBM if there is an abend in the
>MASTER address space, and your code is in there.

This email/fax message is for the sole use of the intended
recipient(s) and may contain confidential and privileged information.
Any unauthorized review, use, disclosure or distribution of this
email/fax is prohibited. If you are not the intended recipient, please
destroy all paper and electronic copies of the original message.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[Edward Jaffe]

George Fogg wrote:

Seems like MGCEFAST is kind of like RACF truested where authority exits are
bypassed and 99% of authority checks are passed just for issuing commands from
MGCRE.

MGCEFAST = Bypass SSI, command exits, and CMDAUTH.
  


MGCEFAST should be used only when that processing has already been done.

--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[George Fogg]

> Gregory, Gary G wrote:
>> That is true but if the application is NOT passing the UTOKEN or using
>> the macro that requires the commands be defined in OPERCMDS then that
>> won't work.
>
> I'm not sure I follow you here...
>
> Most of the time, passing UTOKEN is unnecessary. For example, MGCRE
> issued from a TSO session does not need to pass UTOKEN. It's only in
> more exotic situations, e.g., multiuser address spaces, where the
> differentiation is required. Some products, like (E)JES, always pass a
> UTOKEN because they want to differentiate between commands explicitly
> entered by the user and those generated by the product to affect a
> resource protected by other means. This is an above-and-beyond feature
> of mature, robust products and is by no means a requirement to make
> OPERCMDS work.
>
> OTOH, "using the macro that requires the commands be defined in
> OPERCMDS" is not optional. That macro, called MGCRE, is the mechanism by
> which programs enter commands into the system. And, the program doesn't
> do anything special to cause its commands to be validated against
> OPERCMDS resources. CMDAUTH is issued by the system automatically
> unless, as I stated earlier, MGCEFAST is set by the MGCRE issuer.
>

Ed.
Looks like MGCEFAST will bypass command authority checking in the OPERCMDS
class and also bypass the CONSOLE AUTH(xx) settings in the CONSOLxx
parmlib member and the AUTH() setting in the user's OPERPARM segment plus
bypass command exits and SSI--whatever that means.
Seems like MGCEFAST is kind of like RACF truested where authority exits are
bypassed and 99% of authority checks are passed just for issuing commands from
MGCRE.

MGCEFAST = Bypass SSI, command exits, and CMDAUTH.
George Fogg

>> I was only suggesting they refer to the documentation to
>> see if commands are defined in other resource classes.  The CMDAUTH
>> macro requires that all entities be defined in OPERCMDS.
>>
>
> This might be the root source of confusion for this discussion. When
> someone says "MVS commands", I think of commands documented in the "MVS
> System Commands" book, i.e. those that can be issued from an MCS
> console. Such commands are subject to checking against resources in the
> OPERCMDS class.
>
> Obviously, other commands, not defined in "MVS System Commands", would
> be subject to whatever security checking is appropriate for the command
> and the product that defines it. I think this may be the point you're
> trying to make. If so, I agree with that aspect of your statement.
>
> --
> Edward E Jaffe
> Phoenix Software International, Inc
> 5200 W Century Blvd, Suite 800
> Los Angeles, CA 90045
> 310-338-0400 x318
> [EMAIL PROTECTED]
> http://www.phoenixsoftware.com/
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
> Search the archives at http://bama.ua.edu/archives/ibm-main.html
>
>

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBMLink down?

[Wissink, Brad [ITSYS]]

Sorry, but I just tried it and it worked fine.  


Brad Wissink
Information Technology Services
Iowa State University
515-294-3088

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Pinnacle
Sent: Monday, December 10, 2007 11:59 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: IBMLink down?

I can't get to IBMLink.  Cleared cache 4 times, rebooted, still no joy
at www.ibm.com/ibmlink.  Called the Help Desk and they say they're
working, so they won't open a ticket.  Anybody else having problems?

Regards,
Tom Conley 

--
For IBM-MAIN subscribe / signoff / archive access instructions, send
email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search
the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Old Brylane GDG usermod

[Hill, Don]

Years ago, I inherited a usermod that changes when relative GDG bias is 
adjusted from end-of-job to end-of-jobstep. This was accomplished by zapping 
two instructions to NOP. 
 
The zap has fit OS/390 1.3 - z/OS 1.7. But my luck ran out in z/OS 1.9. 
Apparently, IEFAB461 was completely re-written in z/OS 1.8.
 
We looked at the new code and found the 2 instructions that needed to be 
no-op'd. But we took an ABEND0B0-08 abend when we tested the new zap.
 
I was wondering if anybody else still uses a similar zap, since CA-11 still 
supports it. If so, would you mind sharing the new zap?
 
Don Hill

2007-12-10, 12:50:36
The information contained in this e-mail message and any attachments may be 
privileged and confidential.  If the reader of this message is not the intended 
recipient or an agent responsible for delivering it to the intended recipient, 
you are hereby notified that any review, dissemination, distribution or copying 
of this communication is strictly prohibited.  If you have received this 
communication in error, please notify the sender immediately by replying to 
this e-mail and delete the message and any attachments from your computer.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Question about OPSUSS

[Petersen, Jim]

We are running OPS/MVS and OPSUSS.  We use RACF.  Does anyone know what
security settings in RACF are necessary so that one can do something
like 

 

_BPX_JOBNAME='XYZABC' _BPX_USERID='MYUSER'  shellscript_of_your_choice 

 

And get it to run under MYUSER.   We can get the jobname to change to
XYZABC but can't seem to get the userid to change.

 

 

 

___ 

Jim Petersen 
MVS - Lead  Systems Engineer 

Home Depot Technology Center 
1300 Park Center Drive, Austin, TX 78753 
www.homedepot.com 
email: [EMAIL PROTECTED] 

512-977-2615 direct 
210-977-2930 fax 
210-859-9887 cell phone 

 


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[Gregory, Gary G]

Ed, 

Your paragraph " Obviously, other commands, not defined in "MVS System
Commands", would be subject to whatever security checking is appropriate
for the command and the product that defines it."  Is exactly what I was
trying to point out.  

Not all OEM (once again I state OEM) products use CMDAUTH/OPERCMDS
combination some have their entities residing within another resource
class or don't even support or attempt to support command protection.

I was trying to indicate that for OEM products customers should refer to
the product's documentation to see (1) if command protection is
supported and (2) what steps are necessary to define/invoke command
protection.

Gary Garland Gregory, MS
CA 
Senior Software Engineer/Developer - CA Tape Encryption
Tel: +1-214-473-1863
Fax: +1-214-473-1050




-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Edward Jaffe
Sent: Monday, December 10, 2007 11:24 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: MVS Command Authorization

Gregory, Gary G wrote:
> That is true but if the application is NOT passing the UTOKEN or using
> the macro that requires the commands be defined in OPERCMDS then that
> won't work.

I'm not sure I follow you here...

Most of the time, passing UTOKEN is unnecessary. For example, MGCRE 
issued from a TSO session does not need to pass UTOKEN. It's only in 
more exotic situations, e.g., multiuser address spaces, where the 
differentiation is required. Some products, like (E)JES, always pass a 
UTOKEN because they want to differentiate between commands explicitly 
entered by the user and those generated by the product to affect a 
resource protected by other means. This is an above-and-beyond feature 
of mature, robust products and is by no means a requirement to make 
OPERCMDS work.

OTOH, "using the macro that requires the commands be defined in 
OPERCMDS" is not optional. That macro, called MGCRE, is the mechanism by

which programs enter commands into the system. And, the program doesn't 
do anything special to cause its commands to be validated against 
OPERCMDS resources. CMDAUTH is issued by the system automatically 
unless, as I stated earlier, MGCEFAST is set by the MGCRE issuer.

> I was only suggesting they refer to the documentation to
> see if commands are defined in other resource classes.  The CMDAUTH
> macro requires that all entities be defined in OPERCMDS.
>   

This might be the root source of confusion for this discussion. When 
someone says "MVS commands", I think of commands documented in the "MVS 
System Commands" book, i.e. those that can be issued from an MCS 
console. Such commands are subject to checking against resources in the 
OPERCMDS class.

Obviously, other commands, not defined in "MVS System Commands", would 
be subject to whatever security checking is appropriate for the command 
and the product that defines it. I think this may be the point you're 
trying to make. If so, I agree with that aspect of your statement.

-- 
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Reminder Linux on System z LVC Dec 11, 11:00 AM ET

[Pamela Christina in rainy/snowy Endictt NY]

Greetings- here's your reminder :-)


Just a reminder that the final 2007 Linux on System z Live Virtual
Class is:

Tuesday, Dec 11th at 11:00 AM ET.

There is no charge to participate in these technical education sessions.

You don't have to pre-register, but if you haven't participated before
please run the system check before the call.

Date: Tuesday, December 11, 2007
Time: 11:00 AM ET U.S. & Canada / 5:00 PM GMT
Duration: 75 minutes

Topic:Making z/VM and Linux Guests Production Ready.. Best Practices
Speaker: Jon vonWolfersdorf, IBM Washington Systems Center

Abstract:
This live virtual class covers installation and configuration "Best
Practices" for z/VM and Linux running as a guest of VM. It will highlight
common misunderstandings and recommendations in the areas of cpu, memory,
and I/O when running in this environment.

Connect/ Listen to the Replay using this attend/playback URL:

https://asp22.centra.com:443/GA/main/005d3ac0011610802ba79770

or

Connect/Download the Presentation/Listen to the replay from the z/VM
Website at:

http://www.vm.ibm.com/education/lvc

 You can connect to the LVC session up to 15 minutes prior to
 the start of the session.

If you are unable to connect to the Live Virtual Class session, you can
listen to the audio portion of the Linux session via telephone using the
following:
Phone Number 1: 1-888-240-4148
Phone Number 2: 1-719-234-0214
Access Code: 736296
Note: use of the telephone connection does not provide capability for you
to ask questions during the session.

System Check
The LVC will be delivered using the Centra tool that employs Voice over IP
(VoIP) technology to provide both the audio as well as the visuals
o your Windows workstation.  Prior to the session, you should run a System
Check via the following URL to verify your workstation meets the
following minimum requirements.
(We have given Centra the requirement to provide a non-Windows-centric
client to connect to these sessions)
System Check:
https://stg.centra.com/SysCheck/main/Customers/ibmstg
  Windows 2000 or Windows XP
  Internet Explorer 5.01, Netscape 7.2, Firefox 1.0 or later.
  28.8 kbps or faster Internet connection
  P350+ MHz, 128+ MB memory
  800x600 16-bit color display or better
  sound card and speakers (to hear the audio portion of the LVC)
  microphone (required if you want to ask a question during the LVC)

Replays:  The replays are available about 4 hours after the Live event. To
attend the replay, use the same connect/attend URL.
Currently available Linux on System z LVC replays:

Nov 27th - Linux on System z Planning - Where to Begin?
Dec 4th -   Linux on System z Security

  http://www.vm.ibm.com/education/lvc


Please direct any questions to Julie Liesenfelt at [EMAIL PROTECTED]

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBMLink down?

[Knutson, Sam]

Hi,

It's working fine for me Tom.  I just logged in a new session went
through Registration just fine.

Best Regards, 

Sam Knutson, GEICO 
System z Performance and Availability Management 
mailto:[EMAIL PROTECTED] 
(office)  301.986.3574 

"Think big, act bold, start simple, grow fast..." 

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Pinnacle
Sent: Monday, December 10, 2007 12:59 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: IBMLink down?

I can't get to IBMLink.  Cleared cache 4 times, rebooted, still no joy
at 
www.ibm.com/ibmlink.  Called the Help Desk and they say they're working,
so 
they won't open a ticket.  Anybody else having problems?

Regards,
Tom Conley 

This email/fax message is for the sole use of the intended
recipient(s) and may contain confidential and privileged information.
Any unauthorized review, use, disclosure or distribution of this
email/fax is prohibited. If you are not the intended recipient, please
destroy all paper and electronic copies of the original message.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBMLink down?

[Chase, John]

> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Pinnacle
> 
> I can't get to IBMLink.  Cleared cache 4 times, rebooted, 
> still no joy at www.ibm.com/ibmlink.  Called the Help Desk 
> and they say they're working, so they won't open a ticket.  
> Anybody else having problems?

I logged in earlier, but my session is still "alive and working".

-jc-

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forcing a userid and password prompt on session connect

[John Giltner]

On Mon, 10 Dec 2007 02:19:23 -0600, Support, DUNNIT SYSTEMS LTD.
<[EMAIL PROTECTED]> wrote:

>To John, I think I mentioned earlier on that SSL is not what we're looking for
>because our goal here is to place a "sentry" on the Flex-Es box's Telnet port
>23 and not allow anyone to pass without a valid ID and password. Encrypting
>3270 datastreams is what SSL does, from my understanding, which is not
>what we're tackling here. In addition, we have tentative circumstances that
>prevent us from implementing SSL for the short term.
>
>

Sorry, I missed the part about not wanting to do SSL.  Yes, SSL will encrypt
the data streams.

However, if you are going to have a non-z/OS based "sentry", won't this slow
things down?  This "sentry" sounds like a proxy server running under
Flex-ES, that will prompt the user for their user-id and password, validate
it, and then start passing the traffic between the client and server.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

IBMLink down?

[Pinnacle]

I can't get to IBMLink.  Cleared cache 4 times, rebooted, still no joy at 
www.ibm.com/ibmlink.  Called the Help Desk and they say they're working, so 
they won't open a ticket.  Anybody else having problems?


Regards,
Tom Conley 


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[Edward Jaffe]

Gregory, Gary G wrote:

That is true but if the application is NOT passing the UTOKEN or using
the macro that requires the commands be defined in OPERCMDS then that
won't work.


I'm not sure I follow you here...

Most of the time, passing UTOKEN is unnecessary. For example, MGCRE 
issued from a TSO session does not need to pass UTOKEN. It's only in 
more exotic situations, e.g., multiuser address spaces, where the 
differentiation is required. Some products, like (E)JES, always pass a 
UTOKEN because they want to differentiate between commands explicitly 
entered by the user and those generated by the product to affect a 
resource protected by other means. This is an above-and-beyond feature 
of mature, robust products and is by no means a requirement to make 
OPERCMDS work.


OTOH, "using the macro that requires the commands be defined in 
OPERCMDS" is not optional. That macro, called MGCRE, is the mechanism by 
which programs enter commands into the system. And, the program doesn't 
do anything special to cause its commands to be validated against 
OPERCMDS resources. CMDAUTH is issued by the system automatically 
unless, as I stated earlier, MGCEFAST is set by the MGCRE issuer.



I was only suggesting they refer to the documentation to
see if commands are defined in other resource classes.  The CMDAUTH
macro requires that all entities be defined in OPERCMDS.
  


This might be the root source of confusion for this discussion. When 
someone says "MVS commands", I think of commands documented in the "MVS 
System Commands" book, i.e. those that can be issued from an MCS 
console. Such commands are subject to checking against resources in the 
OPERCMDS class.


Obviously, other commands, not defined in "MVS System Commands", would 
be subject to whatever security checking is appropriate for the command 
and the product that defines it. I think this may be the point you're 
trying to make. If so, I agree with that aspect of your statement.


--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Problems with checks IXGLOGR_*

[Dave Danner]

On Mon, 26 Nov 2007 04:52:01 -0600, Jorge Garcia <[EMAIL PROTECTED]> 
wrote:

>We have offloaded the logrec logstream and now it's 2% full but when
>we refresh the check the exception continues though we have refreshed
>the structure.

Sorry for the late reply... What Jorge describes has been a known problem 
with the IBMIXGLOGR checks from the beginning that I and others have 
complained about.  Apar OA22255 (which just closed on Friday) will improve 
the situation somewhat.  From the apar:

"System logger health checks have been enhanced to allow parameters to 
update the checks behavior.

The 'TIME(mm/dd/ hh:mm:ss)' parameter allows installations to set a time 
to report from. Conditions before the inputted time will be suppressed.

The 'ALL' parameter, which is the default, will allow the previous behavior and 
show up to the most recent 16 conditions for the system logger health 
checks."

Unfortunately, due to a restriction in the HC infrastructure, you can't simply 
pass a parameter of 'REFRESH'.  The check developer suggested this: create a 
HZSPRMxx parmlib member like:

UPDATE CHECK(IBMIXGLOGR,*)
   PARM('TIME(&MON/&DAY/&YR4 &HR:&MIN:&SEC)')   

Then issue the command: F HZSPROC,ADD,PARMLIB=xx.  This should clear all 
outstanding exceptions.

I believe that my friends at IBM are aware of the 'REFRESH' requirement so 
hopefully this will be a future HC enhancement.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: PL/1 Storage Control Issue

[Ulrich Krueger]

Rick,
I'm sorry, I can't give you the PL/1 - internal info you asked for, but I
can perhaps give you a quick fix for your problem:

Years ago, in the early days of LE, I also had a memory-hungry program that
liked to abend S878 during CLOSE after hours of run time. The quick and
dirty solution was to add a runtime PARM LE - override to "force" working
storage into 31-bit territory:
PARM='/HEAP(16M,1M)'
LE defaults call for small memory allocation amounts which typically end up
in 24-bit storage and don't continue above the line when 24-bit region runs
out. 
To see your LE options in effect, use
PARM='/RPTSTG(ON),RPTOPTS(ON)' 
Try it with and without the HEAP parm added to see the difference. The
storage and options reports go to //SYSOUT DD, which you may have to add to
your JCL.

HTH

Regards,
Ulrich Krueger

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf
Of Rick Fochtman
Sent: Monday, December 10, 2007 08:37
To: IBM-MAIN@BAMA.UA.EDU
Subject: PL/1 Storage Control Issue

Can anyone point me to a reference that describes in detail the various 
storage control blocks used by PL/1 in managing BASED storage entities?

I have an application that's running out of storage, supposedly, far too 
soon, even with REGION=0M.  The number of entities that lead to failure 
leads me to believe that the BASED elements are all being held in 24-bit 
addressable storage. This is NOT a UNIX-style application, if that makes 
any difference. The compiler is IEL00.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: PL/1 Storage Control Issue

[Pinnacle]

- Original Message - 
From: "Rick Fochtman" <[EMAIL PROTECTED]>

Newsgroups: bit.listserv.ibm-main
Sent: Monday, December 10, 2007 11:38 AM
Subject: PL/1 Storage Control Issue


Can anyone point me to a reference that describes in detail the various 
storage control blocks used by PL/1 in managing BASED storage entities?


I have an application that's running out of storage, supposedly, far too 
soon, even with REGION=0M.  The number of entities that lead to failure 
leads me to believe that the BASED elements are all being held in 24-bit 
addressable storage. This is NOT a UNIX-style application, if that makes 
any difference. The compiler is IEL00.




Rick,

Make sure the LE runtime parms like STACK, LIBSTACK, etc, are all set to 
ANY, ALL31 is ON, etc.  I can't remember if there are PL/I compiler options 
controlling storage, it's been a LONG time.


Regards,
Tom Conley 


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Common Dataspace

[(IBM Mainframe Discussion List)]

 
 
In a message dated 12/8/2007 7:32:57 A.M. Central Standard Time,  
[EMAIL PROTECTED] writes:
>you are only a few minutes away from some problem ticket asking you to  
prove/state that your software was not the cause of the system  problem.
 
It's much easier to fix a bug in your own persistent address space than it  
is to prove a negative in another address space.
 
And it's much easier not to receive a problem ticket than either of the  
above.
 
This discussion reminds me of the recent discussion on whether to require  
the user to update the Program Properties Table or to add a program to his APF  
library.  There are often multiple ways to skin the software cat, all of  
which have some advantages and some disadvantages.  The SRB only runs once  
inside 
*MASTER*, I think.  Another address space requires a lot more  mothering to 
keep it alive against all possible damage.  Do it the easy way  now; i.e., 
debug the SRB code.  If you get complaints, change it into a new  address 
space.  
Or make it really non-simple by offering the customer the  choice on how to 
install it.  Customers really love choices that they can't  understand.  
Microsoft is expert at this type of interface.
 
Both camps (simpletons and correcters) can say "define 'simple'."   There is 
simplicity in developing, in handling customer problems, and in how the  
customer views the product when there are not any problems.
 
If I were doing this, and unless my management told me not to, I would hook  
my CADS into *MASTER* and have it point to, inter alia, an above-the-bar area  
for exploitation whenever possible.  Then I would deal with  the problem 
tickets if they ever appear.
 
OTOH, maybe you could ask your management now to decide.  But they  might not 
understand the choices any better than customers would.
 
Bill  Fairchild
Franklin, TN





**Check out AOL's list of 2007's hottest 
products.
(http://money.aol.com/special/hot-products-2007?NCID=aoltop000301)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

PL/1 Storage Control Issue

[Rick Fochtman]

Can anyone point me to a reference that describes in detail the various 
storage control blocks used by PL/1 in managing BASED storage entities?


I have an application that's running out of storage, supposedly, far too 
soon, even with REGION=0M.  The number of entities that lead to failure 
leads me to believe that the BASED elements are all being held in 24-bit 
addressable storage. This is NOT a UNIX-style application, if that makes 
any difference. The compiler is IEL00.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[Gregory, Gary G]

That is true but if the application is NOT passing the UTOKEN or using
the macro that requires the commands be defined in OPERCMDS then that
won't work.  I was only suggesting they refer to the documentation to
see if commands are defined in other resource classes.  The CMDAUTH
macro requires that all entities be defined in OPERCMDS.

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Edward Jaffe
Sent: Monday, December 10, 2007 10:11 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: MVS Command Authorization

Gregory, Gary G wrote:
> That's assuming the OEM product issues the RACROUTE call to verify the
> user has access to the command.
>   

No. The system issues the CMDAUTH call when processing the command 
unless MGCEFAST is set in the MGCRE parameter list.

The only responsibility of any product issuing MGCRE is to pass the 
correct UTOKEN in the event that the implicit mechanism used by the 
system will choose the "wrong" one.

-- 
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[Edward Jaffe]

Gregory, Gary G wrote:

That's assuming the OEM product issues the RACROUTE call to verify the
user has access to the command.
  


No. The system issues the CMDAUTH call when processing the command 
unless MGCEFAST is set in the MGCRE parameter list.


The only responsibility of any product issuing MGCRE is to pass the 
correct UTOKEN in the event that the implicit mechanism used by the 
system will choose the "wrong" one.


--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: MVS Command Authorization

[Gregory, Gary G]

That's assuming the OEM product issues the RACROUTE call to verify the
user has access to the command.

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Edward Jaffe
Sent: Sunday, December 09, 2007 9:12 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: MVS Command Authorization

Phillips, Peter wrote:
> We are looking at tightening control over MVS command authorization.
We
> are a JES3 shop running Flasher, Omegamon, Solve etc. with ACF2. Of
> course we have batch production jobs streams, operators, MVS sysprogs
> all issuing MVS commands at different times and in different
situations.
>
> Our management would like two keys areas addressed, firstly how to
best
> control who can issue commands MVS commands and secondly once the
> command is issued how to best track and note that the command has been
> issued.
>
> I assume control of MVS command issuing is a fairly common requirement
> so I was hoping people could pass on the benefit their wisdom and
> knowledge and how they have seen this done.
>   

Take a look at activating the OPERCMDS class in your security product.

-- 
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Common Dataspace

[Craddock, Chris]

Keith Moe said 
> Scheduling an SRB into the Master sure seem to be a touchy subject,  I
> have two observations/comments.
> 
> First, since the SRB is a unit of work that is independent of any
existing
> dispatchable unit in the Master, any normal error that occurs within
it
> has
> no impact on any other work in the address space.  If it abends, it
> doesn't take a TCB with it.  (The SRB must still use appropriate
recovery,
> though.)

True! And let's not forget that every EOM RESMGR and EOM SSI broadcast
function (lots of them in fact) run in task mode in master. There is
already a load of work in master that runs there because that's where
the system designer's chose to run it. z/OS is an environment where you
tend to do what you have to do to get things done. If that means
scheduling work into master (or the JES) then "oh well". You have to
play by the rules and you have to get it right, but then I take that as
a given for any programming task. 

CC

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Common Dataspace

[Craddock, Chris]

> 
> Can someone explain to me - in this day and age - why we're talking
CADS
> and not Shared Memory Objects (above The Bar).
> 

Arguably that's a good question. The main reason is that a "CADS" is
already on every PASN-AL in the system, so you can use the ALET without
doing an ALESERV SEARCH/ADD. Shared memory objects provide managed
sharing and therefore they have to be explicitly connected to from a
particular address space before they can be accessed from that space. 

I would argue that there are obvious ways of making that work very
nicely and it certainly gives you plenty of headroom. And shared memory
objects (unlike CADS) are NOT a limited resource. 

CC

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Common Dataspace

[Craddock, Chris]

My old mate Shane said;
> Just setup a "long lived" STC that can manage any/all of these sort of
> things, and arrange for it to stay up. Document its
> requirements/function(s) - then it's out in the open, you get the
credit
> for the work done. Every vendor in the market should do the same.

Ha ha! Ask someone who has done EXACTLY that. You would never believe
the flogging I got (from certain customers) for doing it right. This is
one of those areas where the poor chump in the ISV suit cannot win no
matter what he does. For the record, the next time I do this (if I ever
do :-) the long lived resources are going to be anchored in master. Not
because that's the right thing to do, but because explaining the more
correct alternative to the unwashed is next to impossible.

CC

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

How to get CALL-Stack?

[Michael Knigge]

All,

is there a way to get the CALL-Stack? I have a mixture of C, COBOL and 
ASM Programs and I want to display the call stack out of a COBOL-Prog 
upon SYSOUT.



Thank you,
Michael

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Announcing update to CAVXTRT (user friend CA-View ISPF Interface)

[Lionel B Dyck]

I have just updated the CAVXTRT (CA-View Extract ISPF Dialog) with support 
for CA-View release 11. The package now dynamically detects the 
differences in the CA-View report between release 2, release 11 and 
release 11 with maintenance and should work for future releases (assuming 
CA doesn't change the order of the fields in the report).

You can find the update at http://www.lbdsoftware.com

I want to thank Andy White and Jeff Dixon for his assistance with this 
update.

Lionel B. Dyck, Consultant/Specialist 
Enterprise Platform Services, Mainframe Engineering 
KP-IT Enterprise Engineering 
925-926-5332 (8-473-5332) | E-Mail: [EMAIL PROTECTED] 
AIM: lbdyck | Yahoo IM: lbdyck 
Kaiser Service Credo: "Our cause is health. Our passion is service. We?re 
here to make lives better.? 

I never guess. It is a capital mistake to theorize before one has data. 
Insensibly one begins to twist facts to suit theories, instead of theories 
to suit facts. 
- Sir Arthur Conan Doyle 

NOTICE TO RECIPIENT: If you are not the intended recipient of this e-mail, 
you are prohibited from sharing, copying, or otherwise using or disclosing 
its contents. If you have received this e-mail in error, please notify the 
sender immediately by reply e-mail and permanently delete this e-mail and 
any attachments without reading, forwarding or saving them. Thank you. 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Open Source Security Risks (was T3 Sues IBM To Break its Mainframe Monopoly)

[Tom Marchant]

On Mon, 10 Dec 2007 22:33:40 +0900, Clement Clarke wrote:
>
>You must agree that you will abide by the GNU terms, and not use it
>commercially without some appreciation, or for war.

What does that mean?

-- 
Tom Marchant

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Open Source Security Risks (was T3 Sues IBM To Break its Mainframe Monopoly)

[Clement Clarke]

R.S. wrote:

David Cole wrote:

I think you have the open source security risks backwards, Herbie.

One of the features of open source is that the source code is public. 
This means that ANYONE can read it, study it, find bugs in it, AND 
find trap doors in it! And "anyone" means anyone in the whole world!


On the other hand open code reduces risk of existence of such holes, 
or assures better detection of such holes. This is good thing.

There are known holes in M$ software, despite it's OCO.

If anyone would like the source code of the Jol Universal Command 
Language (370 ASM version) please send me an email and I will tell where 
you can download it from.


You must agree that you will abide by the GNU terms, and not use it 
commercially without some appreciation, or for war.


Cheers,

Clement Clarke
Perth

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Jeff Foxworthy & IBM

[Chase, John]

> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Warner Mach
> 
> I see where Jeff Foxworthy, the comedian, worked for IBM for 
> four years before launching his entertainment career (Check 
> it out on Google). He was applying maintenance to IBM 
> mainframes (I assume software).
>.
> But then he threw away his chance at technical wizardry in 
> favor of the fleeting attractions of fame and fortune.
>   .
> Of course Foxworthy is best known for his routine, "You might 
> be a redneck if ..." It is hard for me to understand why he 
> went with 'rednecks' when there is such rich potential in 
> 'systems programmers.'

Target audience way too small.

-jc-

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: zOS Maintenance Best Practices

[Matt Dazzo]

Dave, thanks.

>>> Dave Danner <[EMAIL PROTECTED]> 12/7/2007 4:14 PM >>>
On Fri, 7 Dec 2007 10:48:29 -0600, Patrick Lyon 
<[EMAIL PROTECTED]> wrote:

>If you are a SHARE member, the last conference had an excellent session on
>maintenance best practices.
>
>z/OS Maintenance Best Practices - The Rationale Behind the 
Recommendations

You can get it here:
http://shareew.prod.web.sba.com/client_files/callpapers/attach/SHARE_in_San 
_Diego/S2829GD105741.pdf

It's open to anyone.  You don't need a SHARE ID.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IEFUSI and 64 Bit - was "REGION=0M and LSQA"

[Veilleux, Jon L]

Here is a sample of our code

USI200   DS0H   
 L R7,SMFMEML ADDRESS OF MEMLIMIT PARMS 
 USING MEMLIMIT,R7ESTABLISH ADDRESSABILITY  
 SPACE 1
 SRR6,R6  CLEAR REG 6   
 L R6,SMFSSN  ADDRESS OF THE SUBSYSTEM NAME 
 CLC   0(4,R6),=C'OMVS'   IS IT SPAWNED BY OMVS?
 BERETURN IF YES, GET OUT QUICK 
 CLI   MEMLFLGS,X'01' IS MEMLIMIT FROM SMF? 
 BERETURN IF MEMLIMIT IS FROM SMF, GET OUT  
 CLI   MEMLFLGS,X'FF' IS MEMLIMIT SOURCE IN ERROR ? 
 BESETMEMLIF MEMLIMIT IS IN ERROR, IMPOSE LIMIT 
 SRR6,R6  CLEAR REG 6   
 LGR6,MEMLSIZRLOAD MEMLIMIT SIZE REQUESTED INTO R6  
 CGR6,MEMABOVECOMPARE TO IEFUSI LIMITATION  
 BHSETMEMLASKING FOR MORE THAN LIMIT, GO RESET  
 STG   R6,MEMLSIZUSTORE USER REQUESTED MEMLIMIT 
 B RETURN BRANCH AROUND SETTING LIMITATION  
SETMEML  LGR6,MEMABOVELOAD MEMLIMIT LIMITATION FOR STORING  
 STG   R6,MEMLSIZUSTORE IEFUSI IMPOSED MEMLIMIT 


...
MEMABOVE DCXL8'0800'  MEMLIMIT - ABOVE 2G BAR LIMITATION = 2GB 
*DOUBLE WORD HEX VALUE IN MB   



SMFPARM  DSECT 
SMFPAREA DS   F   COMMON SMF PARAMETER AREA
SMFJSPNA DS   A   JOB STEP NAME
SMFPGMNA DS   A   PROGRAM NAME 
SMFACCT  DS   A   STEP ACCOUNTING INFORMATION  
SMFVSMPL DS   A   VSM PARAMETER LIST   
SMFVRFLG DS   A   ADDR OF V=R FLAG 8/89
SMFDSPCE DS   A   ADDR OF DATA SPACE INFORMATION   8/89
SMFSSN   DS   A   ADDR OF SUBSYSTEM NAME   6/02
SMFMEML  DS   A   ADDR OF MEMLIMIT PARMS   6/02 


Jon L. Veilleux
[EMAIL PROTECTED]
(860) 636-2683 


-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Martin Packer
Sent: Sunday, December 09, 2007 12:26 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: IEFUSI and 64 Bit - was "REGION=0M and LSQA"

Peter Relson wrote:

> While REGION=0M, in the absence of other things, does indicate not to 
> reserve any particular amount for system subpools, many customers use
their
> IEFUSI exit to provide a limit to what REGION=0M can provide.

While I've not written a IEFUSI exit in MANY years (and even then only
as a sample, IIRC) I nowadays stress the importance of keeping control
of what users can allocate, ESPECIALLY in 64 bit mode. IEFUSI seems to
me the right way to do this (as well as with REGION, HVSHARE and
MEMLIMIT).

Anyone care to tell me what an installation would have to do to make
their "31-bit ready" IEFUSI into a "64-bit ready" one?

One thing I AM certain of is that allowing users to obtain huge amounts
of virtual and then to touch all the pages (perhaps mistakenly zeroing
them) is a great recipe for chaos.

Cheers, Martin

Martin Packer
Performance Consultant
IBM United Kingdom Ltd
+44-20-8832-5167
+44-7802-245-584
[EMAIL PROTECTED]










Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number
741598. 
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6
3AU






--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
This e-mail may contain confidential or privileged information. If
you think you have received this e-mail in error, please advise the
sender by reply e-mail and then delete this e-mail immediately.
Thank you. Aetna   

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Position Posting Cincinnati, OH, USA

[Jousma, David]

Title:   Principal Systems Programmer 
Requisition #:   2007-60572 
Employment Type:   Regular 
Full/Part Time:   Full Time  
FLSA Status:   Exempt  
Division:   IT 
Location:   FIFTH THIRD CENTER-CINCINNATI, CINCINNATI, OH 
Posted Date:   11/30/2007 

 
Requirements  
 
 
JOB DUTIES:   Support for IBM mainframe z/OS operating system 
software and program products.  System software programming and 
testing.  Build, test, and release of software products. 
Technology upgrade planning.  Process improvement planning.  
Technical support and consultation. Incident and problem management.  
Document processes and procedures. Off-shift support as necessary.

JOB SKILLS:   z/OS operating system support experience.  Operating 
system programming experience.  Prefer experience with:  Top Secret, 
RACF, Assembler, SMP/E, JES2, REXX, Unix Systems Services, IPCS, 
DFSMS, compiler languages, LE, Netview/System Automation,  GRS.  
Excellent oral and written communication skills. 

Prefer 10 or more years experience as an IBM operating system 
programmer.  Additionally, 5 or more years experience with 
Top Secret and RACF security system software installation and support.


If interested and qualified, please visit the link below(watch the
wrap):
https://cvg53.cvgs.net/ENG/candidates/default.cfm?szCategory=jobprofile&;
szOrderID=60572&szCandidateID=0&szSearchWords=&szReturnToSearch=1 
 

 
Dave Jousma 
AVP, Mainframe Services 
[EMAIL PROTECTED] 
616.653.8429 

This e-mail transmission contains information that is confidential and may be 
privileged.   It is intended only for the addressee(s) named above. If you 
receive this e-mail in error, please do not read, copy or disseminate it in any 
manner. If you are not the intended recipient, any disclosure, copying, 
distribution or use of the contents of this information is prohibited. Please 
reply to the message immediately by informing the sender that the message was 
misdirected. After replying, please erase it from your computer system. Your 
assistance in correcting this error is appreciated.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forcing a userid and password prompt on session connect

[Johnny Luo]

Just did a test:

1. In TN3270 server profile (because TN3270 sever can run as a separate
STC), find the BEGINVTAM/ENDVTAM block for the target port and then remove
both USSTCP and DEFAULTAPPL statement.

After that the first screen user will see at connection time is the telnet
solicitor panel:

Enter Your Userid:
Password:  New password:
Application:
Application Required. No Installation Default

A user needs to know the precise application name to log in.

2. Restrict the specific application:
   RESTRICTAPPL TSO
   USER IBMUSER

Now the user needs to supply the id/pass in the solicitor panel in order to
access application TSO. And only IBMUSER can pass the verification in this
case.

Hope this is what you need.


On Dec 10, 2007 4:33 PM, Johnny Luo <[EMAIL PROTECTED]> wrote:

> Hi,
>
> Hope my experience can help.
>
> In your TCPIP profile:
>
> RESTRICTAPPL CICS01
> USER IBMUSER
> USER SYSPRG1
>
> When a logon request for application CICS01 is issued, a telnet solicitor
> screen will show and you need to supply the RACF pass/id. In this case, only
> IBMUSER and SYSPRG1 can use CICS01.
>
>
>
>
>



-- 
Best Regards,
Johnny Luo

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Disassembler, new tool available

[Arthur Fichtl]

Charles Hardee wrote on 03/20/2007 12:31:45 PM:

> I have two questions regarding IPSC.
> 1) From within an IPCS oriented CLIST or REXX Exec, is there a way
> to determine what IPCS level one is executing under?

>No.  You can glean a lot of information about the dump being processed
by
>looking at its header record, but we haven't created an intended
interface
>via which your code can ask about the level of IPCS.
>
> 2) The new OPCODE function is great, but I am really in need of a
> CLIST or REXX based disassembler that can be executed from within the
> IPCS environment. Has anyone seen anything like this?
>
>If you're running z//OS V1R8, IPCS has support for an INSTRUCTION data
type
>that is formatted as an instruction stream much as the HLASM toolkit
>functions show instructions.
>
>Bob Wright - MVS Service Aid

Since last weekend a new disassembler named ISDA is available from
cbttape (File # 773). It works under ISPF and under IPCS. ISDA uses dump
contents as input.

Arthur

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Open Source Security Risks (was T3 Sues IBM To Break its Mainframe Monopoly)

[R.S.]

David Cole wrote:

I think you have the open source security risks backwards, Herbie.

One of the features of open source is that the source code is public. 
This means that ANYONE can read it, study it, find bugs in it, AND find 
trap doors in it! And "anyone" means anyone in the whole world!


On the other hand open code reduces risk of existence of such holes, or 
assures better detection of such holes. This is good thing.

There are known holes in M$ software, despite it's OCO.

--
Radoslaw Skorupka
Lodz, Poland


--
BRE Bank SA
ul. Senatorska 18
00-950 Warszawa
www.brebank.pl

Sd Rejonowy dla m. st. Warszawy 
XII Wydzia Gospodarczy Krajowego Rejestru Sdowego, 
nr rejestru przedsibiorców KRS 025237

NIP: 526-021-50-88
Wedug stanu na dzie 01.01.2007 r. kapita zakadowy BRE Banku SA (w caoci 
opacony) wynosi 118.064.140 z. W zwizku z realizacj warunkowego 
podwyszenia kapitau zakadowego, na podstawie uchwa XVI WZ z dnia 21.05.2003 
r., kapita zakadowy BRE Banku SA moe ulec podwyszeniu do kwoty 118.760.528 
z. Akcje w podwyszonym kapitale zakadowym bd w caoci opacone.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forcing a userid and password prompt on session connect

[Johnny Luo]

Hi,

Hope my experience can help.

In your TCPIP profile:

RESTRICTAPPL CICS01
USER IBMUSER
USER SYSPRG1

When a logon request for application CICS01 is issued, a telnet solicitor
screen will show and you need to supply the RACF pass/id. In this case, only
IBMUSER and SYSPRG1 can use CICS01.




On Dec 10, 2007 4:19 PM, Support, DUNNIT SYSTEMS LTD. <[EMAIL PROTECTED]>
wrote:

> To Terry, we're a very small shop. The first problem is non-existant by
> us. I
> assume the 2nd problem won't occur if we're strict about logging in
> immediately.
>
> Still my main problem is setting up the Telnet Solicitor in the first
> place. The 1
> page of IBM documentation is sparse and I don't know what to touch and
> change in our ADCD.V18.VTAM library.
>
> To John, I think I mentioned earlier on that SSL is not what we're looking
> for
> because our goal here is to place a "sentry" on the Flex-Es box's Telnet
> port
> 23 and not allow anyone to pass without a valid ID and password.
> Encrypting
> 3270 datastreams is what SSL does, from my understanding, which is not
> what we're tackling here. In addition, we have tentative circumstances
> that
> prevent us from implementing SSL for the short term.
>
> On Sun, 9 Dec 2007 12:39:46 -, Terry Sambrooks
> <[EMAIL PROTECTED]> wrote:
> >The two problems I encountered were:
> >- that as the user population increased Linux started paging and system
> >performance degraded significantly.
> >- User sessions could time drop without VTAM/TCP/IP on z/OS noticing
> which
> >meant that remote users dropped into a black whole literally as they
> >successful entered the solicitor but failed to get the USSTAB.
>
>
> On Sun, 9 Dec 2007 08:34:51 -0500, John Giltner
> <[EMAIL PROTECTED]> wrote:
> >Have you looked at TN3270 with SSL?
>
>  --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
> Search the archives at http://bama.ua.edu/archives/ibm-main.html
>



-- 
Best Regards,
Johnny Luo

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

z9 Management API's for JAVA

[Steve Talbot-Walsh]

Does anyone have any practical experience with using (i.e. developing
applications utilising) the z9 console object Management JAVA API's? We
would like any information relating to their comparative usability,
robustness/resiliance in relation to their non-JAVA counterpart.
 
Regards
Steve Talbot-Walsh

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Forcing a userid and password prompt on session connect

[Support, DUNNIT SYSTEMS LTD.]

To Terry, we're a very small shop. The first problem is non-existant by us. I 
assume the 2nd problem won't occur if we're strict about logging in 
immediately.

Still my main problem is setting up the Telnet Solicitor in the first place. 
The 1 
page of IBM documentation is sparse and I don't know what to touch and 
change in our ADCD.V18.VTAM library.

To John, I think I mentioned earlier on that SSL is not what we're looking for 
because our goal here is to place a "sentry" on the Flex-Es box's Telnet port 
23 and not allow anyone to pass without a valid ID and password. Encrypting 
3270 datastreams is what SSL does, from my understanding, which is not 
what we're tackling here. In addition, we have tentative circumstances that 
prevent us from implementing SSL for the short term.

On Sun, 9 Dec 2007 12:39:46 -, Terry Sambrooks 
<[EMAIL PROTECTED]> wrote:
>The two problems I encountered were:
>- that as the user population increased Linux started paging and system
>performance degraded significantly.
>- User sessions could time drop without VTAM/TCP/IP on z/OS noticing which
>meant that remote users dropped into a black whole literally as they
>successful entered the solicitor but failed to get the USSTAB.


On Sun, 9 Dec 2007 08:34:51 -0500, John Giltner
<[EMAIL PROTECTED]> wrote:
>Have you looked at TN3270 with SSL?

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html