So long, farewell,Auf wiedersehen, goodbye

[Mark Jacobs - Listserv]

Tomorrow marks my last day at Time Customer Service as the closing of the 
division is completed. After 8573 days, what a long strange trip its been. I've 
close to retirement, but would like a few more years. Looking for remote z/OS 
System Programmer positions seems to be harder than I initially thought it 
would be, but I'm looking everyday. I subscribed to this mailing list (in 
digest form) under my personal email address, so I'll be lurking around.

It's been a great experience talking to my peers over the years here and 
elsewhere.
--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: The WHY of the POR

[Mark Jacobs - Listserv]

This thread brings me way back to the PORs needed for MVS/XA testing on the 
3081.

Shut down production MVS/SP
POR to MVS/XA mode
Test MVS/XA
Shut down MVS/XA
POR back to MVS/370 mode
IPL MVS/SP

Each POR took about 30-45 minutes from what I recall.

Tom Conley wrote on 1/17/19 9:19 AM:
There is no WHY.  There is onlyPOR.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: ZFS RECORG=FS

[Mark Jacobs - Listserv]

A zFS is a specially formatted VSAM LDS. How are you creating the ZFS?

Hervey Martinez wrote on 12/11/18 3:59 PM:

Working on HFS to ZFS conversion and the DFSMS manual for zos 2.3 mentions the 
RECORG=FS to be used for ZFS files.

In creating a test case in ISMF, it does not recognize this parm and it give an 
error. i did add this to the ACS routines and we are able to allocate a ZFS and 
convert an HFS to ZFS.

Any idea how to correct this RECORG=FS?

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.



--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: LXRES best practices

[Mark Jacobs - Listserv]

AFAIK it's not. If so, please educate me.

Mark Jacobs

Joseph Reichman wrote on 12/6/18 7:48 AM:
Wasn’t aware that name/token was valid across an ipl



> On Dec 6, 2018, at 1:35 AM, Ed Jaffe 
>  wrote:
>
>> On 11/29/2018 5:17 AM, Joseph Reichman wrote:
>> I am using s system LX but with our re-usable I would have to save the LX to 
>> a file
>> Right ? If I restart the task right ?
>
> I would not use a file. you might try to use an old LX across an IPL. I 
> suggest common storage. Are you familiar with Name/Token services?
>
>
> --
> Phoenix Software International
> Edward E. Jaffe
> 831 Parkview Drive North
> El Segundo, CA 90245
> https://www.phoenixsoftware.com/
>
>
> 
> This e-mail message, including any attachments, appended messages and the
> information contained therein, is for the sole use of the intended
> recipient(s). If you are not an intended recipient or have otherwise
> received this email message in error, any use, dissemination, distribution,
> review, storage or copying of this e-mail message and the information
> contained therein is strictly prohibited. If you are not an intended
> recipient, please contact the sender by reply e-mail and destroy all copies
> of this email message and do not otherwise utilize or retain this email
> message or any or all of the information contained therein. Although this
> email message and any attachments or appended messages are believed to be
> free of any virus or other defect that might affect any computer system into
> which it is received and opened, it is the responsibility of the recipient
> to ensure that it is virus free and no responsibility is accepted by the
> sender for any loss or damage arising in any way from its opening or use.
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with 
> the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: ECSA tuning clarification

[Mark Jacobs - Listserv]

As with most things the answer is "it depends." There is no one size fits all 
answer. Depends on your workload and the ECSA requirements as well as the need 
for above the line private region. My standard was 250MB ECSA on each system, 
with a target of about 50-60 percent used, to allow for unexpected spikes. YMMV.

Mark Jacobs

Peter wrote on 11/12/18 1:18 PM:

I meant the size

On Mon 12 Nov, 2018, 10:08 PM Mark Jacobs - Listserv <
mark.jac...@custserv.com<mailto:mark.jac...@custserv.com> wrote:



By tuning, do you mean size of, or something else?

Peter wrote on 11/12/18 12:43 PM:

Hi

This is just general question and ignorant about this area. So wanted to
get some suggestions and pointers about ECSA running.

What are the factors that decides the tunning of ECSA value for zOS ?

Please share your opinion and suggestions so that I can note down the
points and research it more in detail.

Peter

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to 
lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu>
with the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or
directs you to login via a link. If you believe this message is a phish or
aren't sure whether this message is trustworthy, please send the original
message as an attachment to 
'phish...@meredith.com<mailto:phish...@meredith.com><mailto:phish...@meredith.com>'.



--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain
proprietary, confidential or privileged information for the sole use of the
intended recipient(s). You are hereby notified that any unauthorized
disclosure, copying, distribution, or use of this message is prohibited. If
you have received this message in error, please immediately notify the
sender by reply e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu> with 
the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu> with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com<mailto:phish...@meredith.com>'.



--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: ECSA tuning clarification

[Mark Jacobs - Listserv]

By tuning, do you mean size of, or something else?

Peter wrote on 11/12/18 12:43 PM:

Hi

This is just general question and ignorant about this area. So wanted to
get some suggestions and pointers about ECSA running.

What are the factors that decides the tunning of ECSA value for zOS ?

Please share your opinion and suggestions so that I can note down the
points and research it more in detail.

Peter

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.



--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Any reason to still use SWA=BELOW?

[Mark Jacobs - Listserv]

If something/some program executing in that jobclass (I assume it's a batch 
initiator) is still running control blocks and not using SWAREQ, then yes it 
might be needed.

Mark Jacobs

Tom Conley wrote on 10/8/18 8:37 PM:
Just wondering if there is any reason to still use SWA=BELOW.  I'm
seeing this in a JES2 parm member and I'm surprised, since I changed to
SWA=ABOVE ages ago.

Regards,
Tom Conley

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.

This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: ICSF crypto domain sharing

[Mark Jacobs - Listserv]

Looks like it;


  *   Greater than 16 Domain support

 *   –  Support to allow a cryptographic coprocessor to be shared across 
more than 16 domains, up to

the maximum number of LPARs on the system.

 *   –  This support relies on enhanced firmware available with a minimum 
microcode level for the Crypto Express4S and Crypto Express5S coprocessors. 
With the adjunct processor (AP) extended addressing (APXA) facility installed, 
the z Systems crypto architecture can support greater than 16 domains in an AP.

 *   –  Customers will have the flexibility of mapping individual LPARs to 
unique crypto domains or continuing to share crypto domains across LPARs.

Mark Jacobs

Frank Swarbrick wrote on 9/27/18 5:37 PM:

Can two different LPARs share the same domain (and obviously the same keys), or 
do the keys have to be loaded for each LPAR separately, even when they are the 
same?

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.



This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Help With PENDING OFFLINE Devices

[Mark Jacobs - Listserv]

Ok. Then you don't have dynamic proclib enabled.

You'll have to look in your JES2 procedure and see if any of the allocated 
proclib datasets are on those volumes. If so, you'll have to do some ugly work 
to get JES2 to unallocate those volumes.

Mark Jacobs

George Rodriguez wrote on 9/17/18 1:11 PM:
This is what I got:

$HASP003 RC=(52),D PROCLIB(*) - NO SELECTABLE ENTRIES FOUND
$HASP003 MATCHING SPECIFICATION

*George Rodriguez*

*Specialist II - IT Security*
*PX - 47652*
*(561) 357-7652 (office)*
*(954) 415-7586 (mobile)*
*School District of Palm Beach County*
*3348 Forest Hill Blvd.*
*Room B-332*
*West Palm Beach, FL. 33406-5869*
*Florida's Only A-Rated Urban District*


On Mon, Sep 17, 2018 at 1:03 PM Mark Jacobs - Listserv <
mark.jac...@custserv.com<mailto:mark.jac...@custserv.com>> wrote:


Issue a $DPROCLIB(*) command and see if anything's returned.

Mark Jacobs

George Rodriguez wrote on 9/17/18 1:00 PM:
Mark,

How do I determine the resources used? If you're talking about dynamic
allocation for TSO, yes I've implement that.

*George Rodriguez*

*Specialist II - IT Security*
*PX - 47652*
*(561) 357-7652 (office)*
*(954) 415-7586 (mobile)*
*School District of Palm Beach County*
*3348 Forest Hill Blvd.*
*Room B-332*
*West Palm Beach, FL. 33406-5869*
*Florida's Only A-Rated Urban District*


On Mon, Sep 17, 2018 at 12:04 PM Mark Jacobs - Listserv <
mark.jac...@custserv.com<mailto:mark.jac...@custserv.com><mailto:mark.jac...@custserv.com><mailto:mark.jac...@custserv.com>>
 wrote:

> Depends what the resources are. If proclibs, and you've implemented
> dynamic proclibs you can work around it.
>
> Mark Jacobs
>
> George Rodriguez wrote on 9/17/18 11:58 AM:
> Mike,
>
> You're a lifesaver... Most say they are owned by CATALOG, th2 remainder
> says either me (GRODRIG) or JES2. I can probably shutdown CATALOG and
> LOGOFF, but what do I do about JES2?
>
> Thanks!
>
> *George Rodriguez*
>
> *Specialist II - IT Security*
> *PX - 47652*
> *(561) 357-7652 (office)*
> *(954) 415-7586 (mobile)*
> *School District of Palm Beach County*
> *3348 Forest Hill Blvd.*
> *Room B-332*
> *West Palm Beach, FL. 33406-5869*
> *Florida's Only A-Rated Urban District*
>
>
> On Mon, Sep 17, 2018 at 11:42 AM Mike Shorkend 
mailto:mike.shork...@gmail.com>
<mailto:mike.shork...@gmail.com><mailto:mike.shork...@gmail.com>
> 
><mailto:mike.shork...@gmail.com><mailto:mike.shork...@gmail.com><mailto:mike.shork...@gmail.com><mailto:mike.shork...@gmail.com>
> wrote:
>
> > The F-NRD means offline, not ready
> > The A-PND means allocated, pending offline
> >
> > To find out who is allocated to the device you are trying to get
offline,
> > issue this command:
> >
> > D U,,ALLOC,xxx,1
> >
> > Where  is the device number
> >
> > HTH
> >
> > Mike
> >
> >
> >
> > On Mon, 17 Sep 2018 at 18:13, George Rodriguez <
> > 
016eebd7289b-dmarc-requ...@listserv.ua.edu<mailto:016eebd7289b-dmarc-requ...@listserv.ua.edu>mailto:016eebd7289b-dmarc-requ...@listserv.ua.edu>> 
016eebd7289b-dmarc-requ...@listserv.ua.edu<mailto:016eebd7289b-dmarc-requ...@listserv.ua.edu>mailto:016eebd7289b-dmarc-requ...@listserv.ua.edu>>>>
 wrote:
> >
> > > The STATUS the 7 disk are in is either A-PND or F-NRD.
> > >
> > > Can anyone help?
> > >
> > > Thanks in advance!
> > >
> > > *George Rodriguez*
> > >
> > > *Specialist II - IT Security*
> > > *PX - 47652*
> > > *(561) 357-7652 (office)*
> > > *(954) 415-7586 (mobile)*
> > > *School District of Palm Beach County*
> > > *3348 Forest Hill Blvd.*
> > > *Room B-332*
> > > *West Palm Beach, FL. 33406-5869*
> > > *Florida's Only A-Rated Urban District*
> > >
> > > --
> > >
> > >
> > >
> > >
> > >
> > >
> > > *Disclaimer: *Under Florida law, e-mail addresses are public records.
> > > If you do not want your e-mail address released in response to a
public
> > > records request, do not send electronic mail to this entity. Instead,
> > > contact this office by phone or in writing.
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
--
> > > For IBM-MAIN subscribe / signoff / archive access instructions,
> > > send email to 
lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu>mailto:lists...@listserv.ua.edu>><mailto:lists...@listserv.ua.edu>

Re: Help With PENDING OFFLINE Devices

[Mark Jacobs - Listserv]

Issue a $DPROCLIB(*) command and see if anything's returned.

Mark Jacobs

George Rodriguez wrote on 9/17/18 1:00 PM:
Mark,

How do I determine the resources used? If you're talking about dynamic
allocation for TSO, yes I've implement that.

*George Rodriguez*

*Specialist II - IT Security*
*PX - 47652*
*(561) 357-7652 (office)*
*(954) 415-7586 (mobile)*
*School District of Palm Beach County*
*3348 Forest Hill Blvd.*
*Room B-332*
*West Palm Beach, FL. 33406-5869*
*Florida's Only A-Rated Urban District*


On Mon, Sep 17, 2018 at 12:04 PM Mark Jacobs - Listserv <
mark.jac...@custserv.com<mailto:mark.jac...@custserv.com>> wrote:


Depends what the resources are. If proclibs, and you've implemented
dynamic proclibs you can work around it.

Mark Jacobs

George Rodriguez wrote on 9/17/18 11:58 AM:
Mike,

You're a lifesaver... Most say they are owned by CATALOG, th2 remainder
says either me (GRODRIG) or JES2. I can probably shutdown CATALOG and
LOGOFF, but what do I do about JES2?

Thanks!

*George Rodriguez*

*Specialist II - IT Security*
*PX - 47652*
*(561) 357-7652 (office)*
*(954) 415-7586 (mobile)*
*School District of Palm Beach County*
*3348 Forest Hill Blvd.*
*Room B-332*
*West Palm Beach, FL. 33406-5869*
*Florida's Only A-Rated Urban District*


On Mon, Sep 17, 2018 at 11:42 AM Mike Shorkend 
mailto:mike.shork...@gmail.com>
><mailto:mike.shork...@gmail.com><mailto:mike.shork...@gmail.com>
wrote:

> The F-NRD means offline, not ready
> The A-PND means allocated, pending offline
>
> To find out who is allocated to the device you are trying to get offline,
> issue this command:
>
> D U,,ALLOC,xxx,1
>
> Where  is the device number
>
> HTH
>
> Mike
>
>
>
> On Mon, 17 Sep 2018 at 18:13, George Rodriguez <
> 
016eebd7289b-dmarc-requ...@listserv.ua.edu<mailto:016eebd7289b-dmarc-requ...@listserv.ua.edu>mailto:016eebd7289b-dmarc-requ...@listserv.ua.edu>>>
 wrote:
>
> > The STATUS the 7 disk are in is either A-PND or F-NRD.
> >
> > Can anyone help?
> >
> > Thanks in advance!
> >
> > *George Rodriguez*
> >
> > *Specialist II - IT Security*
> > *PX - 47652*
> > *(561) 357-7652 (office)*
> > *(954) 415-7586 (mobile)*
> > *School District of Palm Beach County*
> > *3348 Forest Hill Blvd.*
> > *Room B-332*
> > *West Palm Beach, FL. 33406-5869*
> > *Florida's Only A-Rated Urban District*
> >
> > --
> >
> >
> >
> >
> >
> >
> > *Disclaimer: *Under Florida law, e-mail addresses are public records.
> > If you do not want your e-mail address released in response to a public
> > records request, do not send electronic mail to this entity. Instead,
> > contact this office by phone or in writing.
> >
> >
> >
> >
> >
> >
> >
> >
> > --
> > For IBM-MAIN subscribe / signoff / archive access instructions,
> > send email to 
lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu>
with the message: INFO IBM-MAIN
> >
>
>
> --
> Mike Shorkend
> 
m...@shorkend.com<mailto:m...@shorkend.com><mailto:m...@shorkend.com><mailto:m...@shorkend.com>
> 
www.shorkend.com<http://www.shorkend.com><http://www.shorkend.com<http://www.shorkend.com>>
> Tel: +972524208743
> Fax: +97239772196
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to 
lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu>
with the message: INFO IBM-MAIN
>

--






*Disclaimer: *Under Florida law, e-mail addresses are public records.
If you do not want your e-mail address released in response to a public
records request, do not send electronic mail to this entity. Instead,
contact this office by phone or in writing.








--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to 
lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu>
with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or
directs you to login via a link. If you believe this message is a phish or
aren't sure whether this message is trustworthy, please send the original
message as an attachment to 
'phish...@meredith.com<mailto:phish...@meredith.com>mailto:phish...@meredith.com>>'.


--

Mark Jacobs
T

Re: Help With PENDING OFFLINE Devices

[Mark Jacobs - Listserv]

Depends what the resources are. If proclibs, and you've implemented dynamic 
proclibs you can work around it.

Mark Jacobs

George Rodriguez wrote on 9/17/18 11:58 AM:
Mike,

You're a lifesaver... Most say they are owned by CATALOG, th2 remainder
says either me (GRODRIG) or JES2. I can probably shutdown CATALOG and
LOGOFF, but what do I do about JES2?

Thanks!

*George Rodriguez*

*Specialist II - IT Security*
*PX - 47652*
*(561) 357-7652 (office)*
*(954) 415-7586 (mobile)*
*School District of Palm Beach County*
*3348 Forest Hill Blvd.*
*Room B-332*
*West Palm Beach, FL. 33406-5869*
*Florida's Only A-Rated Urban District*


On Mon, Sep 17, 2018 at 11:42 AM Mike Shorkend 

wrote:


The F-NRD means offline, not ready
The A-PND means allocated, pending offline

To find out who is allocated to the device you are trying to get offline,
issue this command:

D U,,ALLOC,xxx,1

Where  is the device number

HTH

Mike



On Mon, 17 Sep 2018 at 18:13, George Rodriguez <
016eebd7289b-dmarc-requ...@listserv.ua.edu>
 wrote:

> The STATUS the 7 disk are in is either A-PND or F-NRD.
>
> Can anyone help?
>
> Thanks in advance!
>
> *George Rodriguez*
>
> *Specialist II - IT Security*
> *PX - 47652*
> *(561) 357-7652 (office)*
> *(954) 415-7586 (mobile)*
> *School District of Palm Beach County*
> *3348 Forest Hill Blvd.*
> *Room B-332*
> *West Palm Beach, FL. 33406-5869*
> *Florida's Only A-Rated Urban District*
>
> --
>
>
>
>
>
>
> *Disclaimer: *Under Florida law, e-mail addresses are public records.
> If you do not want your e-mail address released in response to a public
> records request, do not send electronic mail to this entity. Instead,
> contact this office by phone or in writing.
>
>
>
>
>
>
>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN
>


--
Mike Shorkend
m...@shorkend.com
www.shorkend.com
Tel: +972524208743
Fax: +97239772196

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



--






*Disclaimer: *Under Florida law, e-mail addresses are public records.
If you do not want your e-mail address released in response to a public
records request, do not send electronic mail to this entity. Instead,
contact this office by phone or in writing.








--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or directs you 
to login via a link. If you believe this message is a phish or aren't sure whether 
this message is trustworthy, please send the original message as an attachment to 
'phish...@meredith.com'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Report volumes with IPLText

[Mark Jacobs - Listserv]

Before that command was available, I used this process to prevent Operations 
from IPLing from volumes I didn't want them to;

//ASM EXEC HLASMC,PARM='NOGOFF'
//SYSIN  DD*
NOIPLSTART 0
BALR  12,0
USING *,12
LPSW  WAITDBF
DS0D
WAITDBF  DCXL8'000ADEADBEEF'
END   NOIPL
/*
//NOIPLEXEC PGM=ICKDSF,REGION=4M
//DISK1DD  UNIT=SYSALLDA,VOL=SER=XX,DISP=OLD
//SYSPRINT DD  SYSOUT=*
REFORMAT  DDNAME(DISK1) NOVERIFY IPLDD(IPL)
//IPL  DD  DSN=&,DISP=(OLD,DELETE)

Vernooij, Kees (ITOPT1) - KLM wrote on 9/10/18 10:50 AM:
If you are not sure anymore what IPL text was written in the past to which 
volumes, there is:
REFORMAT REMOVEIPLTXT to clear this.

This way you are sure you will not accidently IPL something old and disastrous.

Kees.



-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
Behalf Of Jesse 1 Robinson
Sent: 07 September, 2018 23:07
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Report volumes with IPLText

IIRC, every volume initialized by ICKDSF--is there any other way?--will
contain code in the IPLTEXT area that loads a wait state 00F, which says
that no IPL text exists, unless that area has been rewritten with true
IPL text. So you might write a program that looks for the 00F wait state
code and infer that otherwise it has actual IPL text. You work for the
guvment, right?

.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-543-6132 Office ⇐=== NEW
robin...@sce.com


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
Behalf Of Steve Smith
Sent: Friday, September 07, 2018 1:49 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: (External):Re: Report volumes with IPLText

ICKDSF claims it knows how to tell if IPL text exists.  Ref:
https://www.ibm.com/support/knowledgecenter/en/SSLTBW_2.3.0/com.ibm.zos.
v2r3.e0zm100/aa3iplt.htm

I used to know more about where IPL text was. Likely it would take an
authorized program using EXCP to poke at it.  Regardless, I've never
heard of any utility that did.  So, if you think there's a market, go
ahead and write it!

sas


On 9/7/2018 16:34, Seymour J Metz wrote:
> I doubt it; what signature would it look for?
>
> It would be easy to write a program that looked for a specific version
of IPLTEXT, but I don't see how to do anything more general than that.
>
>
> --
> Shmuel (Seymour J.) Metz
> http://mason.gmu.edu/~smetz3
>
> 
> From: IBM Mainframe Discussion List 
 on
> behalf of Dyck, Lionel B. (RavenTek)
> 
<01d7f21a6167-dmarc-requ...@listserv.ua.edu>
> Sent: Friday, September 7, 2018 1:35 PM
> To: IBM-MAIN@listserv.ua.edu
> Subject: Report volumes with IPLText
>
> Is there a utility that will display all mounted volumes that have IPL
Text installed?
>
> --
> 
> Lionel B. Dyck (Contractor) <
> Mainframe Systems Programmer - RavenTek Solution Partners


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN


For information, services and offers, please visit our web site: 
http://www.klm.com. This e-mail and any attachment may 
contain confidential and privileged material intended for the addressee only. If you 
are not the addressee, you are notified that no part of the e-mail or any attachment 
may be disclosed, copied or distributed, and that any other action related to this 
e-mail or attachment is strictly prohibited, and may be unlawful. If you have 
received this e-mail by error, please notify the sender immediately by return e-mail, 
and delete this message.

Koninklijke Luchtvaart Maatschappij NV (KLM), its subsidiaries and/or its 
employees shall not be liable for the incorrect or incomplete transmission of 
this e-mail or any attachments, nor responsible for any delay in receipt.
Koninklijke Luchtvaart Maatschappij N.V. (also known as KLM Royal Dutch 
Airlines) is registered in Amstelveen, The Netherlands, with registered number 
33014286



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN

Re: Un-Sysplex a zOS System

[Mark Jacobs - Listserv]

Thanks to everyone. I'm going to recommend to management that we don't go down 
this path, and use a more reasonable one.

Our new owners are closing our division, which includes shutting down the 
mainframe environment for most things. One or two applications need to have a 
mainframe home for a while after everything else is shutdown, hence research on 
whether it's feasible to begin a system split prior to everything else being 
shut down.

Mark Jacobs

Elardus Engelbrecht wrote on 8/30/18 2:35 AM:

Mark Jacobs - Listserv wrote:



We're in a parallel sysplex, sharing most everything, and need to begin 
planning activities to remove one system from the sysplex, while continuing to 
use it to run a subset of our current workload.



Why? You lose many benefits of being in a SysPlex, but do you have 
workload/performance problems? Do you have applications being migrated off 
mainframe?


Alternative. Create a NEW Sysplex and build up your new LPAR inside it.




Some of the things we need to consider are;



If you want to move a LPAR off the Sysplex, consider isolating and duplicate 
everything.




*   PDS/e Sharing
*   Catalogs (we're ECS shared now)



No sharing of catalogs. Just that unless you like taking risks.




*   Shared DASD



You can share DASD and its contents, but just make sure allocation/deletion of 
datasets are limited/restricted. Say you create a dsn A.B.C in one Sysplex, 
then you cannot delete it in other Sysplex or LPAR outside the original Sysplex.




*   RACF Database Sharing (Sysplex Enabled)



Do not share RACF DB outside a Sysplex. Turn of sharing completely and only 
enable that for remaining LPARs inside the Sysplex.  You will need a separate 
ICHRDSNT module for each LPAR.

Also, consider separate naming standards for each LPAR inside/outside your 
Sysplex.




*   JES2 Checkpoint in CF



You have enough volsers for all the duplicate datasets? You need a set of 
Checkpoint for each unshared JES2 datasets. The same goes for 
HSM/SMS/SMF/Automation software/Tape Management system/etc.




*   ZFS File Systems? (This system is not in a shared OMVS Environment)



Consider creating the zFS for each LPAR without sharing of course.




I'd like people to shoot things at me that I might have missed while I keep on 
looking myself.



Good luck. You will need it.

Groete / Greetings
Elardus Engelbrecht

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu> with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or directs you 
to login via a link. If you believe this message is a phish or aren't sure whether 
this message is trustworthy, please send the original message as an attachment to 
'phish...@meredith.com<mailto:phish...@meredith.com>'.



--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Un-Sysplex a zOS System

[Mark Jacobs - Listserv]

We're in a parallel sysplex, sharing most everything, and need to begin 
planning activities to remove one system from the sysplex, while continuing to 
use it to run a subset of our current workload.

Some of the things we need to consider are;

 *   PDS/e Sharing
 *   Catalogs (we're ECS shared now)
 *   Shared DASD
 *   RACF Database Sharing (Sysplex Enabled)
 *   JES2 Checkpoint in CF
 *   ZFS File Systems? (This system is not in a shared OMVS Environment)

I'd like people to shoot things at me that I might have missed while I keep on 
looking myself.

TIA,

Mark Jacobs
Time Customer Service

This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: 0,clpa

[Mark Jacobs - Listserv]

I mandated CLPA for all IPLs around 1996 or 1997 and told everyone that 
checkpoint restart was going away. No one cared enough to argue with me.

Mark Jacobs

Seymour J Metz wrote on 8/29/18 11:32 AM:
You'd be unable to restart those jobs.


--
Shmuel (Seymour J.) Metz
http://mason.gmu.edu/~smetz3


From: IBM Mainframe Discussion List 
 on behalf of R.S. 

Sent: Wednesday, August 29, 2018 11:11 AM
To: IBM-MAIN@listserv.ua.edu
Subject: Re: 0,clpa

W dniu 2018-08-29 o 16:57, Seymour J Metz pisze:

FSVO safe. CLPA implies CVIO, so if you use restart ...

Yes?
What could happen?

--
Radoslaw Skorupka
Lodz, Poland




==

Jeśli nie jesteś adresatem tej wiadomości:

- powiadom nas o tym w mailu zwrotnym (dziękujemy!),
- usuń trwale tę wiadomość (i wszystkie kopie, które wydrukowałeś lub zapisałeś 
na dysku).
Wiadomość ta może zawierać chronione prawem informacje, które może wykorzystać 
tylko adresat.Przypominamy, że każdy, kto rozpowszechnia (kopiuje, rozprowadza) 
tę wiadomość lub podejmuje podobne działania, narusza prawo i może podlegać 
karze.

mBank S.A. z siedzibą w Warszawie, ul. Senatorska 18, 00-950 
Warszawa,http://secure-web.cisco.com/1zb-00QHMl9j7U68wSYcxh6-cvhwLStfrZBUS4MVbpzt7jn7AhsuuRWLbc7S7NBRKW4pm6bhB_UBTJfXeb8-UwBzIi_Q3Ef6w7LH2_rWeMhLl53_1g3eXW9dt8_dT2oTnpw-aXSmwvIL8ItOaJ7PKelZ0R9tpu4IjDhX1_TPLiRLyqr348RvoYq10pIJLwmkOAy3j7-yweSAik2BZHtoiuM4w2x7_Pzh2gggvuPYCbItyAU9IP1NiUfmjKjnDiu4PTO9SwS2quEiwjNgv-mtGYYBt9w976IT-Uukhk-Hp68AmSemHX_yzWH_acah3r7QMv41jUivZZHc8GOVZXjYQ8GTALMPyECZeLTZefNxupnglIcTuZ4yadWc6yneHOvGj/http://www.mBank.pl,
 e-mail: kont...@mbank.pl. Sąd Rejonowy dla m. st. Warszawy 
XII Wydział Gospodarczy Krajowego Rejestru Sądowego, KRS 025237, NIP: 526-021-50-88. 
Kapitał zakładowy (opłacony w całości) według stanu na 01.01.2018 r. wynosi 169.248.488 
złotych.

If you are not the addressee of this message:

- let us know by replying to this e-mail (thank you!),
- delete this message permanently (including all the copies which you have 
printed out or saved).
This message may contain legally protected information, which may be used 
exclusively by the addressee.Please be reminded that anyone who disseminates 
(copies, distributes) this message or takes any similar action, violates the 
law and may be penalised.

mBank S.A. with its registered office in Warsaw, ul. Senatorska 18, 00-950 
Warszawa,http://secure-web.cisco.com/1zb-00QHMl9j7U68wSYcxh6-cvhwLStfrZBUS4MVbpzt7jn7AhsuuRWLbc7S7NBRKW4pm6bhB_UBTJfXeb8-UwBzIi_Q3Ef6w7LH2_rWeMhLl53_1g3eXW9dt8_dT2oTnpw-aXSmwvIL8ItOaJ7PKelZ0R9tpu4IjDhX1_TPLiRLyqr348RvoYq10pIJLwmkOAy3j7-yweSAik2BZHtoiuM4w2x7_Pzh2gggvuPYCbItyAU9IP1NiUfmjKjnDiu4PTO9SwS2quEiwjNgv-mtGYYBt9w976IT-Uukhk-Hp68AmSemHX_yzWH_acah3r7QMv41jUivZZHc8GOVZXjYQ8GTALMPyECZeLTZefNxupnglIcTuZ4yadWc6yneHOvGj/http://www.mBank.pl,
 e-mail: kont...@mbank.pl. District Court for the Capital 
City of Warsaw, 12th Commercial Division of the National Court Register, KRS 025237, 
NIP: 526-021-50-88. Fully paid-up share capital amounting to PLN 169,248,488 as at 1 
January 2018.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or directs you 
to login via a link. If you believe this message is a phish or aren't sure whether 
this message is trustworthy, please send the original message as an attachment to 

Re: Migration from DB2 V10 to V11

[Mark Jacobs - Listserv]

Early code is always downwards compatible. Seems like a reasonable test at 
least.

Mark Jacobs

Chopperla Vrao wrote on 7/20/18 8:09 AM:
Thanks Mark, Are you suggesting to use V11 Early code instead of V10+SPE Early 
code?

Thanks and Regards
CV RAO

-Original Message-
From: IBM Mainframe Discussion List 
<mailto:IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of Mark 
Jacobs - Listserv
Sent: Tuesday, July 17, 2018 6:21 PM
To: IBM-MAIN@LISTSERV.UA.EDU<mailto:IBM-MAIN@LISTSERV.UA.EDU>
Subject: Re: Migration from DB2 V10 to V11

Early code mismatch?



Chopperla Vrao wrote on 7/17/18 7:33 AM:
Hello
Can someone help me on DB2 V10 to V11 migration related error. So far I have 
been able to apply fallback PTF's/maintenance and migrate the catalog to V11 
CM(DSNTIJTC), till this point things were looking good. When I'm testing 
fallback to V10, started getting an error which complains about missing 
maintenance. I have checked the APAR II14660 and ran FIXCAT report, but I don't 
see anything missing. Can you please suggest additional checks which I can do 
to find the missing maintenance?

The error which I'm referring to is for non-data sharing environment

DSNX208E =DSN DSNGEDLC ATTEMPTING TO START DB2 WITH 858 AN UNSUPPORTED CODE 
LEVEL. REASON CODE 0002 MISSING MAINTENANCE: UNKNOWN CURRENT LEVEL: 
D780 VALID LEVEL(S): D680D6A5D675D6720

Thanks
CV RAO


Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the 
policy at 
http://www.techmahindra.com/Disclaimer.html<http://www.techmahindra.com/Disclaimer.html><http://www.techmahindra.com/Disclaimer.html<http://www.techmahindra.com/Disclaimer.html>>
 
<http://www.techmahindra.com/Disclaimer.html<http://www.techmahindra.com/Disclaimer.html><http://www.techmahindra.com/Disclaimer.html<http://www.techmahindra.com/Disclaimer.html>>>
 externally 
http://tim.techmahindra.com/tim/disclaimer.html<http://tim.techmahindra.com/tim/disclaimer.html><http://tim.techmahindra.com/tim/disclaimer.html<http://tim.techmahindra.com/tim/disclaimer.html>>
 
<http://tim.techmahindra.com/tim/disclaimer.html<http://tim.techmahindra.com/tim/disclaimer.html><http://tim.techmahindra.com/tim/disclaimer.html<http://tim.techmahindra.com/tim/disclaimer.html>>>
 internally within TechMahindra.




--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu>
 with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or directs you to login via 
a link. If you believe this message is a phish or aren't sure whether this message is 
trustworthy, please send the original message as an attachment to 
'phish...@meredith.com<mailto:phish...@meredith.com><mailto:phish...@meredith.com><mailto:phish...@meredith.com>'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu> with the message: 
INFO IBM-MAIN


Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the 
Tech Mahindra policy statement, you may review the policy at 
http://www.techmahindra.com/Disclaimer.html<http://www.techmahindra.com/Disclaimer.html> 
<http://www.techmahindra.com/Disclaimer.html<http://www.techmahindra.com/Disclaimer.html>> externally 
http://tim.techmahindra.com/tim/disclaimer.html<http://tim.techmahind

Re: Migration from DB2 V10 to V11

[Mark Jacobs - Listserv]

Early code mismatch?



Chopperla Vrao wrote on 7/17/18 7:33 AM:
Hello
Can someone help me on DB2 V10 to V11 migration related error. So far I have 
been able to apply fallback PTF's/maintenance and migrate the catalog to V11 
CM(DSNTIJTC), till this point things were looking good. When I'm testing 
fallback to V10, started getting an error which complains about missing 
maintenance. I have checked the APAR II14660 and ran FIXCAT report, but I don't 
see anything missing. Can you please suggest additional checks which I can do 
to find the missing maintenance?

The error which I'm referring to is for non-data sharing environment

DSNX208E =DSN DSNGEDLC ATTEMPTING TO START DB2 WITH 858 AN
UNSUPPORTED CODE LEVEL. REASON CODE 0002
MISSING MAINTENANCE: UNKNOWN
CURRENT LEVEL: D780
VALID LEVEL(S): D680D6A5D675D6720

Thanks
CV RAO


Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the 
Tech Mahindra policy statement, you may review the policy at 
http://www.techmahindra.com/Disclaimer.html 
> externally 
http://tim.techmahindra.com/tim/disclaimer.html 
> 
internally within TechMahindra.




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or directs you 
to login via a link. If you believe this message is a phish or aren't sure whether 
this message is trustworthy, please send the original message as an attachment to 
'phish...@meredith.com'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: IEC614I Scratch

[Mark Jacobs - Listserv]

One of the parmlb datasets. If you have command access, issue a D PARMLIB 
command for the list of datasets in use. You can also issue a D MPF command 
which should show the active list too.

Hervey Martinez wrote on 7/11/18 8:35 AM:

Hey Mark,


I normally are looking up parms. What parm library is this in? zos?


Hervey



From: IBM Mainframe Discussion List 
<mailto:IBM-MAIN@LISTSERV.UA.EDU> on behalf of Mark Jacobs - 
Listserv <mailto:mark.jac...@custserv.com>
Sent: Monday, July 9, 2018 3:01 PM
To: IBM-MAIN@LISTSERV.UA.EDU<mailto:IBM-MAIN@LISTSERV.UA.EDU>
Subject: Re: IEC614I Scratch

Is it being suppressed either using MPFLSTxx or AutoOps? Either one can prevent 
the message from being written to the log.

Hervey Martinez wrote on 7/9/18 2:39 PM:

We have instances where some GDG files don't get deleted while these are in 
ML1; thus, they end up generating errors during Secondary Space Management 
generating a RC=20 RSN=98.

I opened a ticket with IBM and they tell me that there should be an IEC614I 
Scratch message being generated and this is what we need to correct this issue.

I have not been able to locate this msg, I have looked in HSM, several hundred 
job listings and several days of syslog files for all of our LPARS. I can't 
seem to find this error.

Anybody have a clue as to where I can find this message in my system?

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to 
lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu>
 with the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or directs you to login via 
a link. If you believe this message is a phish or aren't sure whether this message is 
trustworthy, please send the original message as an attachment to 
'phish...@meredith.com<mailto:phish...@meredith.com><mailto:phish...@meredith.com><mailto:phish...@meredith.com>'.



--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu> with 
the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu> with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or directs you 
to login via a link. If you believe this message is a phish or aren't sure whether 
this message is trustworthy, please send the original message as an attachment to 
'phish...@meredith.com<mailto:phish...@meredith.com>'.



--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: IEC614I Scratch

[Mark Jacobs - Listserv]

Is it being suppressed either using MPFLSTxx or AutoOps? Either one can prevent 
the message from being written to the log.

Hervey Martinez wrote on 7/9/18 2:39 PM:

We have instances where some GDG files don't get deleted while these are in 
ML1; thus, they end up generating errors during Secondary Space Management 
generating a RC=20 RSN=98.

I opened a ticket with IBM and they tell me that there should be an IEC614I 
Scratch message being generated and this is what we need to correct this issue.

I have not been able to locate this msg, I have looked in HSM, several hundred 
job listings and several days of syslog files for all of our LPARS. I can't 
seem to find this error.

Anybody have a clue as to where I can find this message in my system?

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or directs you 
to login via a link. If you believe this message is a phish or aren't sure whether 
this message is trustworthy, please send the original message as an attachment to 
'phish...@meredith.com'.



--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: IEFA107I when pointing to dataset alias

[Mark Jacobs - Listserv]

I think the alias and the resolved dataset have to be in the same catalog.

Mark Jacobs

Michael Babcock
May 29, 2018 at 5:09 PM
Okay, I'm getting myself confused regarding SYMBOLICRELATE.

I have a data set, SYS3.LINKLIB which resides in CATALOG.USERSYS. I want to 
define an alias called XX35.SYS3.LINKLIB (XX35 hlq data sets reside in 
CATALOG.USERTSO) that points to the SYS3.LINKLIB data set. I've issued:

DEF ALIAS(NAME(XX35.SYS3.LINKLIB) SYMBOLICRELATE(_)) 
CAT(CATALOG.USERTSO)

And have SYMDEF(_='SYS3.LINKLIB') defined in IEASYMxx.

The define works just fine, but it doesn't locate the data set. I get "Dataset Not 
Cataloged" in ISPF 3.4 What am I doing wrong?

LISTC ALL ENT('XX35.SYS3.LINKLIB')

ALIAS - XX35.SYS3.LINKLIB
IN-CAT --- CATALOG.USERTSO
HISTORY
RELEASE2 CREATION2018.149
ENCRYPTIONDATA
DATA SET ENCRYPTION-(NO)
ASSOCIATIONS
SYMBOLIC-_
RESOLVED-SYS3.LINKLIB

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or directs you 
to login via a link. If you believe this message is a phish or aren't sure whether 
this message is trustworthy, please send the original message as an attachment to 
'phish...@meredith.com'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: SYSPLEX Hung

[Mark Jacobs - Listserv]

Without the SAD it's all going to be speculation. Have you setup AUTOIPL in 
DIAGxx to automatically take the SAD if the system fails?

AUTOIPL SADMP(7B97,SYSC) MVS(*964C,79A222  )  as an example



Salah Balboul
April 19, 2018 at 2:18 PM
Yes. Shared DASD within the SYSPLEX/ RMF ENQ report shows nothing that would 
indicate an ENQ on JES2 CKPT by some other ASID.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or directs you 
to login via a link. If you believe this message is a phish or aren't sure whether 
this message is trustworthy, please send the original message as an attachment to 
'phish...@meredith.com'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: SYSPLEX Hung

[Mark Jacobs - Listserv]

Have you taken a SAD of the failed system?

Mark Jacobs

Salah Balboul
April 19, 2018 at 10:48 AM
Hi,

For the past week we've had 2 crashes due to one LPAR being hung in a two 
SYSPLEX LPAR causing sympathy sickness.

In both cases the indication is $HASP263 message (Checkpoint lock), followed by 
*MASTER* pending on the JES2 CKPT volume.

Finally IXC426D to partition the sick LPAR out.

We do not have an SFM policy in effect, no changes done or maintenance applied.

The problem LPAR SYSLOG stops recording approx 10-12 prior to IXC426D message. 
NO indication of any issues on problem LPAR.

I wonder if anyone has seen this.

I don't think JES2 is causing this, it is a victim.

Thoughts?

Thanks

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or directs you 
to login via a link. If you believe this message is a phish or aren't sure whether 
this message is trustworthy, please send the original message as an attachment to 
'phish...@meredith.com'.

This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: GDG with timestamp

[Mark Jacobs - Listserv]

Unless you're using it for something else, the ACCOUNT-INFO field in the 
catalog entry can be altered to provide the information you need. Not ideal for 
sure, but can be used.

Mark Jacobs

Peter
March 12, 2018 at 1:47 PM
Ok thanks for confirming on this... Would have been if it had this feature

On 12-Mar-2018 11:14 PM, "Seymour J Metz" 
 wrote:

> The GDG base is fixed; the GDS has a low level qualifier identifying the
> generation and version, colloquially know as goovoo. If you want the date
> or anything else from system symbols in the name, don't use a GDS.
>
>
> --
> Shmuel (Seymour J.) Metz
> http://mason.gmu.edu/~smetz3
>
> 
> From: IBM Mainframe Discussion List 
>  on behalf
> of Peter 
> Sent: Monday, March 12, 2018 1:32 PM
> To: IBM-MAIN@listserv.ua.edu
> Subject: Re: GDG with timestamp
>
> So using dynamic systems symbols I can make use , but should I
> mention any special value in GDG base to use the dynamic system symbols ?
>
> On 12-Mar-2018 10:31 PM, "jdoll.a0...@gmail.com 
> IBM-Main" <
> jdoll.a0...@gmail.com> wrote:
>
> > The LogFile went to DASD, and the create date was in the VTOC
> information,
> > For tape files, CA1 would record the create date also.
> >
> > The GDG Base itself had a create date of early December, The Files in the
> > GDG would have create dates when they were created by the +1 ..
> >
> > Note the 23:00 to 23:59 log would have the create date of the "Next Day"
> > as it was created just after midnight, but the GDGBase it was written to
> > had the correct log date. (most of the time), Not sure when the logic in
> > their log program switched it to the "next" day. If the application was
> > down from ~00:00 to ~ 00:15 it would then switch to the "next day" for
> the
> > logs writting.
> >
> > Really was not a issue, when the application teams were aware of that
> > issue and would code the "next days" gdgbase in to get and random next
> day
> > data.
> >
> > - Original Message - From: "Peter" 
> > 
> > Newsgroups: bit.listserv.ibm-main
> > To: 
> > Sent: Monday, March 12, 2018 12:48 PM
> > Subject: Re: GDG with timestamp
> >
> >
> > So how would the GDG base definition would look like so that all the tape
> >> GDG has creation date ?
> >>
> >> On 12-Mar-2018 10:09 PM, "jdoll.a0...@gmail.com 
> >> IBM-Main" <
> >> jdoll.a0...@gmail.com> wrote:
> >>
> >> Years ago, we had a vendor application that was setup to create a Hourly
> >>> Log File in a GDG.
> >>>
> >>> Sometime in early December a Step in the Monthly Cycle jobs would
> create
> >>> the GDG's for the next year (A program created 366 Define GDG Cards) ,
> >>> Then
> >>> trigger a "Admin" job that had the authority to create GDG's.
> >>>
> >>> GDGnames were Pxx.ApplName.LOGFILES.Syymmdd with one for each day of
> the
> >>> year.
> >>>
> >>> Internal to the application it knew what date it was from the system
> >>> clock, and starting at 1am (local) would create a +1 Generation (with
> >>> the
> >>> 00:00-00:59 Logs) at 2am next one ... with the correct GDGbase Name.
> >>>
> >>> I think we had something like 250 cycles defined in the base, incase
> of a
> >>> restart of the application it would create a new +1 or a system IPL ..
> >>>
> >>> The Application code never could figure out Daylight Saving time.. Also
> >>> was clueless on leap year, it would create Feb 29th every year even if
> it
> >>> was not a leap year.
> >>>
> >>>
> >>>
> >>> We had other application that did log files at "Flat Files" with Date
> and
> >>> Time as last two nodes of the dataset names that were generated
> >>> dynamically
> >>> when created.
> >>>
> >>> - Original Message - From: "Peter" 
> >>> 
> >>> Newsgroups: bit.listserv.ibm-main
> >>> To: 
> >>> Sent: Monday, March 12, 2018 11:50 AM
> >>> Subject: GDG with timestamp
> >>>
> >>>
> >>> Hi
> >>>
> 
>  Apology for the dummy question
> 
>  For the GDG to have timestamp on its every generation, how do I ensure
>  that
>  timestamp gets appended with all that generation created ?
> 
>  Could someone please point me as I am little confused here.
> 
> 
>  Peter
> 
>  
> --
>  For IBM-MAIN subscribe / signoff / archive access instructions,
>  send email to lists...@listserv.ua.edu 
> 

Re: zEDC hardware compression with FTP

[Mark Jacobs - Listserv]

If you have ServiceLink QA support, ask IBM directly.

PINION, RICHARD W.
March 1, 2018 at 10:28 AM
Does anybody know if the z/OS FTP client uses zEDC when the
FTP command COMPRESS is used?
FIRST TENNESSEE

Confidentiality notice:
This e-mail message, including any attachments, may contain legally privileged 
and/or confidential information. If you are not the intended recipient(s), or 
the employee or agent responsible for delivery of this message to the intended 
recipient(s), you are hereby notified that any dissemination, distribution, or 
copying of this e-mail message is strictly prohibited. If you have received 
this message in error, please immediately notify the sender and delete this 
e-mail message from your computer.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Hardware upgrade z13 to z14....Yikes

[Mark Jacobs - Listserv]

If you have CryptoExpress cards on the z13's and will have on the z14's, and 
using ICSF with protected keys, you'll need to reinstall your current ICSF 
master keys (and maybe the previous ones too), into the new CryptoExpress cards.

Mark Jacobs

fred glenlake
February 26, 2018 at 11:10 AM
Hi List,

My management must be in line to cash in on performance bonuses because they 
have decreed we will upgrade our z13's to z14's in 90 days. This was a total 
out of left field surprise, perhaps our hardware vendor had a sale on for 
"Presidents Day", right next to the slacks and shirts and CEC's??

I am just starting to review the IBM considerations of going to z14's, lots to 
consider and read which I do not mind. Wondered if any list members had already 
moved to z14's and could share any land mines they encountered upgrading.

At the 10,000 foot level I am thinking to get this done quickly hardware wise 
we drop the new CEC's next to the existing ones. Hook them up to power, HMC's, 
etc. Then grab a couple of cables from existing CEC's for DASD and Tape, swing 
them over. Use the existing IOCP and IOCDS as the basis of the new IOCP/IOCDS, 
update serial numbers, models, etc. Then bring up our sysprog lpar on the new 
CEC, get that one going, update and fix software keys/licenses, issues with 
first IPL's on new CEC, etc. Once all the work is done in terms of getting 
ready for the rest of the lpars, then go for the big bang one weekend. Bring 
down the rest of the lpars, drop the cables, swing over to new CEC, hook up and 
IPL remaining lpars. Assuming no phat thumb checks it should work. Of course 
there are a ton of considerations to review and check, coupling facility stuff, 
software stuff, compatibility maintenance, etc. However all things being equal 
I am thinking this approach is likely the safest in terms of risk avoidance and 
getting this done with the 90 days. We could go the move one lpar at a time 
route but that would mean more work and it would take longer especially with 
our change management processes (bless their little hearts).

Any alternate suggestions or comments would be appreciated as I am sure there 
will still be a few land mines with my name on them waiting in the woods.

FredG.




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.

Jesse 1 Robinson
February 7, 2018 at 3:53 PM
I know this is not OP's first bronco ride in a sysplex rodeo, but I have a few 
more suggestions.

-- Create a new unique name for the combined sysplex.

-- Pick one (least critical) system and start there as the first member of the 
new sysplex.

-- Once the new sysplex is running with this one member, add in a second member.

-- Continue until all desired members have joined the new sysplex.

-- All along the way make extensive use of symbolics in names. One suggestion 
for DSN is the suffix '$SYS'. '$SYS' (or whatever you choose) is a 
kind of marker that several similar data sets exist in the sysplex with 
 identifying the owning member.

.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-543-6132 Office ⇐=== NEW
robin...@sce.com


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of fred glenlake
Sent: Tuesday, February 06, 2018 8:36 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: (External):Re: Setting up a new parallel sysplex

Hi Kees and Allan,

Thank you both for your suggestions. I greatly appreciate all the input I am 
receiving as I get through the "Insomnia Cure"I mean the IBM Red Book on 
Setting up a Sysplex. I will definitely include your input in my notes I am 
making as I read through the book.

Fred G.


From: IBM Mainframe Discussion List 
 on behalf of 
Vernooij, Kees (ITOPT1) - KLM 

Sent: February 6, 2018 8:56 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Setting up a new parallel sysplex

In addition to that, if you are implementing LOGGER CF Logstreams: beware if 
you read about putting more than 1 Logstream in a CF structure. As I 
understand, these are old recommendations and it is often difficult to convert 
them to 1 Logstream per CF structure.

Re: TSO temp dataset

[Mark Jacobs - Listserv]

I'm assuming you SMS manage temporary datasets. If so, assign them to a data 
class with enough dasd space.

Mark Jacobs

Nai, Dean
February 15, 2018 at 9:31 AM
The problem is it gets submitted by a RACF product called zSECURE so I have no 
control over it. I just generate the commands it uses and then tell it to 
submit a job.


Dean Nai
Senior z/OS Systems Programmer
Mainframe Technical Support Group










--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.

Nai, Dean
February 15, 2018 at 9:01 AM
When you submit a job through TSO your temp dataset gets created. I'm trying to 
submit a big job and my temp dataset keeps on running out of space. Any way of 
increasing the size of itthanks


Dean Nai
Senior z/OS Systems Programmer
Mainframe Technical Support Group





--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: IEA303W ABEND 878 REASON 00000004

[Mark Jacobs - Listserv]

Take a look at increasing INITSQA in LOADxx. It's likely you were close to the 
limit before, and some environmental change pushed it over the limit. You 
shouldn't need much of an increase from the default, or if you're specifying it 
now to het you past this problem.

Mark Jacobs

Jesse Lynch
February 11, 2018 at 2:04 PM
We got

IEA303W ABEND 878 REASON 0004 DURING
INITIALIZATION UNDER RIM IEAVNP23
OSC Index 12 connected to CPC4100A via IP
Addr 10.216.182.225:3270 **
LT Index=11 CSSID=00 MIFID=09 CU=0
UA=00 LUName=GMSTR **
Type=2965-N10 Mfg=IBM SN=000D2C07
message displayed during start up of .



at IPL over weekend on 2 of our LPARs.
For one, trying reipl worked fine. For the other we tried several times, no go.
RSU 1711 went into our 2.1 system. We searched on apars and found some old ones 
mentioning to increase
ESQA. There was some miscommunication and we increased ECSA from 570M to 650M 
for that one LPAR and it came
up just fine.

On further reading, it looks like if ESQA is exhausted, it might go to the ECSA.

So I have 2 questions

1). Anything we should look for on why this happened to us for the first time 
at IPL? Our maintenance?
or the fact because of the maintenance we stopped PPRC during the IPLs. Also we 
did update our ISV vendor software including CAs MIM. I know one of the old 
APARs mentioned GRS.

2). I am concerned that increasing ECSA might cost us in some way. Will this 
affect performance
or cause LPAR failure as we go along. I kind of looked at TMON for that LPAR 
and this is what I see:

CSA: 3068K( 34%) ECSA: 650M( 29%)
SQA: 800K( 56%) ESQA: 47076K( 61%)


We lost our senior Performance Guy to retirement recently which is why I am out 
here
asking for advice.

Thank you. Jess

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Best Practices for z/OS Maintenance

[Mark Jacobs - Listserv]

Usually when I did a new zOS upgrade I used the /var filesystem that shipped 
with that release, as well as the /etc file system. Made whatever necessary 
changes to the new /etc that we needed and moved along. Cloned the new /var and 
/etc file systems to each system in the sysplex.

Mark Jacobs


Jesse 1 Robinson
February 9, 2018 at 2:41 PM
Thanks. That seems obvious, but I generally use the SMPE dialog, which lists 
only one DDDEF at a time. I did a batch LIST DDDEF and found the same result: 
no reference to /etc or /var. I feel much better.

OTOH I think we're remiss in looking for new or modified /etc or /var values in 
a new release to incorporate in our local file systems. Is this just a matter 
of IEYEBALL inspection?

.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-543-6132 Office ⇐=== NEW
robin...@sce.com


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Jousma, David
Sent: Friday, February 09, 2018 11:17 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: (External):Re: Best Practices for z/OS Maintenance

Just did the LIST DDDEF. As suspected, there are no references in my V2.3 
target zones for anything /etc or /var or /Service/etc or /Service/var

_
Dave Jousma
Manager Mainframe Engineering, Assistant Vice President 
david.jou...@53.com
1830 East Paris, Grand Rapids, MI 49546 MD RSCB2H p 616.653.8429 f 616.653.2717


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Jesse 1 Robinson
Sent: Friday, February 09, 2018 1:32 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Best Practices for z/OS Maintenance

**CAUTION EXTERNAL EMAIL**

**DO NOT open attachments or click on links from unknown senders or unexpected 
emails**

I would like to investigate this issue here, but I don't know how to find a 
DDDEF that might point to the /etc or /var file system. As I said previously, 
our /etc and /var file systems in production are 'permanent' in that they are 
not updated by our maintenance migration. But I am concerned about the 
situation on the (only) system where we actually run SMPE.

.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-543-6132 Office ⇐=== NEW
robin...@sce.com


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Art Gutowski
Sent: Friday, February 09, 2018 9:53 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: (External):Re: Best Practices for z/OS Maintenance


SMP/E LIST DDDEF will confirm that assumption. It's been a while since I've had 
to do z/OS maintenance, but I've learned not to take anything for granted with 
SMP/E, and especially with z/OS UNIX filesystems.

IF you find any DDDEFs pointing to /etc or /var, they would need to be changed 
to some variation of /service as you hopefully do with your version FS. If you 
manage multiple target and distribution pairs, I highly recommend using 
automount to ensure SMP/E mounts the matching version root FS for the target 
zone and SYSRES. A colleague (who frequents this list), set this up at a prior 
shop of ours. It was not trivial. He had a ServiceLink Q open with IBM for 
weeks, and there was much discussion among the team and extensive testing. 
However, once the various maps were defined (we had to support multiple 
versions of languages as well), the DDDEFs were updated, and we modified our 
cloning process to keep up, everything worked flawlessly.

IJS, I would not take the lack of errors as a golden stamp of approval. We were 
burned badly by this assumption - our SYSRES and version FS (and SMP/E) got out 
of sync, and we had no obvious indication. If memory serves, we had to dig 
through the SMP/E LOG (the job SYSOUT was probably long gone) to find that 
SMP/E had done exactly what it was told to do: apply UNIX elements to the wrong 
path/filesystem.

Art

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.

Re: Insomnia cure

[Mark Jacobs - Listserv]

I've always used the RACROUTE Macro Reference manual as a sleep aid.

Nightwatch RenBand
February 8, 2018 at 11:49 AM
> I greatly appreciate all the input I am receiving as I get through the
"Insomnia Cure"I mean the > IBM Red Book on Setting up a Sysplex.

Thank, Fred G..
For several decades I have kept various IBM manuals by my bed as an
"insomnia cure". I suspect I will continue after I retire because it
always works. Surprised IBM has not figured out how to make money off
this.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: So long and thanks for all the fish

[Mark Jacobs - Listserv]

Yes on the CDS question.

Dana Mitchell
February 8, 2018 at 8:58 AM

Does Meredith use CDS for fulfillment? CDS used to be a mainframe shop here in 
town, they converted to IBM i years ago. Meredith was also a good sized 
mainframe shop in the past too, but sadly no more. Fewer and fewer local shops 
remain.

Good luck with your future endeavors!

Dana

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com'.


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: So long and thanks for all the fish

[Mark Jacobs - Listserv]

The new owners didn't want to be in the fulfillment business so they're moving 
all Time Inc fulfillment activities to their current service provider.

Mark Jacobs


Jackson, Rob<mailto:rwjack...@firsttennessee.com>
February 7, 2018 at 8:55 PM
That is a crying, damn shame. Inherently foolish and willfully ignorant, and I 
imagine subject to the supposition that they cannot find resources to support 
it in the future.

Good luck to you, Mark.


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Mark Jacobs - Listserv
Sent: Wednesday, February 07, 2018 8:29 PM
To: IBM-MAIN@LISTSERV.UA.EDU<mailto:IBM-MAIN@LISTSERV.UA.EDU>
Subject: So long and thanks for all the fish

[External Email]

Sometime this year all existing mainframe processes will be moved to another 
fulfillment house(non-mainframe) for Time Inc (now Meredith Corporation) and 
Time Customer Service will be shut down. It's been a great 22.5 years here for 
me, I might make it to 23 in August before I'm terminated. After that happens, 
who knows what the future brings.
--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu> with the message: 
INFO IBM-MAIN
FIRST TENNESSEE

Confidentiality notice:
This e-mail message, including any attachments, may contain legally privileged 
and/or confidential information. If you are not the intended recipient(s), or 
the employee or agent responsible for delivery of this message to the intended 
recipient(s), you are hereby notified that any dissemination, distribution, or 
copying of this e-mail message is strictly prohibited. If you have received 
this message in error, please immediately notify the sender and delete this 
e-mail message from your computer.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu> with 
the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 
'phish...@meredith.com<mailto:phish...@meredith.com>'.

Mark Jacobs - Listserv<mailto:mark.jac...@custserv.com>
February 7, 2018 at 8:29 PM
Sometime this year all existing mainframe processes will be moved to another 
fulfillment house(non-mainframe) for Time Inc (now Meredith Corporation) and 
Time Customer Service will be shut down. It's been a great 22.5 years here for 
me, I might make it to 23 in August before I'm terminated. After that happens, 
who knows what the future brings.

--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

So long and thanks for all the fish

[Mark Jacobs - Listserv]

Sometime this year all existing mainframe processes will be moved to another 
fulfillment house(non-mainframe) for Time Inc (now Meredith Corporation) and 
Time Customer Service will be shut down. It's been a great 22.5 years here for 
me, I might make it to 23 in August before I'm terminated. After that happens, 
who knows what the future brings.
--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Pervasive Dataset Encrypted Question

[Mark Jacobs - Listserv]

The accessing of encrypted data is done from the restored system. The system 
I'm asking about, without the required maintenance restores volumes, which 
includes the ICSF databases, production catalogs,...Once everything is restored 
from the bootstrap environment, we IPL the restored production environment.

Mark Jacobs

Mike Schwab<mailto:mike.a.sch...@gmail.com>
January 31, 2018 at 6:55 PM
Since the restore is run without the PTF, it won't restore the
encryption key and you won't be able to access the file after IPLing
with the PTF.

On Wed, Jan 31, 2018 at 5:34 PM, Mark Jacobs - Listserv
<mark.jac...@custserv.com><mailto:mark.jac...@custserv.com> wrote:
> That's all we're looking for. The system in question is used as our DR 
> bootstrap system that restores logically dumped volumes. There's no need to 
> access encrypted data on that system once restored.
>
> Mark Jacobs
>
> Mike Schwab<mailto:mike.a.sch...@gmail.com><mailto:mike.a.sch...@gmail.com>
> January 31, 2018 at 3:02 PM
> http://publibz.boulder.ibm.com/zoslib/pdf/OA50569.pdf<http://publibz.boulder.ibm.com/zoslib/pdf/OA50569.pdf><http://publibz.boulder.ibm.com/zoslib/pdf/OA50569.pdf<http://publibz.boulder.ibm.com/zoslib/pdf/OA50569.pdf>>
> Printed page 4:
> z/OS 2.2 with OA50569 can create encrypted datasets.
> z/OS 2.1 with OA50569 cannot create encrypted datasets, can read
> encrypted datasets from 2.2.
>
> So without OA50569, I would assume it would not recognized that it was
> encrypted. It would restore but you could not decrypt it.
>
> On Wed, Jan 31, 2018 at 12:46 PM, Mark Jacobs - Listserv
> <mark.jac...@custserv.com><mailto:mark.jac...@custserv.com><mailto:mark.jac...@custserv.com><mailto:mark.jac...@custserv.com>
>  wrote:
>> I'm not seeing any reason why not, but can a zOS 2.2 system without the
>> required maintenance (OA50569) restore logically dumped volumes using
>> ADRDSSU that contain datasets encrypted by a zOS 2.2 system that has the
>> maintenance applied? There will be no access to this encrypted data on
>> the restoring system other than the restore from tape.
>> --
>> *One grows tired of jelly babies, Castellan. One grows tired of almost
>> everything, Castellan, except power.
>> -- The Doctor, in David Agnew's _The Invasion of Time_*
>>
>>
>> --
>> For IBM-MAIN subscribe / signoff / archive access instructions,
>> send email to 
>> lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu>
>>  with the message: INFO IBM-MAIN
>
>
>
> --
> Mike A Schwab, Springfield IL USA
> Where do Forest Rangers go to get away from it all?
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to 
> lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu><mailto:lists...@listserv.ua.edu>
>  with the message: INFO IBM-MAIN
>
>
> Please be alert for any emails that may ask you for login information or 
> directs you to login via a link. If you believe this message is a phish or 
> aren't sure whether this message is trustworthy, please send the original 
> message as an attachment to 
> 'phish...@timeinc.com<mailto:phish...@timeinc.com><mailto:phish...@timeinc.com><mailto:phish...@timeinc.com>'.
>
> Mark Jacobs - 
> Listserv<mailto:mark.jac...@custserv.com><mailto:mark.jac...@custserv.com>
> January 31, 2018 at 1:46 PM
> I'm not seeing any reason why not, but can a zOS 2.2 system without the 
> required maintenance (OA50569) restore logically dumped volumes using ADRDSSU 
> that contain datasets encrypted by a zOS 2.2 system that has the maintenance 
> applied? There will be no access to this encrypted data on the restoring 
> system other than the restore from tape.
>
> --
>
> Mark Jacobs
> Time Customer Service
> Global Technology Services
>
> The standard you walk past is the standard you accept.
> Lt. Gen. David Morrison
>
>
> This electronic message, including any attachments, may contain proprietary, 
> confidential or privileged information for the sole use of the intended 
> recipient(s). You are hereby notified that any unauthorized disclosure, 
> copying, distribution, or use of this message is prohibited. If you have 
> received this message in error, please immediately notify the sender by reply 
> e-mail and delete it.
>
> --
> For IBM-MAIN subscribe / signoff 

Re: Pervasive Dataset Encrypted Question

[Mark Jacobs - Listserv]

That's all we're looking for. The system in question is used as our DR 
bootstrap system that restores logically dumped volumes. There's no need to 
access encrypted data on that system once restored.

Mark Jacobs

Mike Schwab<mailto:mike.a.sch...@gmail.com>
January 31, 2018 at 3:02 PM
http://publibz.boulder.ibm.com/zoslib/pdf/OA50569.pdf<http://publibz.boulder.ibm.com/zoslib/pdf/OA50569.pdf>
Printed page 4:
z/OS 2.2 with OA50569 can create encrypted datasets.
z/OS 2.1 with OA50569 cannot create encrypted datasets, can read
encrypted datasets from 2.2.

So without OA50569, I would assume it would not recognized that it was
encrypted. It would restore but you could not decrypt it.

On Wed, Jan 31, 2018 at 12:46 PM, Mark Jacobs - Listserv
<mark.jac...@custserv.com><mailto:mark.jac...@custserv.com> wrote:
> I'm not seeing any reason why not, but can a zOS 2.2 system without the
> required maintenance (OA50569) restore logically dumped volumes using
> ADRDSSU that contain datasets encrypted by a zOS 2.2 system that has the
> maintenance applied? There will be no access to this encrypted data on
> the restoring system other than the restore from tape.
> --
> *One grows tired of jelly babies, Castellan. One grows tired of almost
> everything, Castellan, except power.
> -- The Doctor, in David Agnew's _The Invasion of Time_*
>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu> with 
> the message: INFO IBM-MAIN



--
Mike A Schwab, Springfield IL USA
Where do Forest Rangers go to get away from it all?

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu> with 
the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 'phish...@timeinc.com<mailto:phish...@timeinc.com>'.

Mark Jacobs - Listserv<mailto:mark.jac...@custserv.com>
January 31, 2018 at 1:46 PM
I'm not seeing any reason why not, but can a zOS 2.2 system without the 
required maintenance (OA50569) restore logically dumped volumes using ADRDSSU 
that contain datasets encrypted by a zOS 2.2 system that has the maintenance 
applied? There will be no access to this encrypted data on the restoring system 
other than the restore from tape.

--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


This electronic message, including any attachments, may contain proprietary, 
confidential or privileged information for the sole use of the intended 
recipient(s). You are hereby notified that any unauthorized disclosure, 
copying, distribution, or use of this message is prohibited. If you have 
received this message in error, please immediately notify the sender by reply 
e-mail and delete it.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Pervasive Dataset Encrypted Question

[Mark Jacobs - Listserv]

I'm not seeing any reason why not, but can a zOS 2.2 system without the
required maintenance (OA50569) restore logically dumped volumes using
ADRDSSU that contain datasets encrypted by a zOS 2.2 system that has the
maintenance applied? There will be no access to this encrypted data on
the restoring system other than the restore from tape.
-- 
*One grows tired of jelly babies, Castellan. One grows tired of almost
everything, Castellan, except power.
-- The Doctor, in David Agnew's _The Invasion of Time_*


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Intel Chip flaw

[Mark Jacobs - Listserv]

The IBM Security/Integrity portal has the information you're seeking.

Mark Jacobs

> David Crayford 
> January 5, 2018 at 7:09 AM
>
>
> Indeed. And there are Linux patches for AMD WRT RDSTC speculation
> exploits
> https://github.com/openSUSE/kernel/commit/6a334d96b8c8924357e2c692c305066f512ec1b8.
>
>
>
> IBM remain tight lipped about z/OS exploits but are releasing patches
> for POWER which shares a similar DNA to Z, so I wonder if there are
> vulnerabilities.
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
>
>
> Please be alert for any emails that may ask you for login information
> or directs you to login via a link. If you believe this message is a
> phish or aren't sure whether this message is trustworthy, please send
> the original message as an attachment to 'phish...@timeinc.com'.
>
> Cannaerts, Jan 
> January 5, 2018 at 4:53 AM
> >Example code is already out there
> >https://gist.github.com/ErikAugust/724d4a969fb2c6ae1bbd7b2a9e3d4bb6
> .
> I
> >built this on my PC and it worked! Is there a zArch instruction to flush
> >a cache line like the _mm_clflush() built-in for x86? If so it would be
> >easy to compile and run spectre.c on z/OS and see what happens.
>
> Parts of Spectre consist of training the branch predictor to predict
> that the
> branch will go to an address you want it to perform speculative
> execution on.
> The research teams have targeted Intel's Haswell line in particular
> for this.
>
> It also relies on the branch predictor masking the addresses in the branch
> target buffer. The higher parts of the addresses are ignored, giving
> much more
> freedom to the attacker. Furthermore the entries in the BTB are not
> linked to
> an invididual address-space. The branch predictor will use a
> prediction that
> it was trained from in address space A, in address space B. I don't know
> enough about branch prediction on z/Arch to tell you if it's as
> trainable as
> the Intel or AMD branch predictors.
>
> And as you said, you need some control over what lives in the cache
> and what
> does not. There are some z/Arch instructions to mark cached data as no
> longer
> important, but the PoP specifically mentions that the CPU does not
> necessarily
> remove the data from cache. You can trick the CPU in to filling the
> cache with
> junk that you're using in a dummy process though.
>
> The code in the example is still Intel specific. AMD is an "Intel
> clone", as far
> as instruction set and behavior goes, but they differ on a microcode
> level.
> x86 and z/Arch differ in many more ways.
>
> -
> Jan
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
>
> Please be alert for any emails that may ask you for login information
> or directs you to login via a link. If you believe this message is a
> phish or aren't sure whether this message is trustworthy, please send
> the original message as an attachment to 'phish...@timeinc.com'.
>

-- 

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Security PTFS

[Mark Jacobs - Listserv]

The Security and Integrity Portal on ResourceLink should have what
you're looking for.

> גדי בן אבי 
> January 3, 2018 at 7:18 AM
> Hi,
>
> Does IBM publish a list of PTF’s that are related to security,
> especially preventing unauthorized access from outside the mainframe.
>
> Gadi
> לתשומת ליבך, בהתאם לנהלי חברת מלם מערכות בע"מ ו/או כל חברת בת ו/או
> חברה קשורה שלה (להלן : "החברה") וזכויות החתימה בהן, כל הצעה, התחייבות
> או מצג מטעם החברה, מחייבים מסמך נפרד וחתום על ידי מורשי החתימה של
> החברה, הנושא את לוגו החברה או שמה המודפס ובצירוף חותמת החברה. בהעדר
> מסמך כאמור (לרבות מסמך סרוק) המצורף להודעת דואר אלקטרוני זאת, אין
> לראות באמור בהודעה אלא משום טיוטה לדיון, ואין להסתמך עליה לביצוע פעולה
> עסקית או משפטית כלשהי. Please note that in accordance with Malam
> and/or its subsidiaries (hereinafter : "Malam") regulations and
> signatory rights, no offer, agreement, concession or representation is
> binding on the Malam, unless accompanied by a duly signed separate
> document (or a scanned version thereof), affixed with the Malam seal.
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
>
>
> Please be alert for any emails that may ask you for login information
> or directs you to login via a link. If you believe this message is a
> phish or aren't sure whether this message is trustworthy, please send
> the original message as an attachment to 'phish...@timeinc.com'.
>

-- 

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Can anyone remember "drum" storage?

[Mark Jacobs - Listserv]

When I started working in the field, 1979, they had a couple of 2305
devices attached to a 3033 processor. They used it for PLPA and COMMON
paging devices if I remember correctly.

Mark Jacobs

> Joel C. Ewing 
> December 20, 2017 at 10:05 AM
> No, not the  same. 
>
> From the description of the physical characteristics of the 3380 & 3390,
> it was clear that each actuator accessed independent platter surfaces. 
> The R/W heads on different actuators did not access the same physical
> surface much less the same physical track. 
>
> The 3380 & 3390 hard drive modules each contained two functionally
> independent hard drives within a single module.  Putting platters for
> both in one module housing reduced costs and size by allowing platters
> for two drives to have a shared drive shaft, shared  bearings, and a
> shared drive motor.
>
> The Seagate design description clearly indicates  two R/W heads
> accessing the same physical track.  That sounds like they can at a
> minimum be used to cut rotational latency time in half, and maybe (not
> clear) even read or write different parts of the same track at the same
> time with the potential for doing a full-track transfer in only 1/2
> revolution of the disk.  If both are true, they have effectively doubled
> the peak transfer rate of the drive and cut the latency time in half
> without having to increase either the density or rotational speed of the
> device.
> Joel C Ewing
>
> On 12/20/2017 07:31 AM, Vernooij, Kees (ITOPT1) - KLM wrote:
> > The 3380 (3390 also?) had the same, one pack of disks with 2
> independent actuators on each side, representing 2 volumes.
> >
> > Kees.
> >
> >> -Original Message-
> >> From: IBM Mainframe Discussion List
> [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
> >> Behalf Of Tony Thigpen
> >> Sent: 20 December, 2017 14:19
> >> To: IBM-MAIN@LISTSERV.UA.EDU
> >> Subject: Re: Can anyone remember "drum" storage?
> >>
> >> From reading the description, it really just appears to the OS as two
> >> drives in one housing.
> >>
> >> Tony Thigpen
> >>
> >> John McKown wrote on 12/20/2017 08:08 AM:
> >>> It's not really a drum, but it is getting closer. Of course, for true
> >>> speed, one should go SSD.
> >>>
> >>>
> >>
> http://www.theregister.co.uk/2017/12/19/seagate_disk_drive_multi_actuato
> 
> >> r/
> >>> [quote]
> >>>
> >>> Seagate is increasing IO performance in disk drives by separating
> >>> read-write heads into two separate sets which can operate
> >> independently and
> >>> in parallel.
> >>>
> >>> The heads are positioned at one end of actuator arms which rotate
> >> around a
> >>> post at their other end to move the heads across the platter surfaces.
> >>> Thus, with an eight-platter drive, each read-write head is positioned
> >> above
> >>> the same cylindrical track on each platter and reads or writes to and
> >> from
> >>> the same disk blocks on each platter's surface.
> >>>
> >>> [\quote]
> >>>
> >>>
> >> ...
>
>
> -- 
> Joel C. Ewing, Bentonville, AR jcew...@acm.org
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
>
> Please be alert for any emails that may ask you for login information
> or directs you to login via a link. If you believe this message is a
> phish or aren't sure whether this message is trustworthy, please send
> the original message as an attachment to 'phish...@timeinc.com'.
>
> Tony Thigpen 
> December 20, 2017 at 8:18 AM
> From reading the description, it really just appears to the OS as two
> drives in one housing.
>
> Tony Thigpen
>
> John McKown wrote on 12/20/2017 08:08 AM:
> > It's not really a drum, but it is getting closer. Of course, for true
> > speed, one should go SSD.
> >
> >
> http://www.theregister.co.uk/2017/12/19/seagate_disk_drive_multi_actuator/
> 
> >
> > [quote]
> >
> > Seagate is increasing IO performance in disk drives by separating
> > read-write heads into two separate sets which can operate
> independently and
> > in parallel.
> >
> > The heads are positioned at one end of actuator arms which rotate
> around a
> > post at their other end to move the heads across the platter surfaces.
> > Thus, with an eight-platter drive, each read-write head is
> positioned above
> > the same cylindrical track on each platter and reads or writes to
> and from
> > the same disk blocks on each platter's surface.
> >
> > [\quote]
> >
> >
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
>
> Please be alert for any emails that may ask you for login information
> or 

Re: Fire-call, emergency RACF userid

[Mark Jacobs - Listserv]

We're using Vanguard ez/Token, SecurID product. We have a single
Firecall userid, that can be "checked out" by any authorized person.
Without having that userid assigned its own token/pin I'm not sure how
to crack this nut.

Mark Jacobs


> Chicklon, Thomas <mailto:thomas.chick...@53.com>
> December 8, 2017 at 11:48 AM
> What are you using for MFA?
>
> CA's relatively new Advanced Authentication Mainframe product will let
> you map a Top Secret user ID to a different ID for RSA authorization.
> I used this set up for initial testing of the product- log on to the
> mainframe using a test ID that is mapped to my real ID's RSA pin and
> token.
>
> If you can do this, seems you can have a set of fire-call IDs that all
> map to the secret pin and token that are both sitting in the safe.
> After use, Info Sec changes the pin and the new pin and token go back
> into the safe.
>
> Tom Chicklon
>
> -Original Message-
> From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
> On Behalf Of Mark Jacobs - Listserv
> Sent: Thursday, December 07, 2017 3:12 PM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: Fire-call, emergency RACF userid
>
> **CAUTION EXTERNAL EMAIL**
>
> **DO NOT open attachments or click on links from unknown senders or
> unexpected emails**
>
> The way our MFA solution works is that we associate the RACF userid to
> an Active Directory userid, and use our existing RSA SecureID Token
> infrastructure as the second authentication factor. I'm not seeing how
> I can tie the shared userid to a single AD Userid/RSA Token.
>
> Mark Jacobs
>
>
> Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
> December 7, 2017 at 3:12 PM
> The way our MFA solution works is that we associate the RACF userid to
> an Active Directory userid, and use our existing RSA SecureID Token
> infrastructure as the second authentication factor. I'm not seeing how
> I can tie the shared userid to a single AD Userid/RSA Token.
>
> Mark Jacobs
>
>
> Carmen Vitullo <mailto:cvitu...@hughes.net>
> December 7, 2017 at 2:58 PM
> Hey Mark, the last two places I worked we had fire-call ID's that were
> 'suspended' (inactive) and after each use (DR) mostly ,secadmin would
> change the password, store the password in an envelope on a lock box
> in the computer room, this was before MFA, only MFA experience we have
> is windows, LAN ID's
> I suspect with MFA, you don't need to suspend the ID, since you'd need
> a password and a PIN to be valid?
>
>
>
>
>
>
> Carmen Vitullo
>
> - Original Message -
>
> From: "Mark Jacobs - Listserv" <mark.jac...@custserv.com>
> To: IBM-MAIN@LISTSERV.UA.EDU
> Sent: Thursday, December 7, 2017 1:37:43 PM
> Subject: Fire-call, emergency RACF userid
>
> We have an emergency use userid with it's password "locked in a safe",
> which can be used by authorized people when/if needed. How do other
> organizations better control something like this? I'm asking since we're
> implementing MFA for "special" userids, and I don't know how to fit this
> shared userid into the MFA framework.
> --
>
> Mark Jacobs
> Time Customer Service
> Global Technology Services
>
> The standard you walk past is the standard you accept.
> Lt. Gen. David Morrison
>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
>
>
> Please be alert for any emails that may ask you for login information
> or directs you to login via a link. If you believe this message is a
> phish or aren't sure whether this message is trustworthy, please send
> the original message as an attachment to 'phish...@timeinc.com'.
>

-- 

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Fire-call, emergency RACF userid

[Mark Jacobs - Listserv]

The way our MFA solution works is that we associate the RACF userid to
an Active Directory userid, and use our existing RSA SecureID Token
infrastructure as the second authentication factor. I'm not seeing how I
can tie the shared userid to a single AD Userid/RSA Token.

Mark Jacobs

> Carmen Vitullo <mailto:cvitu...@hughes.net>
> December 7, 2017 at 2:58 PM
> Hey Mark, the last two places I worked we had fire-call ID's that were
> 'suspended' (inactive) and after each use (DR) mostly ,secadmin would
> change the password, store the password in an envelope on a lock box
> in the computer room, this was before MFA, only MFA experience we have
> is windows, LAN ID's
> I suspect with MFA, you don't need to suspend the ID, since you'd need
> a password and a PIN to be valid?
>
>
>
>
>
>
> Carmen Vitullo
>
> ----- Original Message -
>
> From: "Mark Jacobs - Listserv" <mark.jac...@custserv.com>
> To: IBM-MAIN@LISTSERV.UA.EDU
> Sent: Thursday, December 7, 2017 1:37:43 PM
> Subject: Fire-call, emergency RACF userid
>
> We have an emergency use userid with it's password "locked in a safe",
> which can be used by authorized people when/if needed. How do other
> organizations better control something like this? I'm asking since we're
> implementing MFA for "special" userids, and I don't know how to fit this
> shared userid into the MFA framework.
> --
>
> Mark Jacobs
> Time Customer Service
> Global Technology Services
>
> The standard you walk past is the standard you accept.
> Lt. Gen. David Morrison
>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
>
>
> Please be alert for any emails that may ask you for login information
> or directs you to login via a link. If you believe this message is a
> phish or aren't sure whether this message is trustworthy, please send
> the original message as an attachment to 'phish...@timeinc.com'.
>
> Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
> December 7, 2017 at 2:37 PM
> We have an emergency use userid with it's password "locked in a safe",
> which can be used by authorized people when/if needed. How do other
> organizations better control something like this? I'm asking since
> we're implementing MFA for "special" userids, and I don't know how to
> fit this shared userid into the MFA framework.

-- 

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Fire-call, emergency RACF userid

[Mark Jacobs - Listserv]

We have an emergency use userid with it's password "locked in a safe",
which can be used by authorized people when/if needed. How do other
organizations better control something like this? I'm asking since we're
implementing MFA for "special" userids, and I don't know how to fit this
shared userid into the MFA framework.
-- 

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: NFS on Mainframe

[Mark Jacobs - Listserv]

Last time I looked (about 15 years ago), zOS has both an NFS client and
server available.

> Timothy Sipples 
> December 4, 2017 at 4:01 AM
> To clarify, z/OS is the NFS client, and something else is the NFS server,
> correct?
>
> It'd be helpful to know exactly what is the NFS server. If it's AIX, what
> release? If it's NetApp's NFS server, same question.
>
> 
> Timothy Sipples
> IT Architect Executive, Industry Solutions, IBM Z and LinuxONE, AP/GCG/MEA
> E-Mail: sipp...@sg.ibm.com
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
>
>
> Please be alert for any emails that may ask you for login information
> or directs you to login via a link. If you believe this message is a
> phish or aren't sure whether this message is trustworthy, please send
> the original message as an attachment to 'phish...@timeinc.com'.
>

-- 

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Are JZOS JVM loader excutables installed in PDSE libraries?

[Mark Jacobs - Listserv]

If they're installed with SMP/e, they should be placed in the dataset 
pointed to by DDDEF SIEALNKE



  Entry Type:  PROGRAM
  Entry Name:  JVMLDM60


FMID  HJVA600
RMID  UI14482
DISTLIB   AIEALNKE
SYSLIBSIEALNKE
   

Talk with your systems staff. They might help you find them.

Mark Jacobs

Farley, Peter x23353 <mailto:peter.far...@broadridge.com>
November 7, 2017 at 4:19 PM
Yes those are the ones, but they are not present in that library on 
our systems. Maybe your kind and generous systems staff made those 
copies for you? Mine apparently did not.


Peter

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
On Behalf Of Mark Jacobs - Listserv

Sent: Tuesday, November 07, 2017 4:10 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Are JZOS JVM loader excutables installed in PDSE libraries?

Are you talking about these?

BROWSE SYS1.SIEALNKE
Command ===>
Name Prompt
_ JVMLDM60
_ JVMLDM61
_ JVMLDM66
_ JVMLDM67
_ JVMLDM70
_ JVMLDM71
_ JVMLDM76
_ JVMLDM77
_ JVMLDM80
_ JVMLDM86

--

This message and any attachments are intended only for the use of the 
addressee and may contain information that is privileged and 
confidential. If the reader of the message is not the intended 
recipient or an authorized representative of the intended recipient, 
you are hereby notified that any dissemination of this communication 
is strictly prohibited. If you have received this communication in 
error, please notify us immediately by e-mail and delete the message 
and any attachments from your system.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
November 7, 2017 at 4:10 PM
Are you talking about these?

BROWSESYS1.SIEALNKE
Command ===>
   Name Prompt
_ JVMLDM60
_ JVMLDM61
_ JVMLDM66
_ JVMLDM67
_ JVMLDM70
_ JVMLDM71
_ JVMLDM76
_ JVMLDM77
_ JVMLDM80
_ JVMLDM86


Farley, Peter x23353 <mailto:peter.far...@broadridge.com>
November 7, 2017 at 4:00 PM
This is a JZOS installation and documentation question. At our 
installation (z/OS V2.1), versions of the JZOS loader executables 
(JVMLDMxx) live in these Unix directories:


/usr/lpp/java/Jx.y/mvstools

/usr/lpp/java/Jx.y_64/mvstools

Where "x.y" is the Java version, like 6.0 or 7.0, etc.

As Gil has pointed out several times, you cannot *legally* use a Unix 
directory in a STEPLIB DD or concatenation (well, anyway it is not 
documented that you can). And in fact although this may occasionally 
work with an empty PDS(E) as the first catenand, my experience of 
trying this with the JZOS loader executables is that it generates an 
S922 abend (fatal error in initiator, SVC dump taken).


So my installation question is this: Does the normal installation of 
the JZOS component also include automatic copying of the JVMLDMxx 
executable(s) into some system-maintained PDSE(s)?


If not, where is it documented how to copy these executable(s) into a 
PDSE library which can legally be used as a STEPLIB, and that it is 
the user's responsibility to do this in order to use JZOS?


I have figured out with help from the MVS-OE list (or maybe I had help 
here, ATM I do not remember) that "/bin/cp -X" is the "right" way to 
copy those executables into a PDSE, but I would like to see the actual 
documentation, if any, which references that (or some other) method as 
a user responsibility.


TIA for any info or RTFM you can provide.

Peter
--

This message and any attachments are intended only for the use of the 
addressee and may contain information that is privileged and 
confidential. If the reader of the message is not the intended 
recipient or an authorized representative of the intended recipient, 
you are hereby notified that any dissemination of this communication 
is strictly prohibited. If you have received this communication in 
error, please notify us immediately by e-mail and delete the message 
and any attachments from your system.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
ph

Re: Are JZOS JVM loader excutables installed in PDSE libraries?

[Mark Jacobs - Listserv]

Are you talking about these?

BROWSESYS1.SIEALNKE
Command ===>
   Name Prompt
_ JVMLDM60
_ JVMLDM61
_ JVMLDM66
_ JVMLDM67
_ JVMLDM70
_ JVMLDM71
_ JVMLDM76
_ JVMLDM77
_ JVMLDM80
_ JVMLDM86


Farley, Peter x23353 
November 7, 2017 at 4:00 PM
This is a JZOS installation and documentation question. At our 
installation (z/OS V2.1), versions of the JZOS loader executables 
(JVMLDMxx) live in these Unix directories:


/usr/lpp/java/Jx.y/mvstools

/usr/lpp/java/Jx.y_64/mvstools

Where "x.y" is the Java version, like 6.0 or 7.0, etc.

As Gil has pointed out several times, you cannot *legally* use a Unix 
directory in a STEPLIB DD or concatenation (well, anyway it is not 
documented that you can). And in fact although this may occasionally 
work with an empty PDS(E) as the first catenand, my experience of 
trying this with the JZOS loader executables is that it generates an 
S922 abend (fatal error in initiator, SVC dump taken).


So my installation question is this: Does the normal installation of 
the JZOS component also include automatic copying of the JVMLDMxx 
executable(s) into some system-maintained PDSE(s)?


If not, where is it documented how to copy these executable(s) into a 
PDSE library which can legally be used as a STEPLIB, and that it is 
the user's responsibility to do this in order to use JZOS?


I have figured out with help from the MVS-OE list (or maybe I had help 
here, ATM I do not remember) that "/bin/cp -X" is the "right" way to 
copy those executables into a PDSE, but I would like to see the actual 
documentation, if any, which references that (or some other) method as 
a user responsibility.


TIA for any info or RTFM you can provide.

Peter
--

This message and any attachments are intended only for the use of the 
addressee and may contain information that is privileged and 
confidential. If the reader of the message is not the intended 
recipient or an authorized representative of the intended recipient, 
you are hereby notified that any dissemination of this communication 
is strictly prohibited. If you have received this communication in 
error, please notify us immediately by e-mail and delete the message 
and any attachments from your system.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Standalone IPL ADRDSSU and Operating Systems Messages z14

[Mark Jacobs - Listserv]

Have you recreated the iplable tape with the latest level of standalone 
ADRDSSU? Is there anything in the z14 PSP bucket? I'd start with those 
items.



Crispin Hugo 
November 3, 2017 at 5:55 PM
I have used the tape many times on zBC12 but when I use it on Z14 , 
when I go to Operating Systems Messages, I get

OSM0002 Messages Interface Unavailable.
I have tried this on HMC and SE and get the same.

I have trawled the manuals and I can't see what has changed or what 
needs to be done.

As usual any suggestions Welcome

Crispin Hugo
Systems Specialist
Macro 4 Limited
d: +44 1293 872121 | m: +44 7753951308 | t: +44 1293 872000 | 
www.macro4.com 





Registered office: The Orangery, Turners Hill Road, Worth, Crawley, 
West Sussex, RH10 4SS

Registered in England no: 00927588

Please consider the environment and only print this email if you 
really need to.


This message (including any attachments) contains confidential 
information that is PRIVILEGED, CONFIDENTIAL and/or ATTORNEY WORK 
PRODUCT and is intended only for the individual(s) named herein. If 
you are not the intended recipient, you are hereby notified that any 
dissemination, distribution or copying of this email is strictly 
prohibited. If you have received this message in error, please notify 
the Macro 4 Postmaster (postmas...@macro4.com) of the error 
immediately, do not read or use the email and any attachments in any 
manner, destroy all copies, and delete it from your system if the 
communication was sent via email. Macro 4 Limited, Tel: +44 1293 
872000 Fax: +44 1293 872001.






--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: IKJEFTxx should fail if not JobStep Task

[Mark Jacobs - Listserv]

Yes I did. Gave them the same treatment as the French Soldier in Monty 
Python and the Holy Grail when he taunted King Arthur.


Mark Jacobs


Edward Gould 
October 30, 2017 at 2:26 PM
Semi on topic.
Have any of you seen the “video” that claims that they can bypass 
system integrity with one program?
I saw one such presentation and asked the golden question about update 
access to an APF library.

They never got around to answering my question.
BTW: IIRC it was some dog and pony show to sell you security. Its been 
a couple of months and I just don’t remember the name.


Ed


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Steve Smith 
October 30, 2017 at 10:15 AM
There is no need here to document the exact methods the OP used to
bypass restrictions and violate system integrity. It's not hard to
figure out if you have much experience.

Given access to an APF-authorized library, one can do whatever one
wants, regardless of the "rules".

sas

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Peter Hunkeler 
October 30, 2017 at 2:53 AM

The TSO TMP is designed to be attached only by EXEC PGM=IKJEFTxx, or by the 
TSO/E Session Manager (when Session Manager is the EXEC PGM= on the logon 
proc). Attaching the TMP by any other program is unsupported.



Attaching the TMP in an IMS dependent region or a CICS AOR will violate the 
System Integrity and thus the security of your system, since it will allow the 
unauthorized transaction programs in those regions to take over the system in 
anyway that they desire.



This raises the question then, why does IKJEFTxx *not* check this and fail if 
not run as job step task?



Because it requires APF to invoke the TMP. And if you allow your CICS or IMS to 
run APF, this is the least of your problems.





In the first paragraph, there is no talk about APF. When it comes to running 
things with APF when they should not, I fully agree.
I understand the comment to say that running PGM A via EXEC PGM=A, and then PGM 
A attaches or links to IKJEFTxx, this is not supported. If this means that 
things may not work as expected, there is no support. If this means that things 
may not work as expected *and* things may endanger system integrity, then I 
think it should not be possible to get into that situation (as unauthorized 
program).


But, even if the region controllers in IMS and CICS run authorized (I guess 
they do), they are designed to run application (transaction) programs with only 
problem state authority. Why would the TMP be attached in a different mode it 
run as transaction program?


--
Peter Hunkeler



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 'phish...@timeinc.com'.

Binyamin Dissen 
October 29, 2017 at 3:07 PM
On Sun, 29 Oct 2017 16:00:20 +0100 Peter Hunkeler  wrote:

:>>The TSO TMP is designed to be attached only by EXEC PGM=IKJEFTxx, 
or by the TSO/E Session Manager (when Session Manager is the EXEC PGM= 
on the logon proc). Attaching the TMP by any other program is unsupported.


:>>Attaching the TMP in an IMS dependent region or a CICS AOR will 
violate the System Integrity and thus the security of your system, 
since it will allow the unauthorized transaction programs in those 
regions to take over the system in anyway that they desire.


:>This raises the question then, why does IKJEFTxx *not* check this 
and fail if not run as job step task?


Because it requires APF to invoke the TMP. And if you allow your CICS 
or IMS

to run APF, this is the least of your problems.

MVS provides the child hammer for non-APF and the real hammer for APF. You
want to use 

Re: Question on some z/OS Tuning Parms USEZOSV1R9RULES and MEMDSENQMGT

[Mark Jacobs - Listserv]

I enabled MEMDSENQMGT with zOS 1.12. Also started to use it in our 
sysres build program;


 IEFDDSRV MODIFY,TYPE=FEATURE,DSENQMGMT=MEMORY USE MEMORY-BASED
*  DATA SET ENQ
*  MANAGEMENT FOR
*  DYNAMICALLY
*  ALLOCATED DATA
*  SETS


Barbara Nitz 
October 30, 2017 at 2:45 AM

We have been running with USEZOSV1R9RULES( NO) for the past 1.5 years, 
ever since I set it when I joined the company. We did not have any 
issues, and we run mostly DB2 in addition to homegrown stuff.


If you go back in the archives you'll find the discussions about that 
parm in detail. The 'side effect' (IIRC) of setting the parm to NO and 
using the better performing behavior is that VSM now doesn't clear the 
storage it hands out to binary zeros anymore (only for the cases 
explicitly stated in the documentation). So if you have a home-grown 
application that has relied on getting hex zeros despite not having 
followed the docs, that may lead to some rude awakening because there 
might be some residual storage left that wasn't cleared. These days I 
would guess it is only home-grown applications that would suffer any 
problems.


Back when the parm first came out, I used the (undocumented except 
partially on ibmmain) DIAGxx traps that fill any storage (and 
registers and the PSA) with hex  to attempt to test our 
applications. I found a number of OEM products that abended with 
abend0c4/0C6/0C1, but one of the home-grown Assembler exits was also 
falling all over itself because it wasn't coded correctly.


I am sad to say that MEMDSENQMGMT has escaped my notice. I'll turn 
that on in the sandplex and see how it goes.


Barbara

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: AEHTRIBMKC?

[Mark Jacobs - Listserv]

There are two kinds of fools. One says, “This is old, therefore it is 
good”; the other says, “This is new, therefore it is better.”  -- 
William Ralph Inge



John McKown 
October 12, 2017 at 2:27 PM
On Thu, Oct 12, 2017 at 1:16 PM, Allan Staller 
​ But they are so __NEW__ and ... and ... ___SHINY___! They simply must be
better. ​ And next week we will be premiering the new, chromed, hexagonal
wheel! Made with nanotechnology for that quantum effect feeling!


--
I just child proofed my house.
But the kids still manage to get in.


Maranatha! <><
John McKown

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Allan Staller 
October 12, 2017 at 2:16 PM
The "new tools" are not as reliable, available, or functional as the 
tools they are replacing.


Yitsha'CK HeyZeus 
October 12, 2017 at 1:53 PM
confession dat really him dat confession of me triratsirhc

Twilight bver

On Thu, Oct 12, 2017 at 1:52 PM Jack J. Woehr  wrote:

> Normal stupid question of the day: Anyone else having trouble reaching
> IBM Knowledge Center?
>
> /Should have its own acronym, "AEHTRIBMKC?"/
>
> Today I am unable to reach the Knowledge Center from Firefox on Mac and
> Ubuntu Linux, but I can reach it okay from Firefox on Windows 7.
>
> On the two failing platforms, the response is :
>
>
> Bad Request
>
> Your browser sent a request that this server could not understand.
> Size of a request header field exceeds server limit.
>
> Cookie
>
> 
> IBM_HTTP_Server at www-01.ibm.com 
 
> 
Port 443

>
> --
> Jack J. Woehr # Science is more than a body of knowledge. It's a way of
> www.well.com/~jax 
 # 
thinking, a way of skeptically interrogating the

> universe
> www.softwoehr.com 
 # 
with a fine understanding of human fallibility. -

> Carl Sagan
>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Jack J. Woehr 
October 12, 2017 at 1:51 PM
Normal stupid question of the day: Anyone else having trouble reaching
IBM Knowledge Center?

/Should have its own acronym, "AEHTRIBMKC?"/

Today I am unable to reach the Knowledge Center from Firefox on Mac and
Ubuntu Linux, but I can reach it okay from Firefox on Windows 7.

On the two failing platforms, the response is :


Bad Request

Your browser sent a request that this server could not understand.
Size of a request header field exceeds server limit.

Cookie


IBM_HTTP_Server at www-01.ibm.com 
 
> 
Port 443


--
Jack J. Woehr # Science is more than a body of knowledge. It's a way of
www.well.com/~jax 
 # 
thinking, a way of skeptically interrogating the universe
www.softwoehr.com 
 # 
with a fine understanding of human fallibility. - Carl Sagan



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access 

Space Allocation Products

[Mark Jacobs - Listserv]

Outside of these four, are there any other products on the market?

CA Allocate DASD Space and Placement -- CA Technologies
Space Recovery System  --  DTS Software
MAINVIEW SRM StopX37/II  --  BMC
Tivoli Advanced Allocation Management  --  IBM

--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

PROCUSERMAX in OMVS Segment

[Mark Jacobs - Listserv]

This question might be better asked in the RACF or OMVS mailing lists, 
but I'm starting here.


Does a value set in the OMVS segment for PROCUSERMAX override the 
setting of MAXPROCUSER in BPXPRMxx? It's documented that way for 
THREADSMAX, but not for PROCUSERMAX.

--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: DLIB volume for SAD

[Mark Jacobs - Listserv]

I understand. Building of the SAD was a just another step in the sysres 
build process. Easy enough and harmless to set and forget it. It was 
always done, always up to date and I didn't have to worry about it.


Mark Jacobs


Edward Gould <mailto:edgould1...@comcast.net>
September 28, 2017 at 7:47 PM


Mark,
I guess I am different and trust IBM more than you do.
If there isn’t a ++HOLD for recreation of the SA dump, then I don’t do so.
The only exception is if I am bringing up a new system, then its 
always done. By new system, I mean a complete system received from IBM.
I have never run into an instance where doing a lot of maintenance 
there isn’t a ++HOLD for a new SADUMP.


The worst number of years of maintenance was 5 (don’t ask).

Its been 25+ years since I have gotten a complete system build from 
IBM, so my memory might be faulty.


Essentially anytime I have to do a system load From IBM, I have always 
done one as stuff like that will bite you in your a** if you don’t.


A few years ago I was doing some work as a true contractor and I was 
amazed that the people who were to maintain the system after I left 
did not do a SADUMP redo.
I told the manager as I was leaving that he should get some 
experienced MVS people as the ones he had were not all that competent. 
He looked at me like I was trying to stay and I repeated to him that 
he needed to hire a experienced person that knew what they were doing. 
He said something like my people are experienced. I looked at him and 
said then you need to hire better people to make sure their manager 
doesn’t get bitten. Sure enough, I found out that they did not do a 
rebuild and it messed up the dump. I created a phony yahoo ID and 
emailed him and told him one last time that he needed to hire someone 
competent. I found out he finally hired a good person.


Ed

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
September 28, 2017 at 12:56 PM


Mr. Murphy taught me a very long time ago that I should always ensure 
I have

a working SADUMP that matches the OS level requiring it.



Agree. That's why I always rebuilt it after every zOS maintenance 
cycle, cause' ya never know.


Mark Jacobs


Mark Zelden <mailto:m...@mzelden.com>
September 28, 2017 at 12:27 PM
I didn't respond to the "last time you took an SAD". It has been 
probably 1.5
years at least since a prod / dev LPAR crashed and took an SAD via 
AUTOIPL,

but it does happen every few years it seems.

The other 2 times were more recent and involved sandbox LPARs. One was 
just

a week ago when someone had removed a data set from LPA involving
CICS VR because the sandbox LPAR did not run CICS. The LPAR hadn't been
IPLed in over a month and the person who removed it didn't think that 
was the
reason for the wait state at IPL time. I was able to look at the 
SADUMP and

figure it out. IBM supplies SYS1.SDWWDLPA with a dummy CICSVR module that
NIP looks for at IPL time and I had to add that back into LPA.

Mr. Murphy taught me a very long time ago that I should always ensure 
I have

a working SADUMP that matches the OS level requiring it.

Regards,

Mark
--
Mark Zelden - Zelden Consulting Services - z/OS, OS/390 and MVS
ITIL v3 Foundation Certified
mailto:m...@mzelden.com
Mark's MVS Utilities: http://www.mzelden.com/mvsutil.html 
<http://www.mzelden.com/mvsutil.html>
Systems Programming expert at 
http://search390.techtarget.com/ateExperts/ 
<http://search390.techtarget.com/ateExperts/>





On Thu, 28 Sep 2017 11:16:47 -0500, Mark Zelden <m...@mzelden.com> wrote:

>I always put SADUMP for each OS release on the 2nd volume of my 
maintenance

>sysres for each OS release (still using 3390-9s). I create an HMC
>profile on each CPC for SADUMP at that time. If I was using a mod-27 
or anything
>large enough where I didn't have a multi-volume sysres set, I would 
just put it on

>the dlib volume instead (this is what I did years ago).
>
>Part of my migration / cut over plan for after a "GO" decision when 
migrating

>releases is to update the HMC SADUMP profile for that LPAR and to verify
>AUTOIPL SADMP has been updated in DIAGxx to point to that proper
>volume as well (this is staged already in a "migration parmlib" 
concatenated ahead
>of the normal parmlib concatenation. So at any given time during OS 
upgrade

>migration, some LPARs are pointing to one level of SADUMP and other LPARs
>pointing to another level. It

Re: DLIB volume for SAD

[Mark Jacobs - Listserv]

Mr. Murphy taught me a very long time ago that I should always ensure I have
a working SADUMP that matches the OS level requiring it.



Agree. That's why I always rebuilt it after every zOS maintenance cycle, 
cause' ya never know.


Mark Jacobs


Mark Zelden 
September 28, 2017 at 12:27 PM
I didn't respond to the "last time you took an SAD". It has been 
probably 1.5
years at least since a prod / dev LPAR crashed and took an SAD via 
AUTOIPL,

but it does happen every few years it seems.

The other 2 times were more recent and involved sandbox LPARs. One was 
just

a week ago when someone had removed a data set from LPA involving
CICS VR because the sandbox LPAR did not run CICS. The LPAR hadn't been
IPLed in over a month and the person who removed it didn't think that 
was the
reason for the wait state at IPL time. I was able to look at the 
SADUMP and

figure it out. IBM supplies SYS1.SDWWDLPA with a dummy CICSVR module that
NIP looks for at IPL time and I had to add that back into LPA.

Mr. Murphy taught me a very long time ago that I should always ensure 
I have

a working SADUMP that matches the OS level requiring it.

Regards,

Mark
--
Mark Zelden - Zelden Consulting Services - z/OS, OS/390 and MVS
ITIL v3 Foundation Certified
mailto:m...@mzelden.com
Mark's MVS Utilities: http://www.mzelden.com/mvsutil.html 

Systems Programming expert at 
http://search390.techtarget.com/ateExperts/ 






On Thu, 28 Sep 2017 11:16:47 -0500, Mark Zelden  wrote:

>I always put SADUMP for each OS release on the 2nd volume of my 
maintenance

>sysres for each OS release (still using 3390-9s). I create an HMC
>profile on each CPC for SADUMP at that time. If I was using a mod-27 
or anything
>large enough where I didn't have a multi-volume sysres set, I would 
just put it on

>the dlib volume instead (this is what I did years ago).
>
>Part of my migration / cut over plan for after a "GO" decision when 
migrating

>releases is to update the HMC SADUMP profile for that LPAR and to verify
>AUTOIPL SADMP has been updated in DIAGxx to point to that proper
>volume as well (this is staged already in a "migration parmlib" 
concatenated ahead
>of the normal parmlib concatenation. So at any given time during OS 
upgrade

>migration, some LPARs are pointing to one level of SADUMP and other LPARs
>pointing to another level. It always matches the SADUMP for the OS 
version.

>
>Regards,
>
>Mark
>--
>Mark Zelden - Zelden Consulting Services - z/OS, OS/390 and MVS
>ITIL v3 Foundation Certified
>mailto:m...@mzelden.com
>Mark's MVS Utilities: http://www.mzelden.com/mvsutil.html 

>Systems Programming expert at 
http://search390.techtarget.com/ateExperts/ 


>
>
>
>
>
>==
>
>On Wed, 27 Sep 2017 22:11:33 +, Jesse 1 Robinson 
 wrote:

>
>Invitation for early Friday war stories.
>
>When implementing (OS-moniker-du-jour) 1.6, we had several 
catastrophic failures that required back out to previous level. We 
took some SADs during that stormy period.

>
>When implementing z/OS 1.13, we had several instances of running 
clean out of real storage! System hit a wait state, took SAD 
automatically, then re-IPLed itself. That was entertaining.

>
>We more recently (under 2.1) took SAD and re-IPLed a hung system that 
would probably have recovered if we had held off a bit longer. Heck, 
Game of Thrones was on. How long were we supposed to wait? ;-)

>
>.
>.
>J.O.Skip Robinson
>Southern California Edison Company
>Electric Dragon Team Paddler
>SHARE MVS Program Co-Manager
>323-715-0595 Mobile
>626-543-6132 Office ⇐=== NEW
>robin...@sce.com
>
>
>-Original Message-
>From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
On Behalf Of Steely.Mark

>Sent: Wednesday, September 27, 2017 2:16 PM
>To: IBM-MAIN@LISTSERV.UA.EDU
>Subject: (External):Re: DLIB volume for SAD
>
>A little off topic - when is the last time anyone had to perform a 
SAD ? I haven’t done one in 20+ years.

>
>Thanks
>
>-Original Message-
>From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
On Behalf Of Jesse 1 Robinson

>Sent: Wednesday, September 27, 2017 4:11 PM
>To: IBM-MAIN@LISTSERV.UA.EDU
>Subject: Re: DLIB volume for SAD
>
>My comment was meant more for z/OS release upgrades. In some of our 
sysplexes, we run both old and new releases for some period before 
full migration. I guess it's somewhat risky, but we generally rebuild 
SAD when the first member gets upgraded. If we were shot at, we were 
missed. ;-)

>
>.
>.
>J.O.Skip Robinson
>Southern California Edison Company
>Electric Dragon Team Paddler
>SHARE MVS Program Co-Manager
>323-715-0595 Mobile
>626-543-6132 Office ⇐=== NEW
>robin...@sce.com
>
>
>-Original Message-
>From: IBM 

Re: Keeping SSN init modules current

[Mark Jacobs - Listserv]

Here's a wild thought. Create your own dummy subsystem with its own 
initialization routine that gets executed before any of the subsystems 
you're concerned about. This initialization routine can load the other 
modules into CSA, or even copy from one library to a linklist library. 
We have an installation defined dummy subsystem that uses the 
initialization routine to define system level name/token pairs during 
the IPL process.



Jesse 1 Robinson 
September 20, 2017 at 5:04 PM
Looking for a life hack to manage subsystem initialization modules. We 
recently discovered that our tape management (HSC/Oracle) SSN init 
routine was 12 years out of date. The problem is that the load library 
itself does not need to be in link list as it is STEPLIBed to in the 
HSC proc. But the SSN init routine needs to be found at IPL time, so 
we copy it into a link list library. And then forget about it. One 
solution it to put the whole load library into link list, but that 
seems a bit extreme for all similar products.


Does anyone have a fairly foolproof technique for keeping the SSN init 
module up to date short of depending on doc-which will surely get 
missed somewhere down the road.


.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-543-6132 Office <= NEW
robin...@sce.com


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: zOS Encryption Services and ICSF

[Mark Jacobs - Listserv]

Records are in the CKDS and PKDS. We've defined a TKDS, but not using it 
for anything yet.


For zOS Encryption Services for zOS we'd need to define new AES-256 keys 
in the CKDS. Before ICSF is functional, and the ICSF master keys 
installed into the cryptographic hardware, we won't be able to read any 
encrypted zOS dataset.


Mark Jacobs


Rob Schramm <mailto:rob.schr...@gmail.com>
September 20, 2017 at 1:34 PM
Well that is either a good thing or a bad thing.

What kind of keys are you storing?

On Wed, Sep 20, 2017, 12:11 PM Mark Jacobs - Listserv <
Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
September 20, 2017 at 12:10 PM
No. Don't have, not likely to get one.

Mark Jacobs

Rob Schramm <mailto:rob.schr...@gmail.com>
September 20, 2017 at 12:09 PM
1st Question

Do you have/need a TKE?

Rob

On Wed, Sep 20, 2017, 10:31 AM Mark Jacobs - Listserv <
--

Rob Schramm

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
September 20, 2017 at 10:31 AM
Is there anything like a best practices document available from IBM or 
Share on setting this up? I just started thinking about all the bits 
and pieces and was concerned about how having this enabled affects the 
timeline/method of entering the ICSF Master Keys during a DR situation 
or processor upgrade. I'm sure there's plenty of other considerations 
too.


Mark Jacobs


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: zOS Encryption Services and ICSF

[Mark Jacobs - Listserv]

No. Don't have, not likely to get one.

Mark Jacobs


Rob Schramm <mailto:rob.schr...@gmail.com>
September 20, 2017 at 12:09 PM
1st Question

Do you have/need a TKE?

Rob

On Wed, Sep 20, 2017, 10:31 AM Mark Jacobs - Listserv <
--

Rob Schramm

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
September 20, 2017 at 10:31 AM
Is there anything like a best practices document available from IBM or 
Share on setting this up? I just started thinking about all the bits 
and pieces and was concerned about how having this enabled affects the 
timeline/method of entering the ICSF Master Keys during a DR situation 
or processor upgrade. I'm sure there's plenty of other considerations 
too.


Mark Jacobs


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

zOS Encryption Services and ICSF

[Mark Jacobs - Listserv]

Is there anything like a best practices document available from IBM or 
Share on setting this up? I just started thinking about all the bits and 
pieces and was concerned about how having this enabled affects the 
timeline/method of entering the ICSF Master Keys during a DR situation 
or processor upgrade. I'm sure there's plenty of other considerations too.


Mark Jacobs

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: OA49446 changed RACF behavior for ALIAS, PATH, and AIX

[Mark Jacobs - Listserv]

YMMV, but we've been running with that APAR applied for well over a year 
without any fallout and didn't define that RACF profile.



Pinnacle 
September 18, 2017 at 2:04 PM
I'm looking at the HOLDDATA for OA49446.  RACF was changed to do
authorization checks against ALIAS, PATH, and AIX names instead of the
base names.  There was no migration path specified to get to this new
RACF state, except for a chicken switch
STGADMIN.IGG.CATALOG.SECURITY.CHANGE.  If you have read access to that
FACILITY class profile, you use the "old" method and not this new
method.  Did everybody just define the profile with UACC(READ)?  That
seems easier than taking all the ICH408I's that could result the other
way if you use dataset ALIASes and AIX's.  What did you guys do for this
"fix"?

Regards,
Tom Conley

--



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Reload nucleus module dynamically

[Mark Jacobs - Listserv]

As it happened to work out, we had a scheduled DR test this week, but 
our mainframe is now in Poughkeepsie at an IBM data center.


Mark Jacobs



Edward Gould <mailto:edgould1...@comcast.net>
September 13, 2017 at 6:35 PM

Thanks for the memory jar.
Did your company go into DR mode when IRMA hit?

Ed


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
September 13, 2017 at 3:57 PM
University Computing Company (UCC), later known as UCCel. I think that 
DUO was UCC-2, TMS was UCC-1.


Mark Jacobs


Edward Gould <mailto:edgould1...@comcast.net>
September 13, 2017 at 3:41 PM

On Sep 13, 2017, at 12:11 PM, Peter Hunkeler<p...@gmx.ch>  wrote:


What modules do you want to reload? If that is in LPA and/or Linklist, you 
better be careful before issuing commands to refresh them. Of course YMMV.

Well, the nucleus is the nucleus, LPA is the LPA, and the linklist is the 
linklist. They are different beasts. The first two are different areas in the 
virtual address space map, the third is noting but a list of data set to be 
searched for load modules. The OP asked about dynamically updating the nucleus, 
and this is nothing that MVS supports up to date.


--
Peter Hunkeler


Peter:
Long time ago and when MVS first came out, we used to do this quite often (once 
a week). A product we had called DUO (DOS under MVS). DUO maintained a table in 
the nucleus for which dos jobs were running. They had a bug in their code that 
would not delete entries. We had to go in and blank out the job names that were 
not running(so as not to have to IPL). We finally got tired of doing this and 
wrote a program that did it.
Worked like a charm. They asked for the program and we were not in a good mood 
so we said no. It took them a year to figure out how to do it.My memory is hazy 
here but I think the degression was
“duo” ->  went to some company in Dallas? and then a year or two later CA 
bought them out. By then we had gotten rid of all the jobs. One of the long time 
contributors to IBM-Main used to work for the company if he hasn’t retired maybe 
he could speak up?

Ed



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 'phish...@timeinc.com'.

Peter Hunkeler <mailto:p...@gmx.ch>
September 13, 2017 at 1:11 PM


Well, the nucleus is the nucleus, LPA is the LPA, and the linklist is 
the linklist. They are different beasts. The first two are different 
areas in the virtual address space map, the third is noting but a list 
of data set to be searched for load modules. The OP asked about 
dynamically updating the nucleus, and this is nothing that MVS 
supports up to date.



--
Peter Hunkeler





--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Elardus Engelbrecht <mailto:elardus.engelbre...@sita.co.za>
September 13, 2017 at 8:43 AM

You better listen to Binyamin Dissen who kinldy replied to you.

What modules do you want to reload? If that is in LPA and/or Linklist, 
you better be careful before issuing commands to refresh them. Of 
course YMMV.


If these modules are SVC modules, I would recommend you to rather IPL.

But ask your ISV, they wrote the product and they certainly can assist 
you way better than IBM-MAIN.


If still unsure, put all your updated libraries on another set of 
volsers and IPL.


Groete / Greetings
Elardus Engelbrecht

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this mes

Re: Reload nucleus module dynamically

[Mark Jacobs - Listserv]

University Computing Company (UCC), later known as UCCel. I think that 
DUO was UCC-2, TMS was UCC-1.


Mark Jacobs


Edward Gould 
September 13, 2017 at 3:41 PM

On Sep 13, 2017, at 12:11 PM, Peter Hunkeler  wrote:


What modules do you want to reload? If that is in LPA and/or Linklist, you 
better be careful before issuing commands to refresh them. Of course YMMV.

Well, the nucleus is the nucleus, LPA is the LPA, and the linklist is the 
linklist. They are different beasts. The first two are different areas in the 
virtual address space map, the third is noting but a list of data set to be 
searched for load modules. The OP asked about dynamically updating the nucleus, 
and this is nothing that MVS supports up to date.


--
Peter Hunkeler


Peter:
Long time ago and when MVS first came out, we used to do this quite often (once 
a week). A product we had called DUO (DOS under MVS). DUO maintained a table in 
the nucleus for which dos jobs were running. They had a bug in their code that 
would not delete entries. We had to go in and blank out the job names that were 
not running(so as not to have to IPL). We finally got tired of doing this and 
wrote a program that did it.
Worked like a charm. They asked for the program and we were not in a good mood 
so we said no. It took them a year to figure out how to do it.My memory is hazy 
here but I think the degression was
“duo” ->  went to some company in Dallas? and then a year or two later CA 
bought them out. By then we had gotten rid of all the jobs. One of the long time 
contributors to IBM-Main used to work for the company if he hasn’t retired maybe 
he could speak up?

Ed



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 'phish...@timeinc.com'.

Peter Hunkeler 
September 13, 2017 at 1:11 PM


Well, the nucleus is the nucleus, LPA is the LPA, and the linklist is 
the linklist. They are different beasts. The first two are different 
areas in the virtual address space map, the third is noting but a list 
of data set to be searched for load modules. The OP asked about 
dynamically updating the nucleus, and this is nothing that MVS 
supports up to date.



--
Peter Hunkeler





--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Elardus Engelbrecht 
September 13, 2017 at 8:43 AM

You better listen to Binyamin Dissen who kinldy replied to you.

What modules do you want to reload? If that is in LPA and/or Linklist, 
you better be careful before issuing commands to refresh them. Of 
course YMMV.


If these modules are SVC modules, I would recommend you to rather IPL.

But ask your ISV, they wrote the product and they certainly can assist 
you way better than IBM-MAIN.


If still unsure, put all your updated libraries on another set of 
volsers and IPL.


Groete / Greetings
Elardus Engelbrecht

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: GIM69209S ** RECEIVE PROCESSING HAS FAILED BECAUSE PROGRAM GIMJVCLT COULD NOT BE Started.

[Mark Jacobs - Listserv]

Try using the 31 bit version of Java 8. See if that makes a difference.

Mark Jacobs


גדי בן אבי 
August 24, 2017 at 9:14 AM
This is what SYSPRINT says:
--
DATE 08/24/17 TIME 16:08:40 SERVER Data SMP/E 36.79






--
DATE 08/24/17 TIME 16:08:40 CLIENT Data SMP/E 36.79




DATE 08/24/17 TIME 16:08:40 SMP/E GIMJVCLT OUTPUT SMP/E 36.79

/bin/sh -c /usr/lpp/java/J8.0_64/bin/java -Dcom.ibm.smp.debug=severe 
-showversi

n -cp /usr/lpp/smp/classes/ com.ibm.smp.GIMJVCLT


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
On Behalf Of Kurt Quackenbush

Sent: Thursday, August 24, 2017 3:20 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: GIM69209S ** RECEIVE PROCESSING HAS FAILED BECAUSE 
PROGRAM GIMJVCLT COULD NOT BE Started.


OK, you've checked all those options, but what did you actually find 
in SYSPRINT? Hard for anyone to debug without showing us the content 
of SYSPRINT.


Kurt Quackenbush -- IBM, SMP/E Development

--
For IBM-MAIN subscribe / signoff / archive access instructions, send 
email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
לתשומת ליבך, בהתאם לנהלי חברת מלם מערכות בע"מ ו/או כל חברת בת ו/או 
חברה קשורה שלה (להלן : "החברה") וזכויות החתימה בהן, כל הצעה, התחייבות 
או מצג מטעם החברה, מחייבים מסמך נפרד וחתום על ידי מורשי החתימה של 
החברה, הנושא את לוגו החברה או שמה המודפס ובצירוף חותמת החברה. בהעדר 
מסמך כאמור (לרבות מסמך סרוק) המצורף להודעת דואר אלקטרוני זאת, אין 
לראות באמור בהודעה אלא משום טיוטה לדיון, ואין להסתמך עליה לביצוע פעולה 
עסקית או משפטית כלשהי. Please note that in accordance with Malam 
and/or its subsidiaries (hereinafter : "Malam") regulations and 
signatory rights, no offer, agreement, concession or representation is 
binding on the Malam, unless accompanied by a duly signed separate 
document (or a scanned version thereof), affixed with the Malam seal.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


גדי בן אבי 
August 24, 2017 at 6:56 AM
I've checked all of those options

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
On Behalf Of Richards, Robert B.

Sent: Thursday, August 24, 2017 1:44 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: GIM69209S ** RECEIVE PROCESSING HAS FAILED BECAUSE 
PROGRAM GIMJVCLT COULD NOT BE Started.


From QuickRef:

SMP/E attempted to invoke the indicated program but it could not be 
started.


System action

Command processing stops.

Programmer response

Check the output in the print file to determine the cause of the error.
SYSPRINT is SMP/E's default print file, and is used if no PRINT 
subentry was

specified in the active UTILITY entry for the HFSCOPY utility.

Depending on what the output indicates, do the following tasks and 
rerun the

job:
o If the output indicates Java is not found, then ensure the directory of
the Java 2 Technology Edition that is specified using either a SMPJHOME
DD statement or DDDEF entry is correct. For example, if Java 1.4 is
installed in the /usr/lpp/java/J1.4 directory, then the following DD
statement should be used:

//SMPJHOME DD PATH='/usr/lpp/java/J1.4/'
If using the RECEIVE ORDER or RECEIVE FROMNETWORK command or the
GIMGTPKG service routine, you can alternatively specify the javahome
attribute in the CLIENT data set to indicate the directory where the
Java runtime resides. Use the following as an example:

javahome="/usr/lpp/java/J1.4"

o If the output indicates a Java class is not found, then ensure the SMP/E
Java application classes are accessible to SMP/E. The Java classpath can
be specified using a SMPCPATH DD statement or DDDEF entry. For example,
if the SMP/E Java classes reside in the /usr/lpp/smp/classes/ directory,
then the following DD statement should be used:

//SMPCPATH DD PATH='/usr/lpp/smp/classes/'
If running an SMP/E command rather than a service routine, you can also
use a DDDEF entry for SMPCPATH instead of a DD statement. In addition,
if using the RECEIVE ORDER or RECEIVE FROMNETWORK command or the
GIMGTPKG service routine, you can alternatively use the classpath
attribute in the CLIENT data set to specify the directory where the Java
runtime resides. For example:

classpath="/usr/lpp/smp/classes/"

o If the output does not indicate that Java or a Java class is not found,
and if you are 

Re: CONSOLE command failing - what else to check?

[Mark Jacobs - Listserv]

Does the falling user have an OPERPARM segment in their RACF profile?


Todd Burrell 
August 16, 2017 at 11:52 AM
I have 2 users and one can successfully execute the CONSOLE command 
while running it in a started task and in batch, but the other user 
cannot. From what I can tell they are both connected to the same RACF 
groups and both should have all of the necessary access required to 
run the CONSOLE command - but one fails with a RC 36 which indicates 
they are not authorized? Also, there are no RACF error messages for 
the failing user - and nothing when I ran RACFICE this morning in the 
violation report?


I seem to remember there is something else that might need to get 
changed in TSO? Does anyone have anything else I can check?


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Application Performance Tuning Products

[Mark Jacobs - Listserv]

Thanks all. Very helpful.

Mark Jacobs


Tom Conley <mailto:pinnc...@rochester.rr.com>
August 15, 2017 at 11:08 AM


zHISR is Phoenix Software, the EJES guys.  Ray Mullins presented on this
last week at SHARE.

Regards,
Tom Conley

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Farley, Peter x23353 <mailto:peter.far...@broadridge.com>
August 15, 2017 at 10:28 AM
Isn't IBM's new zHISR product also a performance analysis tool?

Peter

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of John McKown
Sent: Tuesday, August 15, 2017 10:12 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Application Performance Tuning Products

On Tue, Aug 15, 2017 at 9:01 AM, Mark Jacobs - Listserv<
mark.jac...@custserv.com>  wrote:


Does anyone know of additional products for application performance tuning
activities other than Strobe, TriTune, and IBM's Application Performance
Analyzer. Just started looking today myself.



​Macro4 FreezeFrame
RocketSoftware (Sirius Software) SirTune​
z/XPF ColeSoftware

ref: http://www.lookupmainframesoftware.com/soft_list/category/5C9C28N/1


--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



--

This message and any attachments are intended only for the use of the addressee 
and may contain information that is privileged and confidential. If the reader 
of the message is not the intended recipient or an authorized representative of 
the intended recipient, you are hereby notified that any dissemination of this 
communication is strictly prohibited. If you have received this communication 
in error, please notify us immediately by e-mail and delete the message and any 
attachments from your system.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 'phish...@timeinc.com'.

John McKown <mailto:john.archie.mck...@gmail.com>
August 15, 2017 at 10:12 AM
On Tue, Aug 15, 2017 at 9:01 AM, Mark Jacobs - Listserv<
mark.jac...@custserv.com>  wrote:


Does anyone know of additional products for application performance tuning
activities other than Strobe, TriTune, and IBM's Application Performance
Analyzer. Just started looking today myself.



​Macro4 FreezeFrame
RocketSoftware (Sirius Software) SirTune​
z/XPF ColeSoftware

ref: http://www.lookupmainframesoftware.com/soft_list/category/5C9C28N/1




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN





--
If you look around the poker table&  don't see an obvious sucker, it's you.

Maranatha!<><
John McKown

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 'phish...@timeinc.com'.



--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Application Performance Tuning Products

[Mark Jacobs - Listserv]

Does anyone know of additional products for application performance 
tuning activities other than Strobe, TriTune, and IBM's Application 
Performance Analyzer. Just started looking today myself.

--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Security, Other Risks When Unsupported (Was: z14 and z/OS 2.3 Blog Post)

[Mark Jacobs - Listserv]

Been there too. Got the t-shirt and everything myself several times over 
a 38 year career.


Mark Jacobs


John McKown 
August 2, 2017 at 8:42 AM

​Hum, around here when I "poke my nose in where it doesn't belong", it
tends to get whacked. My immediate manager is well aware of what is going
on. I am sure that he has let his manager know. It has most likely been
"risk assessed and accepted"​.

​-​
-
Veni, Vidi, VISA: I came, I saw, I did a little shopping.

Maranatha! <><
John McKown

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Timothy Sipples 
August 2, 2017 at 3:52 AM

It is your job, too. You just write (yes write) something like:

- - - -

August 2, 2017

Dear (My Manager):

I would like to make you aware that we are no longer receiving
security-related and other patches for the following software products and
release levels that are in productive use, as of the dates indicated:

z/OS Version 1.12 2014-09-30
CICS Transaction Server Version 3.2 2015-12-31
DB2 for z/OS Version 9.1 2014-06-27

Without security patches, and without an ongoing preventive maintenance
program to apply them, there is a growing risk of breaches. We are also
running software products that will receive security updates only for the
next 12 months or less. I can provide those details upon request.

If you have any questions, please let me know. Thanks.

(My Signature)

- - - -

That's it. You've provided the factual information, in writing (which 
could
be electronic), and your manager decides what to do or not to do. If 
you've

already done that, great. If there's a material update to provide, to keep
management reasonably well informed, please do.

Just apply a "reasonable care" standard and tell your manager, that's all.
If you're a secretary at an electric company, walking along the park one
sunny afternoon, and you see a couple people trying to steal a utility
pole, "not my job" doesn't wash. You call the police, and you tell your
boss. Likewise, if somebody has left the door open to the utility pole
depot, you ring up your company's security desk and tell them. Whether 
they

do anything or not is indeed *their* job, but you can observe and notify,
too.


Timothy Sipples
IT Architect Executive, Industry Solutions, IBM z Systems, AP/GCG/MEA
E-Mail: sipp...@sg.ibm.com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Customer is Using CPACF (Crypto) purchased Crypto Express

[Mark Jacobs - Listserv]

Has nothing to do with key exchange. The DEK used to encrypt the data 
will be in clear text rather than the DEK being encrypted by the KEK. ( 
ICSF Master Key ).


Mark Jacobs


Tony Thigpen <mailto:t...@vse2pdf.com>
June 12, 2017 at 8:12 AM
We are talking about encrypting "Data at Rest". There is *no* key 
exchange involved. The only purpose for encrypting keys is so you can 
send them to someone else.


Tony Thigpen



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
June 12, 2017 at 8:01 AM
Encryption/decryption without a CryptoExpress only supports clear 
keys, not protected or secured encryption keys. Might be enough for 
the OP, but wouldn't fly in my environment.




Tony Thigpen <mailto:t...@vse2pdf.com>
June 12, 2017 at 7:22 AM
For encrypting "data at rest", the CPACF is really all he needs. The
Crypto Express is intended to speed up key negotiations between sites,
something not needed for his intended plans.

Tony Thigpen



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Customer is Using CPACF (Crypto) purchased Crypto Express

[Mark Jacobs - Listserv]

Encryption/decryption without a CryptoExpress only supports clear keys, 
not protected or secured encryption keys. Might be enough for the OP, 
but wouldn't fly in my environment.




Tony Thigpen 
June 12, 2017 at 7:22 AM
For encrypting "data at rest", the CPACF is really all he needs. The
Crypto Express is intended to speed up key negotiations between sites,
something not needed for his intended plans.

Tony Thigpen



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: curious: Anybody still use ADDRSPC=REAL ?

[Mark Jacobs - Listserv]

Over 20 years ago for me. Never looked back.


Greg Dyck 
June 9, 2017 at 12:43 PM


It has been 30 years since I saw a program that actually required V=R to
run successfully, and that was only for specific OLTEP test programs
that dynamically modified CCW chains.   believe that device being tested
no longer exists.

I believe most installations set IEASYSxx REAL= to 0 a long time ago,
and never looked back.  If they did not, then they should.

As to keys 10 through 15, I don't see a great need for using them.

Regards,
Greg

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


John McKown 
June 8, 2017 at 11:45 AM
This still seems to be supported in z/OS 2.2. Does anyone need to run a
program V=R in today's world? I'm just curious because this support seems
to be a "waste" of protect keys 10 through 15. Of course, if those keys
were "freed up", what could they be used for?

--
Prof: So the American government went to IBM to come up with a data
encryption standard and they came up with ...

Student: EBCDIC!

Maranatha! <><
John McKown

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Eliminating CA-Optimizer

[Mark Jacobs - Listserv]

There's a file on cbttape.org, File841, that allows programs compiled 
with CA-Optimizer to continue to execute without recompiling and without 
needing the Optimizer run time libraries.


Mark Jacobs


Charles Mills 
June 2, 2017 at 6:15 PM
The real question is "do they have a contractual right to run the 
programs after the license is terminated?"


I don't know the answer, but that is the real question. If the answer 
is yes, then if the programs do not continue to work, they have a 
legal beef with CA. If the answer is no, then even if they continue to 
work, they are risking embarrassment and damages if they continue to 
run the programs.


That's a question they ought to be able to answer by looking at their 
agreement with CA.


Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
On Behalf Of Tony Thigpen

Sent: Friday, June 2, 2017 2:08 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Eliminating CA-Optimizer

We support an old OS/390 (yep!) system that is slowly being eliminated.
To cut costs, the customer is asking about eliminating CA-Optimizer.

1) Would all the Cobol programs require re-compiling?
2) Or, will the run-time library continue to work once the license is 
cancelled?


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: The Mainframe vs. the Server Farm: A Comparison

[Mark Jacobs - Listserv]

That's so cool. I'm a Facebook friend of the author.

Mark Jacobs


Mark Post 
May 19, 2017 at 12:27 PM

On 5/19/2017 at 11:39 AM, Lizette Koehler  wrote:

-snip-

I noticed this: Original Article was at SUSE

-snip-

https://www.suse.com/communities/blog/mainframe-versus-server-farm-compariso
n/


I was just going to point that out, but you beat me to it.  I'll add that it's 
nice working for a company that appreciates the role of the mainframe in modern 
IT.


Mark Post

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 'phish...@timeinc.com'.

Lizette Koehler 
May 19, 2017 at 11:39 AM
Not bad.

Google, Facebook, and Twitter own giant data centers all over the 
planet, and they are built with racks of commodity hardware. If 
thousands upon thousands of small servers networked together are good 
enough for Google, Facebook, and Twitter, then shouldn’t they be good 
enough for you? Perhaps you remember IBM’s famous commercial “The 
servers, they stole all our servers!“. Consolidating all of that 
complexity into a mainframe might be just what you need. Let’s take a 
look at what the mainframe really is, and consider its use cases.



I noticed this: Original Article was at SUSE


The following article has been contributed by Carla Schroder, 
Technical Writer at the SUSE Documentation Team. The original article 
has been published in German at DataCenter Insider. A big “Thank You” 
to chief editor Ulrike Ostler for the permission to publish the 
article in English at the SUSE blog.


https://www.suse.com/communities/blog/mainframe-versus-server-farm-comparison/


Lizette



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Mark Regan 
May 19, 2017 at 11:30 AM
https://dzone.com/articles/the-mainframe-versus-the-server-farm-a-comparison

--

Mark T. Regan, K8MTR
CTO1 USN/USNR-Retired, 1969-1991
--

Thanks,

Mark T. Regan, K8MTR
CTO1 USN/USNR-Retired, 1969-1991

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: SoftAudit ?

[Mark Jacobs - Listserv]

I think it was rebranded as Tivoli Asset Manager.


Dyck, Lionel B. (TRA) 
May 10, 2017 at 10:20 AM
Whatever happened to SoftAudit from Isogon? Did IBM pick it up and 
rename it or did it die with the IBM acquisition?


Are there any other products that will detect the running programs and 
identify them back to a vendor and product?


Thanks in advance

--
Lionel B. Dyck
Mainframe Systems Programmer - TRA
Enterprise Operations (Station 200) (005OP6.3.10)
Information and Technology, IT Operations and Services


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Activating CFRM policy

[Mark Jacobs - Listserv]

You're updating the CFRM dataset on volume PLY001, but the active CFRM 
dataset is on volume PLY003.


Mark Jacobs


Jorge Garcia 
May 4, 2017 at 7:16 AM
Hi all,

We are activating a new CFRM policy. The build of new policy finishs 
succesfully and it's build in the right couple datasets


LINE Ñ CONTROL CARDS

1 DATA TYPE(CFRM) REPORT(YES)
2 DSN(SYS1.P07B7.SYSPLEX1.CFRM.CDS02.NEW) VOLSER(PLY001)
3 DEFINE POLICY NAME(POLICY1) REPLACE(YES)
4

IXC738I DEFINE POLICY (POLICY1) STATEMENT AT LINE 3 PASSED
VERIFICATION. THE POLICY CAN BE ADDED.
IXC739I DATA WAS CHANGED FOR COUPLE DATA TYPE CFRM
ADMINISTRATIVE DATA UTILITY: REPORT DATA TYPE = CFRM

IXC358I 12.57.37 DISPLAY XCF 887
CFRM COUPLE DATA SETS
PRIMARY DSN: SYS1.P07B7.SYSPLEX1.CFRM.CDS01.NEW
VOLSER: PLY003 DEVN: 6445
FORMAT TOD MAXSYSTEM
05/04/2017 12:49:52 12
ADDITIONAL INFORMATION:
FORMAT DATA
POLICY(6) CF(3) STR(50) CONNECT(32)
SMREBLD(1) SMDUPLEX(1) MSGBASED(1)
ALTERNATE DSN: SYS1.P07B7.SYSPLEX1.CFRM.CDS02.NEW
VOLSER: PLY001 DEVN: 6432
FORMAT TOD MAXSYSTEM
05/04/2017 12:51:14 12
ADDITIONAL INFORMATION:
FORMAT DATA
POLICY(6) CF(3) STR(50) CONNECT(32)
SMREBLD(1) SMDUPLEX(1) MSGBASED(1)
CFRM IN USE BY ALL SYSTEMS



But when we're going to actívate the new policy it isn't active in the 
CFRM couple datasets


RO VSIS,SETXCF START,POLICY,TYPE=CFRM,POLNAME=POLICY1
SETXCF START,POLICY,TYPE=CFRM,POLNAME=POLICY1
IXC384I SETXCF START POLICY REJECTED. 890
ADMINISTRATIVE POLICY POLICY1 FOR CFRM NOT FOUND.

We don't understand anything. Any help would be appreciate.

Regards

Jorge Garcia Juanino
Coordinador sistemas z/OS
ACTP – DIAC – Operación y Soporte EMEA
MAPFRE
Avenida del Talgo 100-103 – 3ª Planta
CP 28023 Madrid
Tel. 91 581 27 34, Movil 618333559
jgarc...@mapfre.com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: SFTP From Linux to z/OS

[Mark Jacobs - Listserv]

That's a command when you're using the Co:Z Toolkit's sftp server. No 
zOS shop should be without it.


Mark Jacobs


Roach, Dennis 
May 2, 2017 at 2:32 PM
This makes no sense.
ls lists the directory at the remote end.
The ls command you provided looks like it should be a site command, 
providing lrecl, recfm, and space information.
The // in the put command directs the output to an MVS file instead of 
USS.



Dennis Roach, CISSP, PMP
AIG

IAM Platform Administration | Identity & Access Management

2929 Allen Parkway, America Building, 3rd Floor | Houston, TX 77019
Phone: 713-831-8799

dennis.ro...@aig.com | www.aig.com

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
On Behalf Of Ron Thomas

Sent: Tuesday, May 02, 2017 1:07 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: SFTP From Linux to z/OS

Hi . One of my colleagues told me from Linux script ,we can do SFTP 
using the below file allocation . Just wanted to know whether this 
possible ? As per my understanding this has no significance ? Also, 
whether from virtual machine we can put to a tape GDG file ?


ls /+mode=text,lrecl=3000,recfm=vb,space=cyl.100.100
put /pas/input/rtb/one.txt //'PCICST.FXIN.MAXRTCRO.OT(+1)'

Thanks
Ron T

--
For IBM-MAIN subscribe / signoff / archive access instructions, send 
email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Ron Thomas 
May 2, 2017 at 2:07 PM
Hi . One of my colleagues told me from Linux script ,we can do SFTP 
using the below file allocation . Just wanted to know whether this 
possible ? As per my understanding this has no significance ? Also, 
whether from virtual machine we can put to a tape GDG file ?


ls /+mode=text,lrecl=3000,recfm=vb,space=cyl.100.100
put /pas/input/rtb/one.txt //'PCICST.FXIN.MAXRTCRO.OT(+1)'

Thanks
Ron T

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Storage Creep

[Mark Jacobs - Listserv]

Would a Getmain/Freemain/Storage Trace on the STC help find the problem?

Mark Jacobs

scott Ford 
May 2, 2017 at 9:41 AM
All:

I have a STC written in Cobol V4.1 calling Assembler routines to perform
various RACF functions. I have a customer who is reporting seeing a 
storage

creep in subpool = 0 key 8. We use Subpool = 1 key 8 when we call IRRSEQ00
(r_admin) call. We then issue a 'FREEMAIN', see below:


*-*
* REGS PASSED TO FREEMAIN: R3=SUBPOOL R2=SIZE R4=ADDRESS
*-*
FREEMAIN RU,A=(R4),SP=(R3),LV=(R2) FREE OLD BLOCK

I know the Freemain is working, we did a test with an ABEND with a 
dump and

saw r15 = 0 and the above registers and they were correct. The twist here
is right before we call IRRSEQ00, we issue a

MODESET KEY=ZERO,MODE=SUP
issue our call
MODESET KEY=NZERO,MODE=PROB
build output record and pass back to caller.

I ran out STC and issue a RACF command and the issued a
'DUMP COMM=()'
Pulled it into IPCS...reviewing the dump I saw very little subpool = 0
activity..

I am stumped here. We have a called scheduled with IBM.

*IDMWORKS *

Scott Ford

z/OS Dev.




“By elevating a friend or Collegue you elevate yourself, by demeaning a
friend or collegue you demean yourself”



www.idmworks.com

scott.f...@idmworks.com

Blog: www.idmworks.com/blog





*The information contained in this email message and any attachment may be
privileged, confidential, proprietary or otherwise protected from
disclosure. If the reader of this message is not the intended recipient,
you are hereby notified that any dissemination, distribution, copying or
use of this message and any attachment is strictly prohibited. If you have
received this message in error, please notify us immediately by 
replying to

the message and permanently delete it from your computer and destroy any
printout thereof.*

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

CSVAPF Facility Class Profiles

[Mark Jacobs - Listserv]

I asked this on the RACF mailing list yesterday, didn't get a response, 
so I'm trying here next.


I'm 99.9% confident that CSVAPF.dataset profiles aren't used during 
system IPL when datasets in the PROGxx member are added to the active 
APF list. Can someone confirm?

--
*One grows tired of jelly babies, Castellan. One grows tired of almost
everything, Castellan, except power.
-- The Doctor, in David Agnew's _The Invasion of Time_*


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: z/OS V2R2 ZFS file system question

[Mark Jacobs - Listserv]

The numeric values in the owner and group fields of the directory entry 
are resolved into text from your security system. The UID value resolves 
back to IBMUSER and the GID to OMVSGRP. You can list the actual numeric 
values by using the ls command with the -n option. The #1 indicates that 
there is one symbolic link defined for that directory.


Mark Jacobs


Ward, Mike S 
February 27, 2017 at 2:45 PM
Hello all, in the z/OS ZFS file system for OMVS there are many 
directories, such as:



NAME SIZE TYPE MODIFIED ATTRIBUTES
etc 12 File Folder 11/28/2012 12:00 AM lrwxrwxrwx 1 IBMUSER OMVSGRP





How does the name IBMUSER get put into the attributes? Also what does 
the #1 mean before the name IBMUSER?


Thanks.

==
This email, and any files transmitted with it, is confidential and 
intended solely for the use of the individual or entity to which it is 
addressed. If you have received this email in error, please notify the 
system manager. This message contains confidential information and is 
intended only for the individual named. If you are not the named 
addressee, you should not disseminate, distribute or copy this e-mail. 
Please notify the sender immediately by e-mail if you have received 
this message by mistake and delete this e-mail from your system. If 
you are not the intended recipient, you are notified that disclosing, 
copying, distributing or taking any action in reliance on the contents 
of this information is strictly prohibited.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: ICSF Question

[Mark Jacobs - Listserv]

The key labels are readable, so you know what keys are there. The field 
that describes what the key is used for, DATA, EXPORTER,... is also 
readable. What information are you looking to ascertain?


Mark Jacobs


Steely.Mark 
February 16, 2017 at 6:20 PM
Is there anything out there that will generate a report of what is in 
the variable length CKDS ?


I am able to browse the file but some type of report would be nice.

Thanks

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.





--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Job Loyalty

[Mark Jacobs - Listserv]

Almost 22 for me, 16 at my previous position.

Mark Jacobs


Frank Swarbrick 
February 10, 2017 at 6:53 PM
I've been with my current employer for 25 years.

But I will admit we're rather an anomaly these days!


From: IBM Mainframe Discussion List  on 
behalf of Bobbie Justice <0013e2d84072-dmarc-requ...@listserv.ua.edu>

Sent: Friday, February 10, 2017 1:46 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Job Loyalty

There used to be loyalty, back before constant cost-cutting. I stayed 
at one place for 15 years in the 80s and early 90s.


However with constant cost-cutting, the term "full time employee" is a 
misnomer.


All it takes is "management by airline magazine" and any concept of a 
full time employee goes out the window in a heartbeat.


Until the trend of "management by airline magazine" stops, it's off to 
the highest bidder or the company with the least amount of B.S.


Bobbie Justice
z/OS Senior Systems Engineer

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Bobbie Justice 
February 10, 2017 at 3:46 PM
There used to be loyalty, back before constant cost-cutting. I stayed 
at one place for 15 years in the 80s and early 90s.


However with constant cost-cutting, the term "full time employee" is a 
misnomer.


All it takes is "management by airline magazine" and any concept of a 
full time employee goes out the window in a heartbeat.


Until the trend of "management by airline magazine" stops, it's off to 
the highest bidder or the company with the least amount of B.S.


Bobbie Justice
z/OS Senior Systems Engineer

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

MFA/2FA for RACF

[Mark Jacobs - Listserv]

We're looking at implementing MFA/2FA sometime in 2017. I know about 
IBM's product, found something from CA, and some references for Rocket 
Strong Authentication Expert for z/OS, but it's not on their web site 
any longer. Are there any other products out there? Not finding much on 
Google.

--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: CPACF DES/TDES enablement feature 3863 with no Co Processors/Express Cards

[Mark Jacobs - Listserv]

There should be no differences in ICSF setup in a CPACF only 
environment. ICSF will query the system at startup for available 
hardware support. Anything that can't be done either by CPACF machine 
instructions or via software emulation will fail. These failures mostly 
relate to secure/protected encryption key operations.


Mark Jacobs


Crispin Hugo 
February 8, 2017 at 8:11 AM
I have been tasked with setting up ICSF . We have CPACF DES/TDES 
enablement feature 3863 with no Co Processors/Express Card on zBC12.
All the manuals I have read only seem to show configuration as you had 
Express cards.
Anybody able to point me in the direction of some manuals that will 
help me or willing to give some advice offline.


Crispin Hugo
Systems Specialist
Macro 4 Limited
d: +44 1293 872121 | m: +44 7753951308 | t: +44 1293 872000 | 
www.macro4.com




Registered office: The Orangery, Turners Hill Road, Worth, Crawley, 
West Sussex, RH10 4SS

Registered in England no: 00927588

Please consider the environment and only print this email if you 
really need to.


This message (including any attachments) contains confidential 
information that is PRIVILEGED, CONFIDENTIAL and/or ATTORNEY WORK 
PRODUCT and is intended only for the individual(s) named herein. If 
you are not the intended recipient, you are hereby notified that any 
dissemination, distribution or copying of this email is strictly 
prohibited. If you have received this message in error, please notify 
the Macro 4 Postmaster (postmas...@macro4.com) of the error 
immediately, do not read or use the email and any attachments in any 
manner, destroy all copies, and delete it from your system if the 
communication was sent via email. Macro 4 Limited, Tel: +44 1293 
872000 Fax: +44 1293 872001.




--
This e-mail message has been scanned and cleared by Google Message 
Security

and the UNICOM Global security systems. This message is for the named
person's use only. If you receive this message in error, please delete it
and notify the sender.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: SFTP on z/OS

[Mark Jacobs - Listserv]

If you don't have CryptoExpress processors, but do have CPAF enabled on 
your processor/LPAR, you still might need ICSF active. I don't know off 
hand if ssh will directly use the CPAF facilities without ICSF being 
available.


Mark Jacobs


scott Ford 
February 4, 2017 at 4:15 PM
Guys:

I have a SSH question, we dont have a ICSF , do i need one to do SSH ? We
want to do scp from Windows to
z/OS . I want stepping thru the ICSF stc doc and read about 'head
'dev/random' and its not working returning an error

Scott


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Kirk Wolf 
February 3, 2017 at 8:58 AM
Standard SSH/SFTP doesn't support X.509 certificate's for authentication,
so I don't understand your reference to a CA.

(z/OS OpenSSH does allow you to put SSH public and private keys in a Key
Ring Certificate, but only the keys are used; the certificate and its
signature are irrelevant.)

Kirk Wolf
Dovetailed Technologies
http://dovetail.com


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Jantje. 
February 3, 2017 at 6:48 AM

The issue I have with that is one of trust: In the end, I just have to 
trust whatever the Root Certification Authority is. Or actually, I 
have to trust Microsoft to have correctly verified the identity of 
that RCA and the integrity of the certificate they present, because it 
is MS that installed that certificate in my browser. (s/MS/Google/g 
for Chrome...)


Cheers,

Jantje.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Load Module Trace, anyone?

[Mark Jacobs - Listserv]

I think that's been repacked as Tivoli Asset Manager.

Mark Jacobs


Lizette Koehler 
January 13, 2017 at 8:02 AM
There is or used to be a product called SoftAudit by Isogon. I think 
IBM acquired it. It is able to provide module auditing functions.


SoftAudit for z/OS® identifies installed software products and their 
usage patterns in the mainframe environment. Leading Global 2000 
companies and IT Outsourcers incorporate SoftAudit for z/OS as an 
essential part of their Software Asset Management practice.


With SoftAudit for z/OS you can eliminate unused, under-used, 
outdated, and duplicate-function software. You can negotiate 
cost-effective contracts based on full knowledge of how software is 
used. You can also prove contract compliance with SoftAudit's 
objective third-party reports. With SoftAudit information you can 
achieve financially optimal capacity upgrades and server consolidations


Lizette



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Sean Gleann 
January 13, 2017 at 4:31 AM
Can anyone offer advice on how to report on load modules held in a 
specific
PDS (or PDS(E) - I'm not fussy) being loaded by specific batch jobs, 
please?


I've tried looking at SMF type 14 - but that only shows the load library
being opened - nothing about modules.

I've tried using RACF event type 2 data generated as a result of 
specifying

ralter PROGRAM ** addmem(''//NOPADCHK)
but again I see only the library being accessed - nothing about the 
modules

involved

I've tried using GTF with a SLIP trap for SVC8 and SVC122 (yes - some of
the 'modules' concerned are DLL's), but I still don't see anything 
like the

amount of accesses I'm expecting.

I'm rapidly running out of ideas, here.

Hopefully
Sean

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.





--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: IBM Java 8 SR2

[Mark Jacobs - Listserv]

They are yes.

Mark Jacobs

Vince Coen 
November 23, 2016 at 11:28 AM
Are not the service pack cumulative ?

E.g., SP3 has SP2 within.







--
- IMPORTANT –

This email and the information in it may be confidential, legally 
privileged

and/or protected by law.
It is intended solely for the use of the person to whom it is addressed.
If you are not the intended recipient, please notify the sender 
immediately
and do not disclose the contents to any other person, use it for any 
purpose,

or store or copy the information in any medium.

Please also delete all copies of this email & any attachments from 
your system.


If this is an encrypted email it is your responsibility to maintain 
the 1024
byte key system even for one-use keys. Once mail has been sent the 
sending key

is not kept and therefore a replacement mail cannot be resent.

We cannot guarantee the security or confidentiality of non encrypted 
email

communications.
We do not accept any liability for losses or damages that you may 
suffer as a
result of your receipt of this email including but not limited to 
computer
service or system failure, access delays or interruption, data 
non-delivery

or mis-delivery, computer viruses or other harmful components.

Copyright in this email and any attachments belongs to Applewood 
Computers.

Should you communicate with anyone at Applewood Computers by email,
you consent to us monitoring and reading any such correspondence.

Nothing in this email shall be taken or read as suggesting, proposing or
relating to any agreement concerted practice or other practice that could
infringe UK or EC competition legislation (unless it is against Security
requirements).

This Email and its attachments (if any) are scanned for virii using Clamd
and ClamAV 0.98.8 or later (Linux x64).

Dykegrove Limited T/A Applewood Computers is a company registered in 
England

(no. 01681349) whose registered office is at Applewood House,
17 Stag Green Avenue, Hatfield, Hertfordshire, AL9 5EB, UK.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Veerendra H 
November 23, 2016 at 11:24 AM
Hi,

I am looking for help in finding a website/location from where i can
download IBM Java version 8 SR2, I went to the below website and can find
SR3 but not SR2

https://developer.ibm.com/javasdk/downloads/

Please advise.

Regards,
Kumar

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: z/OS 2.2 and z9

[Mark Jacobs - Listserv]

I'd expect a wait state.

Mark Jacobs


R.S. 
November 18, 2016 at 10:43 AM
1. As far as I know z/OS 2.2 will not run on z9 machine  - is it true?

2. What message one can expect when trying to IPL the z/OS 2.2 on the z9?

--
Radoslaw Skorupka
Lodz, Poland






---
Treść tej wiadomości może zawierać informacje prawnie chronione Banku 
przeznaczone wyłącznie do użytku służbowego adresata. Odbiorcą może 
być jedynie jej adresat z wyłączeniem dostępu osób trzecich. Jeżeli 
nie jesteś adresatem niniejszej wiadomości lub pracownikiem 
upoważnionym do jej przekazania adresatowi, informujemy, że jej 
rozpowszechnianie, kopiowanie, rozprowadzanie lub inne działanie o 
podobnym charakterze jest prawnie zabronione i może być karalne. 
Jeżeli otrzymałeś tę wiadomość omyłkowo, prosimy niezwłocznie 
zawiadomić nadawcę wysyłając odpowiedź oraz trwale usunąć tę wiadomość 
włączając w to wszelkie jej kopie wydrukowane lub zapisane na dysku.


This e-mail may contain legally privileged information of the Bank and 
is intended solely for business use of the addressee. This e-mail may 
only be received by the addressee and may not be disclosed to any 
third parties. If you are not the intended addressee of this e-mail or 
the employee authorized to forward it to the addressee, be advised 
that any dissemination, copying, distribution or any other similar 
activity is legally prohibited and may be punishable. If you received 
this e-mail by mistake please advise the sender immediately by using 
the reply facility in your e-mail software and delete permanently this 
e-mail including any copies of it either printed or saved to hard drive.


mBank S.A. z siedzibą w Warszawie, ul. Senatorska 18, 00-950 Warszawa, 
www.mBank.pl, e-mail: kont...@mbank.pl
Sąd Rejonowy dla m. st. Warszawy XII Wydział Gospodarczy Krajowego 
Rejestru Sądowego, nr rejestru przedsiębiorców KRS 025237, NIP: 
526-021-50-88. Według stanu na dzień 01.01.2016 r. kapitał zakładowy 
mBanku S.A. (w całości wpłacony) wynosi 168.955.696 złotych.



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: ADMF?

[Mark Jacobs - Listserv]

ADMF was used to accelerate the movement of pages from expanded storage 
to real storage. With the demise of expanded storage, it's useless now.


Here's the patent information.

https://www.google.ch/patents/US5377337


Jesse 1 Robinson 
November 15, 2016 at 11:42 AM
I received a question about 'ADMF', which I take to be Asynchronous 
Data Mover Facility. Someone actually found via Google a couple of IBM 
Main posts from Ed Finnell and from me (!) referring to turning it on 
by LPAR. We both mentioned DB2. We both liked ADMF. ;-)


Problem is that I cannot now figure out for the life of me what the 
heck it is/was. Wow, I must be getting really old. Ed's post mentioned 
9672. I looked in PARMLIB. I looked at current HMC profiles. Nada. 
Whatever it is/was, is it now history?


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Problem with startup DB2

[Mark Jacobs - Listserv]

Restore the file system from the last good backup would be a good idea.


Hilario Garcia 
November 10, 2016 at 5:53 AM
Hello,

After a hard stop of the partition, DB2 does not start and produces 
the following messages;


-DB9G START DB2
S DB9GMSTR
$HASP100 DB9GMSTR ON STCINRDR
IEF695I START DB9GMSTR WITH JOBNAME DB9GMSTR IS ASSIGNED TO USER START2
, GROUP SYS1
$HASP373 DB9GMSTR STARTED
IEF403I DB9GMSTR - STARTED - TIME=13.51.31
DSNY024I -DB9G DSNYASCP MSTR INITIALIZATION IS STARTING
DSNZ002I -DB9G DSNZINIT SUBSYSTEM DB9G SYSTEM PARAMETERS LOAD MODULE
NAME IS DB9GPARM
DSNZ016I -DB9G DSNZINIT 093
SUBSYSTEM DB9G SYSTEM PARAMETERS ARE AS FOLLOWS:
SYSTEM PARM DSN910.DB9G.SDSNEXIT(DB9GPARM)
DSNHDECP DSN910.DB9G.SDSNEXIT(DSNHDECP)
ACCESS EXIT DSN910.DB9G.SDSNEXIT(DSNX@XAC)
IDAUTH EXIT DSN910.DB9G.SDSNEXIT(DSN3@ATH)
SIGNON EXIT DSN910.DB9G.SDSNEXIT(DSN3@SGN)
DSN7407I -DB9G DSN7GAR1 094
AUTOMATIC RESTART MANAGER REGISTER FAILED.
MVS IXCARM RETURN CODE = 000C,
MVS IXCARM REASON CODE = 0160.
S DB9GIRLM
$HASP100 DB9GIRLM ON STCINRDR
IEF695I START DB9GIRLM WITH JOBNAME DB9GIRLM IS ASSIGNED TO USER START2
, GROUP SYS1
$HASP373 DB9GIRLM STARTED
IEF403I DB9GIRLM - STARTED - TIME=13.51.39
DXR180I DJ9G001 AUTOMATIC RESTART MANAGER IS NOT ENABLED
DXR117I DJ9G001 INITIALIZATION COMPLETE
DSNY001I -DB9G SUBSYSTEM STARTING
IEC161I 056-084,DB9GMSTR,DB9GMSTR,BSDS1,,,DSN910.DB9G.BSDS01, 103
IEC161I DSN910.DB9G.BSDS01.DATA,USERCAT.Z110.DB2V9
IEC161I 056-084,DB9GMSTR,DB9GMSTR,BSDS1,,,DSN910.DB9G.BSDS01, 104
IEC161I DSN910.DB9G.BSDS01.INDEX,USERCAT.Z110.DB2V9
IEC161I 062-086,DB9GMSTR,DB9GMSTR,BSDS1,,,DSN910.DB9G.BSDS01, 105
IEC161I DSN910.DB9G.BSDS01.DATA,USERCAT.Z110.DB2V9
IEC161I 056-084,DB9GMSTR,DB9GMSTR,BSDS2,,,DSN910.DB9G.BSDS02, 106
IEC161I DSN910.DB9G.BSDS02.DATA,USERCAT.Z110.DB2V9
IEC161I 056-084,DB9GMSTR,DB9GMSTR,BSDS2,,,DSN910.DB9G.BSDS02, 107
IEC161I DSN910.DB9G.BSDS02.INDEX,USERCAT.Z110.DB2V9
IEC161I 062-086,DB9GMSTR,DB9GMSTR,BSDS2,,,DSN910.DB9G.BSDS02, 108
IEC161I DSN910.DB9G.BSDS02.DATA,USERCAT.Z110.DB2V9
DSNJ127I -DB9G SYSTEM TIMESTAMP FOR BSDS= 16.295 08:27:14.61
DSNJ001I -DB9G DSNJW007 CURRENT COPY 1 ACTIVE LOG 110
DATA SET IS DSNAME=DSN910.DB9G.LOGCOPY1.DS02,
STARTRBA=00015180,ENDRBA=0001539B
DSNJ001I -DB9G DSNJW007 CURRENT COPY 2 ACTIVE LOG 111
DATA SET IS DSNAME=DSN910.DB9G.LOGCOPY2.DS02,
STARTRBA=00015180,ENDRBA=0001539B
DSNJ099I -DB9G LOG RECORDING TO COMMENCE WITH 112
STARTRBA=000152F2D000
S DB9GDBM1
$HASP100 DB9GDBM1 ON STCINRDR
SYSTEM ID SYS1 DATE 10/28/2016 2016.302 LINE 6,664 PAGE 2
IEF695I START DB9GDBM1 WITH JOBNAME DB9GDBM1 IS ASSIGNED TO USER START2
, GROUP SYS1
$HASP373 DB9GDBM1 STARTED
IEF403I DB9GDBM1 - STARTED - TIME=13.51.52
DSNY024I -DB9G DSNYASCP DBM1 INITIALIZATION IS STARTING
IEA989I SLIP TRAP ID=X028 MATCHED. JOBNAME=DB9GDBM1, ASID=0041.
*DSNV086E -DB9G DB2 ABNORMAL TERMINATION REASON=00E80100
IEA989I SLIP TRAP ID=X47B MATCHED. JOBNAME=DB9GMSTR, ASID=0040.
IEA989I SLIP TRAP ID=X13E MATCHED. JOBNAME=DB9GMSTR, ASID=0040.
IEF450I DB9GDBM1 DB9GDBM1 - ABEND=S028 U REASON=04000200 175
TIME=13.51.59
IEF404I DB9GDBM1 - ENDED - TIME=13.51.59
$HASP395 DB9GDBM1 ENDED
DXR110I DJ9G001 STOP COMMAND ACCEPTED
IEA989I SLIP TRAP ID=X33E MATCHED. JOBNAME=*UNAVAIL, ASID=0041.
IEF450I DB9GMSTR DB9GMSTR - ABEND=S04F U REASON= 180
TIME=13.51.59
$HASP250 DB9GDBM1 PURGED -- (JOB KEY WAS D18FC9B3)
DXR121I DJ9G001 END-OF-TASK CLEANUP SUCCESSFUL - HI-CSA 377K -
HI-ACCT-CSA 0K
IEF404I DB9GMSTR - ENDED - TIME=13.52.00
$HASP395 DB9GMSTR ENDED
IEF404I DB9GIRLM - ENDED - TIME=13.52.00
IEF352I ADDRESS SPACE UNAVAILABLE
$HASP395 DB9GIRLM ENDED
IEA989I SLIP TRAP ID=X33E MATCHED. JOBNAME=*UNAVAIL, ASID=0040.
IEA989I SLIP TRAP ID=X33E MATCHED. JOBNAME=*UNAVAIL, ASID=003D.
$HASP250 DB9GIRLM PURGED -- (JOB KEY WAS D18FC9A7)
$HASP250 DB9GMSTR PURGED -- (JOB KEY WAS D18FC99F)
DSN3104I -DB9G DSN3EC0X - TERMINATION COMPLETE
DSN3100I -DB9G DSN3EC0X - SUBSYSTEM DB9G READY FOR START COMMAND


I have also looked at the System Log and the following error messages 
appear:


IOEZ1E zFS I / O error 2101520 occurred for aggregate DSN910.SDSNAZF
IOEZ2E MMRE error id = 31 cis = 11 if = 0 of = 15 buf = 7E4A4000 
CI = 0

BPXF002I FILE SYSTEM DSN910.SDSNAZFS WAS 984
NOT MOUNTED. RETURN CODE = 008A, REASON CODE = EF096058
IOEZ1E zFS I / O error 2101520 occurred for aggregate DSN910.SDSNJCC
IOEZ2E MMRE error id = 31 cis = 11 if = 0 of = 15 buf = 7E4A2000 
CI = 0

BPXF002I FILE SYSTEM DSN910.SDSNJCC WAS 987
NOT MOUNTED. RETURN CODE = 008A, REASON CODE = EF096058

I have tried to run IOEAGSLV with all the options but they give me all 
the following error:


IOEZ1E zFS I / O error 2101520 occurred for aggregate DSN910.SDSNAZFS
IOEZ2E MMRE error id = 31 cis = 12 if = 0 of = 15 buf = 1F8D2000 
CI = 2


Any comments to try to solve the errors and be able to start DB2.

Thank you very much.

Hilario

Re: DB2 Shutdown Problem

[Mark Jacobs - Listserv]

Check your SMF options, If DDCONS(NO) is not set, that may be your problem.


Steve Carlson (Contractor) 
November 3, 2016 at 9:00 AM
When trying to shut down the DB2 regions on our Development LPAR the 
DB2M1 regions are taking over 1 hour to shut down. I have also noticed 
that over 9000 SMF Type 30 records for the DBM1 STC's are being 
generated during this time. Here is a list of the DB2 STC's:

DB2YADMT
DB2YDBM1
DB2YDIST
DB2YIRLM
DB2YMSTR
DB2YWLM2


The following commands were issued before shutting down this DB2 region:

-DB2Y DISPLAY THREAD(*)
-DB2Y DIS UTILITY(*)
-DB2Y DIS DDF

All of the STC's except for DB2YDBM1 come down within about 10 
minutes. Also these STC's have been up and running for over 60 days 
and are at Release 10. The DB2YDBM1 takes over 1 hour to come down.


Has anyone else seen this problem, and what did you do to resolve this 
problem?


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

IBM Software Support Services - Service Extension Question

[Mark Jacobs - Listserv]

Is IBM still building security and integrity fixes for out of support 
releases of zOS? If so, does having BM Software Support Services - 
Service Extension, aka IBM Lifecycle Extension for z/OS give you access 
rights to those PTFs?


Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Xposted from TCP/IP list SSL Problems, please help

[Mark Jacobs - Listserv]

WAG, Does TCP/IP have read access to the private key in the PKDS? 
CSFKEYS resource.


Mark Jacobs


Ward, Mike S 
October 27, 2016 at 12:33 PM
Hello list I have a small problem that I was hoping I could get some 
help with.


System is z/OS V1.13 running on a Z13s W01 soon to be V2.2, but not 
yet and not soon enough.


We are using system SSL/TLS not AT/TLS for FTP and TN3270. We have 
Crypto express 5 cards

with a CEX5C coprocessor.

I wanted to take advantage of the crypto cards so I imported the

RSA cerftificate we were using using the PCICC(*) option. This is 
supposed to
take the private key and place it in the PKDS which is supposed to 
perform better

than using software ssl encryption.

To my dismay TN3270 will no longer support a SSL\TLS connection, however
Secure FTP has no problem. I ensured that nothing was changed in the 
keyring and
that the correct SITE certificate shows up there. I also made sure 
that TN3270

and FTP are pointing to the same keyring.

The RACF display of the keyring shows this:

Digital ring information for user TCPIP:

Ring:
>SharedRing<
Certificate Label Name Cert Owner USAGE DEFAULT
   ---
X Cert 2048 Authority CERTAUTH CERTAUTH NO

TCPIPSharedSite SITE PERSONAL YES


The above is correct.

The access from FTP is shown below: IP addresses and userid's changed 
to protect the innocent.


Oct 26 14:21:30 JESH01 ftpd[33555196]: EZYFS50I ID=FTPD100119 CONN 
starts Client IPaddr=999.99.1.27 hostname=UNKNOWN
Oct 26 14:21:30 JESH01 ftps[33555196]: EZYFS54I ID=FTPD100119 SECURE 
OK Mechanism=TLS-P
Oct 26 14:21:30 JESH01 ftps[33555196]: EZYFS56I ID=FTPD100119 ACCESS 
OK USERID=XX
Oct 26 14:21:31 JESH01 ftps[33555195]: EZYFS67I ID=FTPD100119 ALLOC OK 
Use HFS filename=/u/log/2016/10/24/ftp.log


We ran an SSL trace and this is what we get:

Job,TN3270 Process 0016 Thread 001C crypto_rsa_private_decrypt
Stored,private key support is not available
,
SSF1, MESSAGE 0004 14:43:03.790222 SSL_ERROR
,
Job,TN3270 Process 0016 Thread 001C read_v3_client_key_exchang
Unable,to decrypt pre-master secret: Error 0x0335301a


The trace looks good until we get the Error 0x0335301a.

0335301A No private key.
Explanation: A private key request cannot be
processed because the database entry does not contain
a private key. This error can occur if the private key is
stored in the Integrated Cryptographic Service Facility
(ICSF) but the CSF started task is not running.
User response: Verify that the CSF started task is
running if the private key is stored in ICSF. Otherwise,
repeat the failing request using a database entry
containing a private key.

I'm at a loss ICSF is up and running, and the crypto cards are 
supposed to have the PCICC coprocessors.


Secure Tn3270 does not work, but secure FTP does.

I'm at a loss any idea's welcome.

Thanks

==
This email, and any files transmitted with it, is confidential and 
intended solely for the use of the individual or entity to which it is 
addressed. If you have received this email in error, please notify the 
system manager. This message contains confidential information and is 
intended only for the individual named. If you are not the named 
addressee, you should not disseminate, distribute or copy this e-mail. 
Please notify the sender immediately by e-mail if you have received 
this message by mistake and delete this e-mail from your system. If 
you are not the intended recipient, you are notified that disclosing, 
copying, distributing or taking any action in reliance on the contents 
of this information is strictly prohibited.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Implementing ICSF - FOTS1949 PRNG is not seeded

[Mark Jacobs - Listserv]

Once the ICSF Master Keys are entered into the crypto domain after the 
first IPL of each system, they'll be there and ready when you IPL your 
DR system in the future. If you've changed the keys on the production 
side, you have to keep them in sync with the DR box too.


Mark Jacobs

Jesse 1 Robinson 
October 19, 2016 at 5:22 PM
Thanks to Stuart for pointing me to his doc. ;-)

Radoslaw, you said in one post that the whole thing can be done ahead 
of time, but your latest post mentions only LPAR Image profile setup 
on HMC. Mike Ward (and Stuart's doc) refer to ICSF, which requires an 
OS, that is, IPL. Ours is a push-pull installation. New box cannot 
even be cabled up until the old one is brought down. It should not 
take long to run ICSF on each LPAR, but I'd prefer to take care of it 
in advance if possible. Otherwise it will just have to be part of the 
install.


One extra complication. This is our DR machine. There are a few LPARs 
that run all the time, but most come up only during DR testing. I take 
it we need to bring up DR systems for ICSF master key...


.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-302-7535 Office
robin...@sce.com

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
On Behalf Of R.S.

Sent: Wednesday, October 19, 2016 1:12 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: (External):Re: Implementing ICSF - FOTS1949 PRNG is not seeded

Well,
Customize Activation Profiles, LPAR profile, Crypto tab.
You have to set up some values for two things:
Crypto Domain. Assign one "Control and Usage domain". Unique one.
Use the same domain if CSFPRMxx (or just leave it default).

Assigned Cryptos
Assign all existing CryptoExpress cards as Candidate and Online.

Note: this is simple configuration, one of many possible. Details are 
more complex and depend on many factors.

When teaching this I spent few hours on that. :-)

--
Radoslaw Skorupka
Lodz, Poland

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Implementing ICSF - FOTS1949 PRNG is not seeded

[Mark Jacobs - Listserv]

If you're not creating any data encryption keys in the CKDS, then a one 
cylinder database is plenty of sapce.


Mark Jacobs


Dazzo, Matt 
October 19, 2016 at 11:46 AM
RS, Kirk thanks.

I was able to confirm from the SE that CPACF is enabled.

I have started configuring ICSF and trying to determine the size of 
the CKDS. For now ICSF will be used for SSH-ftp, I am not sure if a 
lot of keys are dynamically created or is just the master key going to 
be in there? From reading ICSF programmers guide I take it that it 
depends on what ICSF will be used for will determine if a lot of keys 
are created. I rather not create a CKDS too large if I don't have to. 
Any comments would be helpful.


Thanks Matt





-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
On Behalf Of Kirk Wolf

Sent: Wednesday, October 19, 2016 11:20 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Implementing ICSF - FOTS1949 PRNG is not seeded

Right. I've never seen this particular error caused by a missing CPACF 
feature.
More likely either ICSF is not started or the correct userids do not 
have access to the necessary ICSF features via SAF/RACF.


Kirk Wolf
Dovetailed Technologies
http://dovetail.com

On Wed, Oct 19, 2016 at 10:13 AM, R.S. 

--
For IBM-MAIN subscribe / signoff / archive access instructions, send 
email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Kirk Wolf 
October 19, 2016 at 11:20 AM
Right. I've never seen this particular error caused by a missing CPACF
feature.
More likely either ICSF is not started or the correct userids do not have
access to the necessary ICSF features via SAF/RACF.

Kirk Wolf
Dovetailed Technologies
http://dovetail.com

On Wed, Oct 19, 2016 at 10:13 AM, R.S. 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


R.S. 
October 19, 2016 at 11:13 AM

Isn't it enabled by default for all customers except North Korea ? ;-)

--
Radoslaw Skorupka
Lodz, Poland






---
Tre tej wiadomoci moe zawiera informacje prawnie chronione Banku 
przeznaczone wycznie do uytku subowego adresata. Odbiorc moe 
by jedynie jej adresat z wyczeniem dostpu osób trzecich. Jeeli 
nie jeste adresatem niniejszej wiadomoci lub pracownikiem 
upowanionym do jej przekazania adresatowi, informujemy, e jej 
rozpowszechnianie, kopiowanie, rozprowadzanie lub inne dziaanie o 
podobnym charakterze jest prawnie zabronione i moe by karalne. 
Jeeli otrzymae t wiadomo omykowo, prosimy niezwocznie 
zawiadomi nadawc wysyajc odpowied oraz trwale usun t 
wiadomo wczajc w to wszelkie jej kopie wydrukowane lub zapisane 
na dysku.


This e-mail may contain legally privileged information of the Bank and 
is intended solely for business use of the addressee. This e-mail may 
only be received by the addressee and may not be disclosed to any 
third parties. If you are not the intended addressee of this e-mail or 
the employee authorized to forward it to the addressee, be advised 
that any dissemination, copying, distribution or any other similar 
activity is legally prohibited and may be punishable. If you received 
this e-mail by mistake please advise the sender immediately by using 
the reply facility in your e-mail software and delete permanently this 
e-mail including any copies of it either printed or saved to hard drive.


mBank S.A. z siedzib w Warszawie, ul. Senatorska 18, 00-950 Warszawa, 
www.mBank.pl, e-mail: kont...@mbank.pl
Sd Rejonowy dla m. st. Warszawy XII Wydzia Gospodarczy Krajowego 
Rejestru Sdowego, nr rejestru przedsibiorców KRS 025237, NIP: 
526-021-50-88. Wedug stanu na dzie 01.01.2016 r. kapita zakadowy 
mBanku S.A. (w caoci wpacony) wynosi 168.955.696 zotych.



--
For IBM-MAIN subscribe / 

Re: Implementing ICSF - FOTS1949 PRNG is not seeded

[Mark Jacobs - Listserv]

Unless you have a TKE, you will have to use the ICSF panels to enter the 
master keys. So yes, you'll need to IPL each image to do so. Just a 
heads up that if you perform ICSF Master Key changes (recommended), you 
might have to first enter the previous set of keys, then the current 
set. I can elaborate on why if you'd like.


Mark Jacobs


Jesse 1 Robinson 
October 19, 2016 at 11:41 AM
We are installing a z13s and going through preliminary setup. When 
selecting the Crypto tab in an Image profile, I was a bit alarmed by 
this message:


Attention: You must install the 'IBM CP Assist for Cryptographic 
Functions'
(CPACF) feature if a cryptographic candidate is selected from the list 
box.
Otherwise, some functions of Integrated Cryptographic Service Facility 
(ICSF) may fail.


I spoke to the person who created and placed the order. He assured me 
that CPACF had been ordered and that no one he talked to believed that 
it requires explicit 'activation'. So I went to a z12 that has been in 
service for years. I see the same warning message on the Crypto tab. 
So it appears to be standard boilerplate that does not reflect the 
status of CPACF.


We’re still exploring how to set the Master Key. We had thought that 
it was an HCM task, but now we're led to believe that it's done 
through ICSF. Which means that we have to IPL (each?) LPAR in order to 
set it. The guy who did this for years is gone.


.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-302-7535 Office
robin...@sce.com


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
On Behalf Of Kirk Wolf

Sent: Wednesday, October 19, 2016 8:20 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: (External):Re: Implementing ICSF - FOTS1949 PRNG is not seeded

Right. I've never seen this particular error caused by a missing CPACF 
feature.
More likely either ICSF is not started or the correct userids do not 
have access to the necessary ICSF features via SAF/RACF.


Kirk Wolf
Dovetailed Technologies
http://dovetail.com

On Wed, Oct 19, 2016 at 10:13 AM, R.S. 


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

ICETOOL Question

[Mark Jacobs - Listserv]

Before I dig into the books, does anyone have an ICETOOL example that 
does this;


Copy all records in a file has these fields

   B   CCC  D

to a different file in this field order

     
--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: DFHSM query command from Console

[Mark Jacobs - Listserv]

F HSM,Q CDS


Peter 
October 14, 2016 at 11:14 AM
Hi

Is it possible to query MCDS dataset usage from master console ?

I apologize as I am new to DFHSM.

Peter

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: How set CVTLSO?

[Mark Jacobs - Listserv]

CVTLSO is all zero on our system, and we're using STP.

  EXT2: 00FDF670
 +0004  NUCLS F1FLGBT 00IOCID F0F3
 +0008  DEBVR 00FD93C2  CVAF. 00D5F000  MMVT. 00FD9688
 +0014  NCVP.   QIDA. 00OLTEP 
 +0024  AVVT. 8000  CCVT.   SKTA. 
 +0030  ICB..   FBYT1 00
 +0038  LDTO. CA5B  1700ATCVT 80C8B000
 +0048  BCLMT 0064  LSO..   

Mark Jacobs


Charles Mills <mailto:charl...@mcn.org>
October 11, 2016 at 12:00 PM
*Somebody* sets it ... who and how?

Charles

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
Behalf Of Mark Jacobs - Listserv
Sent: Tuesday, October 11, 2016 8:48 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: How set CVTLSO?

I don't think that CVTLSO is used by STP.

Mark Jacobs


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
October 11, 2016 at 11:47 AM
I don't think that CVTLSO is used by STP.

Mark Jacobs


Charles Mills <mailto:charl...@mcn.org>
October 11, 2016 at 11:43 AM
Okay, I read the paper. Good paper. Thanks. (I don't feel too bad -- the
paper only came out a couple of months ago.)

The paper is short on low level details. Does anyone know: in a "steering"
situation, does z/OS basically "change CVTLSO a little, spin a little, go
back to business as usual for a while -- repeat as necessary for seven
hours"?

Charles

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
Behalf Of Mark Jacobs - Listserv
Sent: Tuesday, October 11, 2016 7:21 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: How set CVTLSO?

STP will recognize that a leap second has occurred, and slowly steer zOS
time to the actual time. Here's a good writeup on the process.

https://www-03.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/WP102081

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Charles Mills <mailto:charl...@mcn.org>
October 11, 2016 at 10:00 AM
So could in fact change without an IPL? That is really the core of my
curiosity.

Charles

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
Behalf Of Mark Jacobs - Listserv
Sent: Tuesday, October 11, 2016 6:45 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: How set CVTLSO?

I believe that if you're using STP to control system time, it all happens
automagically.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
October 11, 2016 at 9:45 AM
I believe that if you're using STP to control system time, it all 
happens automagically.





--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: How set CVTLSO?

[Mark Jacobs - Listserv]

I don't think that CVTLSO is used by STP.

Mark Jacobs


Charles Mills <mailto:charl...@mcn.org>
October 11, 2016 at 11:43 AM
Okay, I read the paper. Good paper. Thanks. (I don't feel too bad -- the
paper only came out a couple of months ago.)

The paper is short on low level details. Does anyone know: in a "steering"
situation, does z/OS basically "change CVTLSO a little, spin a little, go
back to business as usual for a while -- repeat as necessary for seven
hours"?

Charles

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
Behalf Of Mark Jacobs - Listserv
Sent: Tuesday, October 11, 2016 7:21 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: How set CVTLSO?

STP will recognize that a leap second has occurred, and slowly steer zOS
time to the actual time. Here's a good writeup on the process.

https://www-03.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/WP102081

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Charles Mills <mailto:charl...@mcn.org>
October 11, 2016 at 10:00 AM
So could in fact change without an IPL? That is really the core of my
curiosity.

Charles

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
Behalf Of Mark Jacobs - Listserv
Sent: Tuesday, October 11, 2016 6:45 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: How set CVTLSO?

I believe that if you're using STP to control system time, it all happens
automagically.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
October 11, 2016 at 9:45 AM
I believe that if you're using STP to control system time, it all 
happens automagically.



Charles Mills <mailto:charl...@mcn.org>
October 11, 2016 at 9:42 AM
Mostly a curiosity and "long-term" question: where do you set the leap
second offset? Can it be set without an IPL?

I searched System Commands for "leap" and did not find anything.

Charles

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: How set CVTLSO?

[Mark Jacobs - Listserv]

STP will recognize that a leap second has occurred, and slowly steer zOS 
time to the actual time. Here's a good writeup on the process.


https://www-03.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/WP102081



Charles Mills <mailto:charl...@mcn.org>
October 11, 2016 at 10:00 AM
So could in fact change without an IPL? That is really the core of my
curiosity.

Charles

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
Behalf Of Mark Jacobs - Listserv
Sent: Tuesday, October 11, 2016 6:45 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: How set CVTLSO?

I believe that if you're using STP to control system time, it all happens
automagically.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Mark Jacobs - Listserv <mailto:mark.jac...@custserv.com>
October 11, 2016 at 9:45 AM
I believe that if you're using STP to control system time, it all 
happens automagically.



Charles Mills <mailto:charl...@mcn.org>
October 11, 2016 at 9:42 AM
Mostly a curiosity and "long-term" question: where do you set the leap
second offset? Can it be set without an IPL?

I searched System Commands for "leap" and did not find anything.

Charles

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: How set CVTLSO?

[Mark Jacobs - Listserv]

I believe that if you're using STP to control system time, it all 
happens automagically.



Charles Mills 
October 11, 2016 at 9:42 AM
Mostly a curiosity and "long-term" question: where do you set the leap
second offset? Can it be set without an IPL?

I searched System Commands for "leap" and did not find anything.

Charles

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Can Someone Check Redbooks?

[Mark Jacobs - Listserv]

Looks like it for me too.


George Rodriguez 
September 29, 2016 at 7:49 AM
Is the http://www.redbooks.ibm.com/ site down?

*George Rodriguez*
*Specialist II - IT Solutions*
*IT Enterprise Applications*
*PX - 47652*
*(561) 357-7652 (office)*
*(954) 415-7586 (mobile)*
*School District of Palm Beach County*
*3348 Forest Hill Blvd.*
*Room B-251*
*West Palm Beach, FL. 33406-5869*
*Florida's Only A-Rated Urban District For Eight Consecutive Years*

--


*Disclaimer: *Under Florida law, e-mail addresses are public records. If
you do not want your e-mail address released in response to a public
records request, do not send electronic mail to this entity. Instead,
contact this office by phone or in writing.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Strange syslogd file name in name/token pair ezbsyslog

[Mark Jacobs - Listserv]

Just like when you notice a horrific spelling or grammatical error in a 
email right after you hit send. Been there, done that too.


Mark Jacobs


John McKown 
September 27, 2016 at 8:00 AM
Damn, I hate it when I do this. I then found:

http://www-01.ibm.com/support/docview.wss?uid=isg1PI47467


-


* USERS AFFECTED: *
* All users of the IBM Communications Server for z/OS Version *
* 2 Release 1 IP: syslog daemon *

* PROBLEM DESCRIPTION: *
* The syslog daemon configuration file name in the EZBSYSLOGD *
* name/token pair is truncated by 1 character *

* RECOMMENDATION: *
* Apply the PTF *

During initialization, the syslog daemon creates a name/token
pair named EZBSYSLOGD. The information saved in the name/token
pair contains the configuration file name. The last character
of the name was overlaid with 1-byte of x'00'.


Problem conclusion

-

The syslog daemon has been corrected to save the entire
configuration file name in the EZBSYSLOGD name/token pair.



On Tue, Sep 27, 2016 at 6:57 AM, John McKown 





--
Heisenberg may have been here.

Unicode: http://xkcd.com/1726/

Maranatha! <><
John McKown

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


John McKown 
September 27, 2016 at 7:57 AM
On Tue, Sep 27, 2016 at 3:34 AM, Itschak Mugzach<
John McKown

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information or 
directs you to login via a link. If you believe this message is a phish or 
aren't sure whether this message is trustworthy, please send the original 
message as an attachment to 'phish...@timeinc.com'.

Itschak Mugzach 
September 27, 2016 at 4:34 AM
I am looking at the name/token pair of syslogd and the file name (hfs) is
missing the last character. The value of the last character is binary 
zero.


Is this a known issue?

*| **Itschak Mugzach | Director | SecuriTeam Software | *

*|* *Email**: i_mugz...@securiteam.co.il **|* *Mob**: +972 522 986404 **|*
*Skype**: ItschakMugzach **|* *Web**: www.Securiteam.co.il **|*

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Global Technology Services

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Reloading a member of ELPA

[Mark Jacobs - Listserv]

MLPA is rather obsolete and can only be created at IPL.

Mark Jacobs


Steve 
September 26, 2016 at 10:50 AM
Why not put it MLPA if its being called thousands of times a day?



Steve Beaver
st...@stevebeaver.com

Office : 806-368-3859
Cell : 806-300-9481



This electronic mail (including any attachments) may contain 
information that is privileged, confidential, and/or otherwise 
protected from disclosure to anyone other than its intended 
recipient(s). Any dissemination or use of this electronic email or its 
contents (including any attachments) by persons other than the 
intended recipient(s) is strictly prohibited. If you have received 
this message in error, please notify us immediately by reply email so 
that we may correct our internal records. Please then delete the 
original message (including any attachments) in its entirety. Thank you



-Original Message-
From: "Tom Marchant" <000a2a8c2020-dmarc-requ...@listserv.ua.edu>
Sent: Monday, September 26, 2016 10:48am
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Reloading a member of ELPA




I agree with Mark's comments, and I would add that the old copy of the 
Natural nucleus must remain where it is unless you can be absolutely 
certain that there is no address space in the system that is using it.


You don't say how much space is taken by the Natural nucleus. That 
makes a difference as to whether or not you have available ECSA for it.


--
Tom Marchant

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.


Tom Marchant 
September 26, 2016 at 10:48 AM

I agree with Mark's comments, and I would add that the old copy of the 
Natural nucleus must remain where it is unless you can be absolutely 
certain that there is no address space in the system that is using it.


You don't say how much space is taken by the Natural nucleus. That 
makes a difference as to whether or not you have available ECSA for it.


--
Tom Marchant

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


Please be alert for any emails that may ask you for login information 
or directs you to login via a link. If you believe this message is a 
phish or aren't sure whether this message is trustworthy, please send 
the original message as an attachment to 'phish...@timeinc.com'.




--

Mark Jacobs
Time Customer Service
Technology and Product Engineering

The standard you walk past is the standard you accept.
Lt. Gen. David Morrison


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN