Re: [EXTERNAL] Re: zOSMF - remove plug-in
Lionel, that is exactly our problem too! The security aspect is so over the top, that seems damn near impossible. We too are CA-TSS shop. Also, for clarity, the security that the actual STC needs is straight forward. It's configuring the user security I am talking about. I've advocated with the IBM'ers responsible for development to see if they could provide an easier mechanism. What I want here at our shop is to setup role based profiles something like the following that layer on additional privileges based on need: - minimal access you get with IZUGUEST - options ok to see without being logged on - general authenticated user - app developers, those that might make "cloud" requests - DBA - DB2 staff, - SYSPROG - my team - ZOSMF Administrators - subset of my team Then adding additional users would be a breeze. But we aren’t even to this point yet. Compunding the issue is that ZOSMF required zOS components that we hadn’t previously configured and turned on like PFA, CIM, etc. That’s our own fault, but just adds to the load of configuring. _ Dave Jousma Manager Mainframe Engineering, Assistant Vice President david.jou...@53.com 1830 East Paris, Grand Rapids, MI 49546 MD RSCB2H p 616.653.8429 f 616.653.2717 -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Dyck, Lionel B. (TRA) Sent: Friday, February 02, 2018 10:16 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: [EXTERNAL] Re: zOSMF - remove plug-in **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** The challenge is implementing the security rules so that this happens. We've been "fighting" for months to get the rules cleaned up as when zOSMF was implemented 2+ years ago the rules were not implemented properly so we are deleting and starting over. I'm not a security person and we use CA Top Secret instead of RACF, but I can say that the rules look both overly cumbersome and completely convoluted. -- Lionel B. Dyck < Mainframe Systems Programmer - TRA -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Kurt Quackenbush Sent: Friday, February 02, 2018 9:11 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: [EXTERNAL] Re: zOSMF - remove plug-in On 2/1/2018 3:30 PM, Jousma, David wrote: > The way I understand it, the option in the left side bar does not show up, if > you are not allowed to use it. However, I have not proven that out. That is correct, if a user is not authorized to a particular z/OSMF task, then that task is not displayed in the navigation pane for that user. Kurt Quackenbush -- IBM, SMP/E Development -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: [EXTERNAL] Re: zOSMF - remove plug-in
The challenge is implementing the security rules so that this happens. We've been "fighting" for months to get the rules cleaned up as when zOSMF was implemented 2+ years ago the rules were not implemented properly so we are deleting and starting over. I'm not a security person and we use CA Top Secret instead of RACF, but I can say that the rules look both overly cumbersome and completely convoluted. -- Lionel B. Dyck < Mainframe Systems Programmer - TRA -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Kurt Quackenbush Sent: Friday, February 02, 2018 9:11 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: [EXTERNAL] Re: zOSMF - remove plug-in On 2/1/2018 3:30 PM, Jousma, David wrote: > The way I understand it, the option in the left side bar does not show up, if > you are not allowed to use it. However, I have not proven that out. That is correct, if a user is not authorized to a particular z/OSMF task, then that task is not displayed in the navigation pane for that user. Kurt Quackenbush -- IBM, SMP/E Development -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
On 2/1/2018 3:30 PM, Jousma, David wrote: The way I understand it, the option in the left side bar does not show up, if you are not allowed to use it. However, I have not proven that out. That is correct, if a user is not authorized to a particular z/OSMF task, then that task is not displayed in the navigation pane for that user. Kurt Quackenbush -- IBM, SMP/E Development -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
On 2/1/2018 10:25 AM, John Eells wrote: Just out of curiosity, why would you want to remove one, as long as unauthorized people could not use it? John, Performance. V1R13, was bad, V2R1 corrected the issues, then V2R2 went the wrong way with all the new plugins, and I shudder to see V2R3. Regards, Tom Conley -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
I have a simple criterion for 'business ready': how much would I pay for this application out of my own pocket? If it's not worth my buying it, it's not worth designing into any product regardless of who's signing the check. This is about customer-friendly usability, not security. It's just plain rude to offer a selection that only gets the user's hand slapped. And on a flinty-eyed level, you don't want people pestering you about why they're locked out of that selection. If I can't do it, don't let me see it. . . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-543-6132 Office ⇐=== NEW robin...@sce.com -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Farley, Peter x23353 Sent: Thursday, February 01, 2018 12:34 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: (External):Re: zOSMF - remove plug-in Isn't that just "security by obscurity"? Or invisibility? What business harm is there in revealing that a function exists as long as the security rules prevent unauthorized use? Or is it just to keep the naive unauthorized screen user from "confusion"? What exactly is meant by a "business ready" approach to user interfaces? Peter -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Jesse 1 Robinson Sent: Thursday, February 1, 2018 3:01 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: zOSMF - remove plug-in I'm a bystander on this issue at the moment, but I do have strong feelings about appearing to give the user an option that, when selected, gets 'not allowed'. If an option is not allowed, it should not be displayed. I realize that this complicates programming, but it's the 'business ready' approach to any user interface on any platform. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
Isn't that just "security by obscurity"? Or invisibility? What business harm is there in revealing that a function exists as long as the security rules prevent unauthorized use? Or is it just to keep the naive unauthorized screen user from "confusion"? What exactly is meant by a "business ready" approach to user interfaces? Peter -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Jesse 1 Robinson Sent: Thursday, February 1, 2018 3:01 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: zOSMF - remove plug-in I'm a bystander on this issue at the moment, but I do have strong feelings about appearing to give the user an option that, when selected, gets 'not allowed'. If an option is not allowed, it should not be displayed. I realize that this complicates programming, but it's the 'business ready' approach to any user interface on any platform. -- This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
The way I understand it, the option in the left side bar does not show up, if you are not allowed to use it. However, I have not proven that out. _ Dave Jousma Manager Mainframe Engineering, Assistant Vice President david.jou...@53.com 1830 East Paris, Grand Rapids, MI 49546 MD RSCB2H p 616.653.8429 f 616.653.2717 -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Dyck, Lionel B. (TRA) Sent: Thursday, February 01, 2018 3:24 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: zOSMF - remove plug-in **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** I second Skip's comments. -- Lionel B. Dyck < Mainframe Systems Programmer - TRA -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Jesse 1 Robinson Sent: Thursday, February 01, 2018 2:01 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: [EXTERNAL] Re: zOSMF - remove plug-in I'm a bystander on this issue at the moment, but I do have strong feelings about appearing to give the user an option that, when selected, gets 'not allowed'. If an option is not allowed, it should not be displayed. I realize that this complicates programming, but it's the 'business ready' approach to any user interface on any platform. . . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-543-6132 Office ⇐=== NEW robin...@sce.com -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of John Eells Sent: Thursday, February 01, 2018 7:27 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: (External):Re: zOSMF - remove plug-in Jousma, David wrote: > John, > > That would seem logical, but that’s not how it works. Once added to the > list, removal does not remove it, sadly. As someone else mentioned, the > only way to "remove" it, is to secure it in SAF. The ability to uninstall a > plug-in has been discussed, I just don’t know where or if there are any > development efforts under way to provide it. > > > Remove it from the list of enabled plug-ins in IZUPRMxx. See PDF p. 48 in > the Configuration Guide, here: > http://publibz.boulder.ibm.com/epubs/pdf/izu23215.pdf > > -- > John Eells > IBM Poughkeepsie > ee...@us.ibm.com First, my apologies for the misinformation. I just tried this and, as you say, it does not work. Second, I will get this information added to the configuration guide, which appears silent on this particular issue. Just out of curiosity, why would you want to remove one, as long as unauthorized people could not use it? -- John Eells IBM Poughkeepsie ee...@us.ibm.com -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
I second Skip's comments. -- Lionel B. Dyck < Mainframe Systems Programmer - TRA -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Jesse 1 Robinson Sent: Thursday, February 01, 2018 2:01 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: [EXTERNAL] Re: zOSMF - remove plug-in I'm a bystander on this issue at the moment, but I do have strong feelings about appearing to give the user an option that, when selected, gets 'not allowed'. If an option is not allowed, it should not be displayed. I realize that this complicates programming, but it's the 'business ready' approach to any user interface on any platform. . . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-543-6132 Office ⇐=== NEW robin...@sce.com -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of John Eells Sent: Thursday, February 01, 2018 7:27 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: (External):Re: zOSMF - remove plug-in Jousma, David wrote: > John, > > That would seem logical, but that’s not how it works. Once added to the > list, removal does not remove it, sadly. As someone else mentioned, the > only way to "remove" it, is to secure it in SAF. The ability to uninstall a > plug-in has been discussed, I just don’t know where or if there are any > development efforts under way to provide it. > > > Remove it from the list of enabled plug-ins in IZUPRMxx. See PDF p. 48 in > the Configuration Guide, here: > http://publibz.boulder.ibm.com/epubs/pdf/izu23215.pdf > > -- > John Eells > IBM Poughkeepsie > ee...@us.ibm.com First, my apologies for the misinformation. I just tried this and, as you say, it does not work. Second, I will get this information added to the configuration guide, which appears silent on this particular issue. Just out of curiosity, why would you want to remove one, as long as unauthorized people could not use it? -- John Eells IBM Poughkeepsie ee...@us.ibm.com -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
I'm a bystander on this issue at the moment, but I do have strong feelings about appearing to give the user an option that, when selected, gets 'not allowed'. If an option is not allowed, it should not be displayed. I realize that this complicates programming, but it's the 'business ready' approach to any user interface on any platform. . . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-543-6132 Office ⇐=== NEW robin...@sce.com -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of John Eells Sent: Thursday, February 01, 2018 7:27 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: (External):Re: zOSMF - remove plug-in Jousma, David wrote: > John, > > That would seem logical, but that’s not how it works. Once added to the > list, removal does not remove it, sadly. As someone else mentioned, the > only way to "remove" it, is to secure it in SAF. The ability to uninstall a > plug-in has been discussed, I just don’t know where or if there are any > development efforts under way to provide it. > > > Remove it from the list of enabled plug-ins in IZUPRMxx. See PDF p. 48 in > the Configuration Guide, here: > http://publibz.boulder.ibm.com/epubs/pdf/izu23215.pdf > > -- > John Eells > IBM Poughkeepsie > ee...@us.ibm.com First, my apologies for the misinformation. I just tried this and, as you say, it does not work. Second, I will get this information added to the configuration guide, which appears silent on this particular issue. Just out of curiosity, why would you want to remove one, as long as unauthorized people could not use it? -- John Eells IBM Poughkeepsie ee...@us.ibm.com -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
I suspect that in many shops, getting the security changes pushed through the channels is much more labor intensive than just uninstalling the parts you do not want. Don’t get me wrong, I'm coming around on z/OSMF, but the considerable amount(understatement) of security work needed to implement is a daunting task. I don’t know that we are still where things need to be. We are also dealing with some of these same issues. I've opened tickets with IBM asking questions, the stock answer was "we recommend one ZOSMF instance per sysplex". While we do happen to have TECH, DEV and PROD in the same sysplex(pre-dates my employment), they are different JES MAS, so I have to run one instance per MAS. So, for SYSPROG's, ZOSMF use is more of a toolbox thing, for non-sysprogs, it’s a "cloud" thing. I want to make sysprog tools available in all instances, but the Workflows, etc that the general population might use, should be running the in "prod" instance, in my opinion. The other "itch" I have is that there is no mechanism to "administer" the zosmf instances in one place, and push the changes around. Today, we have to separately administer each instance (6) and is a repetitive exercise that I shouldn’t have to do. I do participate in this workgroup at zBLC, and a lot of this is talked about there, so I know there could be future plans for a lot of this stuff. _ Dave Jousma Manager Mainframe Engineering, Assistant Vice President david.jou...@53.com 1830 East Paris, Grand Rapids, MI 49546 MD RSCB2H p 616.653.8429 f 616.653.2717 -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of John Eells Sent: Thursday, February 01, 2018 10:27 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: zOSMF - remove plug-in **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** Jousma, David wrote: > John, > > That would seem logical, but that’s not how it works. Once added to the > list, removal does not remove it, sadly. As someone else mentioned, the > only way to "remove" it, is to secure it in SAF. The ability to uninstall a > plug-in has been discussed, I just don’t know where or if there are any > development efforts under way to provide it. > > > Remove it from the list of enabled plug-ins in IZUPRMxx. See PDF p. 48 in > the Configuration Guide, here: > http://publibz.boulder.ibm.com/epubs/pdf/izu23215.pdf > > -- > John Eells > IBM Poughkeepsie > ee...@us.ibm.com First, my apologies for the misinformation. I just tried this and, as you say, it does not work. Second, I will get this information added to the configuration guide, which appears silent on this particular issue. Just out of curiosity, why would you want to remove one, as long as unauthorized people could not use it? -- John Eells IBM Poughkeepsie ee...@us.ibm.com -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
Jousma, David wrote: John, That would seem logical, but that’s not how it works. Once added to the list, removal does not remove it, sadly. As someone else mentioned, the only way to "remove" it, is to secure it in SAF. The ability to uninstall a plug-in has been discussed, I just don’t know where or if there are any development efforts under way to provide it. Remove it from the list of enabled plug-ins in IZUPRMxx. See PDF p. 48 in the Configuration Guide, here: http://publibz.boulder.ibm.com/epubs/pdf/izu23215.pdf -- John Eells IBM Poughkeepsie ee...@us.ibm.com First, my apologies for the misinformation. I just tried this and, as you say, it does not work. Second, I will get this information added to the configuration guide, which appears silent on this particular issue. Just out of curiosity, why would you want to remove one, as long as unauthorized people could not use it? -- John Eells IBM Poughkeepsie ee...@us.ibm.com -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
Hi Dave, This is an "understood" current situation today, which we know would be nice to fix. Remember, if you are using an external application (technically not a plug-in), like SDSF, you can remove it dynamically. SDSF has the doc to do that, as it's quite easy. -Marna WALLE z/OS Installation and Migration IBM Poughkeepsie -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
I've made the same request several months ago in a PMR. They adviced the SAF option and asked to RFE it. The reason why we wanted to do this, is because we have several z/OSMF instances running in the sysplex. Mainly to seperate internal use (Sysprog) and Workflow/Provisioning development. This separation was needed because of the SAF structure of admin/user and security groups. We don't want plugins like the Incident Log/WLM to be used/visible by the Development z/OSMF. I (think) I accidently left those plugins in the IZUPRMxx while cloning a new z/OSMF instance. Met vriendelijke groet, Ronald Kristel From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> on behalf of Kurt Quackenbush <ku...@us.ibm.com> Sent: Thursday, February 1, 2018 2:43:29 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: zOSMF - remove plug-in On 1/31/2018 5:04 PM, R Dooley wrote: > Seems this should be easy however I'm having difficulty locating doc for zOS > 2.2 and above regarding "how-to" remove a zOSMF plug-in once it has been > installed. i.e. I no longer want it to appear as a link on the z/OSMF > landing page. If you don't mind my asking, which plug-in are you trying to remove, and why? Kurt Quackenbush -- IBM, SMP/E Development -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
On 1/31/2018 5:04 PM, R Dooley wrote: Seems this should be easy however I'm having difficulty locating doc for zOS 2.2 and above regarding "how-to" remove a zOSMF plug-in once it has been installed. i.e. I no longer want it to appear as a link on the z/OSMF landing page. If you don't mind my asking, which plug-in are you trying to remove, and why? Kurt Quackenbush -- IBM, SMP/E Development -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
John, That would seem logical, but that’s not how it works. Once added to the list, removal does not remove it, sadly. As someone else mentioned, the only way to "remove" it, is to secure it in SAF. The ability to uninstall a plug-in has been discussed, I just don’t know where or if there are any development efforts under way to provide it. _ Dave Jousma Manager Mainframe Engineering, Assistant Vice President david.jou...@53.com 1830 East Paris, Grand Rapids, MI 49546 MD RSCB2H p 616.653.8429 f 616.653.2717 -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of John Eells Sent: Thursday, February 01, 2018 6:46 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: zOSMF - remove plug-in **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** R Dooley wrote: > Hello, > Seems this should be easy however I'm having difficulty locating doc for zOS > 2.2 and above regarding "how-to" remove a zOSMF plug-in once it has been > installed. i.e. I no longer want it to appear as a link on the z/OSMF > landing page. Remove it from the list of enabled plug-ins in IZUPRMxx. See PDF p. 48 in the Configuration Guide, here: http://publibz.boulder.ibm.com/epubs/pdf/izu23215.pdf -- John Eells IBM Poughkeepsie ee...@us.ibm.com -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
R Dooley wrote: Hello, Seems this should be easy however I'm having difficulty locating doc for zOS 2.2 and above regarding "how-to" remove a zOSMF plug-in once it has been installed. i.e. I no longer want it to appear as a link on the z/OSMF landing page. Remove it from the list of enabled plug-ins in IZUPRMxx. See PDF p. 48 in the Configuration Guide, here: http://publibz.boulder.ibm.com/epubs/pdf/izu23215.pdf -- John Eells IBM Poughkeepsie ee...@us.ibm.com -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: zOSMF - remove plug-in
AFAIK it is not possible under z/OS 2.2. I am not sure in 2.3. You can however limit access users/groups to the plugin by using SAF. Specify no access to the specific plugin option in the ZMFAPLA class. Met vriendelijke groet, Ronald Kristel From: IBM Mainframe Discussion Liston behalf of R Dooley Sent: Wednesday, January 31, 2018 11:05:19 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: zOSMF - remove plug-in Hello, Seems this should be easy however I'm having difficulty locating doc for zOS 2.2 and above regarding "how-to" remove a zOSMF plug-in once it has been installed. i.e. I no longer want it to appear as a link on the z/OSMF landing page. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN