Hi!
Since z/OS V2R5 there exists the possibility of implementing "IPL data
signing". As I understand it, this gives some assurance that critical IBM load
modules were not unauthorizedly modified (after the last time they were
digitally signed).
Have you implemented it? Is it worth? Pros and con
AFAIK, the answer is NO. It is something similar to what happens when you list
catalogued datasets using ISPF 3.4 option: you will see all entries but can
only browse/edit those datasets you are authorized to.
El lunes, 9 de junio de 2025, 02:25:27 p.m. GMT-3, Richard McIntosh
<06ae244
Hi!
Both wx3270 and wc3270 are free 3270 emulators that work under WINDOWS OS. I
have quickly tested both, and wx3270 seems to be more friendly to customize. I
wonder what are basically the differences between both (I see from the
documentation that wx3270 uses standard windows while wc3270 work
Hi!
I havenoticed a pretty odd situation regarding our RACF backup database that I
amstill unable to explain (I have already asked on RACFL).
For my own RACFuserid, the LAST-CONNECT date to my “DEFAULT GROUP” is not being
updated on theBACKUP RACF database (not even once a day). As far as
In my personal experience as a RACF administrator, ZOWE is the most confusing
and complicated product (regarding security configuration) I have encountered.
IMHO, its documentation is scattered and lacks the clarity that one expects for
the Mainframe platform.
Juan
El martes, 11 de marzo de
After more than 20 years working as a RACF administrator, a couple of years
ago I achieved my own horror story:I deleted the active RACF databases (BOTH,
PRIMARY and BACKUP), in a peak hour of the day...Details:
We did recently migrate to a new z/OS version, and my intention was to delete
the o
Hi!
Does ZOWE support AT-TLS for managing its TLS encryption?Can I store the
(private) key of the server certificate in ICSF?
We have z/OS 2.4 and ZOWE 2.16
Thanks in advance for your help,
Juan Mautalen
--
For IBM-MAIN subscr
Hi!
Do we know if CVE-2024-6387 affects Open SSH on z/OS?
Thanks,
Juan Mautalen
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Hi!
Is there a way for an administrator to change the TSO PREFIX of another RACF
userid?
Reason for asking:When a new TSO userid is created, we need to set its TSO
PREFIX to a value different from "USERID" (the default). Basically, as we
generally dont allow USER datasets, we need to set the TSO
Thanks guys for all you instructive answers!
As it usually happens when you try to understand something, new questions often
arise and you realize that things are fairly more complicated than you
initially beleived.
Juan
--
Hi!
I want to understand how TN3270 emulation works regarding convertion of
characters (between EBCDIC and ASCII, and viceversa).
This is how I think it works (more or less), but I am not sure at all. So
please let me know about any mistakes.
Let suppose that you use a TN3270 emulator program to
Hi:
Is there any command to check for the syntax of a PAGENT policy file? I have
heavily edited (a copy) of our current policy file (without using zOSMF), and
it would be great to check for syntax errors before renaming files to make it
the active one. I was looking at the PASEARCH command docu
Hi:
from IBM documentation (z/OS 2.4):
<< There can be up to 64 REXX worker tasks running TSO=NO execs and up to 8 TSO
server address spaces running TSO=YES execs.>>
On the other hand, in System Rexx configuration member AXRxx, you have the
parameter MAXWORKERTASKS, whose maximum value is 32. MA
Hi:
>From IBM documentation, regarding System REXX configuration:
>>>
I wonder about LAST phrase of the paragraph...
We have added a library to REXXLIB concatenation, and a REXX exec starting with
I (it is indeed a REXX called IRRPWREX, programmed by Bruce Wells from IBM, but
not officially s
; > 01a0403c5dc1-dmarc-requ...@listserv.ua.edu> wrote:
> >
> > > Best option would be to have the exit issue a WTO, and then scan
> > > operlog for that.
> > >
> > > Dave Jousma
> > > Vice President | Director, Technology Engineering
> > >
>
Hi!
We have recently implemented a RACF exit. Is there a way to know how many times
this EXIT was executed (on a given period of time)?
Thanks in advance for your help,
Juan Mautalen
--
For IBM-MAIN subscribe / signoff / archive
I agree that UACC(READ) looks like a good setting for IEAABD.DMPAUTH resource
protection.
However, the RACF_SENSITIVE_RESOURCES health check seems to disagree:
(...)E IEAABD.DMPAUTH FACILITY Read No
(...)
Not a big deal, of course. But I prefer to have RACF health
Thanks Peter for the information. It then seems appropiate to RACF protect
IEAABD.DMPAUTH resource.
RACF SAG states:
<<<>>>
Who should have access to IEAABD.DMPAUTH (human/non-human userids)?
Regards,
Juan MautalenEl martes, 12 de julio de 2022, 09:11:43 p. m. GMT-3, Peter
Relson escribió:
Hi!
I have a question regarding IEAABD.DMPAUTH / IEAABD.DMPAKEY resources in RACF
FACILITY class:
1- In this context, when the RACF "Security Administrator Guide" says
"controlled programs", is it referring to programs protected in RACF PROGRAM
class?
2- It is not completely clea
19 matches
Mail list logo
