|
If you want to use Windows Domain security, you can configure EIM and Kerberos on your iSeries. When done correctly NetServer will use Kerberos for authentication and you won't have to worry about keeping your passwords synchronized between the Windows Domain and OS400. There is lots of info on how to do this in InfoCenter and there is a Redbook. You can also get info at www.triaworks.com. Kurt Goolsbee The PowerTech Group > -----Original Message----- > From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l- > bounces@xxxxxxxxxxxx] On Behalf Of Rich.Frye@xxxxxxxxx > Sent: Friday, May 13, 2005 2:32 PM > To: midrange-l@xxxxxxxxxxxx > Subject: RE: IFS Share and Windows XP Access > > Scott, > > Thanks for the reply. > > If the user's computers are part of the Microsoft Domain, they cannot > access the file shares. If they are taken out of the Domain and added to > a workgroup, they can access those file shares. (on the Windoze XP > workstations). No other user accounts are affected. > > Thanks, > Rich > > > > > > midrange-l-request@xxxxxxxxxxxx > Sent by: midrange-l-bounces@xxxxxxxxxxxx > 05/13/2005 02:11 PM > Please respond to > midrange-l@xxxxxxxxxxxx > > > To > midrange-l@xxxxxxxxxxxx > cc > > Subject > MIDRANGE-L Digest, Vol 4, Issue 942 > > > > > > > Send MIDRANGE-L mailing list submissions to > midrange-l@xxxxxxxxxxxx > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.midrange.com/mailman/listinfo/midrange-l > or, via email, send a message with subject or body 'help' to > midrange-l-request@xxxxxxxxxxxx > > You can reach the person managing the list at > midrange-l-owner@xxxxxxxxxxxx > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of MIDRANGE-L digest..." > > > Today's Topics: > > 1. Re: Object Auditing (Greg Wenzloff) > 2. RE: outqueue - data authority (Gregory A. Garner, GDS, Inc) > 3. RE: Another opinion on InfoCenter (Darel Benysh) > 4. AW: outqueue - data authority (Knezevic, Mihael) > 5. New Product Beta Testers needed (Joel Cochran) > 6. RE: IFS Share and Windows XP Access (Ingvaldson, Scott) > > > ---------------------------------------------------------------------- > > message: 1 > date: Fri, 13 May 2005 13:37:24 -0400 > from: Greg Wenzloff <GWenzloff@xxxxxxxxxxx> > subject: Re: Object Auditing > > I get that Eserver magazine but did not recall Ed Fishel's article. So I > retrieved it out of our library. Seems that I was so intrigued by his > time > lapse photo of the eagle that I turned the page and went right by the > article. > > Anyway in reading his article he mentions the command CHGSYSSEC but warns > to > retrieve the CL source and study it before using the command. I was > curious > and retrieved the source code. WOW! Seems like a land mine waiting to go > off. > > This command changes about 20-30 system values and 5 user profiles. Things > like QSECURITY = 50; QSYSOPR password = *NONE. It also runs several > programs > with no clue what they do. It looks to me like something a person would be > tempted to run if they just got fired and were asked to leave. > > Why would IBM ship something so dangerous? > > Greg > > > > ------------------------------ > > message: 2 > date: Fri, 13 May 2005 13:48:52 -0400 > from: "Gregory A. Garner, GDS, Inc" <ggarner_gds@xxxxxxxxxxxxxx> > subject: RE: outqueue - data authority > > I believe that is how designed from S/38 days, on..... > > -----Original Message----- > From: midrange-l-bounces@xxxxxxxxxxxx > [mailto:midrange-l-bounces@xxxxxxxxxxxx]On Behalf Of Mihael Knezevic > Sent: Thursday, May 12, 2005 4:25 AM > To: midrange-l@xxxxxxxxxxxx > Subject: outqueue - data authority > > > hi, > > i got a little problem understanding the keyword AUTCHK of an outqueue. > > my understanding is that if i put *DTAAUT in AUTCHK then the user with the > *R(ead) data authority can read any spool from any user in that specific > outqueue. > > i checked the data authority on the outqueue with: > > DSPAUT OBJ('/QSYS.LIB/QGPL.LIB/TESTOUTQ.OUTQ') > > and got: > > <snip> > TESTMK *RX > </snip> > > so the user TESTMK has the data authority read and execute. should be > enough > for reading a spool file, or not? > > but the user can't read a spool file that is not his own in that outqueue. > can > anybody explain this to me? > > thanx in advance. > > mihael knezevic > > -- > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing > list > To post a message email: MIDRANGE-L@xxxxxxxxxxxx > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/mailman/listinfo/midrange-l > or email: MIDRANGE-L-request@xxxxxxxxxxxx > Before posting, please take a moment to review the archives > at http://archive.midrange.com/midrange-l. > > > > ------------------------------ > > message: 3 > date: Fri, 13 May 2005 12:54:38 -0500 > from: Darel Benysh <benysh@xxxxxxxxxx> > subject: RE: Another opinion on InfoCenter > > Scott, > Originally, such an approach would not have meet our design needs. Since > then, we have come to the agreement that those design points are no longer > as important in the face of the JRE problems. Fixes have been in the > pipeline for a while now. So, will little additional fanfare, I invite > each of you that has had problems with the Information Center navigation > in > the past to try the V5R3 English site sometime at your convenience. > > ttp://publib.boulder.ibm.com/infocenter/iseries/v5r3/ic2924/index.htm > > Then, use the feedback button (or send me mail) if you still experience > problems or care to provide any other comments. > > Regards, > Darel > |+---------------------+-------------------------------------------------> > || | | > |+---------------------+-------------------------------------------------> > > >------------------------------------------------------------------------- > -----------------| > | | > > >------------------------------------------------------------------------- > -----------------| > |+---------------------+-------------------------------------------------> > ||Darel Benysh, PhD |IBM > STG > User technologies > iSeries > | > || |Information Center | > |+---------------------+-------------------------------------------------> > > >------------------------------------------------------------------------- > -----------------| > | | > > >------------------------------------------------------------------------- > -----------------| > |+---------------------+-------------------------------------------------> > ||benysh@xxxxxxxxxx |507 253 2607 T/L 553 2607 | > |+---------------------+-------------------------------------------------> > > >------------------------------------------------------------------------- > -----------------| > | | > > >------------------------------------------------------------------------- > -----------------| > |+---------------------+-------------------------------------------------> > ||iSeries Information |http://www.ibm.com/eserver/iseries/infocenter | > ||Center | | > |+---------------------+-------------------------------------------------> > > >------------------------------------------------------------------------- > -----------------| > | | > > >------------------------------------------------------------------------- > -----------------| > |+---------------------+-------------------------------------------------> > ||eServer Information |http://www.ibm.com/servers/library/infocenter/inf| > ||Center |ocenter.html | > |+---------------------+-------------------------------------------------> > > >------------------------------------------------------------------------- > -----------------| > | | > > >------------------------------------------------------------------------- > -----------------| > |+---------------------+-------------------------------------------------> > || | | > |+---------------------+-------------------------------------------------> > > >------------------------------------------------------------------------- > -----------------| > | | > > >------------------------------------------------------------------------- > -----------------| > > > > > > Scott Klement > <midrange-l@scott > klement.com> To > > Sent by: Midrange Systems Technical > midrange-l-bounce Discussion > s@xxxxxxxxxxxx <midrange-l@xxxxxxxxxxxx> > cc > > > 05/13/2005 11:10 Subject > > AM RE: Another opinion on InfoCenter > > > Please respond to > Midrange Systems > Technical > Discussion > > > > > > > Hi Darel, > > Have you ever considered replacing the Java applet with something that's > pure JavaScript or even plain HTML? > > For example, take a look at the following site where they offer an Open > Source (BSD licensed) JavaScript tree menu: > http://www.treemenu.com/ > > It seems to me that the Java applet has never worked well in the > Information Center... It takes a long time to start up, and causes > problems with different browsers, and the really frustrating part is that > I can't see why it's necessary to use an Applet for this. > > --- > Scott Klement http://www.scottklement.com > > > On Fri, 13 May 2005, Darel Benysh wrote: > > > Hi Joe, at a high level, the function we relied on to handle interaction > > between the Java Applet and the JavaScript in the content was defective. > > This problem manifest itself in different ways in different browser > > application / JRE / OS environment configurations. The manifestations > in > > our InfoCenter application ranged widely. At one end, the system simply > > did not execute the functions provided by the java->javascript > interaction. > > In this case, users might not even notice that something wasn't > happening > > as designed. At the other end, the problems were more severe and the > only > > way to regain control of the system was to manually kill the browser > > process. There were also a number of variations in between. > > > -- > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing > list > To post a message email: MIDRANGE-L@xxxxxxxxxxxx > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/mailman/listinfo/midrange-l > or email: MIDRANGE-L-request@xxxxxxxxxxxx > Before posting, please take a moment to review the archives > at http://archive.midrange.com/midrange-l. > > > > > > ------------------------------ > > message: 4 > date: Fri, 13 May 2005 19:57:13 +0200 > from: "Knezevic, Mihael" <m.knezevic@xxxxxxxx> > subject: AW: outqueue - data authority > > > > > -----Ursprüngliche Nachricht----- > > Von: midrange-l-bounces@xxxxxxxxxxxx > > [mailto:midrange-l-bounces@xxxxxxxxxxxx] Im Auftrag von Ed Fishel > > Gesendet: Freitag, 13. Mai 2005 18:40 > > An: Midrange Systems Technical Discussion > > Betreff: Re: outqueue - data authority > > > > Mihael Knezevic wrote on 05/12/2005 03:24:55 AM: > > > > > i got a little problem understanding the keyword AUTCHK of > > an outqueue. > > > > > > my understanding is that if i put *DTAAUT in AUTCHK then > > the user with > > the > > > *R(ead) data authority can read any spool from any user in that > > > specific outqueue. > > > > > > i checked the data authority on the outqueue with: > > > > > > DSPAUT OBJ('/QSYS.LIB/QGPL.LIB/TESTOUTQ.OUTQ') > > > > > > and got: > > > > > > <snip> > > > TESTMK *RX > > > </snip> > > > > > > so the user TESTMK has the data authority read and execute. > > should be > > enough > > > for reading a spool file, or not? > > > > > > but the user can't read a spool file that is not his own in that > > > outqueue. can anybody explain this to me? > > > > >From Appendix D of the Security Reference manual, my > > understanding is > > >that > > when DSPDTA is *NO and AUTCHK is *DTAAUT then a user without > > *SPLCTL special authority will need *READ, plus *ADD plus > > *DLT authority to the output queue to display some other > > users spooled files. > hmm. i thought *SPLCTL will give u full control over the outqueue. > in conjuction with AUTCHK *SPLCTL was never mentioned. can u point me to a > link to a document which refers to this? > > > > There are other ways they can be > > authorized to display the spooled files such as when OPRCTL > > is *YES and they have *JOBCTL special authority, or when > > DSPDTA is *YES and they have *READ authority to the output > > queue, or when AUTCHK is *OWNER and they are the owner of the > > output queue. > > > > Ed Fishel, > > edfishel@xxxxxxxxxx > > > > > > -- > > This is the Midrange Systems Technical Discussion > > (MIDRANGE-L) mailing list To post a message email: > > MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change > > list options, > > visit: http://lists.midrange.com/mailman/listinfo/midrange-l > > or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, > > please take a moment to review the archives at > > http://archive.midrange.com/midrange-l. > > > > > > > > ------------------------------ > > message: 5 > date: Fri, 13 May 2005 13:04:48 +0000 > from: Joel Cochran <jrc@xxxxxxxxxx> > subject: New Product Beta Testers needed > > Hi, > > I apologize for cross-posting this, but I haven't gotten any response so > I'm broadening my search: > > I have been developing a .NET Ad-Hoc Query tool and am in need of a few > qualified beta testers. I started along this road to > learn how to use the "IBM iSeries Access .NET Managed Provider", but > what started out as a simple learning exercise has blossomed into a > full-blown product, one that we are preparing to take to market. > > Here is a some-what long summary of the product: > > -------------------------------------------------------------------- > "iHOC Query .Net" > > An Ad-Hoc Query tool for issuing SQL statements on the fly against any > database. Supports some standard features, like being able to > save queries into text files, using existing text files, syntax > highlighting, etc., but here are some of the not-so standard things > about it: > > 1) Multiple database type support. Most of us today have to contend > with more than one database, which means more than one tool. I have > three installed on my workstation: OpsNav, Query Analyzer, and MySQL > Query Browser. They all get the job done (although I have my complaints > about OpsNav) but I hate constantly switching from one to the other, so > iHOC gives you the ability to configure not only multiple connections, > but varying connection types. It currently supports iSeries, SQL > Server, MySQL, PostgreSQL, and ODBC DSN connections. For example, > switching from an iSeries connection (I personally have four) to our > SqlServer is as simple as changing the selection from a drop down. > > 2) File Export. I'm still constantly amazed by the number of requests > on the mailing lists wanting to know how to convert a file to CSV. iHOC > allows you to export the query results to CSV, XML, and Tab-Delimited > files. It's easy and relatively quick, and the output is > user-configurable. > > 3) Working with the data locally. iHOC uses the disconnected ADO.NET > model. This means that queries may take slightly longer to run > (especially very large result sets), but once run, the data resides > entirely on the local machine. Because it is local, I've added some > features that other tools don't readily have because of their > active-connection designs: > a) "Active Filtering" allows you to filter and re-order the result > grid. For instance, if I had 10,000 rows and only 300 had FIELD1='C', I > could filter the results to show just those 300 rows. And I can order > by multiple fields, so I'm not limited to a sinlge field sort (which you > can do by clicking a column header). And the export feature mentioned > above allows you to determine if you want to export all the rows or just > the filtered ones. > b) Row selection: the user can easily jump to the top, bottom, middle, > or specific row number of the grid. > c) Statistics: the user can easily get statistics on any numeric field > in the grid, like average, count, median, mode, etc. > d) "Auto-Expand": the grid cell sizes automatically expand to show all > the data without the need for user intervention. > e) Backward and Forward navigation: the executed query history can be > navigated both backward and forward, optionally including the Grid > Results. > > All of the items in option three function without a return trip to the > database, so they tend to perform rather well. There are some other > features too, but these are the highlights. > > I've tried to make it iSeries friendly. For instance, F3 will Exit the > program, F9 will retrieve the previous SQL command, etc. And as far as > I know, it is the first commercial product being offered that runs on > the IBM iSeries Access .NET Managed Provider. That does mean that you > have to have V5R3 iSeries Access installed (specifically the .NET > Managed Provider), and of course you have to have the Microsoft .Net 1.1 > runtime, but neither of those should be a problem for anyone in the > target audience. And to be clear, it is just Access that needs to be at > V5R3, not the iSeries: I've tested it as far back as V4R5 and it works > great. > ---------------------------------------------------------- > > So you may be asking "What do I get out of it?" All Beta testers will > receive a license of the completed product, gratis. In the future, you > will have access to updates and new features before they go to market. > You will have access to a private forum just for iHOC Beta testers, and > you very well may have an influence on the direction and functionality > of the product. You will also get my sincerest gratitude. > > To qualify: > 1) You must have iSeries Access V5R3 installed (at least a selective > upgrade that includes the .NET Managed Provider) or be willing and able > to install it. > 2) You must have .NET 1.1 or newer installed (free from MicroSoft) or be > willing and able to install it. > 3) You must be fluent in SQL. > 4) Preferably, you will have more than one Database server to connect > to, whether it be multiple iSeries, multiple platforms, or both. > 5) You must agree: not to disclose any beta-specific information about > the product to outside sources; not to provide copies of the software to > any other person without my express permission; not to build a > competitive product; to honor and respect all copyrights, trademarks, > etc.; all correspondance regarding the product immediately becomes the > property of Stonewall Technologies, Inc. > > Sorry for all the legal cr*p in number 5, but you just can't be too > careful these days. > > Anyway, if anyone is interested in participating as a Beta tester, > please contact me directly. I could use 3-5 additional testers, so > slots will be filled on a first come first serve basis. > > Thanks, > > Joel Cochran > > > > ------------------------------ > > message: 6 > date: Fri, 13 May 2005 13:11:09 -0500 > from: "Ingvaldson, Scott" <SIngvaldson@xxxxxxxxxxxx> > subject: RE: IFS Share and Windows XP Access > > Yes, make sure that the user ID is not domain qualified in the login > box. (i.e. Domain\user ID, just enter the iSeries ID) Also, we have > had bad luck with users who had mixed case passwords. > > Use iSeries Nav to verify whether or not the user ID's are getting > disabled. If they are not you're not getting to the iSeries; if they > are getting disabled you have a password issue. > > Regards, > > Scott Ingvaldson > iSeries System Administrator > GuideOne Insurance Group > > -----Original Message----- > date: Fri, 13 May 2005 07:29:54 -0400 > from: Rich.Frye@xxxxxxxxx > subject: IFS Share and Windows XP Access > > Greetings all, > > I have a customer who is running V5R3M0 and has created shares on the > IFS. > It is all part of their Domain. They are testing two Microcrap XP > boxes, > one with SP 1 and the other with SP2. The problem is that neither one > of > these PC's are able to access any of the file shares. > > They can map to those shares with all other types of workstations, 98SE, > > w2k. When trying to map with XP, they are prompted with a login box, > but > after trying to log in, they get the floating hour glass. > > Has anyone seen or has been part of something like this? > > Thanks, > Richard A. Frye > Software Consulting Hardware, Inc. > (877) 936-9829 (Office) > (513) 936-0128 (Fax) > > > > ------------------------------ > > -- > This is the Midrange Systems Technical Discussion (MIDRANGE-L) digest list > To post a message email: MIDRANGE-L@xxxxxxxxxxxx > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/mailman/listinfo/midrange-l > or email: MIDRANGE-L-request@xxxxxxxxxxxx > Before posting, please take a moment to review the archives > at http://archive.midrange.com/midrange-l. > > > > End of MIDRANGE-L Digest, Vol 4, Issue 942 > ****************************************** > > -- > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing > list > To post a message email: MIDRANGE-L@xxxxxxxxxxxx > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/mailman/listinfo/midrange-l > or email: MIDRANGE-L-request@xxxxxxxxxxxx > Before posting, please take a moment to review the archives > at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.