× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. March 2009

RE: ANZDFTPWD with *SIGNOFF

Jeff,

We had a similar order processing "opportunity" a few years ago. I installed iSeries Access on a PC to receive orders and mapped a folder to the System i's IFS. I didn't have to push the orders (FTP or anything else); all I had to do was write a program to read the new orders into our normal process. Sounds like your process differs a bit because I had to loop through the IFS folder every minute, while it sounds like you can delay to a specific time(s) each day.

There are obviously still security issues. In my case I used a secure Perl script to "peel" the orders off of a service outside of our firewall so no one could send orders direct to our i. But if you already have the security adequately defined for your PC process, it may only need a review and, possibly, a little tweaking.

Jerry C. Adams
IBM System i Programmer/Analyst
--
B&W Wholesale
office: 615-995-7024
email: jerry@xxxxxxxxxxxxxxx

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Jeff Crosby
Sent: Wednesday, March 11, 2009 7:15 AM
To: 'Midrange Systems Technical Discussion'
Subject: RE: ANZDFTPWD with *SIGNOFF

I have a lot to think about here. All our salesreps orders are transmitted
to a local PC and from there are FTP'ed to the i. REXEC is then used to
fire off the job that processes those orders.

Exit programs seem very appropriate here. I'm going to search the mags and
the web for some examples. Also more reading on safe, secure ways to do
this.

Thanks all.

--
Jeff Crosby
UniPro FoodService/Dilgard
P.O. Box 13369
Ft. Wayne, IN 46868-3369
260-422-7531
www.dilgardfoods.com

The opinions expressed are my own and not necessarily the opinion of my
company.  Unless I say so.


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-
bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Tuesday, March 10, 2009 2:59 PM
To: Midrange Systems Technical Discussion
Subject: Re: ANZDFTPWD with *SIGNOFF

You're assuming 5250 security is all the security you need - didn't you
pay attention last night? :-)
If you can use it with ftp so can anyone else. And they can also use it
with ODBC and more.

Try this. Sign on as someone with no special authority but command line
access or some other way to do
wrkobj qusrsys/*all *msgq
They now have a list of all your users on your system. Unless PAT the
operator also uses QSYSOPR message queue in it's user profile. Then they
can keep trying each user profile until they find one with a default
password.



Rob Berendt
--
Group Dekko Services, LLC
Dept 01.073
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From:
"Jeff Crosby" <jlcrosby@xxxxxxxxxxxxxxxx>
To:
"'Midrange Systems Technical Discussion'" <midrange-l@xxxxxxxxxxxx>
Date:
03/10/2009 02:08 PM
Subject:
ANZDFTPWD with *SIGNOFF
Sent by:
midrange-l-bounces@xxxxxxxxxxxx



All,

User profiles should not have a password matching the user profile name.
What about a user with INLMNU(*SIGNOFF)? Is that considered OK?

Here's my scenario.

I have a user id BLAHBLAH with matching password and initial menu
*SIGNOFF.
It's only purpose is to FTP files on a periodic basis from a single PC in
our office to the i, initiated from the PC. Am I better off not having
this
profile and allowing anonymous FTP?


--
Jeff Crosby
UniPro FoodService/Dilgard
P.O. Box 13369
Ft. Wayne, IN 46868-3369
260-422-7531
www.dilgardfoods.com

The opinions expressed are my own and not necessarily the opinion of my
company. Unless I say so.




--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.




As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.