× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



I did look that up after asking you - seems it can be done - here's a link to a 7.1 Infocenter page -

http://pic.dhe.ibm.com/infocenter/iseries/v7r1m0/topic/ifs/rzaaxntkerb.htm

It's entitled "Enabling QNTC file system for Network Authentication Service"

This'd help with all kinds of problems of user names and passwords, seems to me.

Now if only we could do this with NFS, which has this funky UID/GID stuff. I did see some articles on that.

Thanks
Vern

----- Original Message -----
Not sure on that... We mainly have Kerberos setup for single sign on to the 5250 sessions, nothing else. We don't store much of anything important anymore on the IFS, that's been moved to windows machines.


-----Original Message-----
From: Vernon Hamberg [mailto:vhamberg@xxxxxxxxxxxxxxx]
Sent: Wednesday, June 19, 2013 9:50 PM
To: Midrange Systems Technical Discussion
Subject: Re: Iseries v4r5: QNTC works with Windows 2003 domain but fails with Windows 2008 domain

Matt

I'm curious - I know you can set up Netserver to authenticate with Kerberos - but does that also let the IBM i be authenticated to a Windows box over QNTC?

Interesting!

Vern

On 6/19/2013 9:16 AM, Matt Olson wrote:
Terry,

Do you use Kerberos for QNTC?

Matt

-----Original Message-----
From: Terry Nonamaker [mailto:TNonamaker@xxxxxxxxxxxxxxxx]
Sent: Tuesday, June 18, 2013 1:26 PM
To: 'Midrange Systems Technical Discussion'
Subject: RE: Iseries v4r5: QNTC works with Windows 2003 domain but
fails with Windows 2008 domain

Although this may not sound like your problem ....it was exactly our
situation along with extreme slowness ....I would follow this link and
give it a try ....this is a post I previously made and I think you
will find it useful

Try this.. http://archive.midrange.com/midrange-l/201302/msg00431.html

Terry Nonamaker

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Stone, Joel
Sent: Monday, June 17, 2013 1:17 PM
To: Midrange Systems Technical Discussion
Subject: Iseries v4r5: QNTC works with Windows 2003 domain but fails
with Windows 2008 domain

Running Iseries v4r5

The following command works well with Windows 2003 domain.

We are migrating to Windows 2008 domain (still on v4r5).


CPYTOSTMF +
FROMMBR('/qsys.lib/tpgmlib.lib/qclsrc.file/+
addtimetst.mbr') +
TOSTMF('QNTC/IGHNAS05/Public_test/GrainMktg+
/FTP/TEST05') STMFOPT(*ADD) +
STMFCODPAG(*PCASCII)


Getting security errors when sending to Windows 2008 Domain.

Any ideas how to resolve?

Thanks


06/17/13 15:06:05.164536 QCADRV QSYS 03C4 A_TEST05
JSTONE 000C
Message . . . . : 200 - CPYTOSTMF
FROMMBR('/qsys.lib/tpgmlib.lib/qclsrc.file/addtimetst.mbr')
TOSTMF('QNTC/IGHNAS05/Public_test/GrainMktg/FTP/TEST05') STMFOPT(*ADD)
STMFCODPAG(*PCASCII)
30 06/17/13 15:06:05.400248 QZLCKERN QSYS *STMT QZLCKERN
QSYS *STMT
From module . . . . . . . . : QZLCVUT
From procedure . . . . . . : QzlcDiagMsg
Statement . . . . . . . . . : 191
To module . . . . . . . . . : QZLCVUT
To procedure . . . . . . . : QzlcDiagMsg
Statement . . . . . . . . . : 191
Message . . . . : Error exchanging security information for user QIJS
on
Network Server ighnas05.
Cause . . . . . : The Network Server file system (QNTC) has encountered
an
Job Log GM400 06/17/13
15:06:07 Page 2
error when authenticating user QIJS with a Network Server ighnas05.
Recovery
. . . : Ensure the following: - The user is set up on Network Server
ighnas05. - The OS/400 user password matches the Network Server user
password. - Network Server ighnas05 is enabled for digitally signed
communications. Technical description . . . . . . . . : An error has
been
detected while the Network Server file system was exchanging security
information with a Network Server. The error class was 2, and the error code
was 2. Possible error class and error code values include: Class 0 - QNTC
specifc security error. 1 - QNTC requires digital signing. Class
1 -
Network Server operating system related error. 1 - Not valid
Function. 2 - File not found. 3 - Directory not valid.
4 - Too many files open. 5 - Access denied. Class 2 - Error
generated by the Network Server. 1 - Non-specific error code.
2 - Bad password. 3 - Directory not valid. 4 - Access
denied. 7 - Not valid device. Class 3 - Network Server hardware
error. 31 - General hardware failure. 39 - No space on
file
From module . . . . . . . . : QZLCVUT
From procedure . . . . . . : QzlcDiagMsg
Statement . . . . . . . . . : 191
To module . . . . . . . . . : QZLCVUT
To procedure . . . . . . . : QzlcDiagMsg
Statement . . . . . . . . . : 191
Message . . . . : Error exchanging security information for user QIJS on
Network Server ighnas05.
Cause . . . . . : The Network Server file system (QNTC) has encountered an
error when authenticating user QIJS with a Network Server ighnas05.
Recovery
. . . : Ensure the following: - The user is set up on Network Server
ighnas05. - The OS/400 user password matches the Network Server user
password. - Network Server ighnas05 is enabled for digitally signed
communications. Technical description . . . . . . . . : An error has
been
detected while the Network Server file system was exchanging security
information with a Network Server. The error class was 2, and the error code
was 2. Possible error class and error code values include: Class 0 - QNTC
specifc security error. 1 - QNTC requires digital signing. Class
1 -
Network Server operating system related error. 1 - Not valid
Function. 2 - File not found. 3 - Directory not valid.
4 - Too many files open. 5 - Access denied. Class 2 - Error
generated by the Network Server. 1 - Non-specific error code.
2 - Bad password. 3 - Directory not valid. 4 - Access
denied. 7 - Not valid device. Class 3 - Network Server hardware
error. 31 - General hardware failure. 39 - No space on
file
system.
30 06/17/13 15:06:05.621736 QZLCKERN QSYS *STMT QZLCKERN
QSYS *STMT
From module . . . . . . . . : QZLCVUT
From procedure . . . . . . : QzlcDiagMsg
Statement . . . . . . . . . : 191
To module . . . . . . . . . : QZLCVUT
To procedure . . . . . . . : QzlcDiagMsg
Statement . . . . . . . . . : 191
Message . . . . : Error exchanging security information for user QIJS on
Network Server ighnas05.
Cause . . . . . : The Network Server file system (QNTC) has encountered
an
error when authenticating user QIJS with a Network Server ighnas05.
Recovery
. . . : Ensure the following: - The user is set up on Network Server
ighnas05. - The OS/400 user password matches the Network Server user
password. - Network Server ighnas05 is enabled for digitally signed
communications. Technical description . . . . . . . . : An error has
been
detected while the Network Server file system was exchanging security
information with a Network Server. The error class was 2, and the error code
was 2. Possible error class and error code values include: Class 0 - QNTC
specifc security error. 1 - QNTC requires digital signing. Class
1 -
Network Server operating system related error. 1 - Not valid
Function. 2 - File not found. 3 - Directory not valid.
4 - Too many files open. 5 - Access denied. Class 2 - Error
generated by the Network Server. 1 - Non-specific error code.
2 - Bad password. 3 - Directory not valid. 4 - Access
denied. 7 - Not valid device. Class 3 - Network Server hardware
error. 31 - General hardware failure. 39 - No space on file
system.
06/17/13 15:06:05.721048 QZLCKERN QSYS *STMT QZLCKERN
QSYS
rom module . . . . . . . . : QZLCVUT
rom procedure . . . . . . : QzlcDiagMsg
tatement . . . . . . . . . : 191
o module . . . . . . . . . : QZLCVUT
o procedure . . . . . . . : QzlcDiagMsg
tatement . . . . . . . . . : 191
essage . . . . : Error exchanging security information for user QIJS on
Network Server ighnas05.
ause . . . . . : The Network Server file system (QNTC) has encountered an
error when authenticating user QIJS with a Network Server ighnas05.
Recovery
. . . : Ensure the following: - The user is set up on Network Server
ighnas05. - The OS/400 user password matches the Network Server user password. - Network Server ighnas05 is enabled for digitally signed
communications. Technical description . . . . . . . . : An error has been
detected while the Network Server file system was exchanging security information with a Network Server. The error class was 2, and the error code was 1. Possible error class and error code values include: Class 0 - QNTC
specifc security error. 1 - QNTC requires digital signing. Class 1
-
Network Server operating system related error. 1 - Not valid
Function. 2 - File not found. 3 - Directory not valid.
4 - Too many files open. 5 - Access denied. Class 2 - Error
generated by the Network Server. 1 - Non-specific error code.
2 - Bad password. 3 - Directory not valid. 4 - Access
denied. 7 - Not valid device. Class 3 - Network Server hardware
error. 31 - General hardware failure. 39 - No space on file
system.
From module . . . . . . . . : QP0LCCMN
From procedure . . . . . . :
send_STMF_DBF_msg__FPcT1iT1T3PV22qp0l_STMF_DBF
_commarea
Statement . . . . . . . . . : 16
/QNTC/IGHNAS05/Public_test/GrainMktg/FTP/TEST05.
Cause . . . . . : Object
/QNTC/IGHNAS05/Public_test/GrainMktg/FTP/TEST05, or
a directory in the object path, could not be found, or its type cannot be
resolved by this function. Recovery . . . : Correct the name or
specify
an object of the correct type. To determine if the object exists, use the
Work with Object Links (WRKLNK) command. If the name exists, check the type
of the object. If the name contains symbolic link objects, ensure the path
names they resolve to exist. Retry the operation.
40 06/17/13 15:06:05.725664 QP0LCCMN QSYS *STMT A_TEST05
JSTONE 000C
From module . . . . . . . . : QP0LCCMN
From procedure . . . . . . :
send_STMF_DBF_msg__FPcT1iT1T3PV22qp0l_STMF_DBF
_commarea
Statement . . . . . . . . . : 109
Message . . . . : Object not copied. Object is
/qsys.lib/tpgmlib.lib/qclsrc.file/addtimetst.mbr.
Cause . . . . . : Object
/qsys.lib/tpgmlib.lib/qclsrc.file/addtimetst.mbr
was not copied to object QNTC/IGHNAS05/Public_test/GrainMktg/FTP/TEST05
because errors occurred. Recovery . . . : Display the job log
(DSPJOBLOG


______________________________________________________________________
This outbound email has been scanned for all viruses by the MessageLabs Skyscan service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.