• Subject: Re: Starting FTP
  • From: John Earl <johnearl@xxxxxxxxxxxxxxx>
  • Date: Mon, 29 Nov 1999 23:45:46 -0800
  • Organization: The PowerTech Group

Angela,

There are a couple of things to check:  

First, is the user a Limited capability User? If their User
Profile has the LMTCPB(*YES), and your OS/400 release is
newer than V4R1, then the user will not be allowed to
excercise remote commands.  You'll have to either make them
LMTCPB(*NO), or create another profile that is not limited.

If this is not the problem, then you need to hunt for error
messages.   You'll have the best luck looking for error
messages in the following places:
*The FTP command line when the user enters the command.
*The JobLog for one of the mutiple FTP jobs in QSYSWRK named
QTFTPnnnnn (where nnnnn is an allegedly random 5 digit
number).
*The Securty Audit Journal (QAUDJRN).   If you don't have
this turned on, consider turning it on right now.  It
provides a wealth of information about Security related
events on your AS/400 and best of all it's free from IBM. 
Investigate the CHGSECAUD command.

Finally, if you still haven't located the problem, download
our PowerLock/SE Intrusion Detection/Network Auditing
software from www.400security.com.  It is also free, and it
never times out so you can run it forever without paying for
it.  PowerLock/SE will trap and trace every FTP transaction
(and many others as well) headed to your AS/400 and provide
you with detailed reports on what happened to that
transaction.  It is intended to be used for
security/auditing reasons, but we're hearing from a number
of folks that it is also a pretty darn useful debugger for
network traffic.

HTH,

jte

Angela Wawrzaszek(EXCH) wrote:
> 
> I am trying to use a RMTCMD to start FTP within a .bat file,   It works
> fine with my profile signed on to the AS/400, however when the user
> tries it, FTP won't start.   So I am assuming it has to do with
> security.  What do I have to do to allow a user to use the command
> STRTCPSVR *FTP.   We would like to do this so that we do not leave FTP
> running all the time, it is only activated when we need it.
> 
> Thanks,
> Angela Wawrzaszek
> 
> +---
> | This is the Midrange System Mailing List!
> | To submit a new message, send your mail to MIDRANGE-L@midrange.com.
> | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
> | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator: david@midrange.com
> +---

--
John Earl                                          
johnearl@powertechgroup.com
The PowerTech Group                        206-575-0711
PowerLock Network Security              www.400security.com
The 400 School                               
www.400school.com
--
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact [javascript protected email address].