Chapter 3. Operating NetView FTP V2.2.1 MVS - IBM
Chapter 3. Operating NetView FTP V2.2.1 MVS - IBM
Chapter 3. Operating NetView FTP V2.2.1 MVS - IBM
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
This approach of creating a temporary SAF environment has the following advantages:<br />
� You can define new data sets to the SAF product using the authority of the<br />
user who created the receiving data set.<br />
� The servers themselves do not have to have access rights for the data sets<br />
that are involved in a transfer. This makes <strong>NetView</strong> <strong>FTP</strong> <strong>V2.2.1</strong> <strong>MVS</strong> easier to<br />
install and protects it from misuse.<br />
<strong>NetView</strong> <strong>FTP</strong> <strong>V2.2.1</strong> <strong>MVS</strong> uses the RACROUTE macroinstruction to create a temporary<br />
SAF environment. For the APPL parameter the RACROUTE macro supplies<br />
the string DVG<strong>FTP</strong>. This string is made available to installation exit routines. For<br />
more information on the RACROUTE macro refer to the following:<br />
� <strong>MVS</strong>/Extended Architecture System Programming Library: System Macros and<br />
Facilities, Volume 2<br />
� <strong>MVS</strong>/Extended Architecture Supervisor Services and Macro Instructions.<br />
If you use <strong>NetView</strong> <strong>FTP</strong> <strong>V2.2.1</strong> <strong>MVS</strong>’s dynamic data security function, you can<br />
specify, in the file-transfer request, a user ID, password, and a group ID security<br />
parameter for both the sending and the receiving data sets. Under certain circumstances<br />
<strong>NetView</strong> <strong>FTP</strong> <strong>V2.2.1</strong> <strong>MVS</strong> automatically retrieves the request originator’s<br />
password and default connect group from the installed SAF product. <strong>NetView</strong> <strong>FTP</strong><br />
<strong>V2.2.1</strong> <strong>MVS</strong> uses either the specified or retrieved security parameter values to gain<br />
access to the data sets. The retrieved parameters can be used on the remote<br />
system, for instance if the request originator has identical user IDs and passwords<br />
on both systems. The <strong>NetView</strong> <strong>FTP</strong> Parameter Reference describes how to specify<br />
these parameters, and when <strong>NetView</strong> <strong>FTP</strong> <strong>V2.2.1</strong> <strong>MVS</strong> automatically retrieves<br />
them.<br />
<strong>NetView</strong> <strong>FTP</strong> <strong>V2.2.1</strong> <strong>MVS</strong> encrypts the passwords as soon as they are read in.<br />
This ensures that the passwords are encrypted before they are transferred across<br />
the network and are not visible in a dump.<br />
You can use the SECPAR server initialization parameter to specify whether or not<br />
the server automatically rejects all requests for which SAF security parameter<br />
values do not exist. Automatic rejection is the default value for SECPAR.<br />
The SECPAR server initialization parameter can be used to prevent requests being<br />
processed that do not contain security parameters. Additionally, this parameter<br />
controls whether or not the transfer program uses the request originator’s security<br />
parameters or the security parameters specified in the request. For further information<br />
on the SECPAR parameter, refer to Security Parameters on page 121.<br />
Note: In a request, you can specify xSECURP=‘*’ for the sending and the<br />
receiving system. This is useful if both the local and the remote system have the<br />
same SAF environment.<br />
The originator of the file-transfer request can give access authorization to the<br />
server. In this case, the server runs under the authorization of the user ID specified<br />
in the file-transfer request.<br />
Appendix A. Data Integrity and Data Security 181