Db2 for z/OS & Db2ZAI

 View Only
  • 1.  Connecting DB2 subsystems with TCP/IP instead of SNA

    Posted Fri August 23, 2024 03:32 AM

    Hi community,

    Currently we have connected all our DB2 subsystems on z/OS with SNA .

    This enables us to use 3-part names and SQL CONNECT TO  without userid and password.

    However now we must use TCP/IP instead of SNA. But i don't understand who you achieve the same ease of use with TCP/IP.

    I have tried SECURITY_OUT='A' in SYSIBM.IPNAMES . But then i get error:

    DSNT408I SQLCODE = -30082, ERROR:  CONNECTION FAILED FOR SECURITY REASON 17 UNSUPPORTED FUNCTION ()  

    The explanation suggest that we  should set TCPALVER=YES on the receiving DB2. But i see that from a security point of view this is not recommended,

    I wonder what setup other installations are using.

    Best Regard, Leo de Jong



    ------------------------------
    Leo de Jong
    ------------------------------


  • 2.  RE: Connecting DB2 subsystems with TCP/IP instead of SNA

    Posted Mon August 26, 2024 03:52 AM

    We use RACF Passtickets .   Does require RACF to set up the passtickets at each end.

    However Passtickets are somewhat deprecated.  At some time in the future we might have to convert to certificates - which will be a whole new world of pain.  

    James Campbell



    ------------------------------
    James Campbell
    ------------------------------



  • 3.  RE: Connecting DB2 subsystems with TCP/IP instead of SNA

    Posted Tue August 27, 2024 11:46 AM

    Passtickets are not being deprecated in Db2 for z/OS. Deprecation is for the use of Passtickets for protected user IDs. A protected user ID is a RACF ID that has the NOPASSWORD attribute defined by the RACF ADDUSER or ALTUSER command.



    ------------------------------
    Jim Pickel
    DDF Development
    ------------------------------