A Word from iTech Solutions President, Pete Massiello.
2018 went by very quickly, but what will 2019 bring for IBM i? I think that 2019 is going to be one of the best years ever for the IBM i community. (Read more about my predictions here.)
That’s certainly a bold statement, but I have seen the future on trips to Rochester, and I can tell you the development team has been working their butts off on bringing out the next release of IBM i. From the charts that IBM publishes, we can see that the next release is due out this year, and it has some very cool features. It’s more impressive than anything I have ever seen released by IBM for IBM i. The release is currently called iNext, but will get a real name once IBM comes out with the details of the release. Stay tuned, we will keep you informed of information as soon as we can.
Last year was another amazing year here at iTech Solutions! A special thank you to our customers who placed their trust in us. Our goal was to exceed those expectations every time we worked for you. In 2018, we increased our IBM i services and offerings, added significant staff, many new customers, and are continuing to assist our existing customers. We finished the year with quite a lot of construction here in the office on both the second and third floor as we made room for more growth. We performed slightly over 400 IBM i OS upgrades last year as a team, which is an amazing number. We will continue to improve our skills for the coming year, add new people, and be there to support your needs. Our focus will remain on IBM i, as my philosophy is “Do one thing and do it better than anyone else”. That has been our plan, and it will continue to be our plan. When you think IBM i, I want to ensure you think iTech Solutions for all your IBM i Infrastructure needs. Remember, if your IBM i could talk it would ask for iTech Solutions.
Since January 1st we have hired two new people. Please welcome Bill Hoagland who comes to us as a System Engineer with 30 years of IBM i System Administration experience to join our team helping our customers. In addition, we have added Heather Dinho to our Marketing department, who is also helping with sales support and special projects.
We are growing to help serve the needs of our customers, and we wouldn’t be growing so much if we weren’t satisfying our customers. We had a team kick-off meeting the first week of January to determine our goals and directions for 2019. While we had a few people who couldn’t make it, nearly everyone was there. We filled up the 3rd floor conference room like I never thought we would, but it was great having everyone here to determine what we wanted to accomplish as a team for 2019.
2019 also brought iTech Solutions three IBM Champions, Richie Palmer, Steve Pitcher, and myself. iTech is honored to have three IBM Power Systems champions, and I know as the first Lifetime Power Systems Champion, that it is a very high honor to be in that small group of individuals that IBM has named. The champions are members of the IBM i community that have a passion for the platform, a desire to help others in the community, and go above and beyond their jobs for the community. It’s an honor that I am very proud of, as well as to be a member of the group.
In this month’s newsletter, you’ll find the following:
Harnessing SQL to Smash Users with Default Passwords
Sure you can use ANZDFTPWD (Analyze Default Passwords) to get a list of IBM i users with default passwords. You can also use some simple SQL in conjunction with the USER_INFO IBM i service in QSYS2 to do the same thing…but better.
To get the standard ANZDFTPWD report you can run the following statement:
So why use SQL?
ANZDFTPWD gets you everything you really need to determine who has a default password right? Well, yes. However, ANZDFTPWD doesn’t give you the full picture or allow you to be proactive. It doesn’t gauge severity of those user profiles in the result set either. ANZDFTPWD just shows you what accounts have default passwords, if the account password is set to expire and if they’re enabled or not.
Finding Local Ports in use in an IBM i Environment
In an IBM i environment, you can view the port numbers currently in use on your system with one of these methods. In these examples, looking for use of local ports 8000 and 8001:
Select from the iSeries Navigator, select > Network, then >TCP/IP Configuration, then > IPv4, then > Connections. Click on the Local Port column to sort and scroll to range of ports.
If you do not see local port 8000 and 8001, they are not being used or in use.
Select from the Navigator for i (using web browser (system name or ip:2001)), select > Network, then >TCP/IP Configuration, then > IPv4, then > Connections. Click on the Local Port column to sort and scroll to range of ports, or use filter.
Many times libraries have been created and later realized it has the wrong owner, or you decide to use a new authority scheme in your company and want to change the owner and authority. It takes a long time to change all the effected objects and the library owner. I created a simple utility command to do the work for you. It only requires 1 CL PGM, 1 CMD and 1 file. In short the CL command will build a file of all the objects in a library and then change the owner of all the objects to the new owner you want them to be. You even have an option to save or revoke the authority of the old owner too.
Just compile the CL Program, Command, and create the File below all in your favorite Utility library, or personal library and give it a try.
Incorrect Search in the Service Action Log when searching on year 2019 or 2020
When using Service Tools, the Select Time Frame screen of the Service Action Log (SAL) option of the Hardware Service Manager (HSM) service tool incorrectly does not allow “From” or “To” dates with the year 2019 or 2020.
The SAL cannot search from or to dates in 2019 or 2020. The IdeTime Class has a quirk in that the constructor that the SAL search uses assumes dates beginning with 19 or 20 are being specified with the century value 19 or 20. That leads to other bad assumptions about the dates in the case of the SAL Select Time Frame screen, where the first 2 digits are always the year including if they are 2019 or 2020. All that leads to considering the dates as invalid and error messages on the screen, as above.
People are always asking me how often they should be performing PTF maintenance, and when is the right time to upgrade their operating system. I updated this article from last month with the current levels of PTFs. Let’s look at PTFs. First, PTFs are Program Temporary Fixes that are created by IBM to fix a problem that has occurred or to possibly prevent a problem from occurring. In addition, some times PTFs add new functionality, security, or improve performance. Therefore, I am always dumbfounded as to why customers do not perform PTF maintenance on their machine at least quarterly.
If IBM has come out with a fix for your disk drives, why do you want to wait for your disk drive to fail with that problem, only to be told that there is a fix for that problem, and if you had applied the PTF beforehand, you would have averted the problem. Therefore, I think a quarterly PTF maintenance strategy is a smart move. Many of our customers are on our quarterly PTF maintenance program, and that provides them with the peace of mind of knowing their system is up to date on PTFs. Below is a table of the major group PTFs for the last few releases. This is what we are installing for our customers on iTech Solutions Quarterly Maintenance program.
Using TRCINT to find detailed encrypted connection information
Here you’ll find a detailed method to determining the strength of each encrypted connection to your IBM ipartition. Commands used: TRCINT SET(*ON) TRCTBL(‘All-encrypted’) TRCTYPE(*SCKSSL) SLTTRCPNT((17000 17004)). TRCINT SET(*OFF) TRCTBL(‘All-encrypted’…[Read More]
Set up a LIC macro for summarizing encrypted information
If you’re currently using any type of network encryption and want to understand the protocols in use, you can easily do this with a LIC macro. This is quite handy especially if you’re looking at turning off a less secure protocol like TLS 1.0….[Read More]
Using Run SQL Scripts to get a high level user profile security summary
Need a way to get a high level understanding of your user profile security? Look no further. This simple script will allow you to summarize key aspects of your user profile security, from special authorities to group profiles with passwords. [Read More]