Skip to content

Technical Notes

This section provides advice to the installer responsible for making SERNET connect to the TCP/IP address space.

TCP/IP Trouble Shooting

A common concern early in the effort is determining whether SERNET is listening on the proper port. You can enter the following command on the ISPF Command Shell command line, or at the TSO READY prompt, to display a list of sockets and their corresponding states:

 ```
 NETSTAT ALLCONN
 ```

The NETSTAT command can produce a high volume of output in a large network. The REPORT option can be added to the command to write the output to a data set. The syntax for adding the REPORT option is:

 ```
 NETSTAT ALLCONN REPORT
 ```

The naming convention for the output data set is:

 ```
 userid.NETSTAT.ALLCONN
 ```

...

Detecting Errors in the TCP/IP API

All error conditions in the TCP/IP API are written to //SERPRINT. A complete listing of all TCP/IP calls is available by toggling the TEST keyword option. Contact Micro Focus Customer Care about using TEST.

Each call to the API is detailed in messages with the following format:

SERs000I user-ID TCP/IP function RC=rc,ERRNO=errno

To find the specific reason for the error, locate the error number (errno) in Appendix D.1 of the IBM publication TCP/IP for MVS: API Reference. Function (function) and return code (rc) offer further advice.

Verifying Network Connectivity

Use the PING command to verify network connectivity to a specific IP address.

PING P390MVS
PING 192.3.255.21

Note

PING only verifies that network connectivity exists and is not completely blocked by a firewall. It cannot determine if a specific port number is available for connection.

ERRORNO 156 - Missing OMVS Segment

Failure to add an OMVS segment to the user ID associated with a SERNET instance results in the following error message during SERNET initialization:

SERA000E XCH TCP/IP INITAPI: RC=00001,ERRNO=00156

See Access to TCP/IP Functions for more information.

Trusted User ID For ALM Logon To ChangeMan ZMF

There are two ways to define an alternate or "trusted" user ID for ChangeMan ZMF to allow impersonation:

  • Code the user ID in table ACF2BAT in local security routine SERLCSEC. Using this method, you can enable the user ID for particular subsystem IDs or for all subsystem IDs.

  • Permit the user ID READ access to resource SERENA.SERNET.AUTHUSR in the FACILITY class. If you want to use a different resource in the FACILITY class, you can change the resource name coded in security exit program SERLCSEC.

By using the FACILITY class, your security administrator can manage impersonation without changing anything in ChangeMan ZMF.