Features Added in Enterprise Server 6.0

Containers

Back to Top

Support has been added to enable you to work with containers from the IDE. In particular you can now create a Dockerfile for a COBOL project, and build, debug and run a COBOL project in a container, all from the IDE.

Support has been added to enable the use of tools that are compatible with the Open Container Initiative (OCI) on platforms where they are supported. This is currently available on Red Hat Enterprise Linux 8.

Data File Tools

Back to Top

The following enhancements have been made to the Data File Editor:

  • Double-byte character sets are now supported within the editor.
  • Insert mode is now available when editing a formatted record, except for numeric fields.
  • When editing DBCS data in EBCDIC files, the required Shift-out and Shift-in characters are automatically added when editing a formatted record and you are editing in Insert mode.
  • You can now load and unload structure files for an open data file.
  • A ruler at the top of the editing pane can be toggled on/off.

Enterprise Server

Back to Top

The following enhancements are available:

  • Definition Import/Export Tool - a new utility, casesxml, has been added to enable you to import and export enterprise server definitions. Using casesxml you can do the following:
    • generate .xml files, in casesxml export format, that contain structured definitions of a region, a CICS resource definition file, and the catalog
    • import a casesxml export format .xml file to update the definitions of a region, a CICS resource definition file, and the catalog
  • IPv6 support (EAP) - This feature is in Early Adopter Program (EAP) release status. Some Enterprise Server components and features now support Internet Protocol version 6 (IPv6) network addressing and connectivity. Due to limitations with IPv4, IPv6 is becoming more common within corporate networks and on the public Internet. In some cases, the use of IPv6 can improve interoperability and simplify network configuration.
  • Administrative Commands - the add command in cascertreg now contains new options (-cwi setting, -dcas setting, -issuer, and -subject).

Enterprise Server Security

Back to Top

This release provides the following enhancements:

  • Micro Focus Secrets file storage permissions

    The Micro Focus Secrets feature (also known as the Vault feature) provides centralized storage for sensitive information such as passwords, with some protection against accidental disclosure or discovery by unauthorized users. Prior to this release, the only supported storage mechanism was a conventional file containing encrypted data. In this release, the permissions on the storage file and on the Secrets configuration file are set more restrictively to help protect the secrets.

  • Certificate wildcard support

    The X.509 digital certificates used to identify servers when making TLS (SSL) connections permit the use of fully-qualified domain names with wildcards for some parts of the name. This enables administrators to use a single certificate issued to, for example, *.mycorp.com for any number of servers with fully-qualified names like www.mycorp.com, server1.mycorp.com, and so on. These wildcard-bearing certificates are now supported by client programs using Micro Focus communication technology when validating a server's certificate.

  • Improved ACL wildcard support

    In the Access Control Lists used for resource access control with LDAP-based security in Enterprise Server, the ".**" wildcard sequence now behaves more similarly to mainframe RACF. A number of additional options for wildcard processing are also available.

  • PAM ESM module

    On Linux platforms, Enterprise Server now includes an External Security Manager module which integrates with the Pluggable Authentication Modules (PAM) operating system feature. The PAM ESM module can be used to authenticate Enterprise Server users with the same mechanism used for Linux users, or with any other mechanism available through PAM.

  • PKIX compliance for TLS certificate validation

    The standard for using X.509 digital certificates to authenticate servers when making TLS (SSL) connections is known as PKIX, for Public Key Infrastructure (X.509). It is defined by a series of IETF RFC documents, currently RFC 5280 and others. In previous releases, the certificate validation performed by this product did not conform to PKIX in a number of ways, most notably in using DNS address-to-name resolution in an attempt to match a certificate to a host. With this release, clients using Micro Focus Common Client technology, such as COBOL web service proxy programs, CAS utility programs, and customer applications that use the CICS Web Services Interface feature, will by default, use stricter procedures for validating certificates which more closely conform to PKIX. This improves TLS security and interoperability.

  • Security improvements for XML parsing

    In this release the third-party components used for parsing XML data have been updated, or have had bug fixes integrated into the version used by Micro Focus, to address published security vulnerabilities. Also, XML external-entity support has been disabled except where it is required by a particular product feature; this prevents XML External Entity (XXE) attacks on customer systems by attackers who can trick a customer application into parsing a malicious XML document.

Enterprise Server Common Web Administration (ESCWA)

Back to Top

This release offers the following new features and improvements:

  • MFDS User Interface functionality replacement - ESCWA can now communicate with remote MFDS instances, and displays the equivalent pages of MFDS. Configuring regions, and their IMS, PL/I, MQ, and XA options, and security, is now available.
  • ESMAC User Interface functionality replacement - ESCWA can communicate with remote ESMAC instances, and can replicate functionality and display all the information provided by ESMAC.
  • Configurable User Interface access - you can now configure the ESCWA security manager to control user and group access to certain aspects of the user interface, such as, native, and security menu items.
  • Usability improvements
    • Starting and stopping regions from the navigation tree.
    • The native menu items are not displayed if the region features are not configured correctly.
    • Configuration of the display colors for MFDS hosts and regions to distinguish them with ease.
  • CICS resource support - the following resources are supported: ICEs, DocTemp, TCPIPService, URIMap, Bundle, Pipeline, and WebServices.
  • Scale-Out support - ESCWA has improved the way it displays a Scale-Out Repositories (SORs) association with its PAC and member regions.
  • Redis support - Redis is supported as a SOR when running this product in a PAC. Features include:
    • Redis cluster support
    • A Mfredis configuration file - enables you to configure reconnection when any network errors occurs. You can also use the file to configure Lua scripts tracing on servers.
    • Authentication support for the standalone Redis server.
  • Kubernetes support - when ESCWA is run in a Kubernetes cluster, it is now possible to configure it to automatically discover the pods hosting MFDS within the cluster, and display them in the ESCWA user interface.

File Handling

Back to Top

Fileshare password files can now be stored in the Vault Facility, ensuring that sensitive user credentials are encrypted. Firstly, create the password file in the usual way, and then upload it, with a path of microfocus/fh, using the mfsecretsadmin utility.

To ensure the Fileshare server uses the file stored in the vault, start the server with the /uv option.

IMS Support

Back to Top

Improvements are available in the following areas:

  • BMP inbound and outbound message processing - full support is available for BMP inbound and outbound message processing. Batch message processing programs (BMPs) can now access the IMS message queue for input and output, in addition to their batch-type processing and data-access capabilities.
  • Commands - the following commands are now supported: - /START TRAN ALL, /DISPLAY Q TRAN, and /DISPLAY STATUS TRAN.
  • DB Control SUSPEND / RESUME commands in an active system - IMS DB Control supports the SUSPEND command while transactions are active. DB Control will block any new units of work and allow active UOWs to complete during a quiesce. Once DB Control reaches a state with no outstanding UOWs it suspends. Note a long running BMP may prevent a system from suspending.

    This enables support for administrative tasks such as database and transaction log archiving. It also enables the creation of new transaction logs when roll forward recovery is enabled.

  • IMS BTS trace - IMS BTS trace is now visible from active SSTM and batch jobs. WIDTH and NOHEX options have been added for additional control of trace output format.

    This enables BTS output to be viewed when debugging a batch IMS application. Previously the job step had to complete before the trace was visible. This also enables you to view the trace output in an active SSTM job. Previously the MPR had to be stopped to make trace output visible.

  • User DB handler exit - database exit support has been added for GSAM databases. This provides programmatic control of the DB Catalog setting for a database instead of using the defined DB Catalog. Also, this exit can process DL/I calls completely, for example, to map DL/I calls into VSAM I/O requests. Previously, this exit was available only for full function databases.

    To assist you with writing an exit, a template file, USERDB.CBL, and an explanatory text file, USERDB.TXT, are available with your IMS classic samples.

  • JES Alias support - the JES aliasing feature can be used with IMS DLI and BMP applications run from JCL.

JCL Support

Back to Top

The following features have been added to the JCL support:

  • The sample printer exit in the product has been enhanced to retrieve extended information. The structure defined by idadoutp.cpy now contains two new entries (ws)-extended-output and (ws)-extended-data. The item (ws)-extended-output contains the version of the extended output data; currently, this should be set to 1. The item (ws)-extended-data is a pointer, that if null means there is no extended data; otherwise, it points to a new structure defined in outpext.cpy. That structure contains the extended output information for a given job. This is demonstrated in the provided sample - sampprnx.

The Micro Focus Database File Handler

Back to Top

Support for Db2 and Microsoft Azure databases has been added to the Micro Focus Database File Handler (MFDBFH). This support is equivalent to that of the existing databases.

The following features have been added for all databases:

  • I-O optimizations for sequential, line sequential, and ESDS/KSDS/RRDS files opened for output.
  • Using direct connection strings to make a database connection (as an alternative to using ODBC DSNs).
  • Creation of databases using script files.
  • Maintaining database configuration files with a command line utility, dbfhconfig.
  • Using the dbfhdeploy utility to delete data files from a datastore.
  • Database configuration files can now store confidential information in the Vault Facility.
  • CTF tracing of ODBC and Vault operations.
  • Recovering of locked processes or files can with the dbfhadmin utility.
  • The dbfhconfig and dbfhdeploy utilities are now capable of executing commands batched up in a response file.

Multi-Threaded Applications

Back to Top

This release includes the following improvements:

  • Improved validation of detached threads on UNIX - the reliability for applications with many threads, when using the CBL_THREAD_KILL routine and during abnormal process termination, such as when an error occurs, has been improved.
  • Thread local storage optimizations - the thread termination in applications with many threads has been optimized.

PL/I Support

Back to Top

Enhancements are available in the following areas:

Run-Time System

  • Support is available for bytestream IO via FILETELL, FILESEEK, FILEREAD and FILEWRITE for RECFM(U) files.
  • Support for the COPY option of the GET statement.
  • It is now possible to use a STATIC FIXED BIN(31) variable to control the RECSIZE of a file at OPEN time.
  • The JCL utility IKJEFT01 can now be driven from PL/I as a callable interface.

New Platform Support

Back to Top

Support is now available for Enterprise Server for the following additional platforms to the same level that other UNIX platforms (different than Linux) are supported:

  • Ubuntu Linux 18.04.x (LTS) on 64-bit Intel (x86-family)
  • CentOS v7 and v8 on Intel x86-64

For a full list of the supported operating systems, check the Product Availability section on the Micro Focus Customer Care Web site: http://supportline.microfocus.com/prodavail.aspx.

Problem Determination

Back to Top

The following enhancement is available:

  • Consolidated Tracing Facility (CTF) on UNIX - CTF is now always present during process termination, such as when an application, or a third-party code, calls exit() directly.