IBM i PTF Guide, Volume 25, Number 9

March 6, 2023

Doug Bidwell

We are still playing catch up and will be back in synch soon. We wanted to remind you about an important bug issue, which is ADMIN4 Job Terminates Suddenly When A User Profile Without *ALLOBJ and *IOSYSCFG Authority Accesses the IBM Web Administration GUI, which you can look at here.

This issue is introduced after applying the following IBM i HTTP Group PTF levels:

IBM i 7.5: SF99952 level 5
IBM i 7.4: SF99662 level 25
IBM i 7.3: SF99722 level 42

Download and apply the following 5770-SS1 PTF to prevent the ADMIN4 job from ending suddenly. The PTF can be applied immediately:

IBM i 7.5: SI82677
IBM i 7.4: SI82679
IBM i 7.3: SI82681

Now, here is the rundown of PTF Groups by IBM i release level since we last published:

PTF Groups 7.5:

HIPERs (High Impact/Pervasive)
Backup Recovery Solutions
Content Manager OnDemand for i
QMGTOOLS

PTF Groups 7.4:

HIPERs (High Impact/Pervasive)
Backup Recovery Solutions
Content Manager OnDemand for i
QMGTOOLS

PTF Groups 7.3:

HIPERs (High Impact/Pervasive)
Backup Recovery Solutions
Content Manager OnDemand for i
QMGTOOLS

PTF Groups 7.2:

Backup Recovery Solutions
QMGTOOLS

New (or Updated) links added to the ‘Links’ tab in the guide this week:

Nothing new here this week

New (or Updated) links added to the ‘QMGtools’ tab in the guide this week:

New (or Updated) links added to the ‘ACS_NAV’ tab in the guide this week:

New (or Updated) links added to the ‘Prtr Links’ tab in the guide this week:

New (or Updated) links Redbooks added this week:

Tips/Definitions: How long has it been since you did a SAVE 21? Do I have to keep reminding you every week? Have you done it yet?

The Guide at a glance: There are new defectives this week (02/25/23). Here is the defective PTF rundown, which is the last defective for each release:

Defect Defective APAR Fixing
Date PTF PTF
——– ——– ——- ——-
7.5 02/24/23 MF70684 MA50069 MF70751 (When available)
7.4 02/24/23 MF70688 MA50069 MF70747 (When available)
7.3 02/22/23 MF70677 MA50059 MF70736 (When available)
MF70600
MF70440
7.2 12/08/21 SI77634 SE73420 SI78039 (Read the link in the guide!)

Be sure to access the link in the Guide for further details.

Below is the usual archive of the IBM i PTF Guide to help you work through the PTFs in chronological order:

February 25, 2023: Volume 25, Number 9

February 18, 2023: Volume 25, Number 8

February 13, 2023: Volume 25, Number 7

February 4, 2023: Volume 25, Number 6

January 28, 2023: Volume 25, Number 5

January 21, 2023: Volume 25, Number 4

January 14, 2023: Volume 25, Number 3

January 7, 2023: Volume 25, Number 2

January 1, 2023: Volume 25, Number 1

December 10, 2022: Volume 24, Number 50

December 3, 2022: Volume 24, Number 49

November 26, 2022: Volume 24, Number 48

November 19, 2022: Volume 24, Number 47

November 12, 2022: Volume 24, Number 46

November 5, 2022: Volume 24, Number 45

October 29, 2022: Volume 24, Number 44

October 22, 2022: Volume 24, Number 43

October 15, 2022: Volume 24, Number 42

October 8, 2022: Volume 24, Number 41

October 1, 2022: Volume 24, Number 40

September 24, 2022: Volume 24, Number 39

September 17, 2022: Volume 24, Number 38

September 10, 2022: Volume 24, Number 37

September 3, 2022: Volume 24, Number 36

August 27, 2022: Volume 24, Number 35

August 20, 2022: Volume 24, Number 34

August 13, 2022: Volume 24, Number 33

August 6, 2022: Volume 24, Number 32

July 30, 2022: Volume 24, Number 31

July 23, 2022: Volume 24, Number 30

July 16, 2022: Volume 24, Number 29

July 9, 2022: Volume 24, Number 28

June 25, 2022: Volume 24, Number 26

June 18, 2022: Volume 24, Number 25

June 11, 2022: Volume 24, Number 24

June 4, 2022: Volume 24, Number 23

May 28, 2022: Volume 24, Number 22

May 25, 2022: Volume 24, Number 21

May 14, 2022: Volume 24, Number 20

May 7, 2022: Volume 24, Number 19

April 30, 2022: Volume 24, Number 18

April 23, 2022: Volume 24, Number 17

April 16, 2022: Volume 24, Number 16

April 2, 2022: Volume 24, Number 14

March 26, 2022: Volume 24, Number 13

March 19, 2022: Volume 24, Number 12

March 12, 2022: Volume 24, Number 11

March 5, 2022: Volume 24, Number 10

February 26, 2022: Volume 24, Number 9

February 19, 2022: Volume 24, Number 8

February 12, 2022: Volume 24, Number 7

February 5, 2022: Volume 24, Number 6

January 29, 2022: Volume 24, Number 5

January 22, 2022: Volume 24, Number 4

January 15, 2022: Volume 24, Number 3

January 8, 2022: Volume 24, Number 2

January 1, 2022: Volume 24, Number 1

December 6, 2021: Volume 23, Number 48

November 20, 2021: Volume 23, Number 47

November 13, 2021: Volume 23, Number 46

November 6, 2021: Volume 23, Number 45

October 30, 2021: Volume 23, Number 44

October 23, 2021: Volume 23, Number 43

October 16, 2021: Volume 23, Number 42

October 9, 2021: Volume 23, Number 41

October 2, 2021: Volume 23, Number 40

September 25, 2021: Volume 23, Number 39

September 18, 2021: Volume 23, Number 38

September 11, 2021: Volume 23, Number 37

September 4, 2021: Volume 23, Number 36

August 28, 2021: Volume 23, Number 35

August 21, 2021: Volume 23, Number 34

August 14, 2021: Volume 23, Number 33

August 7, 2021: Volume 23, Number 32

July 31, 2021: Volume 23, Number 31

July 24, 2021: Volume 23, Number 30

July 17, 2021: Volume 23, Number 29

July 10, 2021: Volume 23, Number 28

July 3, 2021: Volume 23, Number 27

June 26, 2021: Volume 23, Number 26

June 19, 2021: Volume 23, Number 25

June 12, 2021: Volume 23, Number 24

June 5, 2021: Volume 23, Number 23

June 5, 2021: Volume 23, Number 22

May 22, 2021: Volume 23, Number 21

May 15, 2021: Volume 23, Number 20

May 8, 2021: Volume 23, Number 19

May 1, 2021: Volume 23, Number 18

April 24, 2021: Volume 23, Number 17

April 17, 2021: Volume 23, Number 16

April 10, 2021: Volume 23, Number 15

April 3, 2021: Volume 23, Number 14

March 27, 2021: Volume 23, Number 13

March 20, 2021: Volume 23, Number 12

March 13, 2021: Volume 23, Number 11

March 6, 2021: Volume 23, Number 10

February 27, 2021: Volume 23, Number 9

February 20, 2021: Volume 23, Number 8

February 13, 2021: Volume 23, Number 7

February 6, 2021: Volume 23, Number 6

The purpose of this blog is to alert legacy IBM i users their many real vulnerabilities that can result in unexpected downtime.  

Disclaimer: IBM i is an operating system. iSeries and AS400 are servers. I use these terms interchangeably to make it easy for folks to find this kind of information on the web.

Legacy Users On Back-Level IBM POWER Servers

My company works with a large population of legacy users – smaller businesses with older IBM servers, like 9406-170, 9406-270, 9406-8XX, 9406-520, 9407-515, 8203, and 8202. Their IBM i OS’s are back-level, behind on PTF levels, and off IBM software support, commonly V5R1 to V7.2. In some rare cases, as far back as V3R1.

Legacy Users May Be Unaware Of Their Vulnerability To Computer Disruption

Legacy users have not upgraded their older systems because they work day in and day out. Their IBM server reliability experience gives them a sense that there is no reason to change. They are unaware of their hardware, software and cyber security risks. Quite simply, “It works. If it ain’t broke, don’t fix it.”

Having worked with legacy users for decades, I understand their perspective.

Legacy System Failure And Disruption On The Rise

However, I have become increasingly alarmed for this community with the recent number of calls I have received to help repair system hardware failures with little or no backup.

Why is this surge appearing now?

From what I can gather, the original folks that set up these systems and programed them are inaccessible (retirement, moved away, passed away, etc.). Often the interim generation running the systems since the original teams set them up have also left the operations for the same reasons. This means the current folks now just keep the system running, without a clear sense of the original system, without sufficient training or documentation.

Incomplete Or Missing Backups – Yikes!

One of the most common errors from this evolution is inconsistent and incomplete backups that have not been tested. I feel so badly for those who try to recover without a good current backup. In these cases, simple recovery is not possible.

We recently had a legacy user need to migrate to our cloud hosting server. Their 9407-515 system had been down for 10 days. Their non-IBM hardware service company could not get parts to bring the system back. They were lucky to have a complete 9-month-old Save21 and a current backup so we could recover their system. They were also lucky to have software that did not require a software key so we could install it on a different server.

Even so, their firewall was over 10 years old and no longer supported. We worked with them to replace this legacy firewall with a new one.

Common Vulnerabilities

Let’s look at a summary of their vulnerabilities:

1)     No member of their current management team has any knowledge of IBM i.

2)     The IBM i IT Manager did not know their application software.

3)     Their current system administrator had not done monthly or quarterly Save21 system saves nor consistent daily backups.

4)     No one knew when they had lasted tested any backups to verify if they were any good.

5)     Their non-IBM hardware maintenance company could not repair their 9207-515. (First, getting the correct used parts delivered can take several days. Second, the maintenance company did not have anyone on premise that had IBM i expertise. Further, many maintenance companies are not aware that the 9407-515 system board is serialized to the server. This means that if the system board fails, a simple exchange of the system board does not work – the system is DEAD!)

6)     Their firewall was no longer supported. Even more serious, they were unaware of their cyber-security vulnerabilities.

This is just one of many examples of legacy users that have called me this year for help.

How Legacy Users Can Protect Themselves

I wish I could tell them, so they could hear, that they need to take action to avoid unexpected disruptions because:

1)     IBM servers do not last forever, despite their exceptional reliability.

2)     You will have delays to get replacement used parts. In some cases, like system boards, they simply will not work.

3)     You must have good backup practices and regularly test your backups to make sure they are good.

4)     You need to have good documentation to understand how your applications work.

5)     If you have software from a software provider, you need to understand if you must have a software key to move your applications to another server with a different serial number.

6)     You need to have access to your applications expertise as well as IBM i expertise. If this support is going away, what are your plans to find ongoing support?

7)     The new cyber security vulnerabilities are very real. It is best to stay current on software support so you can get fixes as vulnerabilities are uncovered.

Need Help?

Call me at 714-593-0387 or email me at [email protected]. Let us know how we can help!

To learn more about us, and view our customer testimonials, please visit our website: www.Source-Data.com