INFO-VAX Thu, 19 Jun 2008 Volume 2008 : Issue 340 Contents: ACME Authentication issues when LDAP server is down. Re: Determining display device for a process Re: Determining display device for a process Re: Determining display device for a process Re: GNV and directories How things change for VMS Re: How things change for VMS Re: How things change for VMS Re: How things change for VMS Re: How things change for VMS Re: How things change for VMS Re: How things change for VMS Re: How things change for VMS Re: OpenVMS Alpha 8.4 release date and new functionality ? Re: Very cool Ethernet speedup on OpenVMS Re: Very cool Ethernet speedup on OpenVMS ---------------------------------------------------------------------- Date: Wed, 18 Jun 2008 14:21:51 -0700 From: Malcolm Dunnett Subject: ACME Authentication issues when LDAP server is down. Message-ID: <48597c6f$1@flight> The ACME LDAP DOI configuration only permits one LDAP server to be specified. The typical approach in Active Directory configurations is to make the LDAP connection to the domain name (which will provide a list of the domain controllers). It appears that the ACME agent will only try to connect to the first LDAP server on this list - if that server is down then the LDAP lookups will hang and eventually fail with an error of: %ACME-E-FAILURE, operation failure; if logging is enabled, see details in the ACME$SERVER log file This failure takes approximately one minute to occur on each query. Not trying the other servers on the list is a significant deficit in terms of system reliability - having a single LDAP server down will cripple the entire system. To work around this I tried rewriting my application to specify a timeout value (of 5 seconds) and if the call doesn't complete to the default DOI in that time period I try a second call specifying the VMS DOI - so that the locally stored password will be used in place of the LDAP lookup. This doesn't work, the VMS DOI call times out also - as if it's trying to contact the LDAP server even though told to use the VMS DOI. If I don't specify a timeout then the call to the VMS DOI succeeds immediatly after the LDAP lookup fails, but this requires the entire process to take over 1 minute. It's curious that if I let the LDAP lookup fully time-out on it Is there no way to force an authentication to occur immediately using the VMS DOI in the case where the LDAP DOI is failing due to the LDAP server not being available? ------------------------------ Date: Wed, 18 Jun 2008 12:52:08 -0700 From: Fred Bach Subject: Re: Determining display device for a process Message-ID: Peter, Comments interspersed. .fwb. Peter Weaver wrote: >> ... >> Your code contains nothing that translates FTA895: into anything >> useful for the SET DISPLAY command. > > It does not translate FTA895:, but it does do a SHOW DISPLAY/SYMBOLS. I > think 8 years ago /SYMBOLS was undocumented, but it is documented in V8.3. I > am not sure when /SYMBOLS was first documented. So when you log into a XTerm > session SHOW DISPLAY/SYMBOLS will return DECW$DISPLAY_NODE, > DECW$DISPLAY_SCREEN, DECW$DISPLAY_SERVER and DECW$DISPLAY_TRANSPORT. The > code I wrote takes some of these values and puts them in a particular file. > >> And if I SET HOST from there and run your code on that login, >> I get TERM = RTA7: At least your program knows about RT >> connections. But the display is set to the NODE only. This >> results in >> >>> Bach_3_BN2> show disp >>> >>> Device: WSA933: [super] >>> Node: XXXBN2 >>> Transport: DECNET >>> Server: 0 >>> Screen: 0 >> ... > > If you do a SET HOST and do a SHOW DISPLAY you should get; > %DECW-W-OPENIN, error opening DECW$DISPLAY as input > -SYSTEM-W-NOSUCHDEV, no such device available Yes, this is exactly what I get after I did a Set Host from the FTA895 x decterm. After login, the DECW$DISPLAY logicals and symbols do not exist. Virgin territory. To wit: Bach_3_BN2> show display %DECW-W-OPENIN, error opening DECW$DISPLAY as input -SYSTEM-W-NOSUCHDEV, no such device available Bach_3_BN2> sho log decw$display* (LNM$PROCESS_TABLE) (DMQ$LNM_0002_00042) (LNM$JOB_865615C0) (LNM$GROUP_000033) (LNM$SYSTEM_TABLE) (LNM$SYSCLUSTER_TABLE) (DECW$LOGICAL_NAMES) %SHOW-S-NOTRAN, no translation for logical name DECW$DISPLAY* > > If you are getting what you show then you must be doing a SET DISPLAY in > SYLOGIN.COM or LOGIN.COM. Nope. A .com file called by LOGIN.COM checks to see if it's possible and if so, it then attempts a SET DISPLAY command, but if the right stuff isn't there first, SET DISPLAY is not executed. > > In my example the SHOW DISPLAY/SYMBOLS does not define the DECW$* symbols > above so then the code sets the display to the same values as you wrote to a > particular file above. Yes, we have also resorted to this very technique at our lab for many years now - use an external file created on the remote node by the process from which the Set Host was executed. Since we have a lot of operations processes running about, we put a valid time limit on this file. It has to be very fresh in order for the destination process to use it when logging in (and the clocks should to agree). Sometimes there may be timing collisions, but we really don't have any significant problems with this technique. One problem is that we build up many versions of this file, and so we have to purge them by hand from time to time. But does it not all seems so silly?? VMS knows where to send the text output which results from the Set Host command. In theory it should be easy to select the same graphics device on which the x-decterm attached to the Set-Hosting process is being displayed. The system has to know this stuff already, or else we would not be seeing the SET HOST output on the screen! It's a shame we have to do a SHOW DISPLAY, send its output to an external file on the remote node - all just in order to get valid parameters for setting the graphics display info on the remote node. Cheers, . fred bach . When I wrote the code I hardcoded the full > node::directory:filename to make sure that this would work no matter which > node you logged into first and no matter which node you SET HOST from or to. > > > Here is the code again (with a slight modification to avoid typos in > filename) for anyone who is interested. > > $! > $ particular_file = "nodea::sys$login:create_display.com" > $! > $ show display/symbol > $! > $ if "''decw$display_node'" .eqs. "" then goto create_display > $! > $ open/write outfile 'particular_file > $! > $ write outfile "$ set display/create/node=''decw$display_node' -" > $ write outfile " /transport=''decw$display_transport' > $ close outfile > $! > $ goto done > $! > $create_display: > $! > $ @'particular_file > $! > $done: > $! > $ exit > > > Peter Weaver > www.weaverconsulting.ca www.openvmsvirtualization.com > www.vaxvirtualization.com www.alphavirtualization.com > Winner of the 2007 OpenVMS.org Readers' Choice Award for > System Management/Performance > ------------------------------ Date: Wed, 18 Jun 2008 13:52:36 -0700 (PDT) From: Peter Weaver Subject: Re: Determining display device for a process Message-ID: <4f761ab3-e907-463a-a2d5-37ec01cc9d43@e53g2000hsa.googlegroups.com> On Jun 18, 3:52=A0pm, Fred Bach wrote: > Peter, > > =A0Comments interspersed. =A0.fwb. >... I just tried something I have never tried before and I am happy to report that it works (at least with TCPIP T5.7 where I tested it). I was logged into a session and rather than do a SET HOST to another node I did a ssh "+X" remotenode I then started EDIT/TPU/INTER=3DDECW and the display appeared on my original screen. I then did a ssh "+X" back to the original node and the EDIT/TPU/INTER=3DDECW displayed on my PC again. So using SSH may solve the problem you have. Peter Weaver www.weaverconsulting.ca=A0 =A0www.openvmsvirtualization.com www.vaxvirtualization.com=A0 www.alphavirtualization.com Winner of the 2007 OpenVMS.org Readers' Choice Award for System Management/Performance ------------------------------ Date: Wed, 18 Jun 2008 17:42:50 -0400 From: JF Mezei Subject: Re: Determining display device for a process Message-ID: <485982e4$0$7279$c3e8da3@news.astraweb.com> Fred Bach wrote: >> If you do a SET HOST and do a SHOW DISPLAY you should get; >> %DECW-W-OPENIN, error opening DECW$DISPLAY as input >> -SYSTEM-W-NOSUCHDEV, no such device available > > Yes, this is exactly what I get after I did a Set Host from the > FTA895 x decterm. After login, the DECW$DISPLAY logicals and > symbols do not exist. Virgin territory. To wit: When you do a SET HOST, the terminal device is an RTAx: device. All it knows in that input/output goes through a DECNET link to some process on some decnet node. It has no concept of what the process at the other end is. Same with telnet and LAT. So it is understandable that it doesn't know what your display is. However, if you were to define DECW$DISPLAY logical to point to the right WSAx: device, you would then be able to use it from an RTAx: terminal. In terms of SSH, it is quite different. It establishes a tunnel which carries both the interactive character cell link as well as X window data. [brakes:~] JFMEZEI% ssh -X chain JFMEZEI@chain's password: [welcome message omitted] $ show display Device: WSA3: [user] Node: chain.vaxination.ca Transport: TCPIP Server: 10 Screen: 0 So, when I ssh to chain, a new display device is created on chain which points to the SSH software. If start an X application on chain, the application thinks the display is on chain. But in fact, it sends the X data to the SSH software on chain which tunnels it back to brakes. The SSH software on BRAKES then sends the X data to whatever display was set on brakes at the moment the SSH command was issued. > But does it not all seems so silly?? VMS knows where to send the text output > which results from the Set Host command. In theory it should be easy to select > the same graphics device on which the x-decterm attached to the Set-Hosting > process is being displayed. When you SET HOST, there are no graphic commands involved. There is no decterm involved. The RTAx: terminal is a virtual terminal receives types characters from the remote node sends them to a local process, and then forwards any output from that local process to the remote node. No X involved at all. ------------------------------ Date: Thu, 19 Jun 2008 01:33:30 GMT From: "John E. Malmberg" Subject: Re: GNV and directories Message-ID: JKB wrote: > Le 18-06-2008, à propos de > Re: GNV and directories, > Joseph Huber écrivait dans comp.os.vms : >> JKB wrote: >>> Le 18-06-2008, à propos de >>> Re: GNV and directories, >>> Ken Robinson écrivait dans comp.os.vms : >>>> On Wed, Jun 18, 2008 at 10:11 AM, JKB wrote: >>>>> Hello, >>>>> >>>>> I'm trying to build postgresql on OpenVMS APX 8.3. I have installed >>>>> GNV, untared postgresql-8.3.3.tar. I would recommend that you sign up for an encompasserve.org account and read the notes conference porting_to_vms for some pointers. Then start a topic in that conference to track your progress. -John wb8tyw@qsl.network Personal Opinion Only ------------------------------ Date: Wed, 18 Jun 2008 13:56:36 -0400 From: "John Smith" Subject: How things change for VMS Message-ID: I was looking for a citation on-line for a computer crime case which occured in the late 1970's (I think) and stumbled upon this site http://www.phrack.org/issues.html?issue=6&id=12 and a short way into the web page there is a section entitled CONNECTED NODES AS OF 10/05/88 TOTAL NODES = 2491 which lists all the known connected nodes on the internet as of that date and the operating system running on each node. A fast Mk I Eyeball count suggests that about 60% were running VMS then. I wonder how few still run VMS today - 20 years later. ------------------------------ Date: Wed, 18 Jun 2008 14:05:39 -0400 From: "Richard B. Gilbert" Subject: Re: How things change for VMS Message-ID: <-cednQHLjJ5r08TVnZ2dnUVZ_sHinZ2d@comcast.com> John Smith wrote: > I was looking for a citation on-line for a computer crime case which occured > in the late 1970's (I think) and stumbled upon this site > http://www.phrack.org/issues.html?issue=6&id=12 > > and a short way into the web page there is a section entitled > > CONNECTED NODES AS OF 10/05/88 > TOTAL NODES = 2491 > which lists all the known connected nodes on the internet as of that date > and the operating system running on each node. > > A fast Mk I Eyeball count suggests that about 60% were running VMS then. > > I wonder how few still run VMS today - 20 years later. > > There are still a few of us old farts who remember VMS and use it! ------------------------------ Date: 18 Jun 2008 16:48:35 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: How things change for VMS Message-ID: <+R34bk+aMytQ@eisner.encompasserve.org> In article , "John Smith" writes: > I was looking for a citation on-line for a computer crime case which occured > in the late 1970's (I think) and stumbled upon this site > http://www.phrack.org/issues.html?issue=6&id=12 > > and a short way into the web page there is a section entitled > > CONNECTED NODES AS OF 10/05/88 > TOTAL NODES = 2491 That's not the nodes on the internet. There were far more of us than that in 1988 and none of my nodes are listed. ------------------------------ Date: Thu, 19 Jun 2008 00:42:59 +0200 From: Michael Kraemer Subject: Re: How things change for VMS Message-ID: John Smith schrieb: > I was looking for a citation on-line for a computer crime case which occured > in the late 1970's (I think) and stumbled upon this site > http://www.phrack.org/issues.html?issue=6&id=12 > > and a short way into the web page there is a section entitled > > CONNECTED NODES AS OF 10/05/88 > TOTAL NODES = 2491 > which lists all the known connected nodes on the internet as of that date > and the operating system running on each node. > Are you sure these are "internet" (i.e. TCP/IP) nodes ? I recognize some of my organization's nodes of that time, but I'm pretty sure that neither the IBM nor the DEC boxes had "internet" access at that time. The names look more like Bitnet/Earn nodes. ------------------------------ Date: 18 Jun 2008 19:05:14 -0400 From: Rich Alderson Subject: Re: How things change for VMS Message-ID: "John Smith" writes: > I was looking for a citation on-line for a computer crime case which occured > in the late 1970's (I think) and stumbled upon this site > http://www.phrack.org/issues.html?issue=6&id=12 > and a short way into the web page there is a section entitled > CONNECTED NODES AS OF 10/05/88 > TOTAL NODES = 2491 > which lists all the known connected nodes on the internet as of that date > and the operating system running on each node. No, it doesn't. There is only one TOPS-20 site in the list, and 3 Tops-10 sites. I guarantee you that there were far more PDP-10 sites than that on the Internet in 1988: There were a dozen at Stanford alone, where I was working at the time, and none at all are listed. -- Rich Alderson "You get what anybody gets. You get a lifetime." news@alderson.users.panix.com --Death, of the Endless ------------------------------ Date: 18 Jun 2008 20:41:26 -0400 From: Rich Alderson Subject: Re: How things change for VMS Message-ID: Michael Kraemer writes: > John Smith schrieb: ... >> which lists all the known connected nodes on the internet as of that date >> and the operating system running on each node. > Are you sure these are "internet" (i.e. TCP/IP) nodes ? > I recognize some of my organization's nodes of that time, > but I'm pretty sure that neither the IBM nor the DEC boxes > had "internet" access at that time. > The names look more like Bitnet/Earn nodes. I wondered about that, but didn't know whether Multics supported an IBM RSCS facility like that created for VMS. -- Rich Alderson "You get what anybody gets. You get a lifetime." news@alderson.users.panix.com --Death, of the Endless ------------------------------ Date: Wed, 18 Jun 2008 22:27:24 -0700 (PDT) From: "Bart.Zorn@gmail.com" Subject: Re: How things change for VMS Message-ID: <3b6f07fd-94bd-410e-ae1b-cf9a657c660d@m73g2000hsh.googlegroups.com> This is NOT a list of internet connected nodes, but a list of Bitnet/ Earn connected nodes. Regards, Bart Zorn On Jun 18, 7:56=A0pm, "John Smith" wrote: > I was looking for a citation on-line for a computer crime case which occu= red > in the late 1970's (I think) and stumbled upon this sitehttp://www.phrack= .org/issues.html?issue=3D6&id=3D12 > > and a short way into the web page there is a section entitled > > CONNECTED NODES AS OF 10/05/88 > =A0 =A0 =A0 TOTAL NODES =3D 2491 > which lists all the known connected nodes on the internet as of that date > and the operating system running on each node. > > A fast Mk I Eyeball count suggests that about 60% were running VMS then. > > I wonder how few still run VMS today - 20 years later. ------------------------------ Date: Thu, 19 Jun 2008 06:38:38 +0100 From: "R.A.Omond" Subject: Re: How things change for VMS Message-ID: <4859f0e0$0$90262$14726298@news.sunsite.dk> John Smith wrote: > I was looking for a citation on-line for a computer crime case which occured > in the late 1970's (I think) and stumbled upon this site > http://www.phrack.org/issues.html?issue=6&id=12 > > and a short way into the web page there is a section entitled > > CONNECTED NODES AS OF 10/05/88 > TOTAL NODES = 2491 > which lists all the known connected nodes on the internet as of that date > and the operating system running on each node. > > A fast Mk I Eyeball count suggests that about 60% were running VMS then. > > I wonder how few still run VMS today - 20 years later. As others have pointed out, they're not Internet nodes at all, but Bitnet/EARN nodes (and 5 of them were mine - *EMBL*). ------------------------------ Date: Mon, 16 Jun 2008 22:00:17 +0300 From: "Guy Peleg" Subject: Re: OpenVMS Alpha 8.4 release date and new functionality ? Message-ID: <296bd$4856b845$7278@news.teranews.com> "Simon Clubley" wrote in message news:G356SEIVYWla@eisner.encompasserve.org... > Does anyone have an idea of when OpenVMS 8.4 Alpha is likely to ship > and what kind of new functionality is likely to be in it ? OpenVMS V8.4 will ship on Alpha and Itanium in H109. Will include new hardware support (Tukwila processors) and some new software features in the areas of clustering, availability and performance. Some of the features mentioned are clusters over TCP/IP, more members in a shadow set, significant performance improvements to BACKUP and more. > > I've found the slide on the Roadmap, but it's very vague on specifics > and I couldn't find anything else that addressed this. > > Thanks, > > Simon. > > -- > Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP > Microsoft: Bringing you 1980's technology to a 21st century world ** Posted from http://www.teranews.com ** ------------------------------ Date: Wed, 18 Jun 2008 17:20:29 -0400 From: JF Mezei Subject: Re: Very cool Ethernet speedup on OpenVMS Message-ID: <48597e19$0$20533$c3e8da3@news.astraweb.com> ewilts wrote: > There is NO disadvantage to forcing speed and duplex at 100Mbps. > There are potential disadvantages to autonegotiating. Why take a > chance? Had recent issue with this. I had forced my CISCO switch to use 10/half on my router's WAN port as well as ADSL modem's port since both are at those settings. It had worked fine for a long time. However, upon checking usage statistics on the switch's ports, I noticed a number of collision errors. Putting the swicth ports on auto resulted in them negotiating the same thing, but the errors no longer materialising. The router and modem have no way to set those ethernet ports. I assume that lack of negotiation messed something up at the modem/router ends, even though the end result is the same (10/half). ------------------------------ Date: Wed, 18 Jun 2008 22:42:19 -0600 From: "Michael D. Ober" Subject: Re: Very cool Ethernet speedup on OpenVMS Message-ID: "ewilts" wrote in message news:8983502d-4b68-4746-a902-73bb290f8521@b1g2000hsg.googlegroups.com... > On Jun 18, 10:50 am, "Richard B. Gilbert" > wrote: >> The network guy is TWICE an idiot. It's usually NOT a good idea to >> force speed and duplex settings. Except when dealing with certain VERY >> old (ten or more years) hardware, autonegotiation of speed and duplex >> settings is the way to go. > > I disagree and if you read the NetBackup mailing list, you'll see > regular reports of people who also disagree with you. The rule of > thumb I follow is: > For 100mbps, FORCE the speed AND the duplex on BOTH ends of the > connection > For GigE, autonegotiate > > It hasn't failed me, and I've seen a LOT of issues with autonegotation > on 100Mbps ports failing to negotiate the duplex. It seems to work, > but performance really, really sucks. > >> Ten, or more, years ago there was an ambiguity in the standard for >> autonegotiation. Cisco Systems interpreted it one way while Digital >> Equipment Corporation interpreted it the other way. Forcing the setting >> was the only way to get 100 Full Duplex. >> >> The ambiguity was resolved long ago but there is still some old hardware >> out there. . . . > > Current Cisco switches and current Ethernet adapters still have issues > at 100Mbps. > > There is NO disadvantage to forcing speed and duplex at 100Mbps. > There are potential disadvantages to autonegotiating. Why take a > chance? > > .../Ed > I've had the opposite experience with VMS and Auto Negotiate. I couldn't get 100Mb Full Duplex to work when forced, but auto-negotiate comes right up at 100Mb Full Duplex. Mike. ------------------------------ End of INFO-VAX 2008.340 ************************