New Features and Enhancements
IBM® Sterling Connect:Direct® for z/OS® 6.4 and its
related software have the following features and enhancements:
-
- Multi-Factor Authentication(MFA) Support (API PROXY)
- IBM Sterling Connect:Direct for z/OS version 6.4 supports multi-factor authentication (MFA) by authorizing authenticated API users who connect from trusted clients. You only need to set up an API proxy record for client applications that are trusted to authenticate the connecting user. For more information, refer to Multi-Factor Authenication(MFA) Support (API PROXY) section.
Note: This feature is available with the corresponding PTF (UO03525) and is not included in the base version of IBM Sterling Connect:Direct for z/OS. -
- Target node alternate communication via Secure proxy for SSL error
- IBM Sterling Connect:Direct for z/OS version 6.4 supports the CSPA202E message ID with RC=001 as retriable once all required conditions are met. For more information, refer to Target node alternate communication via Secure proxy for SSL error section.
Note: This feature is available with the corresponding PTF (UO03535) and is not included in the base version of IBM Sterling Connect:Direct for z/OS. -
- Partitioned Data Set (PDS)/Partitioned Data Set Extended (PDSE) Copy from IBM Sterling Connect:Direct for z/OS to IBM Sterling Connect:Direct Unix and IBM Sterling Connect:Direct Microsoft Windows:
-
- With this new feature, IBM Sterling Connect:Direct for z/OS will support the copying of a full PDS/PDSE or a subset of a PDS/PDSE (based on a defined selection criterion) from IBM Sterling Connect:Direct for z/OS to IBM Sterling Connect:Direct Unix and IBM Sterling Connect:Direct Microsoft Windows. This feature is available only in the BATCH environment. This feature does not support pulling folder from IBM Sterling Connect:Direct Unix and IBM Sterling Connect:Direct Microsoft Windows to IBM Sterling Connect:Direct for z/OS. For more information, refer to The batch interface for PDS/PDSE copy section.
-
- Password-less/Surrogate Signon:
-
- This feature enables a user to sign-on to DMBATCH on behalf of the submitter ID without providing a password in the SIGNON step. Once a surrogate relationship is configured between the submitter ID and the user ID in the security system, the requirement to enter a password during the DMBATCH SIGNON step is eliminated. This enhancement simplifies the sign-on process and improves efficiency for users operating under a surrogate sign-on configuration.
-
- Included Active MAXUSERS count in High water mark SMF record:
-
- From IBM Sterling Connect:Direct for z/OS
version 6.4, new fields have been added to the SMF record, H2 and HW Statistic Record,
which includes:
- Number of MAXUSERS
- User HW count
- User HW Date
- User HW TIME
These fields provide enhanced monitoring capabilities for user activity and resource usage. For more information, refer to Simultaneous Session Reporting and Asset Tracking Reporting section.
- From IBM Sterling Connect:Direct for z/OS
version 6.4, new fields have been added to the SMF record, H2 and HW Statistic Record,
which includes:
-
- Suppressing Diagnostic Data for SCPA019I & SCPA101I:
-
- Users can now suppress diagnostic data being written to CDESTAE for
SCPA019I and SCPA101I messages by including
a new DUMMY DDNAME (
//ZSCPA019 DD DUMMY) in the startup JCL.
- Users can now suppress diagnostic data being written to CDESTAE for
SCPA019I and SCPA101I messages by including
a new DUMMY DDNAME (
-
- Generation of statistics at SNODE when SVTR017I/SVTR009I NETMAP errors occur:
-
- This release introduces a new capability that generates a statistical record for SVTR017I/SVTR009I NETMAP errors at the SNODE. This enhancement enables IBM Control Center (CC) to recognize these error messages. For more information, refer to NETMAP.CHECK = NO | (ALL | TCP, ALL | BOTH | NODENAME, FAIL | WARN | PASS).
-
- Adding Unix’s Instance Identifier to the CDZ Checkpoint Record:
-
- The IBM Connect:Direct Unix server setup utilizes an Instance Identifier to ensure
uniqueness across multiple instances working behind a Load Balancer. Previously, if
multiple Connect:Direct Unix server instances initiated processes for the same IBM Sterling Connect:Direct for z/OS server with the
same Process Name at the same time, these would fail with error message
SCPA038I.With this new feature, IBM Sterling Connect:Direct for z/OS now handles such processes by adding the IBM Sterling Connect:Direct Unix Instance Identifier to its Checkpoint file, making the processes unique. This Instance Identifier is also used for Checkpoint Restart, ensuring process continuity in case of interruptions during file transfers from IBM Sterling Connect:Direct Unix server to IBM Sterling Connect:Direct for z/OS server.
The feature is also applicable to Run Task operations, where programs executed on the IBM Sterling Connect:Direct for z/OS server (SNODE) are initiated by the Connect:Direct Unix server (PNODE). However, this enhancement does not impact Run Job functionality.
- The IBM Connect:Direct Unix server setup utilizes an Instance Identifier to ensure
uniqueness across multiple instances working behind a Load Balancer. Previously, if
multiple Connect:Direct Unix server instances initiated processes for the same IBM Sterling Connect:Direct for z/OS server with the
same Process Name at the same time, these would fail with error message
-
- Make Userid field optional in Secure+ Admin Tool SAVE ACTIVE panel:
-
- Starting with IBM Sterling Connect:Direct for z/OS version 6.4, the Userid field on the SAVE ACTIVE panel is no longer mandatory for IUI users. Users can now enter a userid based on the Security Exits configured in the Initialization Parameters. If Stage II security is enabled with the IBM Sterling Connect:Direct for z/OS Server, the IUI will prompt a warning message when either the Userid or Password is not provided on the SAVE-ACTIVE panel while saving the Secure+ Parmfile.