Anonymous login fails

If an anonymous login fails, use the following checklist to investigate:
  1. Ensure that you have specified ANONYMOUS as a start parameter or in FTP.DATA.
  2. Check the setting of the ANONYMOUSLEVEL variable in FTP.DATA. If ANONYMOUSLEVEL is not explicitly set in FTP.DATA, its value is equal to one.
  3. If you have activated mixed-case passwords in RACF® or in another SAF-compliant security product, verify the following:
    • The anonymous password in FTP.DATA is coded in the correct case
    • The anonymous password passed to the FTP daemon by the FTPD start procedure is coded in the correct case
    • The anonymous password specified by the MVS™ operator to override the parameters specified in the FTPD start procedure was coded in the correct case.
      Rule: Enclose the FTP parameters in single quotes when overriding the parameters specified in the FTPD start procedure while mixed-case passwords are enabled.

If ANONYMOUS is set in FTP.DATA, and the STARTDIRECTORY is in the z/OS® UNIX file system, and ANONYMOUSLEVEL is two or three, verify that the required executable files are installed in the anonymous user's root directory. If the required executable files are not installed in the anonymous user's home directory, SYSLOGD contains error messages. For information about setting up the anonymous user's root directory, see z/OS Communications Server: IP Configuration Guide.

If you did not specify a user ID on the ANONYMOUS start parameter or on the FTP.DATA statement, ensure that the user ID ANONYMO is defined to TSO and RACF, and that it has a defined OMVS segment or that automatic assignment of unique UNIX identities support is enabled. For information about the z/OS UNIX environment and its security considerations, see z/OS UNIX System Services Planning.

If you did specify a user ID on the ANONYMOUS start parameter or on the FTP.DATA statement, ensure that the specified user ID is defined to TSO and RACF, and that the specified user ID has a defined OMVS segment or that automatic assignment of unique UNIX identities support is enabled.

If ANONYMOUSLEVEL is two or three, verify that the STARTDIRECTORY value is compatible with the ANONYMOUSFILEACCESS value and that the FILETYPE value is compatible with the ANONYMOUSFILETYPESEQ, ANONYMOUSFILETYPEJES, and ANONYMOUSFILETYPESQL values.

If ANONYMOUSLEVEL=3 and if ANONYMOUS or ANONYMOUS/USERID/PASSWORD is coded, the user is prompted to enter an e-mail address as a password. Verify that the e-mail address entered by the user is consistent with the requirements of the EMAILADDRCHECK statement in FTP.DATA. If ANONYMOUS/USERID is coded, the user must provide the password for USERID. See z/OS Communications Server: IP Configuration Reference for more information about these FTP.DATA statements.

Parent topic: FTP session problems