MS BackOffice Unleashed
— 40 —
Managing Your SNA Server Gateway
Managing your SNA Server gateway consists of three basic precepts: configuring and maintaining your network, configuring SNA Server, and troubleshooting. The first part deals with specifying your network transport protocols, configuring your routers to
pass the appropriate network packets, and maintaining the rest of your physical network. These are readily understood functions of a network Administrator, however, and are not the focus of this chapter. Instead, this chapter is concerned primarily with
configuring SNA Server with the SNA Server Administrator and performing basic troubleshooting with the SNA Trace utility.
The actual name for the tool is really SNA Server Admin, which can be found in your Microsoft SNA Server Program Manager group. Rather than call it this, however, I prefer to call it the SNA Server Administrator because this more fully describes its
function. For the rest of the chapter, this is how I refer to it.
Using SNA Server Administrator
The SNA Server Administrator is your primary interface to managing your SNA Server domains. The majority of this chapter focuses on how to use the SNA Server Administrator to perform the following tasks:
- Configuring the link services. Because the first thing you must do after installing SNA Server is configure a link service so that SNA Server can provide a connection to your SNA-compatible mainframe, it makes sense to start the discussion here as
well.
- Managing users and groups. After you configure the link service, you need to specify who can use your SNA Server connection. This is where group and user management comes into play.
- Managing logical unit pools. An LU pool is a means of grouping several LUs into a single entity or pool that you can manage. If you are looking for additional means to improve response time, balance the load on SNA Server, and provide additional fault
tolerance, then this section can help you achieve your goals.
- Managing SNA services, security, and SNA Administrator access. Managing the SNA Server services usually is limited to starting and stopping the various services involved. This chapter discusses these services, along with the means to automate the
startup sequence, but the more important aspect is learning how to restrict access to the SNA Server Administration features. After all, you do not want to allow just anybody to play with your SNA Server installation.
Configuring a Link Service
The first time you open the SNA Server Administrator, it displays the Servers and Connections window, which lists only the servers, because you haven't created any connections yet (see Figure 40.1). A connection is the basic building block you use to
define a linkage between your SNA-compatible mainframe and your SNA Server clients. This process is what the SNA Server Setup program describes as a link service and is what is discussed here. It is not really a difficult process if you have some help from
your technical support personnel. If you do not have this help and do not know what addresses, node identification strings, or other salient reference numbers have been assigned for your use, then you can pretty much forget about a working SNA Server
configuration. This means that you will need help from your mainframe MIS department and service provider for an X.25/QLLC connection in order to supply the required information.
Figure 40.1. Administering your SNA Server domain with the SNA Server Administrator.
The idea of this discussion is to walk you through the actual process of creating a connection and assigning logical units so that you will understand what information you need to successfully complete your SNA Server configuration. This chapter begins
with assigning the properties to your SNA Server that will be used for APPC or AS/400 connections. Then, you'll step through the process of creating connections. Finally, you'll learn how to assign logical units to a connection. Because this discussion
includes all the various types of connections and logical units, you might want to skip the parts that do not concern you at this time.
Assigning Server Properties
If your SNA Server installation will be supporting incoming calls; advanced peer-to-peer communications (APPC), which also includes 5250 terminal emulation; or an AS/400 connection, then you must configure the server properties to identify your
installation. This is accomplished by selecting the server in the Servers and Connections window and then choosing Services|Properties from the menu. The Server Properties dialog box appears, in which you can assign a comment, network name, and control
point name (see Figure 40.2).
Figure 40.2. Assigning server properties to uniquely identify your SNA Server installation.
Alternatively, you can select the server and press Alt+Enter or just double-click on a server to display the Server Properties dialog box.
The comment can contain up to 25 characters, and is used to aid you in identifying your installation when you have more than one SNA Server in your domain. The network name and control point name are the identifiers, which uniquely identify your SNA
Server installation on the network. These names are required only for systems using Format 3 XIDs, and define one point of the connection mechanism between SNA Server (the local node) and your SNA-compatible mainframe (the remote node). The remote node
names are defined as you create your connections. These values should be supplied by your MIS department, and they vary, depending on how your server is connected to your mainframe.
For an AS/400, the values in the Server Properties dialog box follow:
- Network Name: This name will be the RMTNETID value on the AS/400.
- Control Point Name: This name will be the RMTCPNAME in the host controller description.
For a VTAM or NCP connection, you will use these values:
- Network Name: This name will be the NETID value in the VTAM Start command for the local SSCP. The SSCP is the VTAM connection where SNA Server is attached.
- Control Point Name: This name will be the CPNAME in the Physical Unit (PU) definition for the VTAM or Network Control Point (NCP).
The network name and control point name can contain from one to eight alphanumeric characters. They can include the special characters $, #, and @. The first character must be alphabetic. All lowercase characters are converted to uppercase
characters. You cannot use just one name; if you supply one of these names, you must supply both these names.
Click the Addons button to display the SNA Server Additions dialog box. By default, this dialog box only includes the SNA Server Trace options, which you can select to configure the Trace utility. If you have added any third-party software, however,
you might be able to configure it here as well.
Creating a Connection
A connection can be considered as the means SNA Server uses to communicate with your SNA-compatible mainframe. It is not used directly by your SNA Server clients. Instead, your SNA Server clients use a logical unit (terminal) that has been assigned to a
specific connection. Your clients do not need to know what type of connection they are using, but as the SNA Administrator, you do.
SNA Server supports six types of connections:
- A Data Link Control (DLC) 802.2 connection: This is a network-adapter-to-network-adapter connection that uses the DLC transport protocol. It can be used on Ethernet or token ring-based networks.
- A Distributed Function Terminal (DFT) connection: This type of connection is used to connect SNA Server to a 3270 control unit on your host SNA-compatible mainframe over a coaxial cable connection.
- A Synchronous Data Link Control (SDLC) connection: This is a modem-adapter-to-modem-adapter connection that uses the DLC transport protocol. It is a direct (SDLC-to-SDLC), low-speed connection that uses leased or switched phone lines to connect the two
adapters.
- An X.25/QLLC connection: This is a packet-switching-network-adapter-to-packet-switching-network-adapter connection that uses the Qualified Logical Link Control protocol. It is most commonly used to provide low-speed interstate or international
connections through a host packet-switched network. Its primary usefulness stems from local access numbers to a packet-based connection point, which then can be used to connect to your mainframe.
- A Channel connection: This type of connection is used to directly connect to a channel attachment on your SNA-compatible mainframe.
- A TwinAx connection: This type of connection is used to directly connect to your AS/400 mainframe over a TwinAx connection.
SNA Server has some limitations that you should be aware of that may determine how many SNA Server installations you require and how many adapters per server you need to meet your requirements. Table 40.1 summarizes these limitations.
Table 40.1. SNA Server Connection and Session Limitations.
Software/ Hardware
|
Total Connections
|
Total Sessions
|
Note
|
SNA Server
|
250
|
10,000
|
This includes a maximum of 2,000 clients. A single downstream connection is equivalent to a single client when determining the total number of clients per SNA Server installation.
|
802.2
|
250
|
254
|
|
DFT
|
1
|
5
|
Although you can use up to four DFT adapters in a single system, they must all be controlled by a single link service. This can provide you with up to 4 connections with 20 sessions.
|
SDLC
|
1
|
254
|
|
X.25/QLLC
|
250
|
254
|
If your adapter does not include a coprocessor, you cannot support a duplex transmission with a DTE speed higher than 9600bps.
|
Channel
|
250
|
254
|
|
TwinAx
|
1
|
20
|
|
The total number of sessions applies to 3270, LUA, and dependent APPC LU-LU sessions. For independent APPC LU sessions, the maximum is 10,000 sessions.
You cannot use multiple 802.2, X.25/QLLC, or channel adapters to increase the number of supported connections.
To create a new connection, follow these steps:
- Select the server where you want the connection to be created in the Servers and Connections window. Then choose New Connection from the Services menu or use the shortcut key F2. The Insert Connection dialog box appears.
- Select the connection to create. This can be 802.2, SDLC, DFT, X.25, Channel, or TwinAx. Then click the OK button.
- In the Connection Properties dialog box, enter the relevant information for your connection type, as described in the following sections.
- Click the OK button to accept the connection definition or press Cancel to abort.
The following sections assume that you have already made your choice in the Connection Details dialog box and that the Connection Properties dialog box for your connection type is active.
Creating a DLC 802.2 Connection
Creating a DLC 802.2 connection consists of three parts: defining the connection, assigning the basic settings for the connection, and assigning the advanced settings for the connection. To define the connection, follow these steps:
- When the Connection Properties dialog box appears, enter a name for the connection in the Connection Name field (see Figure 40.3). The connection name can be from one to eight alphanumeric characters. The name can include the special characters $, #,
and @. All lowercase characters are converted to uppercase characters. The name must be unique and cannot be the reserved name SNASERVR.
Figure 40.3. Assigning connection properties for an 802.2 connection.
- In the Comment field, enter a description for the connection. The description can be a maximum of 25 characters.
- In the Link Service field, choose the service the connection will use to communicate with an SNA adapter.
If no entry is available, you need to use the SNA Server Setup program to install a link service.
- In the Remote End section, choose the type of remote system for the connection to use. This can be one of the following:
- Host System: This type of remote system is usually a mainframe that controls all interactions between the mainframe and any clients that connect to it. This type should be used for dependent APPC, 3270, and LUA logical units.
- Peer System: This type of remote system usually is used for mainframes, minicomputers, and clients that communicate with each other as equal partners (independent APPC). The most common reason to use this type is for an AS/400 connection or when
setting up a peer-to-peer connection to be used with Systems Management Server.
- Downstream: This type of remote system is used by clients, such as the IBM Communications Manager/2, that do not support the SNA Server client/server interface, but that still can access host connections provided by SNA Server.
When using a Downstream type, be sure to configure the Max BTU setting, as described later in this section, to a value supported by the downstream client.
- Choose an entry in the Activation section to specify when to make the connection available. This can be one of the following:
- On Server Startup: Specifies that the connection will be activated (made available to clients) when SNA Server starts.
- On Demand: Specifies that the connection will be activated on an as-required basis and deactivated when no longer required.
- By Administrator: Specifies that an Administrator must manually activate or deactivate a connection. This option only applies to outgoing connections. If a connection has been configured to accept incoming calls, the connection begins to listen to
calls as soon as SNA Server starts.
- Next, choose the type of connection support to implement in the Allowed Directions section. This can be Incoming Calls, Outgoing Calls, or both. The default is Outgoing Calls.
- You now have defined the connection, but you are not finished yet. At this point, you must click the Setup button to configure the basic properties for the connection. This displays the 802.2 Setup dialog box, as shown in Figure 40.4.
Figure 40.4. Configuring the basic properties for an 802.2 connection.
- You can configure the following fields in the 802.2 Setup dialog box:
- Remote Network Address: This 12-digit hexadecimal address specifies the network address of the remote (the system to which you will connect) host, peer, or downstream system. This is one of those times when you need to contact your MIS department in
order to find out the correct address. To aid you in this effort, here are a few tips that might help you in identifying your requirements:
For a connection to a 3174, you can use the configuration response 900 value in the customization program.
For a connection to a 3720, 3725, or 3745 front-end processor (FEP), you can use the MACADDR= value in the NCP configuration.
For a connection to an IBM 3970 mainframe, you can use the MACADDR= value in the VTAM PORT definition.
For a connection to another SNA Server installation, use the network adapter address. This can be determined by executing the NET CONFIG SERVER command from a command prompt and using the 12-digit value in the Server Is Active On entry.
If the server on which SNA Server is installed uses DHCP, then another way to find the network address is to use the DHCP Manager. Just select the primary server and then choose Scope|Active Leases. Then, in the Active Leases dialog box, select the
server in the Client field and click the Properties button. The network address will be listed in the Unique Identifier field.
- Local Node ID: This is an eight-digit hexadecimal that uniquely defines the local system to the remote system. The first three digits are commonly referred to as the block number, and the final five digits are referred to as the node number. Here are
a couple of rules for their usage:
The first three digits cannot be 000 or FFF because these are reserved values.
In order for a remote or downstream connection to use this connection, you must inform the local Administrator of your local node identifier.
In order to use a host connection, you must use the IDBLK value for the block number and the IDNUM value for the node number in the VTAM PU definition.
The same local node identifier must be used for all connections on your SNA Server installation.
- Network Name: If connecting to a host system that uses a remote network name, this entry should be the NETID value in the VTAM Start command for the local SSCP (the VTAM connection where SNA Server is attached). If connecting to an AS/400, this value
will be the Network Name of the AS/400 (the RMTNETID value on the AS/400).
- Control Point Name: If connecting to a host system using a remote control point name, this value will be the SSCPNAME value in the VTAM Start command of the remote SSCP. For an AS/400, enter the name of the AS/400.
- Remote Node ID: This entry is a unique identifier of the remote node. It must be supplied by your MIS department for a host connection or by the local Administrator for a downstream connection. The first three digits cannot be 000 or FFF because these
are reserved values.
The network name and control point name can be from one to eight alphanumeric characters. They can include the special characters $, #, and @. The first character must be alphabetic. All lowercase characters are converted to uppercase characters. You
cannot use just one name; if you supply one of these names, you must supply both these names.
- To specify how often to retry a connection operation, click the Retry Timers button. This displays a dialog box in which you can specify the following choices:
- Maximum Number of Attempts: Specifies how many times SNA Server will attempt to make a connection. When the maximum value is reached, an entry is made into the event log, and no further attempts are made to connect. The range is from 1 to no limit,
and the default is no limit.
- Delay After Failed Attempts: Specifies how long to wait, in seconds, between connection attempts. The range is from 5 to 255, with a default of 10.
- If required, you can configure additional characteristics for the connection by clicking the Advanced button. This expands the dialog box to offer you the following fields:
- XID Type: Specifies the type of identifying information SNA Server will send. A Format 0 XID only sends the node ID and should be used only for systems that do not support a Format 3 XID. A Format 3 XID sends up to 100 bytes of identifying
information, including the local node ID and control point name.
If you will be using independent APPC LUs on the connection, you must specify a Format 3 XID.
- Remote SAP Address: Specifies the remote system access point (SAP) address. This is a two-digit hexadecimal value in multiples of 4. The default value of 04 should suffice for most installations. If you will be using a 3174 controller for your
connection, however, this value should be the same as the configuration response 900 of the controller's customization program. Or, if you will be using an IBM 9370 host, use the value in the SAPADDR= value specified in the VTAM PU definition.
- Retry Limit: Determines how many times the local system will resend a frame when no response from the remote system is received. The range is from 0 to 255, with a default of 10.
- Max BTU Length: Defines the size of the basic transmission unit (BTU), also referred to as an I-frame, that can be sent in a single Data Link Control (DLC) frame. The range is from 265 to 16393, and the default is determined by your adapter.
The maximum BTU length should be less than the MAXDATA= value in the VTAM PU definition for a host connection. For a 4Mb token ring adapter, the value should be equal to or less than 4195; for a 16Mb token ring adapter, the value should be equal to
or less than 16393; and for an Ethernet adapter, the value should be equal to or less than 1493.
- XID Retries: Specifies how often the local system should resend an identifier (XID) message when no response is received from the remote system. The range is from 0 to 30, with a default of 3.
- Response (t1) Timeout: Specifies the time that the local system will wait for a response from a remote system before retransmitting. The value specified should be greater than the total time it takes for the data to be relayed between the local
system, the remote system, and the network.
If you choose the default value for Response Timeout, the system maintains two separate time-out values: one for a remote system on the local network and the other for a remote system on a remote network. If you do not use the default value, the
value you choose is used both for local and remote networks. The default for a local network is 400 milliseconds and 2 seconds for a remote network.
- Receive ACK (t2) Timeout: Specifies the maximum time a local system can delay before sending an acknowledgment to the remote system. The value specified should be less than the response time-out so that the system takes less time to acknowledge a
received transmission than it requires to seek a response to a transmission.
If you choose the default value for Receive ACK Timeout, the system maintains two separate time-out values: one for a remote system on the local network and the other for a remote system on a remote network. If you do not use the default value, the
value you choose is used both for local and remote networks. The default for a local network is 80 milliseconds, and the default for a remote network is 800 milliseconds.
- Inactivity (ti) Timeout: Specifies the maximum time a link can be inactive before SNA Server assumes that the link is malfunctioning and deactivates it.
If you choose the default value for Inactivity Timeout, the system maintains two separate time-out values: one for a remote system on the local network and one for a remote system on a remote network. If you do not use the default value, the value
you choose is used both for local and remote networks. The default for a local network is 5 seconds, and the default for a remote network is 25 seconds.
- Receive ACK Threshold: Determines the maximum number of frames that can be received before the local system must send a response. The value ranges from 1 to 127, with a default of 2.
- Unacknowledged Send Limit: This entry, often referred to as the window send size, specifies the maximum number of frames the local system can send without receiving an acknowledgment from the remote system. The range is from 1 to 127, with a default
of 8.
Receive ACK Threshold should be less than Unacknowledged Send Limit so that the local system acknowledges received transmissions more frequently than it requires responses from the remote system to sent transmissions.
If you increase Unacknowledged Send Limit and Receive ACK Threshold, you may achieve greater throughput. You should attempt this only on connections with low error conditions, however, or you may actually decrease throughput.
- Click the OK button to accept your connection definition.
Creating a DFT Connection
Creating a DFT connection is much easier than creating some other types of connections. All it requires is the basic definition, which can be accomplished by following these steps:
- When the Connection Properties dialog box is displayed, enter a name for the connection in the Connection Name field. The connection name can be from one to eight alphanumeric characters. The name can include the special characters $, #, and @. All
lowercase characters are converted to uppercase characters. The name must be unique, and cannot be the reserved name SNASERVR.
- In the Comment field, enter a description for the connection. The description can be a maximum of 25 characters.
- In the Link Service drop-down list, choose the service the connection will use to communicate with an SNA adapter.
Even though you can use up to four DFT adapters, you must use only one link service for all of them. If no entry is available, you need to use the SNA Server Setup program to install a link service.
- Specify when to make the connection available by choosing an entry in the Activation section. This can be one of the following:
- On Server Startup: Specifies that the connection will be activated (made available to clients) when SNA Server starts.
- On Demand: Specifies that the connection will be activated on an as-required basis and then deactivated when no longer required.
- By Administrator: Specifies that an Administrator must manually activate or deactivate a connection. This option applies only to outgoing connections. If a connection has been configured to accept incoming calls, then the connection begins to listen
to calls as soon as SNA Server starts.
The Remote End section is preset to Host System, and the Allowed Directions section is preset to Outgoing Calls.
- Click the OK button to accept your connection definition.
Creating an SDLC Connection
Creating an SDLC connection also consists of three parts: the first defines the connection, the second assigns the basic settings, and the third assigns the advanced settings for the connection. To create your SDLC connection, follow these steps:
- When the Connection Properties dialog box is displayed, enter a name for the connection in the Connection Name field. The connection name can be from one to eight alphanumeric characters. The name can include the special characters $, #, and @. All
lowercase characters are converted to uppercase characters. The name must be unique and cannot be the reserved name SNASERVR.
- In the Comment field, enter a description for the connection. The description can be a maximum of 25 characters.
- In the Link Service drop-down listbox, choose the service the connection will use to communicate with an SNA adapter.
If no entry is available, you need to use the SNA Server Setup program to install a link service.
- In the Remote End section, choose the type of remote system the connection will use. This can be one of the following:
- Host System: This type of remote system is usually a mainframe that controls all interactions between the mainframe and any clients that connect to it. This type should be used for dependent APPC, 3270, and LUA logical units.
- Peer System: This type of remote system is usually used for mainframes, minicomputers, and clients that communicate with each other as equal partners (independent APPC). The most common reason to use this type is for an AS/400 connection or for a
peer-to-peer connection for Systems Management Server.
- Downstream: This type of remote system is used by clients, such as the IBM Communications Manager/2, that do not support the SNA Server client/server interface, but that can still access host connections provided by SNA Server.
When using a Downstream system type, be sure to configure the Max BTU setting, as described later in this section, to a value supported by the downstream client.
- Specify when to make the connection available by choosing an entry in the Activation group. This can be one of the following:
- On Server Startup: Specifies that the connection will be activated (made available to clients) when SNA Server starts. This is a good choice for connections that use a leased line.
- On Demand: Specifies that the connection will be activated on an as-required basis and then deactivated when no longer required. This is a good choice for connections that use switched lines.
- By Administrator: Specifies that an Administrator must manually activate or deactivate a connection. This option applies only to outgoing connections. If a connection has been configured to accept incoming calls, the connection begins to listen to
calls as soon as SNA Server starts.
- Next, choose the type of connection support to implement in the Allowed Directions group. This can be Incoming Calls, Outgoing Calls, or both. The default is Outgoing Calls.
When using multiple SDLC connections for incoming calls, all these connections must use the same encoding (NRZ or NRZI) setting. A DFT connection can be configured only for outgoing calls.
- At this point, you have defined the connection; however, before you can use the connection, you must click the Setup button to configure the basic properties for the connection. This displays the SDLC Setup dialog box, and if you choose the Advanced
button (as you have here) the dialog box expands.
You can configure the following fields in this expanded SDLC Setup dialog box:
- Dial Data: Specifies a phone number, from 1 to 40 digits, that will be used for SDLC adapters on a switched phone line.
If the SDLC adapter has a built-in communications port, the number is a phone number that is sent directly to the adapter. If the adapter is configured for a manually dialed number, the number entered here is specified in the pop-up message box that
appears whenever the adapter is used for an outgoing call.
- Local Node ID: This is an eight-digit hexadecimal that uniquely defines the local system to the remote system. The first three digits are commonly referred to as the block number, and the final five digits are referred to as the node number. Here are
a couple of rules for their usage:
The first three digits cannot be 000 or FFF because these are reserved values.
In order for a remote or downstream connection to use this connection, you must inform the local Administrator of your local node identifier.
In order to use a host connection, you must use the IDBLK value for the block number and the IDNUM value for the node number in the VTAM PU definition.
The same local node identifier must be used for all connections on your SNA Server installation.
- Network Name: If connecting to a host system that uses a remote network name, this entry should be the NETID value in the VTAM Start command for the local SSCP (the VTAM connection where SNA Server is attached). If connecting to an AS/400, this value
is the Network Name of the AS/400 (the RMTNETID value on the AS/400).
- Control Point Name: If connecting to a host system using a remote control point name, this value is the SSCPNAME value in the VTAM Start command of the remote SSCP. For an AS/400, enter the name of the AS/400.
- Remote Node ID: This entry is a unique identifier of the remote node. It must be supplied by your MIS department for a host connection or by the local Administrator for a downstream connection. The first three digits cannot be 000 or FFF because these
are reserved values.
The network name and control point name can be from one to eight alphanumeric characters. They can include the special characters $, #, and @. The first character must be alphabetic. All lowercase characters are converted to uppercase characters. You
cannot use just one name; if you supply one of these names, you must supply both these names.
- XID Type: Specifies the type of identifying information that SNA Server will send. A Format 0 XID only sends the node ID and should be used only for systems that do not support a Format 3 XID. A Format 3 XID sends up to 100 bytes of identifying
information, including the local node ID and the control point name.
If you will be using independent APPC LUs on the connection, you must specify a Format 3 XID.
- Encoding: Specifies the encoding scheme the modem will use. This can be NRZ (Nonreturn to Zero) or NRZI (Nonreturn to Zero Inverted). The default is NRZI.
Both modems (the local and remote modems) must use the same encoding schemes. For connection to a host system, the encoding scheme is specified in the LINE/GROUP definition in VTAM. This value should be specified by your MIS Administrator.
- Duplex: This entry is based on your modem configuration. It will be Half or Full, depending on the feature set of your modem. You should refer to your SDLC adapter documentation to determine whether it supports half or full duplex.
If Full is specified, then your SDLC configuration must have the Constant RTS option set.
If your adapter lacks a coprocessor and you want to use a transmission speed higher than 9600bps, choose Half.
- Data Rate: This entry specifies the rate at which SNA Server can communicate with the SDLC adapter. You should refer to your adapter documentation to determine whether it supports a high data rate for optimum performance. If you have communications
problems, then choose the low setting.
The Data Rate option can be considered as the DTE rate when compared to a modem. And just like a modem, the maximum DTE rate is determined based on your UART. Even though the UART can handle higher data rates (19200bps for an 8250, 38400bps for a
16450, and 57600bps – 115200bps for a 16550), if you specify a rate that is too high for your processor to handle, you will encounter data errors (dropouts), which will require retransmissions.
- Poll Address: This two-digit hexadecimal address should be supplied by your MIS Administrator for a host connection. It will be the ADDR= value of the VTAM definition. For a peer connection, this value can be anything but the reserved values 00 and FF
because these peers will negotiate an acceptable value.
- Poll Rate: For peer or downstream services, this value determines the pool rate. The default is 5, with a range of 1 to 50.
- Poll Timeout: For a peer or downstream connection, this value specifies the time, in tenths of a second, for the local system to pause before polling again. The range is from 1 to 300, with a default of 10.
If you set the Poll Timeout value too low, it may cause link failures.
- Poll Retry Limit: For a peer or downstream connection, this entry determines how many times the local system will poll the remote system when no response is received. The range is from 1 to 255, with a default of 10.
- Contact Timeout: Specifies the time, in tenths of a second, that the local system will pause between connection attempts. The range is from 5 to 300, with a default of 10.
The Contact Timeout value is not used for incoming calls.
- Contact Retry Limit: Specifies how many times the local system should attempt to make a connection to the remote system. The default is 10, with a range of 1 to 10.
The Contact Retry Limit value is not used for incoming calls.
- Idle Timeout: For a host or peer connection, this entry specifies the time, in tenths of a second, that the local system will wait for a response from the remote system before resending the data. The range is from 1 to 300, with a default of 10.
If the Idle Timeout value is too small, you may experience link failures.
- Idle Retry Limit: For a host or peer connection, this value determines the number of times the local system will attempt to send data to a remote system if no response is received. The range is from 1 to 255, with a default of 10.
- Max BTU Length: Defines the size of the basic transmission unit (BTU), also referred to as an I-frame, that can be sent in a single Data Link Control (DLC) frame. The range is from 265 to 16393, and the default is 265 for an SDLC connection.
The maximum BTU length should be less than the MAXDATA= value in the VTAM PU definition for a host connection. For a downstream service, this value should be equal to or less than the maximum value supported by the downstream service. For specific
values, you should refer to your documentation or just use the default value.
- Multidrop Primary: If you are using a leased SDLC line to a downstream connection and the local system is the primary station for a multidrop connection, this option should be enabled.
- Select Standby: If your modem supports a standby line (refer to your documentation if you are unsure) and it is enabled, this option should be enabled as well. The default is disabled.
- Switched Connection Establishment Timeout: If you are using a switched SDLC line, this value defines the maximum time, in seconds, to wait for a connection to be established. The range is from 10 to 500, with a default of 300.
- To specify how often to retry a connection operation, click the Retry Timers button. This displays a dialog box where you can specify the following choices:
- Maximum Number of Attempts: Specifies how many times SNA Server will attempt to make a connection. When the maximum value is reached, an entry is made into the event log, and no further attempts are made to connect. The range is from 1 to no limit,
and the default is no limit.
- Delay After Failed Attempts: Specifies how long to wait, in seconds, between connection attempts. The range is from 5 to 255, with a default of 10.
- Click the OK button to accept your connection definition.
Creating an X.25/QLLC Connection
Creating an X.25/QLLC connection is similar to creating an SDLC connection because it also consists of three parts: defining the connection, assigning the basic settings, and assigning the advanced settings for the connection. To create an X.25/QLLC
connection, follow these steps:
- When the Connection Properties dialog box is displayed, enter a name for the connection in the Connection Name field. The connection name can be from one to eight alphanumeric characters. The name can include the special characters $, #, and @. All
lowercase characters are converted to uppercase characters. The name must be unique and cannot be the reserved name SNASERVR.
- In the Comment field, enter a description for the connection. The description can be a maximum of 25 characters.
- In the Link Service drop-down listbox, choose the service the connection will use to communicate with an SNA adapter.
If no entry is available, you need to use the SNA Server Setup program to install a link service.
- Choose the type of remote system the connection will use in the Remote End group. This can be one of the following:
- Host System: This type of remote system is usually a mainframe that controls all interactions between the mainframe and any clients that connect to it. This type should be used for dependent APPC, 3270, and LUA logical units.
- Peer System: This type of remote system is usually used for mainframes, minicomputers, and clients that communicate with each other as equal partners (independent APPC). The most common reason to use this type is for an AS/400 connection or for a
peer-to-peer connection for Systems Management Server.
- Downstream: This type of remote system is used by clients, such as the IBM Communications Manager/2, that do not support the SNA Server client/server interface, but that can still access host connections provided by SNA Server.
When using a downstream system type, be sure to configure the Max BTU setting, as described later in this section, to a value supported by the downstream client.
- Specify when to make the connection available by choosing an entry in the Activation group. This can be one of the following:
- On Server Startup: Specifies that the connection will be activated (made available to clients) when SNA Server starts. This is a good choice for connections that use a leased line.
- On Demand: Specifies that the connection will be activated on an as-required basis and then deactivated when no longer required. This is a good choice for connections that use switched lines.
- By Administrator: Specifies that an Administrator must manually activate or deactivate a connection. This option only applies to outgoing connections. If a connection has been configured to accept incoming calls, then the connection begins to listen
to calls as soon as SNA Server starts.
- Choose the type of connection support to implement in the Allowed Directions group. This can be Incoming Calls, Outgoing Calls, or both. The default is Outgoing Calls.
- Select the type of virtual circuit that will be used in the Virtual Circuit Type field. This can be one of the following:
- Switched (SVC): This type of virtual circuit is the default, and is called and cleared dynamically rather than being constantly active. A destination address is supplied when the circuit is called.
- Permanent (PVC): This type of virtual circuit is constantly active with a preset destination address.
- At this point, you have defined the connection; however, before you can use the connection, you must click the Setup button to configure the basic properties for the connection. This displays the X.25 Setup dialog box, and if you click the Advanced
button, the dialog box expands.
You can configure the following fields in the expanded X.25 Setup dialog box:
- Remote X.25 Address: This entry consists of from 12 to 15 hexadecimal digits (the final three digits are used for routing between installations with the same first 12-digit address) and should be specified by the Administrator of the remote system. If
you are connecting to a host using VTAM, the DIALNO= parameter in the VTAM PORT definition should be used.
- Local Node ID: This is an eight-digit hexadecimal that uniquely defines the local system to the remote system. The first three digits commonly are referred to as the block number, and the final five digits are referred to as the node number. Here are
a couple of rules for their usage:
The first three digits cannot be 000 or FFF because these are reserved values.
In order for a remote or downstream connection to use this connection, you must inform the local Administrator of your local node identifier.
In order to use a host connection, you must use the IDBLK value for the block number and the IDNUM value for the node number in the VTAM PU definition.
The same local node identifier must be used for all connections on your SNA Server installation.
- Network Name: If connecting to a host system that uses a remote network name, this entry should be the NETID value in the VTAM Start command for the local SSCP (the VTAM connection where SNA Server is attached). If connecting to an AS/400, this value
is the network name of the AS/400 (the RMTNETID value on the AS/400).
- Control Point Name: If you are connecting to a host system using a remote control point name, this value is the SSCPNAME value in the VTAM Start command of the remote SSCP. For an AS/400, enter the name of the AS/400.
- Remote Node ID: This entry is a unique identifier of the remote node. It must be supplied by your MIS department for a host connection or by the local Administrator for a downstream connection. The first three digits cannot be 000 or FFF because these
are reserved values.
The network name and control point name can be from one to eight alphanumeric characters. They can include the special characters $, #, and @. The first character must be alphabetic. All lowercase characters are converted to uppercase characters. You
cannot use just one name; if you supply one of these names, you must supply both these names.
- XID Type: Specifies the type of identifying information that SNA Server will send. A Format 0 XID only sends the Node ID and should be used only for systems that do not support a Format 3 XID. A Format 3 XID sends up to 100 bytes of identifying
information, including the local node ID and control point name.
If you will be using independent APPC LUs on the connection, you must specify a Format 3 XID.
- Max BTU Length: Defines the size of the basic transmission unit (BTU), also referred to as an I-frame, that can be sent in a single Data Link Control (DLC) frame. The range is from 265 to 16393, and the default is 1033 for an X.25/QLLC connection.
The maximum BTU length should be less than the MAXDATA= value in the VTAM PU definition for a host connection. For a downstream service, this value should be equal to or less than the maximum value supported by the downstream service. For specific
values, you should refer to your documentation or just use the default value.
- PVC Alias: Specifies the PVC channel. The range is from 1 to the configured number of channels. The default is 1.
- Packet Size: For a PVC, this entry specifies the maximum number of data bytes to be sent in a frame. The range is 64 to 1024 in 64-unit increments with a default of 128. This entry should be specified by your network service provider.
- Window Size: For a PVC, this entry specifies the maximum number of frames that can be sent without receiving a response from the remote system. This entry should be obtained from the Administrator of the remote system.
- Facility Data: For an SVC, this entry specifies the codes for any facility data required by your network service provider or Administrator of the remote system. The data can be a maximum of 126 hexadecimal characters (63 hexadecimal bytes) in length.
Facility data is a coded string that is used primarily to request nonstandard functions from your X.25 network.
- User Data: For an SVC, this entry specifies the codes for any user data required by your network service provider. It can be a maximum of 32 characters and must be an even number of characters.
User data is a coded string used primarily to specify the protocol to be used. For SNA, this value must be C3, which specifies the QLLC protocol.
- To specify how often to retry a connection operation, click the Retry Timers button. This displays a dialog box where you can specify the following choices:
- Maximum Number of Attempts: Specifies how many times SNA Server will attempt to make a connection. When the maximum value is reached, an entry is made into the event log, and no further attempts are made to connect. The range is from 1 to no limit,
and the default is no limit.
- Delay After Failed Attempts: Specifies how long to wait, in seconds, between connection attempts. The range is from 5 to 255, with a default of 10.
- Click the OK button to accept your connection definition.
Creating a Channel Connection
Creating a channel connection also consists of three parts, but there is less information to supply. The first part follows the standard to define the connection, the second assigns the basic settings, and the third assigns the advanced settings for the
connection.
To define the connection, follow these steps:
- When the Connection Properties dialog box is displayed, enter a name for the connection in the Connection Name field. The connection name can be from one to eight alphanumeric characters. The name can include the special characters $, #, and @. All
lowercase characters are converted to uppercase characters. The name must be unique and cannot be the reserved name SNASERVR.
- In the Comment field, enter a description for the connection. The description can be a maximum of 25 characters.
- In the Link Service drop-down listbox, choose the service the connection will use to communicate with an SNA adapter.
If no entry is available, you need to use the SNA Server Setup program to install a link service.
- Specify when to make the connection available by choosing an entry in the Activation group. This can be one of the following:
- On Server Startup: Specifies that the connection will be activated (made available to clients) when SNA Server starts. This is the preferred setting for a channel attachment.
- On Demand: Specifies that the connection will be activated on an as-required basis and then deactivated when no longer required.
- By Administrator: Specifies that an Administrator must manually activate or deactivate a connection. This option only applies to outgoing connections. If a connection has been configured to accept incoming calls, then the connection begins to listen
to calls as soon as SNA Server starts.
The remote system will be preset to Host System and the Allowed Directions group will be preset to Outgoing Calls.
- At this point, you have defined the connection; however, before you can use the connection, you must click the Setup button to configure the basic properties for the connection. This displays the Channel Attached Setup dialog box, and if you click the
Advanced button (as you have here) the dialog box expands, as shown in Figure 40.5.
You can configure the following fields in this dialog box:
Figure 40.5. Configuring the basic and advanced properties for a channel connection.
- Channel Address: This hexadecimal entry uniquely identifies the channel. The range is from 00 to FF, with a default of FF.
- Local Node ID: This is an eight-digit hexadecimal that uniquely defines the local system to the remote system. The first three digits commonly are referred to as the block number, and the final five digits are referred to as the node number. Here are
a couple of rules for their usage:
The first three digits cannot be 000 or FFF because these are reserved values.
In order for a remote or downstream connection to use this connection, you must inform the local Administrator of your local node identifier.
In order to use a host connection, you must use the IDBLK value for the block number and the IDNUM value for the node number in the VTAM PU definition.
The same local node identifier must be used for all connections on your SNA Server installation.
- XID Type: Specifies the type of identifying information SNA Server will send. Format 0 XID only sends the node ID and should be used only for systems that do not support a Format 3 XID. Format 3 XID sends up to 100 bytes of identifying information,
including the local node ID and control point name.
If you will be using independent APPC LUs on the connection, you must specify Format 3 XID.
- Max BTU Length: Defines the size of the basic transmission unit (BTU), also referred to as an I-frame, that can be sent in a single Data Link Control (DLC) frame. The range is from 265 to 16393, and the default is 4105 for a channel connection.
The maximum BTU length should be less than the MAXDATA= value in the VTAM PU definition for a host connection. For a downstream service, this value should be equal to or less than the maximum value supported by the downstream service. For specific
values, you should refer to your documentation or just use the default value.
- To specify how often to retry a connection operation, click the Retry Timers button to display a dialog box where you can specify the following choices:
- Maximum Number of Attempts: Specifies how many times SNA Server will attempt to make a connection. When the maximum value is reached, an entry is made into the event log and no further attempts are made to connect. The range is from 1 to no limit, and
the default is no limit.
- Delay After Failed Attempts: Specifies how long to wait, in seconds, between connection attempts. The range is from 5 to 255, with a default of 10.
- Click the OK button to accept your connection definition.
Creating a TwinAx Connection
Creating a TwinAx connection is just like creating a DFT connection in that it only requires the basic definition. You can accomplish this by following these steps:
- When the Connection Properties dialog box is displayed, enter a name for the connection in the Connection Name field. The connection name can be from one to eight alphanumeric characters. The name can include the special characters $, #, and @. All
lowercase characters are converted to uppercase characters. The name must be unique and cannot be the reserved name SNASERVR.
- In the Comment field, enter a description for the connection. The description can be a maximum of 25 characters.
- In the Link Service drop-down listbox, choose the service the connection will use to communicate with an SNA adapter.
If no entry is available, you need to use the SNA Server Setup program to install a link service.
- Specify when to make the connection available by choosing an entry in the Activation group. This can be one of the following:
- On Server Startup: Specifies that the connection will be activated (made available to clients) when SNA Server starts. This is the preferred choice for a TwinAx connection.
- On Demand: Specifies that the connection will be activated on an as-required basis and then deactivated when no longer required.
- By Administrator: Specifies that an Administrator must manually activate or deactivate a connection. This option only applies to outgoing connections. If a connection has been configured to accept incoming calls, the connection begins to listen to
calls as soon as SNA Server starts.
The remote system is preset to Peer System and the Allowed Directions group is preset to Outgoing Calls.
- Click the OK button to accept your connection definition.
Assigning a Logical Unit (LU) to a Connection
Before your clients can actually connect to your SNA-compatible mainframe, you must assign the logical units (LUs) to a connection. This is performed by selecting the connection in the Servers and Connections window and then choosing Services|Assign LU.
The Insert LU dialog box appears, where you can select from one of the following:
- 3270: Supports users of 3270 emulation software to access an SNA-compatible mainframe. You can define the LU to support a 3270 terminal or a compatible printer.
- APPC (Remote): Supports advanced program-to-program communications (transaction program (TP) to transaction program (TP) communications), which use the LU 6.2 protocol. It is most frequently used to support SNA-to-SNA communications or 5250 terminal
emulation.
- LUA: Supports Logical Unit Application (LUA) client-to-host communications.
- Downstream: Supports applications that do not support the SNA Server client server interface, but that still can access host services provided by SNA Server.
After you select the appropriate LU type and click the OK button, a New LU Properties dialog box is displayed, where you can define the LU. Each LU has a slightly different dialog box, which is described in the following sections.
Creating a 3270 Logical Unit (LU)
To create a 3270 LU, fill out the following fields in the New 3270 LU Properties dialog box:
- For a DFT connection, enter the number for the DFT adapter that will be used in the Port Number field. This value can range from 1 to 4.
- For a DFT connection, enter the logical terminal number, as specified in the 3174 FEP, in the LT Number field. This value can range from 1 to 5 and most likely will require help from your MIS Administrator to determine.
- For a DLC 802.2, SDLC, or X.25/QLLC connection, enter a number in the LU Number field to identify the LU. This number should be assigned by the MIS Administrator. It should match the LOCADDR= parameter in the VTAM or NCP Gen on the host system. This
value can range from 1 to 254.
- Specify a unique name for the logical unit in the LU Name field. The name can be from one to eight alphanumeric characters. The name can include the special characters $, #, and @. All lowercase characters are converted to uppercase characters.
- Specify a description for the LU in the Comment field. This entry can be a maximum of 25 characters.
- Choose the type of LU in the LU Type field. This will be 3270 for a 3270 terminal emulation, or printer for printer emulation.
- If this LU is a 3270 terminal emulation, choose the default display mode in the Display Model field. If you want to allow your users to choose a different display model, enable the Model Can Be Overridden checkbox.
- Click the OK button.
If you have several 3270 LUs to create, you can use a shortcut. Along with selecting the 3270 entry in the Insert LU dialog box, enable the Range of LUs checkbox. Then, in the Add LU Range dialog box, enter a name in the Base LU Name field (such as
TERM), the starting number in the First LU Number field (01, for example), and the total number of LUs to create in the Number of LUs field (10, for example).
Then click the OK button. This displays the 3270 LU Range Properties dialog box where you should specify a description for the LUs in the Comment field, choose an LU type, and—if the LU type is a 3270 terminal emulation—choose a display
mode as well. After you click the OK button, several LUs are created on the selected connection (in this example, these are TERM01 through TERM09).
Creating an Advanced Program-to-Program (APPC) Logical Unit (LU)
There are two types of APPC LUs you can create: an independent APPC LU, which can communicate directly with a peer system and support multiple parallel sessions, or a dependent APPC LU, which requires the support of a host configuration in order to
communicate with a transaction program. When creating an APPC LU, keep in mind that you have to create a local and a remote APPC in order to create a link between two transaction programs. The local APPC is created on a server, and the remote APPC is
created on a connection.
You should follow a couple of rules for a successful configuration.
For an independent APPC LU, follow these rules:
- If your local system will be communicating with a host system transaction program, the host system must use VTAM version 3, release 2, or higher. The host also must use NCP version 5, release 3, or higher. The LOCADDR= parameter should be set to 0 in
the VTAM, NCP, and CIS parameters on the host system.
- You must use Format 3 XIDs.
For a dependent APPC LU, follow these rules:
- The connection should be configured with a remote end of host, rather than a peer.
- If using a version of VTAM earlier than version 3, this is the only type of APPC LU you can use to communicate with transaction programs on the host system.
- The host system should have the LOCADDR= parameter set to 1 or greater in the NCP Gen.
To create a local APPC LU, fill out the following fields in the New APPC LU Properties dialog box:
- First, determine whether you will create a dependent or independent LU in the LU 6.2 type field.
If you will be using a remote APPC LU on a DFT connection, you must configure the local APPC LU for a dependent connection.
- Enter a name in the LU Alias field that will be used by local transaction program (TP) applications. The name can be from one to eight characters and can include the special characters %, $, #, and @. The name must be unique on the connection and
cannot match an LU on the server.
- Enter the name in the Network Name field. The name can be from one to eight alphanumeric characters. They can include the special characters $, #, and @. The first character must be alphabetic. All lowercase characters are converted to uppercase
characters.
This name should be obtained from the Administrator of the host or peer APPC LU. For a host connection, the name should be the NETID value in the VTAM Start command for the VTAM system. If the server will communicate with several hosts over several
connections, use the subarea name.
For an independent APPC LU, the network name is required. For a dependent APPC LU, the network name is not required, but is recommended because it is used only by local applications.
- Enter a name in the LU Name field to identify the LU. The name can be from one to eight alphanumeric characters. They can include the special characters $, #, and @. The first character must be alphabetic. All lowercase characters are converted to
uppercase characters.
- Enter a number in the LU Number field if this APPC LU will be a dependent APPC LU. This number should be obtained from your host system Administrator and is usually the LOCADDR= value in the LU definition in VTAM or NCP. The range is from 1 to 254.
- Enter a description for the APPC LU in the Comment field.
- To enable automatic partnering of APPC LU, set the Enable Automatic Partnering checkbox. This creates LU-LU pairs for all APPC LUs that have the automatic partnering option enabled.
To specify partners manually, click the Partners button and add the specific partners to create your LU-LU pairs.
- If you want to specify a default LU for use by transaction programs that do not specify a local LU, enable the Member of Default Outgoing Local APPC LU Pool checkbox.
- To specify a default remote APPC LU to be used by transaction programs that specify a local LU SNA Server does not recognize, select it from the Implicit Incoming Remote LU listbox.
- To specify the number of seconds SNA Server waits for an invokable transaction program to respond to a start request, enter a value in the Timeout for Starting Invokable TPs field. This value can range from 1 to 3600, with a default of 60.
- Click the OK button.
To create a remote APPC LU, fill out the following fields in the New APPC LU Properties dialog box:
- Enter a name in the LU Alias field that will be used by local transaction program (TP) applications. The name can be from one to eight characters and can include the special characters %, $, #, and @. The name must be unique on the connection and
cannot match an LU on the server.
- Enter the name of the server in the Network Name field. The name can be from one to eight alphanumeric characters. They can include the special characters $, #, and @. The first character must be alphabetic. All lowercase characters are converted to
uppercase characters.
- Enter a name in the LU Name field that identifies the APPC LU. The name can be from one to eight characters and can include the special characters %, $, #, and @. The name must be unique on the connection and cannot match an LU on the server, although
it can match the LU Alias name.
- If the APPC LU will be used for a dependent APPC LU, enter a name in the Uninterpreted LU Name field for the remote LU. Generally, this name is the name of the remote LU on the host system, as defined in the SSCP (such as TSO). The name can include the
special characters ., #, @, and $.
- Enter a description for the APPC LU in the Comment field.
- If the APPC LU will be used for an independent APPC LU, enable the Supports Parallel Sessions checkbox. If the APPC LU will be used for a dependent APPC LU, clear the checkbox.
- To enable automatic partnering of APPC LU, set the Enable Automatic Partnering checkbox. This will create LU-LU pairs for all APPC LUs that have the automatic partnering option enabled.
To specify partners manually, click the Partners button and add the specific partners to create your LU-LU pairs.
- Choose a mode from the Implicit Incoming Mode listbox to preselect a default mode for sessions from remote APPC LUs that specify a mode not understood by SNA Server. This can be one of the following:
#BATCH: A batch session.
#BATCHSC: A batch session that uses minimal security.
BLANK: A session that uses a default mode name specified as eight blank characters in EBCDIC format in BIND.
#INTER: An interactive session.
#INTERSC: An interactive session with minimal security.
QPCSUPP: A session with an AS/400 minicomputer.
- To modify the security for the APPC LU, click the Security button. Then you can specify one of the following:
No Session Level Security: The default, which requires no security key.
Security Key in Hex: A maximum of 16 hexadecimal characters.
Security Key in Characters: A maximum of eight characters. The key can include the special characters ., #, @, and $.
If you specify a security key, the session will not be activated unless both APPC LUs have keys that match.
Creating a Logical Unit Application (LUA)
To create an LUA LU, fill out the following fields in the New LUA Properties dialog box:
- Enter a number in the LU Number field if this APPC LU will be a dependent APPC LU. This number should be obtained from your host system Administrator and is usually the LOCADDR= value in the LU definition in VTAM or NCP. The range is from 1 to 254.
- Enter a name in the LU Name field to identify the LU. The name can be from one to eight alphanumeric characters. They can include the special characters $, #, and @. The first character must be alphabetic. All lowercase characters are converted to
uppercase characters.
- Enter a description for the LU in the Comment field.
- Enable the High Priority LU checkbox to give this LU higher precedence over lower priority LUs.
- Click the OK button.
Creating a Downstream Logical Unit (LU)
To create a downstream LU, fill out the following fields in the New Downstream LU Properties dialog box:
- Enter a number in the LU Number field if this APPC LU will be a dependent APPC LU. This number should be obtained from your host system Administrator and is usually the LOCADDR= value in the LU definition in VTAM or NCP. The range is from 1 to 254.
- Enter a name in the LU Name field to identify the LU. The name can be from one to eight alphanumeric characters. They can include the special characters $, #, and @. The first character must be alphabetic. All lowercase characters will be converted to
uppercase characters.
- Enter a description for the LU in the Comment field.
- Click the OK button.
Managing Your Users
Before your users can actually use a connection or logical unit, they must be granted permission to do so. This can be accomplished at the group level or at the user level. As with most other issues relating to security, this is much easier to perform
at the group level. The basic series of steps follows:
- Use User Manager for Domains to create a new group. In actuality, you will want to create several groups. You might want to segment these groups by department boundaries or specific hardware (such as terminals and printers). As usual, you can create
both local and global groups to make your management tasks easier.
- Use User Manager for Domains to create new user accounts as required.
- Use User Manager for Domains to assign your users to the appropriate groups.
- Finally, use SNA Server Administrator to assign users or groups to logical units.
This last step is the focus of this discussion, and you will be happy to know that it follows the same basic principles as assigning permissions to any other object (such as a directory or file).
The basic steps follow:
- Open the Users and Groups window.
- Choose New User from the Users menu to display the Add Users and Groups dialog box.
- If the default domain, which is where the current SNA Server installation resides, is not the domain in which the group or user accounts reside, choose another from the List Names From field.
- In the Names field, select the groups or users and click the Add button.
- Click the OK button. This adds the groups or users to the Users and Groups window in the left window.
- Select the group or user and choose Assign LUs from the Users menu to display the Assign User LU/Pool Sessions dialog box.
- In the Available LU and Pools field, select the LUs and pools to assign to the account and click the OK button.
Before you can assign permission to an LU or LU pool, you must create one. Creating an LU is discussed in the previous sections, and creating an LU pool is discussed in the following section.
Using Logical Unit (LU) Pools
An LU pool is a collection of logical units grouped into a single entity. It is similar to a group account in that it contains multiple user accounts grouped into a single entity. Both offer easier management of resources, but LU pools offer additional
benefits as well:
- Efficient resource management: Most installations find that not every user is accessing the same resource at the same time. So it is possible to support 50 users with only 25 LUs if you group all the LUs into a single pool and assign all 50 users to
this LU pool. As long as you do not have more than 25 simultaneous users, you'll never run out of LUs.
- Fault tolerance: An LU pool can contain LUs from more than one SNA Server. As long as one server is available with LUs in this pool, your users can continue to access them without interruption. This can be very useful when you need to perform
maintenance or in case of a server failure.
- Load balancing: You can use an LU pool to balance the load on a particular server, which increases perceived user performance. When you use an LU pool with LUs from multiple servers, the individual load is balanced among these servers based on the
number of connected users.
You can create a 3270 terminal/printer, LUA, or downstream pool by opening the LU Pools window and then choosing Pools|New Pool to display the New Pool dialog box. Then enter a unique name for the pool in the Pool Name field, enter a description in the
Comment field, and choose the type of pool to create in the LU Type field. If you specified 3270 for the LU type, choose a display mode in the 3270 Display Mode field. Then just click the OK button.
After you create the pool, you have to assign logical units to it. Select the pool and choose Pools|Assign LUs to display the Assign Pool LUs dialog box. This is just a matter of selecting the individual LUs in the Available LUs field and clicking the
OK button to assign the LUs to the pool.
Don't forget that before your users can actually use the LU pool, you must assign the appropriate permissions as described in the preceding section.
Managing the SNA Server Services
By default, the SNA Server Services are configured to be inactive at system startup. This means that before your users can use an LU, you have to start the appropriate server or individual connection. This is accomplished by choosing the server or
connection in the Servers and Connections window and choosing Services|Start Service. Stopping a server or connection follows the same methodology, but you should choose Services|Stop Service instead.
Any connection configured with On Server Startup activation will be automatically activated when you start the appropriate server. Connections that use the On Demand activation setting are activated as required when a user attempts a connection. Any
connection configured with the By Administrator activation requires manually starting or stopping the connection as specified earlier.
You can provide additional fault tolerance and ease of administration by configuring SNA Server to start up when NT Server starts. Just set the SnaServer service to automatic, rather than manual, in the Control Panel Services applet. You can do the
same for the NVAlert and NVRunCmd (NetView Alert and Run Command services). Do not configure the SnaNtMn service to Automatic, however, or it will fail to start. SNA Server automatically starts this service for any connection that is configured to use
it.
Configuring SNA Administrator
Configuring SNA Server only consists of two choices. You can configure the display options by choosing Options|Preferences, which is pretty self-explanatory, or Options|Server Broadcasts, which requires a bit of discussion. This choice displays the
Server Broadcasts dialog box, as shown in Figure 40.6.
Figure 40.6. Configuring SNA Server broadcasts.
In the Select the Client-Server Protocols Which Will Be Used to Send Server Broadcasts Between SNA Servers section, you can choose from the protocols you have installed and configured SNA Server to use. For efficiency, use a single protocol for server
broadcasts if you can. If all your installations support TCP/IP, for example, use just TCP/IP. But if you have some servers configured for TCP/IP and some for IPX/SPX, be sure to enable both these protocols so that the installations can communicate between
themselves. If you will be using non-TCP/IP protocols over a WAN, you should enable the Route Server Broadcasts over IP Routers checkbox. If you do not, the server broadcasts will fail to propagate across the routers.
Before you do decide to enable the Route Server Broadcasts over IP Routers check with your network administrators (if your company has a separate network administration group) as this option relies on the TCP/IP capability to encapsulate NetBIOS
requests. Sometimes, this may not be considered the best option as it can utilize a high percentage of network bandwidth. You network administrators may have a better alternative.
In the SNA Server 2.0 and Comm Server Support group, you should disable the SNA Server 2.0 Servers in the Same Domain checkbox unless you have SNA Server 2.0 installations in the same domain. This option can seriously degrade SNA Server 2.x performance
because it requires server broadcasts be sent once a minute. It also uses a significant portion of your network bandwidth that could be used for more productive requirements. If you have any DCA/Microsoft clients, you should enable the DCA/Microsoft Comm
Server Client Support checkbox. You also should make sure that you have enabled Microsoft Networking as an available transport protocol because these applications require NetBEUI.
If you are not supporting SNA Server 2.0 installations, you can specify how often SNA Server broadcasts set the time, in seconds, in the Mean Time between Server Broadcasts field. This value ranges from 45 to 65535, with a default of 60. The default is
a good choice because broadcast messages are not guaranteed to be received by the client and this will compensate for lost messages. If your network is not error prone, however, and your servers are not overburdened, then you can increase this value and
lower the network bandwidth requirement.
Securing SNA Server
Now that you have spent so much time configuring SNA Server, you should spend a little more time to protect your investment. This is very important and should not be overlooked in your effort to provide a service to your network clients. Spend just a
little more time to restrict the modifications that are possible to just a few Administrators by following these steps:
- Choose Permissions from the Security menu to display the SNA Domain Permissions dialog box.
- Click the Remove button to remove the default Everyone group (which has full control of SNA Server Administrator).
- Click the Add button to display the Add Users and Groups dialog box.
- Choose the group you want to allow full administration of your SNA Server domain (such as Domain Admins) in the Names field. If you want to choose a user account instead of a group account, first click the Show Users button. If the user or group is not
in the current domain, choose the correct domain from the List Names From drop-down listbox.
If you have not already created a group for SNA Server administration, it is a good idea to do so in User Manager for Domains. This group can be assigned permission to administer SNA Server and to limit the damage that could be caused by unfamiliar
domain Administrators (Domain Admins).
- Choose the access control setting of Full Control in the Type of Access drop-down listbox, and click the OK button.
- Click the OK button once again, and you have secured access to your SNA Server domain.
You can further restrict access to groups or users by selecting them and assigning a different type of access. This could be No Access, which prevents them from using SNA Server Administrator; Read, which provides the capability to see the
configuration but not change it; Read/Write, which provides the capability to read and modify the configuration but not change permissions; and Full Control, which provides complete access.
It is a good idea to use the Security|Auditing option to enable auditing of your SNA Server configuration if you will be providing access to several users. In this way, you can determine who did what in case of a user error—not so much to assign
blame, but instead to determine who needs additional tutoring in their duties.
Using the SNA Trace Utility
If you are encountering problems with SNA Server, you might want to look into the SNA Server Trace utility. This utility is located in your Microsoft SNA Server Program Manager group. It provides two basic options for you:
- It can be used to send trace messages to the event log, which makes them easier to read.
- It can send detailed trace messages to trace files (*.TRC) in the TRACES directory of your SNA Server root installation directory (generally, C:\SNA\TRACES).
To use the SNA Server Trace utility, follow these steps:
- Launch the SNA Server Trace utility. The SNA Server Trace Options dialog box appears.
- In the Service Name drop-down listbox, specify the service to trace.
- In the Message Traces group, choose what messages to trace. This varies based on the selected service and may be any of the following:
- Admin Messages: Messages between SNA Server Administrator, SnaBase, and SnaServer (PU 2.1 node).
- 3270 Messages: Messages between 3270 applications.
- Data Link Control: Messages between SnaServer (PU 2.1 node) and the link services.
- SNA Formats: DLC messages in SNA Server formats.
- LU 6.2 Messages: Messages between SnaServer (PU 2.1 node) and the APPC dynamic link library.
- Level 2 Messages: Messages specific to the ISO Level 2 model.
- If you have specified the SNA applications as the selected service, you can trace API messages, which can be any of the following:
- APPC API: Activity between APPC applications and the APP dynamic link library.
- CPI-API: Activity between the CPI-C applications and the CPI-C dynamic link library.
- LUA API: Activity between the LUA applications and the LUA dynamic link library.
- CSV API: Activity between the CSV applications and the CSV dynamic link library.
- If you have a support provider on the line, such as Microsoft Product Service Support, you may need to enable the Internal Tracing option by moving the slider to the requested level. This is not normally useful to Administrators.
- To enhance performance, leave the Minimize Disk Access by Buffering Writes checkbox enabled, but if you are attempting to determine the cause of a system crash, disable this option so that the trace logs will be more current (if the system crashes,
information in the buffer will be lost).
- Repeat these steps for each service to trace.
- Click the Apply button and then click the Close button.
Although the trace files might be helpful in some situations, you most likely will require some help from a network guru in order to interpret the data. Most times the information obtained from the trace utility is only used by Microsoft technical
support personnel to resolve an otherwise unresolvable problem.
Summary
In this chapter, you explored some of the basic requirements for configuring your SNA Server installations to support your clients' access to your SNA-compatible mainframe. The key feature to remember is that before you can use a link service, you must
define the connection, set up the connection, and then configure any advanced properties. After the connection is created, you must assign logical units. And, finally, you must assign permissions to groups or users to access the logical units. Permissions
should be based on groups rather than individual users.
You can use Logical Unit pools to offer increased resource efficiency, fault tolerance, and increased performance. And before you walk away from your SNA installation, be sure to safeguard it by assigning specific security to determine just who can use
the SNA Server Administrator to configure the installation.
In the next chapter, you will look into optimizing your SNA Server installation. Some of the topics you will consider include how to choose the right server platform and server models. You'll also learn how to configure your base
Windows NT Server platform, and then you will look into specific SNA Server configuration choices to improve performance.