This document lists the Adabas 8.5 enhancements.
Adabas 8.5 SP3 provides support for the following new products in the Adabas realm:
Adabas Auditing for z/OS
Adabas Encryption for z/OS
Adabas 8.5 SP3 provides support for the following new releases of products that are not included in the Adabas library:
Adabas Review 5.2
Adabas SAF Security 8.3
Adabas 8.5 SP3 uses the updated ICS 3.1.1 library based on International Components for Unicode (ICU V65).
Databases that have enabled Universal Encoding Support must change their JCL. The changed JCL must include the new ICS311.Lxxx library in the STEPLIB/TASKLIB chain.
When starting a nucleus, a check is made with the System Access Facility (SAF) security server to either allow the nucleus to start without APF authorization or prohibit access based on a security profile rule in the FACILITY class. With Version 8.5.2, you can now specify a different class when installing the SVC. For further information, refer to Initializing the Adabas Communication Environment in the Installation for z/OS documentation.
This enhancement was also made available to earlier releases by fixes AO851011, AO843017, AO842011 and AO835028.
If an Adabas nucleus is started with ZIIP=YES on a system (LPAR) with no zIIPs (System z Integrated Information Processors), the zIIP-related statistics in the Adabas session or interval statistics, in the outputs of operator command and ADADBS OPERCOM DZSTAT, and in the AOS zIIP Statistics screen now directly show the potential zIIP offload rate that Adabas could have achieved if a zIIP had been available.
For further information, refer to Understanding the zIIP-Related Statistics in the Adabas for zIIP documentation.
In conjunction with Adabas SAF Security version 8.2 SP2 Patch level 2 or above, Adabas 8.5 SP2 provides start-up protection for Entire Net-Work jobs.
When starting an Entire Net-Work job, Adabas SAF Security uses the access level of the User ID assigned to the job to determine:
whether to permit the start-up.
whether to run in WARN mode or FAIL mode.
This provides an identical level of start-up protection as that currently provided for Adabas nuclei.
Refer to the Operations section of the Adabas SAF Security documentation for more information on Adabas SAF Security operation in Entire Net-Work.
From Adabas Version 8.5.1 onward, a number of add-on products that were previously distributed on separate libraries are now included in the ADA library:
Adabas Caching Facility (ACF)
Adabas Cluster Services (ALS)
Adabas Delta Save Facility (ADE)
Adabas Online System (AOS)
Adabas Parallel Services (ASM)
Separate license files are required for using these add-ons. Also, jobs used for applying zaps to them may need to be adjusted.
Refer to Installation and License for details.
When the Adabas nucleus or an Adabas utility is running with ADARUN parameter ZIIP=YES, Adabas 8.5 offers the following performance enhancements:
Adabas utilities with many I/O operations to sequential input or output datasets will see substantial reductions in the overall CPU consumption on general processors and zIIPs, along with increases to their zIIP offload rates.
Adabas nuclei will see fewer TCB/SRB mode switches for timer services.
Adabas nuclei running with Review, as well as Event Replicator (Reptor) servers, will see fewer TCB/SRB mode switches for subtask waits.
The ADATCP subtask of the Adabas nucleus (see also Point-to-Point Support for Adabas (ADATCP) below) is now zIIP-enabled.
In conjunction with Adabas SAF Security, the following security-related enhancements are now available:
Refer to Adabas Security for a general description of the security measures that are available to prevent unauthorized access to the Adabas environment.
Nucleus administration functions can now be protected ensuring unauthorized use of such functions is disallowed.
For example, a user or group may be allowed to display particular nucleus session parameters but disallowed from modifying them.
This new level of protection is provided in addition to the existing protection available for Adabas Utilities and Adabas Basic Services.
Refer to the Operations section of the Adabas SAF Security documentation for more information on this topic including the list of applicable administration functions and the format of the resource names used.
The execution of utilities can now be protected at the utility function/file level, extending the existing name-level protection.
For example, a user or group may be allowed to run ADASAV SAVE but not ADASAV RESTORE. Or, a user or group may be allowed to run ADASAV SAVE FILE=10 but not ADASAV SAVE FILE=20.
Refer to the Operations section of the Adabas SAF Security documentation for more information on this topic including the list of applicable utility functions and the format of the resource names used.
Adabas Security violations (against file permission levels defined using ADASCR) can now be logged to external security packages that support the use of the general-purpose security-audit request RACROUTE REQUEST=AUDIT.
Refer to the Operations section of the Adabas SAF Security documentation for more information on this topic.
ADARUN now checks the version indicators in the modules that it loads and reports differences to its own version indicators. For modules belonging to the Adabas base product, ADARUN checks the version, release and patch-level indicators. For modules belonging to Adabas add-on products, ADARUN checks the version and release indicators. ADARUN lists the modules whose version indicators do not match.
If the Adabas SAF Security add-on product is installed, ADARUN terminates with the new Error-25 if one of these version checks fails.
This section describes the utility enhancements made in Adabas version 8.5.
A number of ADADBS functions accept the new parameter INPARALLEL=YES|NO:
With YES, the function may be executed even if other users are active on the target file.
With NO (the default), the function requires exclusive file control, as before.
The INPARALLEL parameter may be specified for these functions:
ADADBS CHANGE FILE=fnr,FIELD=de,OPTION=NOUQ[,INPARALLEL=YES|NO]
ADADBS DSREUSE FILE=fnr,MODE=ON|OFF[,INPARALLEL=YES|NO]
ADADBS ISNREUSE FILE=fnr,MODE=ON|OFF[,INPARALLEL=YES|NO]
ADADBS MODFCB FILE=fnr,...[,INPARALLEL=YES|NO] – unless FILEREADONLY=YES or LOBFILE is also specified
ADADBS NEWFIELD FILE=fnr[,INPARALLEL=YES|NO]
ADADBS RELEASE FILE=fnr,DESCRIPTOR=de[,INPARALLEL=YES|NO]
ADADBS RENAME FILE=fnr,NAME=newname[,INPARALLEL=YES|NO] – except for FILE=0 (rename database)
ADADBS REPLICATION FILE=fnr,...[,INPARALLEL=YES|NO]
For more information, refer to the above functions of the ADADBS utility, in the Adabas Utilities Manual.
Adabas 8.5 SP1 provides the following miscellaneous changes and enhancements:
Work and PLOG records now contain an 8-byte timestamp (STCK). With Adabas Version 8.5, the 8-byte timestamp is now always included on all protection records. This was true for cluster databases in prior versions and will now be true for noncluster databases as well. In addition, the timestamp will be retained on the sequential protection logs. This was an enhancement requested for both diagnostic and auditing purposes.
Now each record contains the exact timestamp of when the update was made for both the dual protection logs and also the sequential protection logs. In previous versions the sequential protection records shared the timestamp of the header so ADASEL reporting was always not precisely accurate per record.
The existing STARTING FROM and ENDING AT clauses can be used to restrict selections to records added, updated, or deleted within a time range. These parameters remain the same but ADASEL now does its selection based off the timestamps in individual PLOG records rather than just the timestamp for the PLOG block.
The additional timestamp on each protection record slightly increases the amount of data written to the Work and PLOG datasets for non-cluster databases. The utilization of Work and PLOGs should be watched and if necessary, their sizes adjusted.
ADATCP is a subset of an Entire Net-Work kernel that runs as a subtask in an Adabas session. It provides direct communication with application programs, eliminating the need for intermediate Net-work kernels.
Using Point-to-point support for Adabas (ADATCP) requires Entire Net-Work Version 6.5 SP2 or above and Entire Net-Work TCP/IP Option Version 6.5 SP1 or above.
A valid Entire Net-Work license is now required for ADATCP. Because the Adabas nucleus and the ADATCP kernel can both read DDLIC to obtain their license, it is recommended that the Entire Net-Work license be assembled into a load module. Entire Net-Work licensing requires MLC135 or above.
See Software AG Mainframe Product Licensing for more information.
ADATCP now works with the Adabas Directory Server (ADI).
New parameters may be provided to ADATCP via the TCPIN DD statement. See New Simple Connection Line Driver (TCPX) DRIVER and LINK Parameters below for details.
Internal enhancements have been made to ADATCP to improve stability and robustness.
ADATCP now runs in zIIP mode when the Adabas session has zIIP active.
The following table summarizes the new Simple Connection Line Driver (TCPX) DRIVER and LINK parameters introduced:
Parameter | DRIVER or LINK Statement? | New or Changed? | Description | Introduced in Release |
---|---|---|---|---|
ADI | DRIVER | New | This parameter was added to the TCPX line driver in this release. It specifies whether Adabas Directory Server (ADI) support is enabled or disabled. | 8.5 SP1 |
ADIHOST | DRIVER | New | This new parameter specifies the hostname of the Adabas Directory Server (ADI). The hostname is used to attempt to acquire the TCP/IP address of the system where the ADI resides. | 8.5 SP1 |
ADIPART | DRIVER | New | This new optional parameter specifies the partition name to be used with the Adabas Directory Server (ADI). If specified, the partition name will be included in all target entries added to the ADI by this session. Partitions are used to restrict database access; when an application queries the ADI for a target and specifies a partition, only entries with the same partition name are returned. Likewise, if the query does not specify a partition, only entries that do not have a partition are returned. | 8.5 SP1 |
ADIPORT | DRIVER | New | This new parameter specifies the port number used to communicate with the Adabas Directory Server (ADI). | 8.5 SP1 |
For more information about TCPX DRIVER statement parameters, read TCPX DRIVER Statement in the Entire Net-Work TCP/IP Option documentation.
TCP/IP Socket Support for Batch/TSO is provided with Adabas Version 8.5 SP2.
For information regarding the enabling of this support, read Enabling TCP/IP Socket Support for Batch/TSO in the Adabas Installation for z/OS documentation.
The Universal Encoding Support (UES) in Adabas 8.5 has been changed to use the International Components for Unicode for Software AG (ICS). ICS is an alternative code page conversion subsystem. Its use with Adabas was introduced as an option in Adabas 8.4 SP2 and was made the default with Adabas for zIIP 8.4 SP3. ICS is based on International Components for Unicode (ICU V58.2), an open source project initiated by IBM (http://site.icu-project.org). ICU is already being used with other Software AG products like Natural for Mainframes and Adabas on Linux, UNIX and Windows.
The code page modules of ICS are provided in the separate ICS221.Lnnn load library. If the Universal Encoding Support is to be used, the ICS library must be concatenated to the ADA852.LOAD library in the Adabas nucleus/utility job or job step.
ICS does not require the SMARTS runtime system (APS). It supports the same code pages as ECS. When used with Adabas for zIIP, ICS is more efficient than ECS in converting text between code pages.
For additional information about setting up connections to UES-enabled databases using ICS, see Enabling Universal Encoding Support (UES) for Your Adabas Nucleus.