IBM i Security Authorization Chart

Soure: Robin Tatam, and please note that this flowchart is actually an interpretation of the flowchart published by IBM in the security reference manual.

Double click on the image to enlarge.

Authority Considerations in IBM i

The following flowchart explains the process of how authorities are checked to access objects / libraries in IBM i
Note: Double click on the image to enlarge

FTP Subcommand: NAMEFMT

The NAMEFMT (name format) sub-command controls whether our FTP client session can access file systems on an IBM i Integrated File System (IBM i IFS) besides our DB2/400 data. NAMEFMT can be set on either an IBM i FTP client or server and — in addition to providing or denying access to IBM i IFS file systems; it affects how you code IBM i path names to IBM i IFS files you want to transfer.

NAMEFMT can be executed with a parameter of 0 or 1

NAMEFMT - This command displays the Name Format setting for each machine if both machines are IBM i. If our FTP host machine is an IBM i and our FTP client machine is running on another operating system (such as Windows or UNIX), we can check the status of the IBM i NAMEFMT value by issuing the NAMEFMT command as follows:


1. This command tells an IBM i to use a naming format that assumes we are transferring files to and from the DB2/400 file system (the QSYS.LIB file system in the IBM i IFS). 
2. With NAMEFMT 0, we cannot perform file transfers from any other IBM i IFS file system except QSYS.LIB. That means we cannot access the Root (/), QOpenSys, QDLS, and the other IBM i IFS file systems. 
3. It also affects the way we specify our IBM i working directories or libraries in our other FTP commands. 
4. When NAMEFMT 0 is specified, we must use the following pathname naming convention in our FTP command when we are referencing AS/400 QSYS.LIB libraries, files, and members: LibraryName/FileName.MemberName

NAMEFMT 1 - This command tell IBM i that our client can access files in any IBM i IFS file system (such as Root, QOpenSys, and QDLS). It allows us to access any file residing on my IBM i, provided we have the access to that file. However, when NAMEFMT = 1, we must change the pathname naming convention for referencing a folder or file on the IBM i IFS to the following:

• /QSYS.LIB/libraryname.lib/filename.file/membername.mbr — when dealing with objects in the QSYS.LIB file system
• /filesystem/directoryname/filename.extension — when dealing with non- QSYS.LIB file systems. 

File naming convention in FTP

The following figure explains the file naming convention when using FTP

  • If you want to target or replace a particular member with FTP, you can do so by adding the member in the command.
  • Note: In the IBM i system LIBRARY, FILE and MEMBER names can only be a maximum of 10 characters or fewer.
  • Unix, Windows-based systems do not have these restrictions. File naming conventions may be a consideration when you build FTP automated applications.

Common FTP commands

Some FTP commands are the same on different OS, but others are not. You can usually get a list of commands if you enter help or ? (question mark) at the ftp> prompt.

Some useful FTP commands available on most systems include:
ascii - Switch to ASCII mode. ASCII mode is the default mode; use it for transferring text files.
binary - Switch to binary mode. Use to transfer binary files, including files ending in .zip, .tar, .Z, and .gz, executable programs, and graphics files.
bye (or quit) - Close the connection to the remote computer and exit FTP.
cd - Change the directory on the remote computer.
close - Close the connection to the remote computer.
del - Delete files from the remote computer.
dir (or ls) - List the files in the current directory on the remote computer.
get - Copy a file from the remote computer to the local computer.
hash - Displays a # on the screen for every block of bytes transferred. A block is 1024 bytes in some cases, 2048 in others, but is between 1024 and 4096 in most cases. Check FTP's online help for the number represented in the FTP program you are using.
help (or ?) - Lists or provides help on the use of FTP commands.
lcd - Change the directory on the local computer.
lpwd - Show the current directory (present working directory) on the local computer. This command is not available in all FTP versions. On Unix systems, try !pwd if lpwd doesn't work.
mdel - Delete multiple files on the remote computer.
mget - Copy multiple files from the remote computer to the local computer.
mkdir - Create a directory on the remote host.
mput - Copy multiple files from the local computer to the remote computer.
open - Open a connection to a remote computer.
prompt - Turn on (or turn off) file transfer prompting. Often used to turn off prompting when using mdel, mput, or mget so that you are not required to confirm the transfer of each file before it is transferred.
put - Copy a file from the local computer to the remote computer.
pwd - Show the current directory (present working directory) on the remote computer.
rmdir - Remove a directory on the remote host (the directory usually has to be empty).
user - Log into the remote computer to which you are currently connected. FTP will ask for a login name and possibly a password.