Host Integration Server 2000 Technical FAQ

  • Article
Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

Updated : June 9, 2001

Frequently Asked Questions

What are the primary enhancements Host Integration Server 2000 represents over the existing SNA Server product?

Microsoft Host Integration Server 2000 inherits the full functionality of Microsoft SNA Server, plus several features to round out the offering. Enhancements are included in the following areas:

Networking

Administration
Data Access
Data Integration
Application Integration Enhancements for COMTI

Networking

  • Host security enhancements, With Host Integration Server 2000 you get one-way password synchronization to mainframes with RACF, ACF/2, and Top Secret. In Host Integration Server 2000, a third-party host component is no longer needed to initiate a password change from the Windows NT or Windows 2000 operating system to RACF, ACF/2, and Top Secret. Host Integration Server 2000 utilizes the standard Password Expiration Management (PEM) component on the host to make changes on the host. This component is part of Advanced Program-to-Program Communication/Customer Information Control System (APPC/CICS) on the host. This new feature enables Windows 2000, with or without the Active Directory™ service, to act as the central/master security database. Note, however, that an add-on product from Proginet or NEON Systems is still required for bidirectional password sync with the mainframe.

  • MSDE-based host security. SNA Server currently utilizes a proprietary flat file-based database to maintain the user ID and password for the password synchronization and automated sign-on (Single Sign-On, or SSO) features. Host Integration Server 2000 will replace this flat file database with one based on the Microsoft Data Engine. Since MSDE is built on Microsoft SQL Server™ technology, the host security feature will have improved reliability, supportability, and scalability. The supportability features include drop/reload database using standard SQL statements/commands/utilities.

  • SNA gateway enhancements. The 3270 client shipping in SNA Server 4.0 allows for only a single session per client desktop. In Host Integration Server 2000, multiple sessions will be enabled. This allows an end user to have up to 16 instances of the 3270 client running on the desktop. In theory, a user should be able to have as many sessions as there are local PC resources, but 16 is the number that has been tested and verified.

  • Host Print Server scalability. The Host Print Server function has been scaled to support up to 4,096 printer sessions, from 1024. This should exceed the most demanding host print environments.

  • LU6.2 2PC application load balancing and hot backup. Two-phase commit APPC applications (e.g., COM Transaction Integrator and OLE DB Provider for DB2) will support load balancing and hot backup across multiple Host Integration Server 2000 servers.

Administration

  • WMI-based management and configuration. Host Integration Server 2000 provides enhanced management capabilities for SNA administrators to view and control their Host Integration Server 2000 environment for SNA gateway functions. The Windows Management Interface vision is to enable the Windows platform for monitoring, controlling and analyzing software, hardware, networks, users and policies within the enterprise. Using WMI/COM, an automation interface allows customers to derive their own administrative tools that can be used to monitor, configure and take action on all SNA administrative objects. WMI provides the plumbing or infrastructure for developers and independent software vendors (ISVs) to create management applications built directly on top of the management infrastructure. This makes Windows 2000 the best solution for managing any platform and devices.

  • Streamlined documentation. Product setup and documentation for Host Integration Server 2000 has been completely restructured and redesigned, focusing on a functional perspective. Each functional area of the product (COMTI, replication, etc.) has an associated online book, so customers can choose the Microsoft Management Console snap-in they need. Product setup has been reorganized around the same functional areas, making it easier to install just what a user needs. The online books have added new multimedia troubleshooters and more troubleshooter topics. In addition, Host Integration Server 2000 includes printable files (Adobe Acrobat) of all the online books. Also, customers can view the entire document set using HIServer.chm, available from the Start menu. The context-sensitive Help has links to Contents so customers can view associated topics and browse if necessary. Host Integration Server 2000 provides online worksheets for entering configuration information that is stored in the online books as well as a road map with links so administrators, developers, and database administrators can quickly find information they need to do their specific tasks.

Data Access

  • DB2 access enhancements. Microsoft's goal is to offer the highest-performing SQL Server-to-DB2 solution on the market. In Host Integration Server 2000, both the Microsoft OLE DB Provider and the ODBC Driver for DB2 have been redesigned to offer increased performance and scalability. This allows developers to create dynamic Web applications that access mission-critical DB2 data in real time. Plus, new performance counters enable administrators to conduct predeployment testing and planning using the Windows Performance Monitor tool.

  • DTC-driven 2PC support for DB2 for OS/390 and AS/400 using LU6.2. In Host Integration Server 2000, the OLE DB for DB2 Provider and the ODBC Driver for DB2 are enhanced to support the DRDA 2 Phase Commit protocols over LU6.2. This enables COM+ applications to participate in a Distributed Transaction Coordinator—driven two-phase commit transaction between SQL Server and DB2 databases on OS/390 and OS/400.

  • Configuration and administration. Host Integration Server 2000 offers a simple TCP/IP-only setup program based on Microsoft Installer technology (used in Microsoft Office 2000) for the data providers that support direct TCP/IP connections to host databases. Customers should find the end-user installation and administrator configuration experience to be much improved for both SNA and TCP/IP connections.

Data Integration

  • AS/400 data queues. A data queue is an AS/400 system object that is used for interprocess communications between multiple programs or jobs. Data queues allow multiple programs to send and receive shared messages using a central repository without first writing the message data to a physical database file. Typically, when a data record is read from the queue, the record is then erased from the queue. The advantage of using data queues to share data as opposed to using database files is that data queues require much less file input/output (I/O) and therefore improve overall system performance. Host Integration Server 2000 enables 32-bit Windows-based applications to access data queues using a COM automation control. The control is modeled after the AS/400 code points, exposing the greatest number of options practically possible.

  • File transfer for AS/400, AS/36, and VSAM. The file transfer utility provides a user with the ability to move a file between the local computer and a host system. Host Integration Server 2000 provides this service using a single ActiveX® control. This extends the ability for the client application to perform file transfer operations from a large number of client development environments.

  • Connection pooling for OLE DB Provider and ODBC Driver for DB2. When enabled, connection pooling sets up a pool of connections to service database connection requests. Connection pooling allows a middle tier, like Internet Information Service (IIS), to hold onto the open connections and hand them out to the Web clients making requests from the database. Not closing a connection to the database and holding it for future use reduces the time required to validate and provide the next connection to the back-end server.

Application Integration Enhancements for COMTI

  • COM+ support. COMTI now supports deployment in COM+ applications and the other elements necessary for operation on Windows 2000. In addition, it supports COM+ Object Pooling, a new COM+ mechanism to reduce resource consumption by maintaining a cache of object instances between client calls that eliminates redundant operations to create and destroy object instances in a high-volume application. Although COMTI objects are not expensive to create, there is a significant manageability benefit from this feature because the administrator can specify both lower and upper bounds on the number of COMTI instances that can run on a server. This provides a means to manage the workload on the host by preventing flooding due to client demand spikes, recovery from outages, etc.

  • Connectivity to IMS transactions through OTMA. This is a new remote environment type in COMTI, supporting a new TCP-based transport for the mainframe. To use COMTI's existing TCP transport for IMS, it was necessary to recompile the IMS transaction program to use the extended communications support library, although no logic changes were required. However, by deploying IBM Open Transaction Management Architecture server, customers can provide access to standard, terminal or LU6.2-enabled IMS transactions without change.

  • Improved performance tuning and monitoring. Microsoft has added the instrumentation you need to confirm COMTI's reputation as the highest-performance COM integration solution available. Performance Monitor counters have been added to show offered load (in client calls per second) and host response time (in sec/transaction) and number of active COMTI instances. These provide the additional information a user needs to do accurate load assessment and capacity planning on servers using COMTI.

  • Streamlined setup. A TCP/IP-only option has been added to setup, simplifying installation and configuration of COMTI when SNA connectivity for LU6.2 is not required.

What additional Host Integration Server 2000 enhancements are directly attributable to Windows 2000 functionality?

Integration with Active Directory. Clients can find servers through Active Directory in addition to the traditional subdomain architecture. Users need only configure the name of the organizational unit instead of the detailed protocol information. Also, clients can locate server resources across multiple organization units.

MMC-based multi-server administration. The Microsoft Management Console—based multiserver provides a consistent method of administering Host Integration Server 2000 features. Some snap-ins are centrally administered, meaning Microsoft auto-groups the servers. Others (like the COMTI snap-in) are focused on a particular server, although many servers can be added to the same console window.

MWI-based setup. The Microsoft Windows Installer (MWI) reduces the total cost of ownership (TCO) for customers by enabling them to efficiently install and configure products and applications. MWI supports the following for application installation:

  • Rollback during failed installation

  • Resiliency to repair damaged installations

  • Ability for an administrator to configure the installation behavior of MWI by using Group Policy Editor on Microsoft Windows 2000 or System Policy Editor on Windows 95, Windows 98, and Windows NT.

Can we run SNA Server on Windows 2000 until we're ready to acquire Host Integration Server?

Yes, you'll need SNA Server 4.0 Service Pack 3. However, you won't be able to take advantage of Windows 2000 core services.

Can Host Integration Server 2000 run on Windows NT Server 4.0?

Yes, Host Integration Server 2000 is fully supported on Windows NT 4.0. Capabilities specific to Windows 2000 will not be available. Examples of Windows 2000 functionality include COMTI's use of COM+ Object Pooling and the client-server use of Active Directory.

Connectivity Issues

What connectivity types does Host Integration Server support?

The following is a comprehensive list, sorted by host, of connectivity types supported by Host Integration Server 2000:

Mainframe

  • 802.2 over Ethernet, token ring, frame relay, or Asynchronous Transfer Mode (ATM)

  • Synchronous Data Link Control (SDLC) over leased or switched telephone circuits

  • X.25/QLLC over private or packet-switched networks

  • ESCON channel over fiber-optic cabling

  • Bus&Tag channel over copper cabling

AS/400

  • 802.2 over Ethernet, token ring, frame relay, or ATM

  • SDLC over leased or switched telephone circuits

  • X.25/QLLC over private or packet-switched networks

AS/36

  • 802.2 over token ring

  • SDLC over leased or switched telephone circuits

Security Issues

How does Microsoft address security issues in a TN3270 environment?

With Microsoft Host Integration Server 2000, customers can get the same functionality as Secure Sockets Layer(SSL) provides, in addition to the benefits of native 3270 versus TN3270 emulation.

Simply put, TN3270 is not the only way to get 3270 emulation over a TCP/IP network. While TN3270E works sufficiently well with most host applications, it is not the native 3270 data stream that customers are used to. There's no pacing on the session, causing the emulators to potentially misbehave when there are unsolicited host messages (such as a broadcast message by the host administrator). TN3270E does not handle host graphics and is still known to have problems with 3287 printing. Other problems include unreliable handling of "Attn" and "SysReq" keys on the emulator and Structured fields as well as extended attributes causing problems with some TN3720 emulators.

Native 3270 emulators have none of the above problems. In addition, when connecting a native 3270 emulator over TCP/IP to Host Integration Server 2000, customers get the following additional benefits:

  • Authentication by Windows NT domain. The user is not allowed to connect to the host unless first authenticated securely by Windows NT

  • Assignment of logical units (LUs) to users and groups. Administrators can further set security at the gateway level by allowing users access to only certain LUs or LU pools.

  • Assignment of LUs to a fixed desktop. Administrators can further allow access to certain LUs only from certain workstations (by IP address or workstation name).

  • Encryption of all host-bound or host-originated data. An optional encryption feature allows administrators to force all 3270 data to be encrypted between the desktop and SNA Server. Placing SNA Server in a secure location next to the host gives organizations reasonable end-to-end security for all sensitive data including host passwords (which otherwise flow in clear text).

  • Automatic logon to host applications with the Host Integration Server 2000 Single Sign-On feature. When combined with the password synchronization feature (which works with TN3270 clients as well), administrators can set up 3270 users to be automatically logged on to the appropriate host application.

  • Automatic load balancing. The split-stack feature automatically balances the load among multiple servers.

  • Automatic hot failover in case of host connection of server failure.

  • Ability to support IPX, NetBEUI, and Banyan VINES-based desktops.

Does the OLE DB Provider for DB2 support Host Security Integration (Single Sign-On)? If so, how should it be configured?

Yes, the OLE DB Provider for DB2 supports Host Security Integration. The user/developer should pass MS$SAME/MS$SAME as the user ID/password. In addition, in Host Integration Server, Microsoft provides a custom graphical user interface (GUI) in Data Links and exposes a checkbox to enable Host Security Integration (as available in the Microsoft ODBC Driver for DB2).

Performance Issues

Will Host Integration Server 2000 support two-phase commit operations?

In the initial release of Host Integration Server, the Microsoft OLE DB Provider for DB2 will support distributed units of work using the two-phase commit protocol when connecting to DB2 for OS/390 and DB2 for OS/400 across an SNA LU6.2 network. This feature will require the SNA LU6.2 Resync Service and Microsoft Distributed Transaction Coordinator. Two-phase commit over TCP/IP to DB2 support is a likely addition for future releases of Host Integration Server.

Does two-phase commit require MTS?

No. You can write two-phase commit-aware applications to the DTC interfaces directly. However, the vast majority of customers are likely to use two-phase commit within an MTS package.

What improvements have been made to the ODBC Driver for DB2 and OLE DB Provider for DB2?

  • The ODBC Driver for DB2 is new from the ground up.

  • Customers will see substantial improvements in schema fetch times as well as large data copies. The schema improvements will be felt by generic consumer applications such as Data Transformation Services, Distributed Query Processing (DQP), and Microsoft Query.

  • Data conversion is improved.

Will Host Integration Server support DQP UPDATE and DELETE?

Yes. Customers need Microsoft SQL Server 7.0 with Service Pack 2 or SQL Server 2000. Basically, DQP will support this scenario directly using the OLE DB cursor service component when invoking the OLE DB Provider for DB2.

Does the new ODBC Driver or new OLE DB Provider for DB2 support returning DB2 stored procedure result sets?

No. However, we intend to support this functionality in the next major release of Host Integration Server.

With Explicit Security, is the ReturnSecurityInfo call invoked per transaction on the mainframe? Or is it per COMTI component instance? What must be done to authenticate users per transaction with Computer Associates' TOP Secret?

The call is invoked for each transaction. The security restrictions on the mainframe probably do not need to change at all, unless they were relying on physical LU name rather than Top Secret username to identify the user. If users already have defined access control lists in IMS that say which Top Secret users are permitted to run a given transaction program or can access which files or other mainframe resources, then COMTI will fit in without much, if any, change. However, if access control is based on the physical LU name, then they will have to define access control to these resources based on the user name instead.

When you use COMTI to invoke an IMS transaction over APPC, COMTI allocates a new APPC conversation for each transaction that's invoked. On the APPC conversation allocation message (an FMH 7 Attach), COMTI provides the host user name and, optionally, a password. COMTI gets the host username from the explicit security callback or the Host Account Cache if you have configured the host security integration feature.

IBM says I will need hundreds of bridges to be able to handle all my traffic. Is that correct?

Internal testing at Microsoft has confirmed the ability to do approximately 1,000 messages per second over the bridge. Microsoft believes that, with between two and six bridges, most companies will meet their scalability and fault tolerance requirements.

AS/400 Issues

IBM is promoting AS/400 as a Web server and platform for applications as well as its traditional role as a midrange host. With TCP/IP as the standard protocol, how is Microsoft positioning itself in the AS/400 arena?

SNA Server 4.0 Service Pack 2 SNA Server 4.0 Service Pack 2 supports direct TCP/IP access to the host for the following functions:

  • DB2 access using OLE DB

  • CICS and IMS access using COM (and COMTI)

  • AS/400 file system access using OLE DB

As SNA Server becomes Host Integration Server 2000, the product will continue to evolve into a protocol independent solution.