Requirements to use Fix Central

The following lists the requirements for your client system and your System i to use Fix Central.

Note that you must have a valid IBM user ID and password. Register for an IBM user ID.

You may use Fix Central to order fixes without connecting to your system. This is especially useful if your system is not connected to a network or cannot access the Internet. You may download virtual images of the fixes you select using FTP or Download Director, or order your fixes on physical media, without connecting to your system. Connecting to your system, however, also allows you to customize your order by only ordering the PTFs needed by the system you connect to, download fixes to your system immediately, or download virtual images using Download Director directly to an image catalog on your system.

Client system (for ordering the fixes) requirements for all ordering options:

  • Any operating system with Internet access
  • Recommended browsers
  • JavaScript enabled web browser
  • Cookies enabled web browser
  • The client system must be able to access the internet from the following ports: ports 80 (HTTP) and 443 (HTTPS)

Additional client system requirements for downloading virtual images to your PC using Download Director:

  • A system must have a Java Virtual Machine version 1.6 thru 1.8 enabled to run Java Web Start (JNLP) applications. Later versions of Java may no longer support Java Web Start applications.

Additional client system requirements for connecting to the system you are ordering fixes for:

  • The system must have a Java Virtual Machine version 1.6 thru 1.8 enabled to run Java Web Start (JNLP) applications. Later versions of Java may no longer support Java Web Start applications.
  • TCP/IP connection to the system (the PTF recipient) over the LAN.

Power or System i family system (the recipient of the fixes) requirements:

  • i5/OS V5R3 release or higher (including IBM i). You may still order fixes for earlier OS/400 releases, but only the FTP and physical media ordering options will be supported.
  • IBM i and i5/OS Host Servers is required to be installed on the system, and the Host Servers must be active. Use the STRHOSTSVR *ALL command to activate the servers.
  • QUSER profile should be enabled. This is required by the Host Servers. The minimum set of servers required to be active is *SIGNON and *SRVMAP.
  • TCP/IP must be running on the system.
  • The user has to run under a user profile that has *USE authority to the SNDPTFORD command. Note: The *USE authority is required at the user profile level and not at the group profile level.
  • The client system must be able to access the following ports on the system: ports 449, 8476, and 8475. Optional ports include 9476, 9475, 3666.
  • If more than one user is downloading PTFs to the same system, you may need to perform the following steps. You need to grant additional authority for *PUBLIC or to a specific user profile(s) on the '/QIBM/ProdData/OS400/PTFSERVER' directory and 'qesisrv.ses' file within that directory. Issue the following commands:
    • CHGAUT OBJ('/QIBM/ProdData/OS400/PTFSERVER') USER(*PUBLIC) DTAAUT(*RWX) OBJAUT(*OBJEXIST)
    • CHGAUT OBJ('/QIBM/ProdData/OS400/PTFSERVER/qesisrv.ses') USER(*PUBLIC) DTAAUT(*RWX) OBJAUT(*OBJEXIST)
  • Fix Central requires authority to additional APIs. The user needs the following authorities:

    The user needs *USE authority to:

    • QSYS/CPYPTFGRP *CMD
    • QSYS/QPZLOGFX *CMD
    • QSYS/RQSORDAST *CMD
    • QSYS/SNDPTFORD *CMD
    • QSYS/SNDSRVRQS *CMD
    • QSYS/WRKORDRQS *CMD

    The user needs *ALL authority to:

    • QGPL/QAPZCOVER *FILE

    The user needs *RWX authority to the following directory. If this directory does not exist, the user must have *CREATE authority to the parent directory and the FixCentral directory will get created the first time Fix Central runs. The authorities will need to be modified for each user who will run Fix Central.

    • /QIBM/UserData/Service/FixCentral
IP filter

Use the following to assist in modifying your packet filter rules.

IP filter rulesIP filter values
TCP inbound traffic filter ruleAllow port 80 for all service destination addresses
TCP inbound traffic filter ruleAllow port 443 for all service destination addresses
TCP outbound traffic filter ruleAllow port 80 for all service destination addresses
TCP outbound traffic filter ruleAllow port 443 for all service destination addresses