Our title’s Latin translation is “scraped tablet” or “blank slate”. I find it fitting since I intend to talk about the ‘best’ way to fully erase your system using native iSeries support. This question arises frequently when Disaster Recovery testing is performed at an offsite location or company has upgraded their iSeries and is relocating the old box. Most businesses require system is totally scrubbed before hand-off.
Over the years I have seen many methods used to clear user data off of iSeries. One of the most simple methods I’ve seen is:
- DLTLIB on all user libraries
But then you have to worry about folders, user profiles, spooled files, output queues, job queues, network attributes, authorization lists…. some folks pursue this list in perpetuity, but I don’t feel this is the right approach.
IBM does offer tips on how to wipe off data off your disk and one I like the best involves using LIC install and DST to initialize all the drives with zeros. Here are detailed steps on how to go about that:
- do a D Manual IPL using a SAVSYS, full system save or LIC install CD
- select option 1 to “Install LIC”
- select option 5 to “Install Licensed Internal Code and Initialize System”
- after the install of LIC is complete, the system will IPL to the DST primary menu
- Add all the disk drives to system ASP (ASP 1). This writes zeroes on the disk drives so only LIC is loaded
- take option 3 to “Use DST”
- Work with Disk Units
- Work with Disk Configuration
- Work with ASP Configuration
- Add units to ASPs
- type 1 in front of all the available units (if using LIC install CD (I_Base) default password for QSECOFR is QSECOFR
- Power off the system by pressing the power button two times. System is clean and ready to go!
For partitioned systems, there is more work following step 4. Basically, all the partition drives have to be re-added back to system ASP.
Here are step 4-b instructions for partitioned system. You will be presented with these options while in DST:
- Work with system partitions
- Recover configuration data
- Clear non-configured disk unit configuration data
- Exit back to DST primary menu
- Follow steps 5 and 6 from this point on.
This type of clean up is sufficient for most iSeries shops.
If however your system contains state secrets, note that this type of disk cleanup does not follow DoD (Department of Defense) 5220.22-M standard. No 3rd party application can have access to a non-configured disk unit on the iSeries, so there is currently nothing available for the iSeries. IBM recommends disks be physically destroyed if DoD standard has to be enforced.
I on the other hand believe that one could try configuring the iSeries disk drive inside a PC and use a vendor tool that complies with DoD 5220.22-M (i.e. KillDisk) to wipe all the data off of it.
Elvis Budimlic is Development Director at Centerfield Technology in Rochester, Minnesota. His primary responsibility is development and support of Centerfield Technology's SQL toolset. Elvis joined the company in 2002 as Senior Developer and was previously with IBM where he co-opped in the SLIC department. He received a Bachelors degree in Computer Science from Winona State University in 2000.