Transfer files, you must have TCP/IP. \Program Files” Send a file to the iSeries or Get one from it –PUT filename or GET filename. FTP Reference Manual. Back to Tylogix Home Page Link to Practical Programming for AS/400 iSeries FTP Automated Interfaces Link to the Online IBM iSeries FTP Manual. ERserver We setup Secure FTP with SSL on our iSeries by simply setting up our WAS server and then creating the SSL certificate by importing it. I'm not sure if the setup of. IFS FTP Tutorial for AS400 Iseries - Free download as PDF File (.pdf), Text file (.txt). There's more to the details - the ftp manual covers a lot. ADDM (Add Physical File Member) ADDV (Add Physical File Variable Length Member) APPE (Append to Existing File) AUTH (Authorization) CRTL (Create Library) CRTP (Create Physical File) CRTS (Create Source Physical File) CWD (Change working directory or library) DBUG (Turn on the FTP Server Trace) DELE (Delete file or document) DLTF (Delete File) DLTL (Delete Library) HELP (Getting Help from an iSeries Remote Server) LIST (File List) MKD (Make directory) MODE (Set Transfer Mode) NLST (Name List) NOOP (Obtain Server Response) PASS (Password) PASV (Use Passive Data Connection) PBSZ (Protection Buffer Size) PORT (Data Port) PROT (Data Channel Protection Level) PWD (Display Working Directory or Library) QUIT (End an FTP Server Session) RCMD (Send a CL Command to an FTP Server System) REIN (Reinitialize Session between Systems) RETR (Retrieve file) RMD (Remove directory) RNFR (Rename From) RNTO (Rename To) SITE (Send Information Used by a Server System) STOR (Store File) STOU (Store Unique) STRU (Specify File Structure) SYST (Identify the Name of the Operating System) TIME (Set Time-Out Values for FTP Server) TYPE (Specify Representation Type) USER (Send a User Logon ID to the Server) FTP client subcommands ACCT (Send Account Information) APPEND (Append a Local File Member to a Remote File) ASCII (Change File Type to ASCII) BINARY (Set Transfer Type to Image) CD (Change Working Directory or Library) CLOSE (End an FTP Session with the Remote System) DEBUG (Create Client Trace and Control Display of Server Subcommands Sent to Remote System) DEBUG (Change Client Time-Out Limit Values) DELETE (Delete a File on a Remote System) DIR (List Directory Entries, Libraries, or Files) EBCDIC (Change File Type to EBCDIC) GET (Copy a File from a Remote System to the Local System) HELP (Getting Help for FTP Subcommands) LCD (Change Working Library or Directory on Local System) LOCSITE (Specify Local Site Information) LOCSTAT (Display Local Status Information) LS (List Remote File Names) LTYPE (Local Type) MDELETE (Delete Multiple Files on a Remote System) MGET (Copy Multiple Files from a Remote System to the Local System) MKDIR (Make Directory) MODE (Specify Transmission Mode of Data) MPUT (Send Multiple File Members from the Local System to a Remote System) NAMEFMT (Select File Naming Format) NULLFLDS (Allow Transfer of Files with NULL Fields) OPEN (Connect to FTP Server on a Remote System) PASS (Send Your Password) PUT (Copy a File Member from the Local System to a File on a Remote System) PWD (Display Current Directory, Folder, or Library) QUOTE (Send a Subcommand to an FTP Server) REINITIALIZE (Reinitialize Session between Systems) RENAME (Rename a File on a Remote System) RESET (Reset) RMDIR (Remove Directory) SECData (Setting data security protection) SECOpen (Setting data security protection) SENDPASV (Specify Whether to send a PASV Subcommand) SENDPORT (Specify Whether to Sends a PORT Subcommand) SENDSITE (Specify Whether to Send a SITE Subcommand) SITE (Send Information Used by a Remote System) STATUS (Retrieve Status Information from a Remote System) STRUCT (Specify File Structure) SUNIQUE (Control Overwriting of Files) SYSCMD (Pass an iSeries CL Command to Your Local iSeries) TYPE (Specify File Transfer Type) USER (Send Your User ID to the Remote System) VERBOSE (Control of Text Display of Error Reply Messages) Specify mapping tables CCSID code page tagging for iSeries files NLS considerations for FTP File systems and naming conventions OS/400 file systems that are supported by FTP FTP server reply status messages FTP server syntax conventions FTP client syntax conventions Enclose subcommand parameters File names for client transfer subcommands Naming files for transfer Troubleshoot FTP Determine problems with FTP Materials required for reporting FTP problems Trace the FTP server Trace the FTP client Work with FTP server jobs and job log ERserver iSeries FTP ERserver iSeries FTP © Copyright International Business Machines Corporation 1998, 2002. All rights reserved. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents FTP . . . . . . . . . . . . . . . . . . . . . . . . . . . What’s new for V5R2 . . . . . . . . . . . . . . . . . . . . Print this topic . . . . . . . . . . . . . . . . . . . . . . . FTP scenarios . . . . . . . . . . . . . . . . . . . . . . . Scenario: Transfer a file from a remote host . . . . . . . . . . . Scenario: Secure FTP with SSL . . . . . . . . . . . . . . . Configuration details . . . . . . . . . . . . . . . . . . . Configure your FTP server . . . . . . . . . . . . . . . . . . FTP server in iSeries Navigator . . . . . . . . . . . . . . . . Configure FTP servers for graphical FTP clients and Web tools . . . . Configure Anonymous FTP . . . . . . . . . . . . . . . . . Prepare for Anonymous FTP . . . . . . . . . . . . . . . Write exit programs for Anonymous FTP . . . . . . . . . . . Create an OS/400 user profile: ANONYMOUS . . . . . . . . . Create a public library or directory . . . . . . . . . . . . . Install and register exit programs . . . . . . . . . . . . . . Secure FTP . . . . . . . . . . . . . . . . . . . . . . . Prevent FTP server access . . . . . . . . . . . . . . . . . Control FTP access . . . . . . . . . . . . . . . . . . . Use SSL to secure the FTP server . . . . . . . . . . . . . . Create a local Certificate Authority . . . . . . . . . . . . . Associate a certificate with the FTP server . . . . . . . . . . Require client authentication for the FTP server (optional) . . . . Enable SSL on the FTP server . . . . . . . . . . . . . . Secure the FTP client with TLS/SSL . . . . . . . . . . . . . Manage access using FTP exit programs. . . . . . . . . . . . Manage access using iSeries Navigator . . . . . . . . . . . . Monitor incoming FTP users . . . . . . . . . . . . . . . . Manage your FTP server. . . . . . . . . . . . . . . . . . . Start and stop the FTP server . . . . . . . . . . . . . . . . Set number of available FTP servers . . . . . . . . . . . . . Improve FTP server performance with configurable subsystem support . Use the FTP client on iSeries . . . . . . . . . . . . . . . . . Start and end a client session . . . . . . . . . . . . . . . . Server timeout considerations . . . . . . . . . . . . . . . . Transfer files with FTP . . . . . . . . . . . . . . . . . . FTP as batch job . . . . . . . . . . . . . . . . . . . . FTP reference information . . . . . . . . . . . . . . . . . . FTP server subcommands . . . . . . . . . . . . . . . . . ADDM (Add Physical File Member) . . . . . . . . . . . . . ADDV (Add Physical File Variable Length Member) . . . . . . . APPE (Append to Existing File) . . . . . . . . . . . . . . AUTH (Authorization) . . . . . . . . . . . . . . . . . . CRTL (Create Library) . . . . . . . . . . . . . . . . . . CRTP (Create Physical File) . . . . . . . . . . . . . . . CRTS (Create Source Physical File) . . . . . . . . . . . . CWD (Change working directory or library) . . . . . . . . . . DBUG (Turn on the FTP Server Trace) . . . . . . . . . . . DELE (Delete file or document) . . . . . . . . . . . . . . DLTF (Delete File) . . . . . . . . . . . . . . . . . . . DLTL (Delete Library) . . . . . . . . . . . . . . . . . . HELP (Getting Help from an iSeries Remote Server) . . . . . . LIST (File List) . . . . . . . . . . . . . . . . . . . . © Copyright IBM Corp. 1998, 2002 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 . 1 . 2 . 3 . 3 . 4 . 5 . 8 . 9 . 9 . 10 . 11 . 11 . 12 . 12 . 13 . 13 . 14 . 15 . 16 . 17 . 18 . 18 . 19 . 19 . 21 . 21 . 22 . 22 . 22 . 23 . 23 . 23 . 24 . 27 . 28 . 29 . 37 . 37 . 39 . 39 . 40 . 40 . 40 . 41 . 41 . 41 . 42 . 42 . 42 . 42 . 43 . 43 iii MKD (Make directory) . . . . . . . . . . . . . . . . . . . . . . . MODE (Set Transfer Mode) . . . . . . . . . . . . . . . . . . . . . NLST (Name List) . . . . . . . . . . . . . . . . . . . . . . . . NOOP (Obtain Server Response) . . . . . . . . . . . . . . . . . . PASS (Password) . . . . . . . . . . . . . . . . . . . . . . . . PASV (Use Passive Data Connection) . . . . . . . . . . . . . . . . . PBSZ (Protection Buffer Size) . . . . . . . . . . . . . . . . . . . . PORT (Data Port) . . . . . . . . . . . . . . . . . . . . . . . . PROT (Data Channel Protection Level) . . . . . . . . . . . . . . . . PWD (Display Working Directory or Library) . . . . . . . . . . . . . . . QUIT (End an FTP Server Session). . . . . . . . . . . . . . . . . . RCMD (Send a CL Command to an FTP Server System) . . . . . . . . . . REIN (Reinitialize Session between Systems) . . . . . . . . . . . . . . RETR (Retrieve file) . . . . . . . . . . . . . . . . . . . . . . . RMD (Remove directory). . . . . . . . . . . . . . . . . . . . . . RNFR (Rename From) . . . . . . . . . . . . . . . . . . . . . . RNTO (Rename To) . . . . . . . . . . . . . . . . . . . . . . . SITE (Send Information Used by a Server System) . . . . . . . . . . . . STOR (Store File) . . . . . . . . . . . . . . . . . . . . . . . . STOU (Store Unique) . . . . . . . . . . . . . . . . . . . . . . . STRU (Specify File Structure) . . . . . . . . . . . . . . . . . . . . SYST (Identify the Name of the Operating System) . . . . . . . . . . . . TIME (Set Time-Out Values for FTP Server). . . . . . . . . . . . . . . TYPE (Specify Representation Type) . . . . . . . . . . . . . . . . . USER (Send a User Logon ID to the Server) . . . . . . . . . . . . . . FTP client subcommands . . . . . . . . . . . . . . . . . . . . . . ACCT (Send Account Information) . . . . . . . . . . . . . . . . . . APPEND (Append a Local File Member to a Remote File) . . . . . . . . . ASCII (Change File Type to ASCII) . . . . . . . . . . . . . . . . . . BINARY (Set Transfer Type to Image) . . . . . . . . . . . . . . . . . CD (Change Working Directory or Library) . . . . . . . . . . . . . . . CLOSE (End an FTP Session with the Remote System) . . . . . . . . . . DEBUG (Create Client Trace and Control Display of Server Subcommands Sent to System) . . . . . . . . . . . . . . . . . . . . . . . . . . . DEBUG (Change Client Time-Out Limit Values) . . . . . . . . . . . . . DELETE (Delete a File on a Remote System) . . . . . . . . . . . . . . DIR (List Directory Entries, Libraries, or Files) . . . . . . . . . . . . . . EBCDIC (Change File Type to EBCDIC) . . . . . . . . . . . . . . . . GET (Copy a File from a Remote System to the Local System) . . . . . . . HELP (Getting Help for FTP Subcommands) . . . . . . . . . . . . . . LCD (Change Working Library or Directory on Local System) . . . . . . . . LOCSITE (Specify Local Site Information) . . . . . . . . . . . . . . . LOCSTAT (Display Local Status Information) . . . . . . . . . . . . . . LS (List Remote File Names) . . . . . . . . . . . . . . . . . . . . LTYPE (Local Type) . . . . . . . . . . . . . . . . . . . . . . . MDELETE (Delete Multiple Files on a Remote System) . . . . . . . . . . MGET (Copy Multiple Files from a Remote System to the Local System) . . . . MKDIR (Make Directory) . . . . . . . . . . . . . . . . . . . . . . MODE (Specify Transmission Mode of Data) . . . . . . . . . . . . . . MPUT (Send Multiple File Members from the Local System to a Remote System). NAMEFMT (Select File Naming Format) . . . . . . . . . . . . . . . . NULLFLDS (Allow Transfer of Files with NULL Fields) . . . . . . . . . . . OPEN (Connect to FTP Server on a Remote System) . . . . . . . . . . . PASS (Send Your Password) . . . . . . . . . . . . . . . . . . . . PUT (Copy a File Member from the Local System to a File on a Remote System). PWD (Display Current Directory, Folder, or Library) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Remote . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 44 44 45 45 45 45 46 46 47 47 47 48 48 48 48 49 49 51 52 52 52 53 53 55 55 57 57 58 58 59 59 60 60 61 61 62 62 63 64 65 66 66 67 67 68 69 69 70 70 71 72 72 73 73 iv iSeries: FTP QUOTE (Send a Subcommand to an FTP Server) . . . . . . . . . . . REINITIALIZE (Reinitialize Session between Systems) . . . . . . . . . . RENAME (Rename a File on a Remote System) . . . . . . . . . . . . RESET (Reset) . . . . . . . . . . . . . . . . . . . . . . . . RMDIR (Remove Directory) . . . . . . . . . . . . . . . . . . . . SECData (Setting data security protection) . . . . . . . . . . . . . . SECOpen (Setting data security protection) . . . . . . . . . . . . . . SENDPASV (Specify Whether to send a PASV Subcommand) . . . . . . . SENDPORT (Specify Whether to Sends a PORT Subcommand) . . . . . . SENDSITE (Specify Whether to Send a SITE Subcommand) . . . . . . . SITE (Send Information Used by a Remote System) . . . . . . . . . . STATUS (Retrieve Status Information from a Remote System) . . . . . . . STRUCT (Specify File Structure) . . . . . . . . . . . . . . . . . . SUNIQUE (Control Overwriting of Files) . . . . . . . . . . . . . . . SYSCMD (Pass an iSeries CL Command to Your Local iSeries) . . . . . . TYPE (Specify File Transfer Type) . . . . . . . . . . . . . . . . . USER (Send Your User ID to the Remote System) . . . . . . . . . . . VERBOSE (Control of Text Display of Error Reply Messages) . . . . . . . FTP exit programs . . . . . . . . . . . . . . . . . . . . . . . . Request validation exit point: client and server . . . . . . . . . . . . . Example: FTP Client or Server Request Validation exit program in CL code . Example: FTP Server Request Validation exit program in ILE RPG code . . VLRQ0100 exit point format . . . . . . . . . . . . . . . . . . Server logon exit point . . . . . . . . . . . . . . . . . . . . . Example: FTP Server Logon exit program in CL code . . . . . . . . . Example: FTP Server Logon exit program in C code . . . . . . . . . Example: FTP Server Logon exit program in ILE RPG code . . . . . . TCPL0100 exit point format . . . . . . . . . . . . . . . . . . TCPL0200 exit point format . . . . . . . . . . . . . . . . . . TCPL0300 exit point format . . . . . . . . . . . . . . . . . . Remove exit programs . . . . . . . . . . . . . . . . . . . . . Data transfer methods . . . . . . . . . . . . . . . . . . . . . . Transfer files that contain packed decimal data between iSeries servers . . . Transfer *SAVF files . . . . . . . . . . . . . . . . . . . . . . Transfer QDLS documents . . . . . . . . . . . . . . . . . . . Transfer “root”, QOpenSys, QLANSrv, QDLS, and QOPT files . . . . . . Transfer files using QfileSvr.400. . . . . . . . . . . . . . . . . . Transfer QSYS.LIB files. . . . . . . . . . . . . . . . . . . . . Receive text files to QSYS.LIB . . . . . . . . . . . . . . . . . File pre-creation considerations . . . . . . . . . . . . . . . . . . CCSID conversions . . . . . . . . . . . . . . . . . . . . . . Specify mapping tables . . . . . . . . . . . . . . . . . . . . CCSID code page tagging for iSeries files . . . . . . . . . . . . . NLS considerations for FTP . . . . . . . . . . . . . . . . . . File systems and naming conventions . . . . . . . . . . . . . . . . OS/400 file systems that are supported by FTP . . . . . . . . . . . . . FTP server reply status messages . . . . . . . . . . . . . . . . . . FTP server syntax conventions . . . . . . . . . . . . . . . . . . . FTP client syntax conventions . . . . . . . . . . . . . . . . . . . Enclose subcommand parameters . . . . . . . . . . . . . . . . . File names for client transfer subcommands . . . . . . . . . . . . . Naming files for transfer . . . . . . . . . . . . . . . . . . . . Troubleshoot FTP . . . . . . . . . . . . . . . . . . . . . . . . . Determine problems with FTP . . . . . . . . . . . . . . . . . . . Materials required for reporting FTP problems . . . . . . . . . . . . . Trace the FTP server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 . 75 . 75 . 75 . 76 . 76 . 77 . 78 . 79 . 79 . 80 . 80 . 81 . 81 . 82 . 83 . 84 . 85 . 85 . 86 . 87 . 89 . 93 . 97 . 99 . 100 . 109 . 111 . 115 . 120 . 123 . 123 . 124 . 124 . 125 . 126 . 126 . 127 . 129 . 129 . 129 . 129 . 130 . 131 . 132 . 132 . 133 . 135 . 135 . 136 . 136 . 138 . 139 . 139 . 141 . 142 Contents v Trace the FTP client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 Work with FTP server jobs and job log . . . . . . . . . . . . . . . . . . . . . . . 145 vi iSeries: FTP FTP You can set up your iSeriesTM server to send, receive, and share files across networks by using the file transfer protocol (FTP). You can also rename, add, and delete files. Before you set up your system to transfer files, you must have TCP/IP configured and started on your system. For more information about using FTP on your iSeries server, see the following: What’s new for V5R2 See what functions are new to the iSeries for FTP in V5R2. Print this topic Download or print the FTP documentation in a PDF format. FTP scenarios Read scenarios to understand how FTP is configured and used. Configure your FTP server Set up an iSeries FTP server for graphical FTP clients, web browsers, and web tools. Configure Anonymous FTP. Secure FTP Protect your data by securing FTP with SSL, monitoring FTP users, and managing user access to FTP functions. Manage your FTP server Administer your FTP server, including starting and stopping the server, FTP security, and using SSL. Use the FTP client on iSeries Start and end client sessions, transfer and receive files, and set up FTP batch jobs. FTP reference information Find information about server and client subcommands, FTP exit programs, data transfer methods, and more. Troubleshoot FTP Get information on troubleshooting problems with the FTP server or FTP client. Note: Read the Code example disclaimer for important legal information. What’s new for V5R2 iSeries FTP includes the following enhancements for Version 5 Release 2: Function enhancements v FTP server now supports libraries which reside on independent auxiliary storage pools (IASPs). v Transport Layer Security (TLS)/Secure Sockets Layer (SSL) support V5R2 FTP provides the ability to use TLS/SSL from the OS/400R FTP client (with server authentication © Copyright IBM Corp. 1998, 2002 1 only). This support allows you to specify whether data flowing on the FTP control connection, including the password used for authentication, is encrypted. The following changes have been made to support this new capability: New client subcommands: – SECOpen (Setting data security protection) – SECData (Setting data security protection) New parameters for STRTCPFTP: – Secure connection (SECCNN) (See 25) – Data protection (DTAPROT) (See 26) New parameters for the LOCSITE (See 66) subcommand: – DTAPROT C – DTAPROT P – DTAPROT New information The V5R2 Information Center FTP topic has been updated. In some cases, the organization of the information has changed to provide a clearer path through the topic. The following information was added to FTP for V5R2: v FTP scenarios provide examples to introduce basic usage concepts. You may want to refer to the scenarios as you plan and configure your FTP server on for your iSeries. v Instructions for using SSL to secure the FTP server have been moved to this topic from the SSL topic. v Example exit point programs for configuring Anonymous FTP have been moved to this topic from the Technical Reference site: – Server logon exit point contains FTP Server Logon exit program examples in CL, C, and ILE RPG code. – Request validation exit point contains FTP server and client Request Validation exit program examples in CL and ILE RPG code. v Reference information that was previously available in the Configuration and Reference book has been added to the FTP topic. How to see what’s new or changed To help you see where technical changes have been made, this information uses: v The v The image to mark where new or changed information begins. image to mark where new or changed information ends. . To find other information about what’s new or changed this release, see the Memo to Users Print this topic To view or download the PDF version, select FTP (about 600 KB or 154 pages). Saving PDF files To save a PDF on your workstation for viewing or printing: 1. Right-click the PDF in your browser (right-click the link above). 2. Click Save Target As... 3. Navigate to the directory in which you would like to save the PDF. 4. Click Save. 2 iSeries: FTP Downloading Adobe Acrobat Reader If you need Adobe Acrobat Reader to view or print these PDFs, you can download a copy from the Adobe Web site(www.adobe.com/products/acrobat/readstep.html) . FTP scenarios The following scenarios help you understand how FTP works, and how you can use an FTP environment in your network. These scenarios introduce fundamental FTP concepts from which beginners and experienced users can benefit before they proceed to the planning and configuration tasks. Transfer a file from a remote host You want to transfer a file to a test server. Use basic FTP to send the file to the remote host. Secure FTP with SSL You want to use Secure Sockets Layer (SSL) to secure data being transferred to your partner company. Scenario: Transfer a file from a remote host Objectives Suppose a colleague did some JavaTM development work on a remote server. As a system test engineer, you need to transfer the example.jar file from the remote server to your local test server. Use basic FTP to transfer the file (in binary mode) across a TCP/IP network. The client and the server are both an iSeries using OS/400 FTP. Details To transfer the file, two connections are used: the control connection and the data connection. The control connection is used to send subcommands from the client to the server and receive responses to those subcommands from the server to the client. The client will initiate FTP subcommands that are sent to the FTP server. The data connection is used to transfer the actual files. Both the client and the server interface to the OS/400 file system. To transfer files, you will typically need a user ID on both systems. See the other requirements listed below: v iSeries server running OS/400. v v v v v TCP/IP Connectivity Utilities (5722-TC1) FTP server configured Host name of the remote system Your user name and password on the remote system Name of file to transfer v Location of the file to transfer v File format (format that you must transfer the file in, such as binary or ASCII) Configuration tasks You must complete each of these tasks to perform a simple file transfer: FTP 3 1. Start your FTP client session. For this scenario: In the iSeries character-based interface, type STRTCPFTP and press Enter. 2. Specify the name of the remote system to which you want to send the file. For this scenario: theirco.com 3. Tell the remote system your user name for the remote server. For this scenario: Enter login ID (yourid): ===>yourid 4. Tell the remote system your password for the remote server. For this scenario: Enter password: ===>yourpassword 5. Locate the directory on the TheirCo server from which you want to transfer the file. For this scenario: ===>cd /qibm/userdata/os400/dirserv/usrtools/windows 6. Navigate to the directory on the local server to which you want to transfer the file. For this scenario: ===>lcd /qibm/userdata/os400/dirserv/usrtools/windows 7. Specify file type, ASCII or BINARY. Default file type is ASCII. For a .jar file, you must switch the file transfer type to binary. For this scenario: ===> binary 8. Request a file transfer from the remote server system to the client system. For this scenario: ===> get example.jar 9. When finished, Exit from FTP. For this scenario: ===> QUIT Next Step Go one step further. You can also transfer files in an automated manner using Batch FTP. Scenario: Secure FTP with SSL Suppose you work for MyCo, a company that researches startup companies and sells the research to companies in the investment planning industry. One such company, TheirCo, has need of the service that MyCo provides, and would like to receive research reports via FTP. MyCo has always ensured the privacy and security of the data it disperses to its customers—whatever the format. In this case, MyCo needs SSL-secured FTP sessions with TheirCo. Objectives Your objectives in this scenario are the following: v v v v v v Create and operate a Local Certificate Authority on the MyCo iSeries server Enable SSL for MyCo’s FTP server Export a copy of MyCo’s Local CA certificate to a file Create a *SYSTEM certificate store on TheirCo’s server Import MyCo’s Local CA certificate into TheirCo’s *SYSTEM certificate store Specify MyCo’s Local CA as a trusted CA for TheirCo’s FTP client Prerequisites MyCo v Has an iSeries server that is running V5R1 or later of OS/400. v Has the V5R1 or later TCP/IP Connectivity Utilities (5722-TC1) installed on the iSeries server. 4 iSeries: FTP v Has the Cryptographic Access Provider 128-bit for iSeries server (5722-AC3) installed on their iSeries server. v Has the IBMR Digital Certificate Manager (DCM) (5722-SS1 option 34) installed on the iSeries server. v Has the IBM HTTP Server (5722-DG1) installed on the iSeries server. v Uses certificates to protect access to public applications and resources (see Scenario: Use certificates to protect access to public applications and resources for detailed instructions). TheirCo v Has an iSeries server that is running V5R2 or later of OS/400. v Has the V5R2 TCP/IP Connectivity Utilities (5722-TC1) installed on the iSeries server. v Has the Cryptographic Access Provider 128-bit for iSeries server (5722-AC3) installed on their iSeries server. v Has the IBM Digital Certificate Manager (5722-SS1 option 34) installed on the iSeries server. v Has the IBM HTTP Server (5722-DG1) installed on the iSeries server. v Uses OS/400 TCP/IP FTP Client for FTP sessions. Details TheirCo uses the OS/400 FTP Client to request a secure FTP file transfer from MyCo’s FTP server. Refer to Secure the FTP client with TLS/SSL. Server authentication takes place. TheirCo receives financial reports from MyCo, using an SSL-secured FTP session. Configuration tasks The following tasks are completed by MyCo and TheirCo to secure their FTP sessions with SSL: MyCo’s tasks: 1. Create and operate a Local Certificate Authority on the MyCo iSeries server (See 5) 2. Enable SSL for MyCo’s FTP server (See 6) 3. Export a copy of MyCo’s Local CA certificate to a file (See 7) TheirCo’s tasks: 1. Create a *SYSTEM certificate store on TheirCo’s server (See 7) 2. Import MyCo’s Local CA certificate into TheirCo’s *SYSTEM certificate store (See 8) 3. Specify MyCo’s Local CA as a trusted CA for TheirCo’s FTP client (See 8) Configuration details Complete the following task steps to Secure FTP with SSL. Step 1: Create and operate a Local Certificate Authority (CA) on the MyCo iSeries server This scenario assumes that MyCo has not used Digital Certificate Manager (DCM) previously to set up certificates for its iSeries server. Based on the objectives for this scenario, MyCo has chosen to create and operate a Local Certificate Authority (CA) to issue a certificate to the FTP server. However, MyCo could use DCM to configure the FTP server to use a public certificate for SSL instead. When using Digital Certificate Manager (DCM) to create a Local CA, you are guided through a process that ensures you configure everything needed to enable SSL. FTP 5 MyCo uses the following steps to create and operate a Local CA on their server, using the Digital Certificate Manager (DCM): 1. Start DCM. 2. In the navigation frame of DCM, select Create a Certificate Authority (CA) to display a series of forms. These forms guide you through the process of creating a Local CA and completing other tasks needed to begin using digital certificates for SSL, object signing, and signature verification. 3. Complete all the forms that display. There is a form for each of the tasks required to create and operate a Local CA on the iSeries server. These tasks include the following: a. Choose how to store the private key for the Local CA certificate. This step is included only if you have an IBM 4758-023 PCI Cryptographic Coprocessor installed on your iSeries. If your system does not have a cryptographic coprocessor, DCM automatically stores the certificate and its private key in the Local CA certificate store. b. Provide identifying information for the Local CA. c. Install the Local CA certificate on your PC or in your browser. This enables software to recognize the Local CA and validate certificates that the CA issues. d. Choose the policy data for your Local CA. e. Use the new Local CA to issue a server or client certificate that applications can use for SSL connections. If you have an IBM 4758-023 PCI Cryptographic Coprocessor installed in the iSeries server, this step allows you to select how to store the private key for the server or client certificate. If your system does not have a coprocessor, DCM automatically places the certificate and its private key in the *SYSTEM certificate store. DCM creates the *SYSTEM certificate store as part of this task. f. Select the applications that can use the server or client certificate for SSL connections. Note: Be sure to select the application ID for the OS/400 TCP/IP FTP server (QIBM_QTMF_FTP_SERVER). g. Use the new Local CA to issue an object signing certificate that applications can use to digitally sign objects. This creates the *OBJECTSIGNING certificate store, which you use to manage object signing certificates. Note: Although this scenario does not use object signing certificates, be sure to complete this step. If you cancel at this point in the task, the task ends and you have to perform separate tasks to complete your SSL certificate configuration. h. Select the applications that you want to trust the Local CA. Note: Be sure to select the application ID for the OS/400 TCP/IP FTP server (QIBM_QTMF_FTP_SERVER). Once the forms for this guided task are completed, you can configure the FTP server to use SSL. Step 2: Enable SSL for MyCo’s FTP server Now that the FTP server has a certificate assigned to it, MyCo configures the FTP server to use SSL by following these steps: 1. In iSeries Navigator, expand the iSeries server —> Network —> Servers —> TCP/IP. 2. Right-click FTP. 3. Select Properties. 4. Select the General tab. 5. Choose the following option for SSL support: Secure only Select this to allow only SSL sessions with the FTP server. Connections may be made to the non-secure FTP port, but the FTP client must negotiate an SSL session before the user is allowed to log in. With this task complete, MyCo’s FTP server can now use SSL to encrypt communication sessions and protect the privacy of the data transmitted during these sessions. However, to configure the FTP client to participate in an SSL session with the FTP server, MyCo must provide their client, TheirCo, with a copy of the Local CA certificate. To do this, MyCo needs to export a copy of the Local CA certificate to a file and 6 iSeries: FTP make the file available to TheirCo. Once TheirCo has this file, they can use DCM to import the Local CA certificate into the *SYSTEM certificate store, and configure the OS/400 FTP client to use SSL. Step 3: Export a copy of MyCo’s Local CA certificate to a file MyCo must provide TheirCo with a copy of the Local CA certificate. TheirCo’s client application must be configured to trust the CA certificate before it can participate in an SSL session. MyCo uses the following steps to export a copy of the Local CA certificate to a file: 1. Start DCM. 2. Click Select a Certificate Store. 3. Select *SYSTEM as the certificate store to open and click Continue. 4. When the Certificate Store and Password page displays, provide the password that was specified for the certificate store when it was created, and click Continue. 5. After the navigation frame refreshes, select Manage Certificates, and then select the Export certificate task. 6. Select Certificate Authority (CA) and click Continue to display a list of CA certificates. 7. Select the MyCo Local CA certificate from the list and click Export. 8. Specify File as the export destination and click Continue. 9. Specify a fully qualified path and file name for the exported Local CA certificate and click Continue to export the certificate. 10. Click OK to exit the Export confirmation page. Now you can transfer these files to the iSeries endpoint systems on which you intend to verify signatures that you created with the certificate. You can use e-mail or FTP to transfer the files since do not need to be sent securely. Next, TheirCo uses DCM to import the Local CA certificate into the *SYSTEM certificate store and specify the MyCo Local CA (and the certificates that it issues) as trusted. Step 4: Create a *SYSTEM certificate store on TheirCo’s server To participate in an SSL session, TheirCo’s OS/400 FTP client must be able to recognize and accept the certificate that MyCo’s FTP server presents to establish the SSL session. To authenticate the server’s certificate, TheirCo’s FTP client must have a copy of the Certificate Authority (CA) certificate in the *SYSTEM certificate store. The *SYSTEM certificate store contains a copy of most public well-known CA certificates. However, when MyCo’s FTP server uses a certificate from a Local CA, the TheirCo’s FTP client must obtain a copy of the Local CA certificate and import it into the *SYSTEM certificate store. This scenario assumes that Digital Certificate Manager (DCM) has not been previously used to create or manage certificates. Consequently, TheirCo must first create the *SYSTEM certificate store by following these steps: 1. StartDCM. 2. In the Digital Certificate Manager (DCM) navigation frame, select Create New Certificate Store and select *SYSTEM as the certificate store to create and click Continue. 3. Select No to create a certificate as part of creating the *SYSTEM certificate store and click Continue. 4. Specify a password for the new certificate store and click Continue to display a confirmation page. 5. Click OK. Now TheirCo can import the Local CA certificate into the certificate store and specify it as a trusted source of certificates. FTP 7 Step 5: Import MyCo’s Local CA certificate into TheirCo’s *SYSTEM certificate store TheirCo uses these steps to import the Local CA certificate into the *SYSTEM certificate store and specify that it is a trusted source for certificates: 1. In the DCM navigation frame, click Select a Certificate Store and select *SYSTEM as the certificate store to open. 2. When the Certificate Store and Password page displays, provide the password that was specified for the certificate store when it was created, and click Continue. 3. 4. 5. 6. After the navigation frame refreshes, select Manage Certificates to display a list of tasks. From the task list, select Import certificate. Select Certificate Authority (CA) as the certificate type and click Continue. Specify the fully qualified path and file name for the CA certificate file and click Continue. A message displays that either confirms that the import process succeeded or provide error information if the process failed. Now you TheirCO can specify that their FTP client trusts MyCo’s Local CA certificate, so that the TheirCo’s FTP client can participate in SSL sessions with server applications that use a certificate from MyCo’s Local CA. Step 6: Specify MyCo’s Local CA as a trusted CA for TheirCo’s FTP client Before TheirCo can use the FTP client to make secure connections to the MyCo FTP server, TheirCo must use DCM to specify which CAs the client should trust. This means that TheirCo must specify that the Local CA certificate that was imported previously is to be trusted. TheirCo uses the following steps to specify that their FTP client should trust MyCo’s Local CA certificate: 1. Start DCM. 2. Click Select a Certificate Store and select *SYSTEM as the certificate store to open. 3. When the Certificate Store and Password page displays, provide the password that was specified for the certificate store when it was created, and click Continue. 4. In the navigation frame, select Manage Applications to display a list of tasks. 5. From the task list, select Define CA trust list. 6. Select Client as the type of application for which you want to define the list and click Continue. 7. Select the OS/400 TCP/IP FTP Client application (QIBM_QTMF_FTP_CLIENT) from the list and click Continue to display a list of CA certificates. 8. Select MyCo’s Local CA certificate that was imported previously and click OK. DCM displays a message to confirm the trust list selection. With these steps complete, MyCo’s FTP server can establish an SSL session with TheirCo’s FTP client and server. Refer to Secure the FTP client with TLS/SSL. Configure your FTP server The TCP/IP Connectivity Utilities licensed program comes with TCP/IP FTP servers configured. When you start TCP/IP, the FTP server starts simultaneously. Before you configure an FTP server on the Internet, you should review these safeguards to protect your data: v Use a firewall between your iSeries server and the Internet. v Use a non-production iSeries for your FTP server. 8 iSeries: FTP v v v v Do not attach the FTP server to the rest of your company’s LANs or WANs. Use FTP exit programs to secure access to the FTP server. Test FTP exit programs once a month to ensure that they do not contain security loopholes. Do not allow anonymous FTP users to have read and write access to the same directory. This permits the anonymous user to be untraceable on the Internet. v Log all access to your iSeries FTP server and review the logs daily or weekly for possible attacks. v Verify that the correct exit programs are registered for the FTP server once a month. v Review Secure FTP for information about securing your iSeries FTP server. The following topics offer ways to view and customize your FTP servers: FTP server in iSeries Navigator Use iSeries Navigator to configure and manage your iSeries FTP server. Configure FTP servers for graphical FTP clients and Web tools Configure an FTP server on your iSeries to support graphical FTP clients, Web browsers, and other Web tools. Configure Anonymous FTP Anonymous FTP enables remote users to use your FTP server without an assigned userid and password. FTP server in iSeries Navigator You can use iSeries Navigator to work with your FTP server configuration. To access the graphical user interface for FTP in iSeries Navigator, follow these steps: 1. In iSeries Navigator, expand your iSeries server —> Network —> Servers —> TCP/IP. 2. In the right pane, right-click FTP and select Properties. 3. From here, you can change the properties for your FTP server. You can view the online help by clicking the help buttons. To obtain help for a specific field, click the question mark button, then click that field. Configure FTP servers for graphical FTP clients and Web tools The iSeries FTP server supports graphical FTP clients, Web browsers, and Web development tools. Most graphical FTP clients use UNIXR as their list format and path file as their file name format. Follow these instructions to set the FTP server properties to use the supported formats: 1. In iSeries Navigator, expand your iSeries server —> Network —> Servers —> TCP/IP. 2. In the right pane, right-click FTP and select Properties. 3. On the Properties page, click the Initial Formats tab. v Enable Path as the File Naming Format. v Enable UNIX list format as the File List Format. Note: You can control the LISTFMT and NAMEFMT settings for specific FTP sessions using an exit program for the TCPL0200 format or TCPL0300 format of the FTP Server Logon Exit Point. FTP 9 You can also change the list format after an FTP session is in progress with options for the FTP server SITE (Send Information Used by a Server System) subcommand. These settings control the results returned by the LIST (File List) and NLST (Name List) FTP server subcommands. You may also want to refer to: v LIST Information in iSeries format v LIST information in UNIX-style format Configure Anonymous FTP Anonymous FTP enables unprotected access (no password required) to selected information on a remote system. The remote site determines what information is made available for general access. Such information is considered to be publicly accessible and can be read by anyone. It is the responsibility of the person who owns the information and the system to assure that only appropriate information is made available. To access this information, a user logs on to the hosts using the user ID ANONYMOUS. The user ANONYMOUS has limited access rights to the files on the server and has some operating restrictions. Typically, the only operations allowed include the following: v Logging on using FTP v Listing the contents of a limited set of directories v Retrieving files from these directories. Usually, anonymous users are not allowed to transfer files to the FTP server system. Some systems do provide an incoming directory for anonymous uses to send data to. Traditionally, the special anonymous user account accepts a string as a password, although it is common to use either the password ’guest’ or one’s e-mail address. Some archive sites explicitly ask for the user’s e-mail address and will not allow logon with the guest password. Providing an e-mail address is a courtesy that allows the archive site operators to get some idea of who is using their services. Anonymous FTP on the iSeries The basic File Transfer Protocol (FTP) server does not support anonymous FTP. To set up anonymous FTP on your iSeries server, you need to provide exit programs for the two FTP Server exit points (server logon exit point and request validation exit point). You may want to provide anonymous FTP because it is a convenient and often necessary service. However, the use of anonymous FTP raises security concerns for your iSeries server. See Securing FTP with exit programs for more information about protecting your system. To configure Anonymous FTP, complete these tasks: 1. Prepare for Anonymous FTP Review the technical requirements and define a security policy. 2. Write exit programs for Anonymous FTP Write two exit programs for Anonymous FTP support. This topic provides many examples of exit programs as well as useful tips and techniques. 3. Create an OS/400 User Profile ANONYMOUS Prevent anyone from signing on to your iSeries server directly with a user ID of ANONYMOUS. 4. Create a Public Library or Directory Create, load, and set your public libraries or directories. 5. Install and register your exit programs Create a library to contain your exit programs and their log files, compile the programs, and register them for use by the FTP server. 10 iSeries: FTP Prepare for Anonymous FTP Consider the following information as you prepare to configure Anonymous FTP. Skill Requirements To set up Anonymous FTP, you will need the following skills: v Familiarity with the iSeries character-based interface and commands with multiple parameters and keywords. v Ability to create libraries, members, and source physical files on your iSeries (you should have at least *SECOFR authority). v Ability to assign authorities to libraries, files, members, and programs. v Ability to write, change, compile, and test programs on your iSeries server. Security considerations Your first step in implementing Anonymous FTP is to define your Anonymous FTP server site policy. This plan defines your FTP site security and determines how to code your exit programs. Because your FTP server will be allowing anyone in the world to access your data, you must carefully consider how you want it to be used and what data must be protected. Review the following recommendations for your FTP site policy plan: v v v v v Use a firewall between your iSeries server and the Internet. Use a non-production iSeries for your FTP server. Do not attach the FTP server to the rest of your company’s LANs or WANs. Use FTP exit programs to secure access to the FTP server. Test FTP exit programs to ensure that they do not contain security loopholes. v Do not allow anonymous FTP users to have read and write access to the same directory. This permits the anonymous user to be untraceable on the Internet. v Allow ANONYMOUS access only. Do not allow any other userids and do not authenticate passwords. v Restrict ANONYMOUS access to one public library or directory only. (Where will it be? What will you call it?) v Place only public access files in the public library or directory. v Restrict ANONYMOUS users to ’view’ and ’retrieve’ subcommands only (get, mget). Do not under any circumstances allow ANONYMOUS users to use CL commands. v Log all access to your iSeries FTP server. v Review FTP server logs daily or weekly for possible attacks. v Verify that the FTP server registers the correct exit programs once a month. v Test the FTP server for security holes once a month. What to do next: Write two exit programs for Anonymous FTP support. Write exit programs for Anonymous FTP To support Anonymous FTP, you need to write two exit programs: FTP Server Logon exit program and FTP Server Request Validation exit program. The FTP Server Logon exit program enables the ANONYMOUS user ID and forces the ANONYMOUS user to the public library or directory. The FTP Server Request Validation exit program restricts the commands, files, and directories or libraries that the ANONYMOUS user can use. Exit points and exit point formats The FTP server communicates with each exit program through a specific exit point. Parameters are passed between the server and the exit program. The format of the exchanged information is specified by an exit point format. For more information about the exit point programs for FTP, refer to FTP exit FTP 11 programs. The following exit points are used for Anonymous FTP: Program Server logon Request validation Exit Point QIBM_QTMF_SVR_LOGON QIBM_QTMF_SERVER_REQ Format TCPL0100, TCPL0200, or TCPL0300.1 VLRQ0100 -An exit point may have more than one format, but an exit program can only be registered for one of the exit point formats. Examine each of these formats, then choose the one most appropriate for your system. Example programs Example programs are available to help you set up anonymous FTP on your server. You can use these samples as a starting point to build your own programs. By copying portions of the code from the samples, you can add them to programs that you write yourself. It is recommended that you run the sample programs on a system other than your production system. Note: These examples are for illustration purposes only. They do not contain enough features to run on a production machine as is. Feel free to use them as a starting point, or to use sections of code as you write your own programs. 1 To view the example programs, refer to server programs for Server logon exit point and Request validation exit point. What to do next: Create an OS/400 user profile: ANONYMOUS Create an OS/400 user profile: ANONYMOUS To prevent anyone from directly signing on to your iSeries server with the user profile ANONYMOUS, it is strongly recommended that you create a user profile of ANONYMOUS and assign it a password of *NONE. You can create this profile using iSeries Navigator. 1. In iSeries Navigator, expand Users and Groups. 2. Right-click All Users and select New Users. 3. On the New Users panel, enter the following information: User name = ANONYMOUS and Password = No password. 4. Click the Jobs button and select the General tab. 5. On the General tab, assign the Current library and Home directory that the Anonymous user should use. 6. Click OK and complete any other settings. 7. Click Add to create the profile. What to do next: Create a Public Library or Directory Create a public library or directory After creating anonymous users, you may want to create a public library or directory for them to use. Usually anonymous users should only be able to access public files. It is recommended that you restrict anonymous users to a single library or a single directory tree, which only contain “public” files. 12 iSeries: FTP 1. Create the public libraries or directories that will contain files accessible through anonymous FTP. 2. Load your public libraries or directories with the public access files. 3. Set the public libraries or directories and file authorities to PUBLIC *USE. What to do next: Install and register exit programs Install and register exit programs Install the exit program 1. Create a library to contain your exit programs and their log files. 2. Compile your exit programs in this library. 3. Grant PUBLIC *EXCLUDE authority to the library, program, and file objects. The FTP server application adopts authority when necessary to resolve and call the exit program. Register the exit program 1. At the iSeries character-based interface, enter WRKREGINF. 2. Page down to an FTP Server Logon exit point: QIBM_QTMF_SVR_LOGON QIBM_QTMF_SVR_LOGON QIBM_QTMF_SVR_LOGON QIBM_QTMF_SERVER_REQ TCPL0100 TCPL0200 TCPL0300 VLRQ0100 3. Enter 8 in the Opt field to the left of the exit point entry and press Enter. 4. At the Work with Exit Programs display, enter a 1(add). 5. Enter the name of the exit program in the Exit Program field. 6. Enter the name of the library that contains the exit program in the Library field. 7. Press Enter. 8. End and restart the FTP server to ensure that all FTP server instances use the exit programs. 9. Test your exit programs thoroughly. Note: Exit programs take effect as soon as the FTP server requests a new FTP session. Sessions that are already running are not affected. Related topic: Removing installed exit programs Secure FTP If you use your iSeries system as an FTP server on the Internet, it is accessible to the entire world. Therefore, attention to FTP security is necessary to ensure that vital business data stored on your iSeries server is not compromised. There are also steps you can take to protect your FTP client. You can find information about ways to protect the FTP server and client in the following topics: Prevent FTP server access If you are not using FTP, you should prevent FTP from running to ensure no one can enter your iSeries server through the FTP port. This topic explains how to block the FTP port. Control FTP access If you are using FTP, you need to keep control over users to protect your data and network. This topic offers tips and security considerations. FTP 13 Use Secure Sockets Layer (SSL) to secure FTP SSL support allows the user to eliminate the exposure of sending passwords and data “in the clear” on the network when using the OS/400 FTP server with an FTP client that also supports SSL. Manage access using FTP exit programs This topic describes how to use FTP exit points to protect your iSeries. Manage access using iSeries Navigator You can use Application Administration Limit Access in iSeries Navigator to protect your iSeries FTP server or client. Monitoring incoming FTP users Monitor who is logging in to your FTP server. Prevent FTP server access If you do not want anyone to use FTP to access your iSeries server, you should prevent the FTP server from running. To prevent FTP access to your iSeries, follow these steps: Prevent the FTP server from starting automatically To prevent FTP server jobs from starting automatically when you start TCP/IP, follow these steps: 1. In iSeries Navigator, expand your iSeries Server —> Network —> Servers —> TCP/IP. 2. Right-click FTP and select Properties. 3. Deselect Start when TCP/IP starts. Prevent access to FTP ports To prevent FTP from starting and to prevent someone from associating a user application, such as a socket application, with the port that the iSeries normally uses for FTP, do the following: 1. In iSeries Navigator, expand your iSeries Server —> Network —> Servers —> TCP/IP. 2. Right-click TCP/IP Configuration and select Properties. 3. In the TCP/IP Configuration Properties window, click the Port Restrictions tab. 4. On the Port Restrictions page, click Add. 5. On the Add Port Restriction page, specify the following: v User name: Specify a user profile name that is protected on your iSeries. (A protected user profile is a user profile that does not own programs that adopt authority and does not have a password that is known by other users.) By restricting the port to a specific user, you automatically exclude all other users. v Starting port: 20 v Ending port: 21 v Protocol: TCP 6. Click OK to add the restriction. 7. On the Port Restrictions page, click Add and repeat the procedure for the UDP protocol. 8. Click OK to save your port restrictions and close the TCP/IP Configuration Properties window. 9. The port restriction takes effect the next time that you start TCP/IP. If TCP/IP is active when you set the port restrictions, you should end TCP/IP and start it again. 14 iSeries: FTP Notes: v The port restriction takes effect the next time that you start TCP/IP. If TCP/IP is active when you set the port restrictions, you should end TCP/IP and start it again. v The Internet Assigned Numbers Authority (IANA) website provides information about assigned port numbers at http://www.iana.org . v If ports 20 or 21 are restricted to a user profile other than QTCP, attempting to start the FTP server will cause it to immediately end with errors. v This method works only for completely restricting an application such as the FTP server. It does not work for restricting specific users. When a user connects to the FTP server, the request uses the QTCP profile initially. The system changes to the individual user profile after the connection is successful. Every user of the FTP server uses QTCP’s authority to the port. Control FTP access v If you want to allow FTP clients to access your system, be aware of the following security concerns: Your object authority scheme might not provide detailed enough protection when you allow FTP on your system. For example, when a user has the authority to view a file (*USE authority), the user can also copy the file to a PC or to another system. You might want to protect some files from being copied to another system. You can use FTP exit programs to restrict the FTP operations that users can perform. You can use the FTP Request Validation Exit to control what operations you allow. For example, you can reject GET requests for specific database files. You can use the Server logon exit point to authenticate users who log on to the FTP server. Configure Anonymous FTP describes how to use exit programs to set up support for Anonymous FTP on your system. Unless you use TLS/SSL, FTP passwords are not encrypted when they are sent between the client system and the server system. Depending on your connection methods, your system may be vulnerable to password theft through line sniffing. If the QMAXSGNACN system value is set to 1, the QMAXSIGN system value applies to TELNET but not to FTP. If QMAXSGNACN is set to 2 or 3 (values which disable the profile if the maximum sign on count is reached), FTP logon attempts are counted. In this case, a hacker can mount a denial of service attack through FTP by repeatedly attempting to log on with an incorrect password until the user profile is disabled. v v v v v For each unsuccessful attempt, the system writes message CPF2234 to the QHST log. You can write a program to monitor the QHST log for the message. If the program detects repeated attempts, it can end the FTP servers. v You can use the Inactivity timeout (INACTTIMO) parameter on the FTP configuration to reduce the exposure when a user leaves an FTP session unattended. Be sure to read the documentation or online help to understand how the INACTTIMO parameter and the connection timer (for server startup) work together. Note: The QINACTITV system value does not affect FTP sessions. v When you use FTP batch support, the program must send both the user ID and the password to the server system. Either the user ID and password must be coded in the program, or the program must FTP 15 retrieve them from a file. Both these options for storing passwords and user IDs represent a potential security exposure. If you use FTP batch, you must ensure that you use object security to protect the user ID and password information. You should also use a single user ID that has limited authority on the target system. It should have only enough authority to perform the function that you want, such as file transfer. v FTP provides remote-command capability, just as advanced program-to-program communications (APPC) and iSeries Access do. The RCMD (Remote Command) FTP-server subcommand is the equivalent of having a command line on the system. Before you allow FTP, you must ensure that your object security scheme is adequate. You can also use the FTP exit program to limit or reject attempts to use the RCMD subcommand. FTP exit programs describes this exit point and provides sample programs. v A user can access objects in the integrated file system with FTP. Therefore, you need to ensure that your authority scheme for the integrated file system is adequate when you run the FTP server on your system. v A popular hacker activity is to set up an unsuspecting site as a repository for information. Sometimes, the information might be illegal or pornographic. If a hacker gains access to your site through FTP, the hacker uploads this undesirable information to your iSeries. The hacker then informs other hackers of your FTP address. They in turn access your iSeries with FTP and download the undesirable information. You can use the FTP exit programs to help protect against this type of attack. For example, you might direct all requests to upload information to a directory that is write-only. This defeats the hacker’s objective because the hacker’s friends will not be able to download the information in the directory. provides more AS/400R Internet Security: Protecting Your AS/400 from HARM on the Internet information about the risks and possible solutions when you allow uploading through FTP. Use SSL to secure the FTP server The FTP server provides enhanced security while sending and receiving files over a untrusted network. FTP server uses Secure Sockets Layer (SSL) to secure passwords and other sensitive data during an information exchange. The FTP server supports either SSL or TLS protected sessions, including client authentication and automatic sign-on (see SSL concepts for additional information about the TLS and SSL protocols). Most SSL-enabled applications connect a client to separate TCP ports, one port for “unprotected” sessions and the other for secure sessions. However, secure FTP is a bit more flexible. A client can connect to a non-encrypted TCP port (usually TCP port 21) and then negotiate authentication and encryption options. A client can also choose a secure FTP port (usually TCP port 990), where connections are assumed to be SSL. The iSeries FTP server provides for both of these options. Before you can configure the FTP server to use SSL, you must have installed the prerequisite programs and set up digital certificates on your iSeries. To configure SSL to secure FTP, complete the following tasks: 1. Create a local Certificate Authority or use DCM to configure the FTP server to use a public certificate for SSL. 2. Associate a certificate with the FTP server 3. Require client authentication for the FTP server (optional) 4. Enable SSL on the FTP server See Secure the FTP client with TLS/SSL for related information. 16 iSeries: FTP Create a local Certificate Authority You can use the IBM Digital Certificate Manager (DCM) to create and operate a Local Certificate Authority (CA) on your iSeries server. A Local CA enables you to issue private certificates for applications that run on your iSeries server. To use DCM to create and operate a Local CA on the iSeries server, follow these steps: 1. Start DCM. 2. In the navigation frame of DCM, select Create a Certificate Authority (CA) to display a series of forms. These forms guide you through the process of creating a Local CA and completing other tasks needed to begin using digital certificates for SSL, object signing, and signature verification. 3. Complete all the forms that display. There is a form for each of the tasks that you need to perform to create and operate a Local CA on the iSeries server. Completing these forms allows you to: a. Choose how to store the private key for the Local CA certificate. This step is included only if you have an IBM 4758-023 PCI Cryptographic Coprocessor installed on your iSeries. If your system does not have a cryptographic coprocessor, DCM automatically stores the certificate and its private key in the Local CA certificate store. b. Provide identifying information for the Local CA. c. Install the Local CA certificate on your PC or in your browser. This enables software to recognize the Local CA and validate certificates that the CA issues. d. Choose the policy data for your Local CA. e. Use the new Local CA to issue a server or client certificate that applications can use for SSL connections. If you have an IBM 4758-023 PCI Cryptographic Coprocessor installed in the iSeries server, this step allows you to select how to store the private key for the server or client certificate. If your system does not have a coprocessor, DCM automatically places the certificate and its private key in the *SYSTEM certificate store. DCM creates the *SYSTEM certificate store as part of this task. f. Select the applications that can use the server or client certificate for SSL connections. Note: Be sure to select the application ID for the OS/400 FTP Server (QIBM_QTMF_FTP_SERVER). g. Use the new Local CA to issue an object signing certificate that applications can use to digitally sign objects. This creates the *OBJECTSIGNING certificate store, which you use to manage object signing certificates. Note: Although this scenario does not use object signing certificates, be sure to complete this step. If you cancel at this point in the task, the task ends and you have to perform separate tasks to complete your SSL certificate configuration.. h. Select the applications that you want to trust the Local CA. Note: Be sure to select the application ID for the OS/400 FTP Server (QIBM_QTMF_FTP_SERVER). See these related pages for more information about certificates: Manage user certificates Learn how your users can use DCM to obtain certificates or associate existing certificates with their iSeries user profiles. Use APIs to programmatically issue certificates to non-iSeries users Learn how you can use your Local CA to issue private certificates to users without associating the certificate with an iSeries user profile. Obtain a copy of the private CA certificate Learn how to obtain a copy of the private CA certificate and install it on your PC so that you can authenticate any server certificates that the CA issues. What to do next: Associate a certificate with the FTP server FTP 17 Associate a certificate with the FTP server Perform this task if you did not perform the task to assign a certificate to the FTP server application during the creation of the Local Certificate Authority (CA), or if you have configured your system to request a certificate from a Public CA. 1. Start IBM Digital Certificate Manager. If you need to obtain or create certificates, or otherwise setup or change your certificate system, do so now. See Using Digital Certificate Manager for information on setting up a certificate system. 2. Click the Select a Certificate Store button. 3. Select *SYSTEM. Click Continue. 4. Enter the appropriate password for *SYSTEM certificate store. Click Continue. 5. 6. 7. 8. 9. 10. 11. When the left navigational menu reloads, expand Manage Applications. Click Update certificate assignment. On the next screen, select Server application. Click Continue. Select the OS/400 TCP/IP FTP Server. Click Update Certificate Assignment to assign a certificate to the OS/400 TCP/IP FTP Server. Select a certificate from the list to assign to the server. Click Assign New Certificate. 12. DCM reloads to the Update Certificate Assignment page with a confirmation message. When you are finished setting up the certificates for the FTP server, click Done. What to do next: Require client authentication for the FTP server (optional) or Enable SSL on the FTP server Require client authentication for the FTP server (optional) If you need the FTP server to authenticate clients, you can change the application specifications in IBM Digital Certificate Manager. Note:The FTP server supports client authentication, but the OS/400 FTP Client does not. Some users may still want to require client authentication, but it will exclude the use of the OS/400 FTP Client for SSL connections. If an FTP client connects and client authentication is enabled for the server, the client must still send a USER subcommand. Once the USER subcommand information is sent, the FTP server will check that the user matches the profile associated with the client certificate that the client sent to the server as part of the SSL handshake. If the user matches the client certificate, no password is needed and the FTP server will log the user onto the system. The USER subcommand is needed because there is no mechanism in the FTP protocol to “inform” the client that it’s logged on without the command. 1. Start IBM Digital Certificate Manager. If you need to obtain or create certificates, or otherwise setup or change your certificate system, do so now. See Using Digital Certificate Manager for information on setting up a certificate system. 2. Click the Select a Certificate Store button. 3. Select *SYSTEM. Click Continue. 4. Enter the appropriate password for *SYSTEM certificate store. Click Continue. 5. When the left navigational menu reloads, expand Manage Applications. 18 iSeries: FTP 6. 7. 8. 9. 10. Click Update application definition. On the next screen, select Server application. Click Continue. Select the OS/400 TCP/IP FTP Server. Click Update Application Definition. In the table that displays, select Yes to require client authentication. 11. Click Apply. 12. DCM reloads to the Update Application Definition page with a confirmation message. When you are finished updating the application definition for the FTP server, click Done. What to do next: Enable SSL on the FTP server Enable SSL on the FTP server Perform the following steps to Enable SSl on the FTP server: 1. In iSeries Navigator, expand your iSeries server —> Network —> Servers —> TCP/IP. 2. 3. 4. 5. Right-click FTP. Select Properties. Select the General tab. Choose one of these options for SSL support: v Secure only Select this to allow only SSL sessions with the FTP server. Connections may be made to the non-secure FTP port, but the FTP client must negotiate an SSL session before the user is allowed to log in. v Non-secure only Select this to prohibit secure sessions with the FTP server. Attempts to connect to an SSL port will not connect. v Both secure and non-secure Allows both secure and non-secure sessions with the FTP server. You do not need to restart the FTP server. It will dynamically detect that a certificate has been assigned to it. If it does not dynamically detect this change, verify that you have the latest PTFs applied to your iSeries server. Note: Secure the FTP client with TLS/SSL You can use Transport Layer Security (TLS) / Secure Sockets Layer (SSL) connections to encrypt data transferred over FTP control and data connections. The primary reason for encryption on the control connection is to conceal the password when logging on to the FTP server. Before using the FTP client to make secure connections to servers, you must use DCM to configure trusted certificate authorities for the FTP Client. Any certificate authorities which were used to create certificates assigned to servers that you want to connect to must be added. Exporting or importing Certificate Authority (CA) certificates may be required depending on the CAs used. Refer to Define a CA trust list for an application in the DCM topic for more information about CA trusted authorities. FTP 19 If you choose TLS/SSL encryption for the control connection, the FTP client will also encrypt the data sent on the FTP data connection by default. FTP protocol does not allow you to have a secure data connection without a secure control connection. Encryption can have a significant performance cost and can be bypassed on the data connection. This allows you to transfer non-sensitive files without decreasing performance and still protect the system’s security by not exposing passwords. The FTP client has parameters for the STRTCPFTP CL command and subcommands which are used as part of the TLS/SSL support (SECOpen and SECData). Specifying TLS/SSL protection for the iSeries FTP Client Control Connection TLS/SSL protection can be specified on the STRTCPFTP command and the SECOPEN subcommand. For the STRTCPFTP (FTP) command, specify *SSL for the SECCNN secure connection parameter to request a secure control connection. Also, you may be able to specify *IMPLICIT to obtain a secure connection on a pre-defined server port number. (See IMPLICIT SSL Connection below for more details.) Within your FTP client session, the SECOPEN subcommand can be used to obtain a secure control connection. Data Connection For the STRTCPFTP (FTP) command, enter *PRIVATE for the DTAPROT data protection parameter to specify a secure data connection. Enter *CLEAR for the DTAPROT data protection parameter to specify data to be sent without encryption. When you have a secure control connection, you can use the SECDATA subcommand to change the data connection protection level. Implicit SSL connection Some FTP servers support what is called an implicit SSL connection. This connection provides the same encryption protection as the *SSL option, but can only be done on a pre-determined server port, usually 990, for which the server must be configured to expect an SSL/TLS connection negotiation. This method is provided to allow secure connections to those FTP implementations that may not support the standard protocol for providing TLS/SSL protection. Many early implementations of SSL support used the implicit approach, but now it is no longer recommended and has been deprecated by the IETF. 20 iSeries: FTP Note: The standard protocol for setting up an TLS/SSL connection requires that the AUTH (Authorization) server subcommand be used when making the connection to the server. Also, the server subcommands PBSZ and PROT are used to specify the data protection level. However, for an implicit SSL connection, the AUTH, PBSZ, and PROT server subcommands are not sent to the server. Instead, the server will act as if the client had sent these subcommands with the parameters shown below: v AUTH SSL v PBSZ 0 v PROT P Manage access using FTP exit programs FTP provides a security level based on the OS/400 object security. This means that remote users cannot logon to your iSeries FTP server unless they have a valid user profile and password. You can provide additional security by adding FTP exit programs to the FTP Server and Client exit points to further restrict FTP access to your system. For example, you can restrict FTP logon capability, as well as access to libraries, objects, and the use of commands. You can write an FTP Server Request Validation exit program to restrict the CL commands and FTP subcommands that users may access. For instructions and examples, see the Request validation exit point: client and server topic. You can control the authentication of users to a TCP/IP application server with an exit program for the Server logon exit point. You can write an FTP Client Request Validation exit program for the Client exit point: Request validation. This controls which FTP client functions a user may perform. Depending on your situation, you may consider limiting access to FTP subcommands using Application Administration Limit Access as an alternative to writing exit programs for the FTP Server Request Validation and FTP Client Request Validation exit points. To allow the exit programs to work properly, you must Install and register your exit point programs. If your programs are no longer needed, you must properly Remove the exit point programs to prevent their future functioning. Manage access using iSeries Navigator You can use iSeries Navigator to limit user access to FTP server and client functions. Use Application Administration to grant and deny access to functions for individual users or for groups of users. Alternatively, you can manage access to FTP functions by writing FTP exit programs for the FTP Request Validation Exit Points. To manage user access to functions using iSeries Navigator, complete the following steps: 1. In iSeries Navigator, right-click your iSeries server and select Application Administration. 2. Select the Host Applications tab. 3. Expand TCP/IP Utilities for iSeries. FTP 21 Expand File Transfer Protocol (FTP). Expand FTP Client or FTP Server. Select the function that you want to allow or deny access to. Click Customize. Use the Customize Usage dialog to change the list of users and groups that are allowed or denied access to the function. 9. Click OK to save changes to the Customize Access page. 10. Click OK to exit the Application Administration page. Alternatively, you can manage the access that a specific user or group has to registered FTP functions through iSeries Navigator’s Users and Groups management tool. To do this, follow these steps: 1. In iSeries Navigator, expand your iSeries server —> Users and Groups. 2. Select All Users or Groups. 3. Right-click a user or group, then select Properties. 4. Click Capabilities. 5. Click Applications. From here, you can change the user or group’s settings for the listed function. You can also can change the settings for all functions in a hierarchy grouping by changing the settings of the “parent” function. For more information on securing your iSeries FTP server, see the Implementing FTP security topic. 4. 5. 6. 7. 8. Monitor incoming FTP users Logging and reviewing FTP use will allow you to monitor activity and check for outside attacks. To monitor for incoming FTP users, follow these steps: 1. In iSeries Navigator, expand your server —> Network —> Servers —> TCP/IP. 2. In the right pane, right-click FTP and select Server Jobs. 3. The FTP server job panel appears. The Current user column displays the user logged in to the server job. If no user is logged in, Qtcp is displayed. Press F5 or select View —> Refresh to update the display. The format for the names of these jobs is QTFTPnnnnn. The nnnnn is a randomly-generated number. To start FTP server jobs, follow the steps in Start the FTP server. Manage your FTP server You can set up your iSeries server to send, receive, and share files across networks by using file transfer protocol (FTP). FTP consists of two parts: the FTP client and the FTP server. You interact with the FTP client. The FTP client interacts with the FTP server. You do not normally interact directly with the FTP server. The following topics will help you to administer your FTP server: v Start and stop the FTP server v Set number of available FTP servers v Improve FTP performance with configurable subsystem support Start and stop the FTP server The FTP server can be started and stopped using iSeries Navigator. For instructions on how to access FTP, see Accessing FTP through iSeries Navigator. To start the FTP server, complete the following steps: 22 iSeries: FTP 1. In iSeries Navigator, expand your iSeries server —> Network —> Servers —> TCP/IP. 2. In the right pane, right-click FTP and select Start. To stop the FTP server, complete the following steps: 1. In iSeries Navigator, expand your iSeries server —> Network —> Servers —> TCP/IP. 2. In the right pane, right-click FTP and select Stop. Set number of available FTP servers You can specify the minimum number of available servers to be kept ready for future client connections. To set this value, go to the FTP Properties page and specify a number from 1 to 20 for the Initial number of servers to start. Specifying a value of 1 delays incoming connections to the FTP server. The recommended value is 3. When a client connects to an iSeries FTP server, the server examines the number of active servers that are not connected to a client and the value specified for the initial number of servers to start. If the initial server value is greater than the number of available servers, additional servers are started so that the two numbers are equal. If the initial server value is less than the number of available servers, no action is taken. Changes to the initial server value take effect at the time of the next client connection, when the above process is activated. For example, if there are five FTP client sessions established at the same time and the initial server value is set at 10, there will be 15 FTP servers running. The 15 servers include five servers for the five active client sessions and ten available servers. The number of available servers can be larger than the initial server value. In this same example, if the five clients end their sessions and no other sessions are started, there will be 15 available servers. Improve FTP server performance with configurable subsystem support The default subsystem (QSYS/QSYSWRK) is used for many IBM-supplied server jobs. Using a different subsystem than the default subsystem can result in improved FTP performance because the need to share resources is eliminated. To 1. 2. 3. 4. configure a subsystem for the FTP server, follow these steps: In iSeries Navigator, expand your iSeries Server —> Network —> Servers —> TCP/IP. Right-click FTP and select Properties. On the FTP Properties page, select Subsystem description. Specify a subsystem description and a predefined library. If the specified subsystem does not exist, then FTP will create it along with routing table entries and job descriptions. When the startup job for the server is executed, it will specify the parameters for the newly created subsystem and then submit the server jobs for batch startup in that subsystem. Use the FTP client on iSeries The FTP client allows you to transfer files that are found on your iSeries server, including those in the Root, QSYS.Lib, QOpenSys, QOPT, and QFileSvr.400 file systems. It also allows you to transfer folders and documents in the document library services (QDLS) file system. The FTP client may be run interactively in an unattended batch mode where client subcommands are read from a file and the responses to these subcommands are written to a file. It also includes other features for manipulating files on your system. The client has a user interface from which you can enter client subcommands for making requests to an FTP server. The results of these requests are then displayed. FTP 23 To transfer files between the client and the server, two connections are established. The control connection is used to request services from the server with FTP server commands. The server sends replies back to the client to indicate how the request was handled. The second connection, called the data connection, is used for transferring lists of files and the actual file data. Both the client and the server have a data transfer function that interfaces to the resident file systems. These functions read or write data to the local file systems and to and from the data connection. Start and end a client session Describes how to start and stop a client session. Server timeout considerations Explains how to keep your connection from timing out. Transfer files with FTP Describes how to send and receive files with FTP. FTP as batch job Provides examples of how to run FTP in an unattended mode. Start and end a client session This topic provides details for using the FTP client on the iSeries server. Starting FTP client sessions (See 24) Ending the FTP client session (See 27) Starting FTP client session Before starting the FTP client function, you must have the following information: v The name or Internet address of the system to which files are sent or obtained. v A logon ID and password (if required) for the remote system where the file transfers are to occur. v The name of the file or files with which you want to work (send and receive, for example). The Start TCP/IP File Transfer Protocol (STRTCPFTP “remotesystem”) starts a client session on the local iSeries server and then opens a connection to the FTP server on the specified remote system. For example, entering the command FTP myserver.com would start a client session on your iSeries server, then open a connection to the FTP server on the remote myserver.com system. You can specify additional parameters, or be prompted for them by typing STRTCPFTP without specifying a remote system. Start TCP/IP File Transfer (FTP) Type choices, press Enter. Remote system . . . . . . . . . > MYSERVER.COM Coded character set identifier *DFT Port . . . . . . . . . . . . . . > *SECURE Secure connection . . . . . . . *DFT Data protection . . . . . . . . *DFT 1-65533, *DFT 1-65535, *DFT, *SECURE *DFT, *NONE, *SSL, *IMPLICIT *DFT, *CLEAR, *PRIVATE Once you specify a remote system name, you will be prompted to specify additional information. The following summarizes the options available, additional details are available in the field help: 24 iSeries: FTP Remote system (RMTSYS) Specifies the remote system name to which or from which the files are transferred. The possible values are: *INTNETADR The Internet address (INTNETADR) parameter is prompted. The Internet address is specified in the form, nnn.nnn.nnn.nnn, where nnn is a decimal number ranging from 0 through 255 remote-system Specify the remote system name to which or from which the file transfer takes place. Coded character set identifier (CCSID) Specifies the ASCII coded character set identifier (CCSID) that is used for single-byte character set (SBCS) ASCII file transfers when the FTP TYPE mode is set to ASCII. The possible values are: *DFT The CCSID value 00819 (ISO 8859-1 8-bit ASCII) is used. CCSID-value The requested CCSID value is used. This value is validated to ensure a valid ASCII SBCS CCSID was requested. Port (PORT) Specifies the port number used for connecting to the FTP server. Normally the “well-known” port value of 21 is used to connect to the FTP server. Under some circumstances, the FTP server may be contacted at a port other than port 21. In those situations, the port parameter may be used to specify the server port to connect to. The possible values are: *DFT The value 00021 is used. *SECURE The value 00990 is used. Port 990 is reserved for secure FTP servers which immediately use Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocols to encrypt data. port_value The requested port value is used. This value is validated to ensure it is in the proper range. Note: If 990 is specified, the FTP client will perform the same functions as if *SECURE were specified. Secure connection (SECCNN) Specifies the type of security mechanism to be used for protecting information transferred on the FTP control connection (which includes the password used to authenticate the session with the FTP server). Transport Layer Security (TLS) and Secure Sockets Layer (SSL) are compatible protocols which use encryption to protect data from being viewed during transmission and verify that data loss or corruption does not occur. Note: The FTP client subcommand SECOPEN can be used to open a protected FTP connection during an FTP client session. The possible values are: FTP 25 *DFT If the PORT parameter specifies *SECURE or 990, *IMPLICIT is used; otherwise, *NONE is used. *IMPLICIT The FTP client immediately attempts to use TLS/SSL when connecting to the specified FTP server (without sending an AUTH subcommand to the server). If the server does not support implicit TLS/SSL on the specified port, or the TLS/SSL negotiation fails for any reason, the connection is closed. *SSL After connecting to the specified FTP server, the FTP client sends an AUTH (authorization) subcommand requesting a TLS/SSL protected session. If the server supports TLS/SSL, a TLS/SSL negotiation performed. If the server does not support TLS/SSL or the TLS/SSL negotiation fails, the connection is closed. *NONE The FTP client does not use encryption for the control connection to the specified FTP server. Data protection (DTAPROT) Specifies the type of data protection to be used for information transferred on the FTP data connection. This connection is used to transfer file data and directory listings. The FTP protocol does not allow protection of the data connection if the control connection is not protected. Note: The FTP client subcommand SECData can be used subsequently to change the data protection level. The FTP client uses the FTP server subcommand PROT to request the specified data protection after a secure control connection has been established. The possible values are: *DFT If the SECCNN parameter specifies a protected control connection, *PRIVATE is used; otherwise, *CLEAR is used. *PRIVATE Information sent on the FTP data connection is encrypted. If the SECCNN parameter specifies that the FTP control connection is not encrypted, *PRIVATE cannot be specified. *CLEAR Information sent on the FTP data connection is not encrypted. Outgoing ASCII/EBCDIC table (TBLFTPOUT) Specifies the table object that is to be used to map all outgoing data in the FTP client. Outgoing data is mapped from EBCDIC to ASCII. If no table object is specified for TBLFTPOUT, the CCSID parameter is used to determine outgoing mapping. The possible values are: *CCSID The CCSID parameter is used to determine outgoing mapping. *DFT The CCSID parameter is used to determine outgoing mapping. The name of the outgoing mapping table can be qualified by one of the following library values: 26 iSeries: FTP *LIBL All libraries in the user and system portions of the job’s library list are searched until the first match is found. *CURLIB The current library for the job is searched. If no library is specified as the current library for the job, the QGPL library is used. library-name Specify the name of the library to be searched. outgoing-mapping-table Specify the table object to be used by the FTP client for mapping outgoing data. Incoming ASCII/EBCDIC table (TBLFTPIN) Specifies the table object that is to be used to map all incoming data in the FTP client. Incoming data is mapped from ASCII to EBCDIC. If no table object is specified for TBLFTPIN, the CCSID parameter is used to determine incoming mapping. The possible values are: *CCSID The CCSID parameter is used to determine incoming mapping. *DFT The CCSID parameter is used to determine incoming mapping. The name of the incoming mapping table can be qualified by one of the following library values: *LIBL All libraries in the user and system portions of the job’s library list are searched until the first match is found. *CURLIB The current library for the job is searched. If no library is specified as the current library for the job, the QGPL library is used. library-name Specify the name of the library to be searched. incoming-mapping-table Specify the table object to be used by the FTP client for mapping incoming data. For steps for transferring files with between systems, refer to the topic Transfer Files with FTP. Ending the FTP client session The FTP session is ended with the QUIT subcommand. The QUIT subcommand closes the connection with the remote host and ends the FTP session on the iSeries server. Alternatively, you can press F3 (Exit) and then confirm to end the FTP client session. Server timeout considerations The inactivity time-out value requires some consideration. This is the time in seconds without FTP server activity that will cause the server to close the session. Certain remote servers allow the client to change this value. For example, iSeries supports the FTP server TIME subcommand, which can be sent to FTP 27 the server with the FTP client QUOTE subcommand, as described in QUOTE (Send a Subcommand to an FTP Server). UNIX servers often support the SITE IDLE subcommand. When using local iSeries subcommands with either the SYSCMD subcommand or F21, there is no interaction between the client and the server. Therefore, if the running of these local iSeries commands exceeds the server inactivity time-out period, the server will close the connection. If you lose your connection, you must log on to the server again using the OPEN command (OPEN <remote system name>) and the USER command as described in the note to Logon to the Remote System (Server). Transfer files with FTP Follow these steps to transfer files with FTP. 1. Collect this information: v The TCP/IP name or IP address of the remote computer v A logon name and password for the remote computer (unless the remote computer supports anonymous FTP) v The name and location of the file you want to transfer v The location of the destination v The file transfer type that you will use: ASCII, EBCDIC, or BINARY v Whether you want to use a connection secured with Transport Layer Security (TLS) or Secure Sockets Layer (SSL). 2. At the command line, type FTP and press Enter. 3. At the prompt, enter the TCP/IP name or IP address of the remote computer system and press Enter. You can use either the name or the IP address, such as: remote.systemname.com or 110.25.9.13 4. Enter the Coded Character Set Identifier (CCSID). Use the default (*DFT) value unless you know that you need a specific CCSID. If you want to use a secure connection to protect passwords and data, specify a Port value of *SECURE. 6. Press Enter to initiate the connection. The FTP client will display messages that indicate a successful connection with the remote system. 5. Note: If you specify a port of *SECURE and the server does not support implicit TLS/SSL on the specified port, or the TLS/SSL negotiation fails for any reason, the connection is closed. 7. To change the file transfer type, do the following: a. To switch to EBCDIC, enter EBCDIC and press Enter before you transfer the file. b. To switch to BINARY, enter BINARY and press Enter before you transfer the file. c. To switch back to the default type, ASCII, enter ASCII and press Enter before you transfer the file. 8. Now you are ready to transfer files: a. Enter CD and the name of the directory. Press Enter. b. Do one of the following: v To transfer a file from the server system to the client system, enter GET followed by the name of the file: 28 iSeries: FTP GET myfile.txt v To send a file that is on the client system to the server system, enter PUT followed by the name of the file: PUT myfile.txt 9. Enter the FTP subcommand QUIT to end the FTP client session and return to the iSeries command line. FTP as batch job In addition to running the FTP client interactively, you can run the FTP client in an unattended mode. This topic provides two examples of this method: a simple (See 29) example and a complex (See 30) example. You can also refer to Section 6.7, Batch FTP, of V4 TCP/IP for AS/400: More Cool Things Than Ever (about 744 pages) for another example. Batch FTP: A simple example The following is a simple example of a batch file transfer that involves the successful transfer of one file from a remote system. The components are as follows: v A CL program v An input file of FTP commands v An output file of FTP messages The CL Program ************************************************************ ITSOLIB1/QCLSRC BATCHFTP: ---------------------PGM OVRDBF FILE(INPUT) TOFILE(ITSOLIB1/QCLSRC) MBR(FTPCMDS) OVRDBF FILE(OUTPUT) TOFILE(ITSOLIB1/QCLSRC) MBR(OUT) FTP RMTSYS(SYSxxx) ENDPGM ************************************************************ Note: To make this sample work when written with ILECL, you must add OVRSCOPE(*CALLLVL) to the OVRDBF commands. The BATCHFTP program overrides the INPUT parameter to the source physical file ITSOLIB1/QCLSRC MBR(FTPCMDS). The output is sent to MBR(OUT). The Input Commands File ************************************************************ ITSOLIB1/QCLSRC FTPCMDS: --------------------ITSO ITSO CD ITSOLIB1 SYSCMD CHGCURLIB ITSOLIB2 GET QCLSRC.BATCHFTP QCLSRC.BATCHFTP (REPLACE QUIT ************************************************************ The FTP subcommands required are shown in the FTPCMDS file. The Output Messages File FTP 29 ************************************************************ FTP Output Redirected to a File FTP Input from Overridden File Connecting to host name SYSxxx at address x.xxx.xx.xxx using port 21. 220-QTCP at SYSxxx.sysnam123.ibm.com. 220 Connection will close if idle more than 5 minutes. Enter login ID (itso): > ITSO ITSO 331 Enter password. 230 ITSO logged on. OS/400 is the remote operating system. The TCP/IP version is “V3R1M0”. 250 Now using naming format “0”. 257 “QGPL” is current library. Enter an FTP subcommand. > CD ITSOLIB1 Enter an FTP subcommand. 250 Current library changed to ITSOLIB1. > SYSCMD CHGCURLIB ITSOLIB2 Enter an FTP subcommand. > GET QCLSRC.BATCHFTP QCLSRC.BATCHFTP (REPLACE 200 PORT subcommand request successful. 150 Retrieving member BATCHFTP in file QCLSRC in library ITSOLIB1. 250 File transfer completed successfully. 147 bytes transferred in 0.487 seconds. Transfer rate 0.302 KB/sec. Enter an FTP subcommand. > QUIT 221 QUIT subcommand received. ************************************************************ The output file is shown. It is a straightforward matter to write a program to process this file and display an error message on QSYSOPR if there are any error messages. FTP error messages have numbers that start with a 4 or 5. Batch FTP: A Complex Example The following example shows how to retrieve files from several remote hosts to a central iSeries in batch mode: 30 iSeries: FTP * User GWIL on iSeries SYSNAM03 wants to: 1. Retrieve files from hosts SYSNAMRS (RS/6000R) and MVAX (VAX). 2. After retrieving the file from SYSNAMRS, the file should be transferred to SYSNAM02 (another iSeries) using FTP. 3. From there the file is to be sent using TCP/IP to iSeries SYSNAM14. Create a CL Program to Start FTP 1. As we have seen in the previous example, FTP uses the display station for command INPUT and message OUTPUT, and this needs to be overridden for use in batch mode. We use the OVRDBF command to overwrite these files with the ones to be used in batch: OVRDBF FILE(INPUT) TOFILE(GERRYLIB/QCLSRC) MBR(FTPCMDS) OVRDBF FILE(OUTPUT) TOFILE(GERRYLIB/QCLSRC) MBR(FTPLOG) 2. A host name or an internet address is a required parameter for the STRTCPFTP command that is included in the CL program file. However, if one wants to specify the remote systems in the input commands file instead of the CL program file, then a dummy host name must be specified for the STRTCPFTP command to satisfy the required syntax. This dummy name may be a fictitious host name or a real host name. If it is a real name, then the first entry in the input commands file must be a user ID and a password, and the second entry must be the CLOSE subcommand. If it is not a real host name, then these entries are not required, and the first entry should be an OPEN subcommand to connect to the desired server system. FTP 31 FTP RMTSYS(LOOPBACK) FTP processes the input file and writes messages to the output file (FTPLOG). 3. After the FTP application ends, delete the overrides: DLTOVR FILE(INPUT OUTPUT) The CL program for batch FTP will look like the following example on system SYSNAM01: ___________________________________________________________________________________ | | | Columns . . . : 1 71 Browse GERRYLIB/QCLSRC | | SEU==> FTPBATCH | | FMT ** ...+... 1 ...+... 2 ...+... 3 ...+... 4 ...+... 5 ...+... 6 ...+... 7 | | *************** Beginning of data ************************************* | | 0001.00 PGM | | 0002.00 OVRDBF FILE(INPUT) TOFILE(GERRYLIB/QCLSRC) + | | 0003.00 MBR(FTPCMDS) | | 0004.00 OVRDBF FILE(OUTPUT) TOFILE(GERRYLIB/QCLSRC) + | | 0005.00 MBR(FTPLOG) | | 0006.00 FTP RMTSYS(LOOPBACK) /* (FTP CL Program) */ | | 0007.00 DLTOVR FILE(INPUT OUTPUT) | | 0008.00 ENDPGM | | ****************** End of data **************************************** | | | | | | F3=Exit F5=Refresh F9=Retrieve F10=Cursor F12=Cancel | | F16=Repeat find F24=More keys | | (C) COPYRIGHT IBM CORP. 1981, 1994. | | | |___________________________________________________________________________________| Figure 1. CL Program FTPBATCH for Batch FTP. Create the FTP Input File (FTCPDMS) This file has to contain all the FTP client subcommands necessary to connect and log on to the server, set up for and do the file transfers, close the server connection, and end the client session. The example in below shows the subcommands used for transferring files to two different remote systems. | | | | | | | | | | | | | | | | | | | | | | | | | | ___________________________________________________________________________________ | Columns . . . : 1 71 Browse GERRYLIB/QCLSRC | SEU==> FTPCMDS | FMT ** ...+... 1 ...+... 2 ...+... 3 ...+... 4 ...+... 5 ...+... 6 ...+... 7 | *************** Beginning of data ************************************* | 0001.00 gwil **** | 0002.00 close | 0003.00 open sysnamrs | 0004.00 user root root | 0005.00 ascii | 0006.00 syscmd dltf file(gerrylib/rs6) | 0007.00 get /Itsotest gerrylib/rs6.rs6 | 0008.00 close | 0009.00 open mvax | 0010.00 user tester tester | 0011.00 get screen1.file gerrylib/vax.vax (replace | 0012.00 close | 0013.00 open sysnam02 | 0014.00 user gwil **** | 0015.00 ebcdic | 0016.00 put gerrylib/rs6.rs6 gerrylib/rs6.rs6 | 0017.00 quote rcmd sndnetf file(gerrylib/rs6) tousrid((gwil sysnam14)) | 0018.00 close | 0019.00 quit | ****************** End of data **************************************** | F3=Exit F5=Refresh F9=Retrieve F10=Cursor F12=Cancel | 32 iSeries: FTP | F16=Repeat find F24=More keys | | | |___________________________________________________________________________________| Figure 2. Transferring files to two remote systems. It is a command listed in the iSeries FTP manual, but the function of the command appears to have changed between V4R3 and V5R2. We are just trying to find out the. ISeries 400 FTP client supports these parameters and parameter options for the LOCSITE subcommand. 64 iSeries: FTP. USER (Send Your User ID to the Remote System). RCMD (Send a CL Command to an FTP Server System). v Has the V5R1 or later TCP/IP Connectivity Utilities (5722-TC1) installed on the iSeries server. 4 iSeries: FTP. Admin Alert: A Simple Batch FTP Tutorial. by Joe Hertvik. In previous Admin Alerts, I've written about using FTP as an attended process during which someone sits at.
0 Комментарии
View and Download IDEAL MINI C24 user manual online. IDEAL INDUSTRIES Boiler User Manual. IDEAL MINI C24 User Manual. Boiler IDEAL MINI HE C24 User Manual. Combi Instant 80 HE IDEAL MINI C24 Manual. User's Manual: (4. Looking for product. Download Boilers Instruction Manual of Burnham SERIES 2 for free. Ideal Mini He C28 Boiler Manual. Isar, Ideal boiler, installation and servicing manual, instruction book IDEAL MINI HE C24 C28 & C32 BOILER THERMISTOR. Manual Archive: Ideal (Caradon Ideal Stelrad). mini C24,28,32,S24,28 inst; mini HE C24,C28; mini HE; Ideal Combi Mini; Minimiser. minimiser ff30-80; minimiser se30-80;. Boiler IDEAL MINI HE C24 User Manual. Ideal industries boiler user Ideal boilers installation and service manual (36 pages). Boiler IDEAL Logic+ Combi 24.Download IDEAL MINI C24 User's Manual to your computer. Baxi 105 HE Manual Installation Manual: (56. Instruction Manual. Your ip blocked due to suspicious activity. Please enter CAPTCHA Boiler IDEAL MINI HE C24 User Manual Boiler IDEAL Independent +. IDEAL MINI BOILER INSTRUCTION MANUAL. Ideal Boilers Boiler Manuals, Gas Manuals. IDEAL MINI C24 PDF User's Manual Download & Online Preview. Baxi 105 HE Manual Installation Manual. Instruction Manual. OLEVIA 237T OWNERS MANUAL Did you searching for Olevia 237t Owners Manual? This is the best place to read olevia 237t owners manual before service or repair your.Your ip blocked due to suspicious activity. Please enter CAPTCHA Download Syntax Olevia 237T (televisions) manuals. Filetype: PDF, Download: 1,973 times. Olevia 237-t12 Manual Search, Manuals & Repair Help. Select. Model Number CABINET PARTS diagram for model # 237T12-EGS34 Olevia-Parts Television-Parts (22). Olevia 237t User Manual To ensure the correct usage. Owners manual kawasaki er6f · Ownwners manual air compressors direct en espaol. Olevia 237t User Manual. User manuals, owners. olevia 232 t11 firmware download. olevia 427 s11 firmware upgrade. olevia 32 olevia 323 s13 driver. olevia 747i remote code. tivo series 3 tv code. Free download of Olevia 237T User Manual. Troubleshooting help from experts and users. Ask our large community for support.
Meade Instruments: A world leader in the manufacturing of Telescopes, Solar Telescopes, Microscopes, Optics, Binoculars, for amateur astronomers and hobbyists. The Meade ETX-90 is a top-of-the-line telescope that will transform you from a first-time star gazer to an experienced astronomer. Read on to learn more. Manual Meade ETX-90EC manual download. Details: Name of device: Meade ETX-90EC Manufacturer: Meade File size: 834 KB Document type: User guide, user manual. Meade ETX-90EC Pdf User Manuals. View online or download Meade ETX-90EC Instruction Manual. Free download of Meade ETX-90EC User Manual. Troubleshooting help from experts and users. Ask our large community for support. Amazon.com : Meade ETX90EC Telescope w/Electronic Controller : Catadioptric Telescopes : Camera & Photo. View and Download Meade ETX-90EC instruction manual online. Astro Telescope. ETX-90EC Telescope pdf manual download. Your ip blocked due to suspicious activity. Please enter CAPTCHA Meade Telescope Manual Etx-90ec The Meade ETX-90 Maksutov-Cassegrain Telescope is a quality astronomy equipment component. Shop online - 100% satisfaction guaranteed! Your ip blocked due to suspicious activity. Please enter CAPTCHA Product detail -- J7934G:HP Jetdirect 620n Fast Ethernet Print Server Includes features, specifications and warranty information, as well links to technical support. HP Jetdirect Print Servers. For any devices listed in the Manual Intervention subfolder. J7934A HP Jetdirect 620n EIO Internal Print Server. Hp J7934A - JetDirect 620n Print Server Pdf User Manuals. View online or download Hp J7934A - JetDirect 620n Print Server Manual. With advanced security and industry-leading performance, the HP Jetdirect 620n Fast Ethernet Internal Print Server enables businesses to share HP printers with EIO. Hp Jetdirect J7934a ManuallyHp Jetdirect J7934a Manual ArtsProduct detail -- J7934G:HP Jetdirect 620n Fast Ethernet Print Server Includes features, specifications and warranty information, as well links to technical support. ENWW Introducing the HP Jetdirect Print Server 9 If not supplied with this product, HP network setup and management software for supporte d systems may be obtained from. Hp Jetdirect 620n Manual Hp jetdirect 620n print server setup guide (56 pages). Printer HP 170X - JetDirect Print Server Hardware Installation Manual. HP Jetdirect Print Servers - Update firmware for a single JetDirect Print Server using Jetdirect EWS or FTP. Подпишитесь на запрос jvc gr c1u, и объявления в этой теме появятся в ленте eBay. Вы также будете получать эл. уведомления. Отмените подписку на jvc gr c1u, и соответствующие объявления исчезнут из ленты eBay. Поздравляем! Теперь вы подписаны на jvc gr c1u в ленте eBay. Получать по эл. почте новые объявления в этой теме Instruction Manual Jvc Camcorder Accidental droppage can destroy an ordinary camcorder. JVC GR-C1U. jvc digital video camera instruction manual jvc digital. JVC: AL-L20RBK: JVC AL-L20RBK Service Manual: $12.95. JVC: GR-C1U: JVC GR-C1U: $10.00. JVC PC-V2/J Service Manual: $13.95: Buy Now: JVC: PC-X300. Product: Service Manual Addition for JVC Model GR-C1U. Includes sections 9, 10, 11 covering: Diagrams and Circuit Boards Exploded Views and Parts List. JVC VMðeoMovie GR-qu Format: Power source. Power consumption: Signal system. Recording system. Cassette. Tape speed. Recording time: Video output. Jvc Camcorder Manual Built-In Wi-Fi takes this JVC camcorder to the next level. Stream wirelessly to a compatible network TV. Secure your memories with easy one-touch. Find great deals on eBay for jvc gr c1u jvc vhs camera. Shop with confidence. jvc gr c1u By JVC and was notable at the Total Rewind website, Owner manual for camcorder JVC GR-C1U. Camcorder JVC Everio GZ-HM300 User Manual. Jvc hd memory. The JVC GR-C1 was a camcorder released in March 1984 by JVC and was notable as the first all-in-one VHS camcorder, as opposed to earlier portable systems where the. Pyle Pro Pt-1200 ManualBrother PT-1200 P-touch Machine User's Manual. This Brother p-touch user's guide is a product download and the download link is provided below; file is in.pdf format. Random video: Whats new in this version Version 3. Sartorius Pt 1200 Manual kept your screen from burning in, but they also provided a way to really personalize the personal computer, which was a pretty stodgy affair Sartorius Pt 1200 Manual the time. Please keep this manual in a handy place for future reference. Good luck! We hope you enjoy making beautiful custom labels. USP4839742 USP4983058 USP5120147 USP4927278 USP5009530 USP4976558 USP5069557 Enter key Space key Back cover Batteries Cassette release lever Tape exit slot Tape cassette Print head INTRODUCTION MODEL PT-1200. PtouchDirect.com - Brother PT1200 P-touch Label Printer User's Guide - Owner's Manual.
User’s Manual of POE-1200G / POE2400G 1.3 How to Use This Manual. This User Manual is structured as follows: Section 2, Installation It explains the functions of PoE Injector Hub and how to physically install the PoE Injector Hub. Sartorius PT 1200 Service Information. To request information on the Sartorius PT 1200, please fill out the contact form below. One of our representatives will contact you shortly afterward to provide you with the information you requested. View, read and download owner's manual for PIONEER DEH-1600RB, learn how to repair it, fix failures or solve other issues.
DEH-1600RB; D4Q Digital AM/FM RDS Tuner: Wired remote control input: CD-R/RW compatible: 4 x 45W Amplifier. Track/Manual search: Yes/Yes: Last position memory: Yes. Your ip blocked due to suspicious activity. Please enter CAPTCHA Pioneer DEH-1600RB manual (user guide) is ready to download for free. DEH-1600RB DEH-1600R DEH-1630R 87.8 (0.7 V) 15,531 1,20,W x x 25 2.x 50 x x 58 x 19. Pioneer DEH-1600RB Pdf User Manuals. View online or download Pioneer DEH-1600RB Service Manual. This session will introduce JBoss Drools - Popular business rules engine and JBoss Drools Fusion - a complex event processing engine which is an extension. Use what you know about JPA and Drools 5 and learn even more while implementing a continuous, real-time data profiling application. DROOLS FUSION USER GUIDE This is an ebook in PDF format entitled drools fusion user guide latest available in ebook looking where it's peeling all about drools fusion. Drools-examples-fusion / drools-examples-drl (jBPM using parts) org.drools. The Drools flow Manual has been updated on how to implement these. Counter values reset. This isn't a term from the Drools Expert or Fusion manual. – laune Sep 30 '14 at 4:47. Drools Fusion support for persistent. Applying Drools Fusion Complex Event Processing (CEP) for Real-Time Intelligence. Fact life-cycles must be managed by the user, so retractions are manual. Drools introduces the Business Logic integration Platform which provides a unified and integrated platform for Rules, Workflow and Event Processing. Looking for the web application to accompany Drools Expert and Drools Fusion; an environment to author, test and deploy rules. KIE Drools Workbench (kie-drools-wb). 2.1.1. Maven artifactId changes 2.1.2. Knowledge API (renamed from Drools API) 2.1.3. Drools Expert and Fusion 2.1.4. jBPM 5 (merged from Drools Fusion and jBPM 3-4) 2.1.5. Drools and jBPM integration 2.1.6. Guvnor I've always stated that end business users struggle understanding the differences between rules and processes, and more recently rules and event processing. For them they have this problem in their mind and they just want to model it using some software. The traditional way of using two vendor offerings forces the business user to work with a process oriented or rules oriented approach which just gets in the way, often with great confusion over which tool they should be using to model which bit. PegaSystems and Microsoft have done a great job of showing that the two can be combined and a behavioural modelling approach can be used. This allows the business user to work more naturally where the full range of approaches is available to them, without the tools getting in the way. From being process oriented to rule oriented or shades of grey in the middle - whatever suites the problem being modelled at that time. Drools 5.0 takes this one step further by not only adding BPMN2 based workflow with Drools Flow but also adding event processing with Drools Fusion, creating a more holistic approach to software development. Where the term holistic is used for emphasizing the importance of the whole and the interdependence of its parts. Drools 5.0 is now split into 5 modules, each with their own manual - Guvnor (BRMS/BPMS), Expert (Rules), Fusion (CEP), Flow (Process/Workflow) and Planner. Guvnor is our web based governance system, traditionally referred to in the rules world as a BRMS. We decided to move away from the BRMS term to a play on governance as it's not rules specific. Expert is the traditional rules engine. Fusion is the event processing side, it's a play on data/sensor fusion terminology. Flow is our workflow module, Kris Verlaenen leads this and has done some amazing work; he's currently moving flow to be incorporated into jBPM 5. The fith module called Planner, authored by Geoffrey De Smet, solves allocation and scheduling type problem and while still in the early stage of development is showing a lot of promise. We hope to add Semantics for 2011, based around description logc, and that is being work on as part of the next generaion Drools designs. I've been working in the rules field now for around 7 years and I finally feel like I'm getting to grips with things and ideas are starting to gel and the real innovation is starting to happen. To me It feels like we actually know what we are doing now, compared to the past where there was a lot of wild guessing and exploration. I've been working hard on the next generation Drools Expert design document with Edson Tirelli and Davide Sottara. I invite you to read the document and get involved, http://community.jboss.org/wiki/DroolsLanguageEnhancements. The document takes things to the next level pushing Drools forward as a hybrid engine, not just a capable production rule system, but also melding in logic programming (prolog) with functional programming and description logic along with a host of other ideas for a more expressive and modern feeling language. I hope you can feel the passion that my team and I have while working on Drools, and that some of it rubs off on you during your adventures. 2.1.1. Maven artifactId changes 2.1.2. Knowledge API (renamed from Drools API) 2.1.3. Drools Expert and Fusion 2.1.4. jBPM 5 (merged from Drools Fusion and jBPM 3-4) 2.1.5. Drools and jBPM integration 2.1.6. Guvnor Drools now provides Prolog style derivation queries, as an experimental feature. What this means is that a query or the 'when' part of a rule may call a query, via a query element. This is also recursive so that a query may call itself. A query element must be prefixed with a question mark '?' which indicuates that we have a pattern construct that will pull data, rather than the normal reactive push nature of patterns. A key aspect of BC is unification. This is where a query parameter may be bound or unbound, when unbound it is considered an output variable and will bind to each found value. In the example below x and y are parameters. Unification is done by subsequent bindings inside of patterns. If a value for x is passed in, it's as though the pattern says "thing == x". If a value for x is not passed in it's as though "x: thing" and x will be bound to each found thing. Camel integration using the Drools EndPoint was improved with the creation of both DroolsConsumer and DroolsProducer components. Configurations were added to support the insertion of either Camel's Exchange, Message or Body into the Drools session, allowing for the easy development of dynamic content based routing applications. Also, support to entry points was added. Examples of routes: from( "direct:test-no-ep" ).to( "drools://node/ksession1?action=insertBody" ); from( "direct:test-with-ep" ).to( "drools://node/ksession1?action=insertBody&entryPoint=ep1" ); from( "direct:test-message" ).to( "drools://node/ksession1?action=insertMessage" ); from( "direct:test-exchange" ).to( "drools://node/ksession1?action=insertExchange" ); The Drools Flow project and the jBPM project have been merged into the the newest version of the jBPM project, called jBPM5. jBPM5 combines the best of both worlds: merging the experience that was build up with the jBPM project over several years in supporting stable, long-living business processes together with the improvements that were prototyped as part of Drools Flow to support more flexible and adaptive processes. Now that jBPM 5.0 has been released, the Drools project will be using jBPM5 as the engine to support process capabilities. Drools Flow as a subproject will no longer exist, but its vision will continue as part of the jBPM project, still allowing (optional but) advanced integration between business rules, business processes and complex event processing and a unified environment for all three paradigms. The impact for the end user however should be minimal, as the existing (knowledge) API is still supported, the underlying implementation has just been replaced with a newer version. All existing features should still be supported, and many more. For more information, visit http://www.jboss.org/jbpm Spring can be combined with Camel to provide declarative rule services. a Camel Policy is added from Drools which provides magic for injecting the ClassLoader used by the ksession for any data formatters, it also augments the Jaxb and XStream data formatters. In the case lf Jaxb it adds additional Drools related path info and with XStream it registers Drools related converters and aliases. You can create as many endpoints as you require, using different addresses. The CommandMessagBodyReader is needed to allow the payload to be handled by Camel. Camel routes can then be attached to CXF endpoints, allowing you control over the payload for things like data formatting and executing against Drools ksessions. The DroolsPolicy adds some smarts to the route. If JAXB or XStream are used, it would inject custom paths and converters, it can also set the classloader too on the server side, based on the target ksession. On the client side it automatically unwrapes the Response object. This example unmarshalls the payload using an augmented XStream DataFormat and executes it against the ksession1 instance. The "node" there refers to the ExecutionContext, which is a context of registered ksessions. The Drools endpoint "drools:node/ksession1" consists of the execution node name followed by a separator and optional knowledge session name. If the knowledge session is not specified the route will look at the "lookup" attribute on the incoming payload instace or in the head attribute "DroolsLookup" to find it. Drools has always had query support, but the result was returned as an iterable set; this makes it hard to monitor changes over time. We have now complimented this with Live Querries, which has a listener attached instead of returning an iterable result set. These live querries stay open creating a view and publish change events for the contents of this view. So now you can execute your query, with parameters and listen to changes in the resulting view. As a result, Drools Flow is not only the first open-source process engine that supports such a significant set of BPMN2 constructs natively, our knowledge-oriented approach also allows you to easily combine your BPMN2 processes with business rules and complex event processing, all using the same APIs and tools. Drools Flow processes can now also be managed through a web console. This includes features like managing your process instances (starting/stopping/inspecting), inspecting your (human) task list and executing those tasks, and generating reports. This console is actually the (excellent!) work of Heiko Braun, who has created a generic BPM console that can be used to support multiple process languages. We have therefore implemented the necessary components to allow this console to communicate with the Drools Flow engine. Drools Flow can persist the runtime state of the running processes to a database (so they don't all need to be in memory and can be restored in case of failure). Our default persistence mechanism stores all the runtime information related to one process instance as a binary object (with associated metadata). The data associated with this process instance (aka process instance variables) were also stored as part of that binary object. This however could generate problem (1) when the data was not Serializable, (2) when the objects were too large to persist as part of the process instance state or (3) when they were already persisted elsewhere. We have therefor implemented pluggable variable persisters where the user can define how variable values are stored. This for example allows you to store variable values separately, and does support JPA entities to be stored separately and referenced (avoiding duplication of state). The Drools build now exports an installer that simplifies installing the Eclipse plugin, Guvnor and the gwt-console. It creates and copies the necessary jars and wars and deploys them to the JBoss AS. It also includes a simple evaluation process example you can use to test your setup. For more info, download the drools installer and take a look at the readme within. Drools now has complete api/implementation separation that is no longer rules oriented. This is an important strategy as we move to support other forms of logic, such as workflow and event processing. The main change is that we are now knowledge oriented, instead of rule oriented. The module drools-api provide the interfaces and factories and we have made pains to provide much better javadocs, with lots of code snippets, than we did before. Drools-api also helps clearly show what is intended as a user api and what is just an engine api, drools-core and drools-compiler did not make this clear enough. The most common interfaces you will use are: Drools now supports a new base construct called Type Declaration. This construct fulfils two purposes: the ability to declare fact metadata, and the ability to dynamically generate new fact types local to the rule engine. The Guvnor modelling tool uses this underneath. One example of the construct is: Drools ReteOO algorithm now supports an option to start the rule base in a multi-thread mode, where Drools ReteOO network is split into multiple partitions and rules are then evaluated concurrently by multiple threads. This is also a requirement for CEP where there usually are several independent rules running concurrently, with near realtime performance/throughput requirements and the evaluation of one can not interfere with the evaluation of others. There are times when it is necessary to collect sets or lists of values that are derived from the facts attributes, but are not facts themselves. In such cases, it was not possible to use the collect CE. So, Drools now has two accumulate functions for such cases: collectSet for collecting sets of values (i.e., with no duplicate values) and collectList for collecting lists of values (i.e., allowing duplicate values): Facts that implement support for property changes as defined in the Javabean(tm) spec, now can be annotated so that the engine register itself to listen for changes on fact properties. The boolean parameter that was used in the insert() method in the Drools 4 API is deprecated and does not exist in the drools-api module. Drools 4.0 had simple "RuleFlow" which was for orchestrating rules. Drools 5.0 introduces a powerful (extensible) workflow engine. It allows users to specify their business logic using both rules and processes (where powerful interaction between processes and rules is possible) and offers a unified enviroment. Domain Specific Work Items are pluggable nodes that users create to facilitate custom task execution. They provide an api to specify a new icon in the palette and gui editor for the tasks properties, if no editor gui is supplied then it defaults to a text based key value pair form. The api then allows execution behaviour for these work items to be specified. By default the Email and Log work items are provided. The Drools flow Manual has been updated on how to implement these. The below image shows three different work items in use in a workflow, "Blood Pressure", "BP Medication", "Notify GP": Drools 4.0 used Xstream to store it's content, which was not easily human writeable. Drools 5.0 introduced the ePDL which is a XML specific to our process language, it also allows for domain specific extensions which has been talked about in detail in this blog posting "Drools Extensible Process Definition Language (ePDL) and the Semantic Module Framework (SMF)". An example of the XML language, with a DSL extension in red, is shown below. The underlying nodes for the framework are completely pluggable making it simple to extend and to implement other execution models. We already have a partial implementation for OSWorkflow and are working with Deigo to complete this to provide a migration path for OSWorkflow users. Other enhancements include exception scopes, the ability to include on-entry and on-exit actions on various node types, integration with our binary persistence mechanism to persist the state of long running processes, etc. Check out the Drools Flow documentation to learn more. It is now possible to migrate old Drools4 RuleFlows (using the xstream format) to Drools5 processes (using readable xml) during compilation. Migration will automatically be performed when adding the RuleFlow to the KnowledgeBase when the following system property is set: drools.ruleflow.port = true The "Transform" work item allows you to easily transform data from one format to another inside processes. The code and an example can be found in the drools-process/drools-workitems directory. Function imports are now also supported inside processes. The history log - that keeps the history of all executed process instances in a database - has been extended so it is now capable of storing more detailed information for one specific process instance. It is now possible to find out exactly which nodes were triggered during the execution of the process instance. A new type of join has been added, one that will wait until n of its m incoming connections have been completed. This n could either be hardcoded in the process or based on the value of a variable in the process. Improvements have been made to make persistence easier to configure. The persistence approach is based on a command service that makes sure that all the client invocations are executed inside a transaction and that the state is stored in the database after successful execution of the command. While this was already possible in M4 using the commands directly, we have extended this so that people can simply use the normal StatefulKnowledgeSession interface but simply can configure the persistence using configuration files. For more details, check out the chapter on persistence in the Drools Flow documentation. Event correlation and time based constraint support are requirements of event processing, and are completely supported by Drools 5.0. The new, out of the box, time constraint operators can be seen in these test case rules: test_CEP_TimeRelationalOperators.drl As seen in the test above, Drools supports both: primitive events, that are point in time occurrences with no duration, and compound events, that are events with distinct start and end timestamps. The complete list of operators are: Drools adopted a simplified syntax for time units, based on the ISO 8601 syntax for durations. This allows users to easily add temporal constraints to the rules writing time in well known units. Example: SomeEvent( this after[1m,1h30m] $anotherEvent ) The above pattern will match if SomeEvent happens between 1 minute (1m) and 1 hour and 30 minutes after $anotherEvent. Support multiple runtimes: The IDE now supports multiple runtimes. A Drools runtime is a collection of jars on your file system that represent one specific release of the Drools project jars. To create a runtime, you must either point the IDE to the release of your choice, or you can simply create a new runtime on your file system from the jars included in the Drools Eclipse plugin. Drools runtimes can be configured by opening up the Eclipse preferences and selecting the Drools -> Installed Drools Runtimes category, as shown below. New BRMS tool User friendly web interface with nice WEB 2.0 ajax features Package configuration Rule Authoring easy to edit rules both with guided editor ( drop-down menus ) and text editor Package compilation and deployment Easy deployment with Rule Agent Easy to organize with categories and search assets Versioning enabled, you can easily replace yours assets with previously saved JCR compliant rule assets repository As mentioned before Drools 4.0 is a major update over the previous Drools 3.0.x series. Unfortunately, in order to achieve the goals set for this release, some backward compatibility issues were introduced, as discussed in the mail list and blogs. This section of the manual is a work in progress and will document a simple how-to on upgrading from Drools 3.0.x to Drools 4.0.x. Drools provides an Eclipse-based IDE (which is optional), but at its core only Java 1.5 (Java SE) is required. A simple way to get started is to download and install the Eclipse plug-in - this will also require the Eclipse GEF framework to be installed (see below, if you don't have it installed already). This will provide you with all the dependencies you need to get going: you can simply create a new rule project and everything will be done for you. Refer to the chapter on the Rule Workbench and IDE for detailed instructions on this. Installing the Eclipse plug-in is generally as simple as unzipping a file into your Eclipse plug-in directory. Use of the Eclipse plug-in is not required. Rule files are just textual input (or spreadsheets as the case may be) and the IDE (also known as the Rule Workbench) is just a convenience. People have integrated the rule engine in many ways, there is no "one size fits all". Alternatively, you can download the binary distribution, and include the relevant jars in your projects classpath. knowledge-api.jar - this provides the interfaces and factories. It also helps clearly show what is intended as a user api and what is just an engine api. drools-core.jar - this is the core engine, runtime component. Contains both the RETE engine and the LEAPS engine. This is the only runtime dependency if you are pre-compiling rules (and deploying via Package or RuleBase objects). drools-compiler.jar - this contains the compiler/builder components to take rule source, and build executable rule bases. This is often a runtime dependency of your application, but it need not be if you are pre-compiling your rules. This depends on drools-core drools-jsr94.jar - this is the JSR-94 compliant implementation, this is essentially a layer over the drools-compiler component. Note that due to the nature of the JSR-94 specification, not all features are easily exposed via this interface. In some cases, it will be easier to go direct to the Drools API, but in some environments the JSR-94 is mandated. drools-decisiontables.jar - this is the decision tables 'compiler' component, which uses the drools-compiler component. This supports both excel and CSV input formats. There are quite a few other dependencies which the above components require, most of which are for the drools-compiler, drools-jsr94 or drools-decisiontables module. Some key ones to note are "POI" which provides the spreadsheet parsing ability, and "antlr" which provides the parsing for the rule language itself. NOTE: if you are using Drools in J2EE or servlet containers and you come across classpath issues with "JDT", then you can switch to the janino compiler. Set the system property "drools.compiler": For example: -Ddrools.compiler=JANINO. For up to date info on dependencies in a release, consult the released poms, which can be found on the maven repository. Download the Drools Eclipse IDE plugin from the link below. Unzip the downloaded file in your main eclipse folder (do not just copy the file there, extract it so that the feature and plugin jars end up in the features and plugin directory of eclipse) and (re)start Eclipse. http://www.jboss.org/drools/downloads.html To check that the installation was successful, try opening the Drools perspective: Click the 'Open Perspective' button in the top right corner of your Eclipse window, select 'Other...' and pick the Drools perspective. If you cannot find the Drools perspective as one of the possible perspectives, the installation probably was unsuccessful. Check whether you executed each of the required steps correctly: Do you have the right version of Eclipse (3.4.x)? Do you have Eclipse GEF installed (check whether the org.eclipse.gef_3.4.*.jar exists in the plugins directory in your eclipse root folder)? Did you extract the Drools Eclipse plugin correctly (check whether the org.drools.eclipse_*.jar exists in the plugins directory in your eclipse root folder)? If you cannot find the problem, try contacting us (e.g. on irc or on the user mailing list), more info can be found no our homepage here: http://www.jboss.org/drools / A Drools runtime is a collection of jars on your file system that represent one specific release of the Drools project jars. To create a runtime, you must point the IDE to the release of your choice. If you want to create a new runtime based on the latest Drools project jars included in the plugin itself, you can also easily do that. You are required to specify a default Drools runtime for your Eclipse workspace, but each individual project can override the default and select the appropriate runtime for that project specifically. You are required to define one or more Drools runtimes using the Eclipse preferences view. To open up your preferences, in the menu Window select the Preferences menu item. A new preferences dialog should show all your preferences. On the left side of this dialog, under the Drools category, select "Installed Drools runtimes". The panel on the right should then show the currently defined Drools runtimes. If you have not yet defined any runtimes, it should like something like the figure below. To define a new Drools runtime, click on the add button. A dialog as shown below should pop up, requiring the name for your runtime and the location on your file system where it can be found. In general, you have two options: After clicking the OK button, the runtime should show up in your table of installed Drools runtimes, as shown below. Click on checkbox in front of the newly created runtime to make it the default Drools runtime. The default Drools runtime will be used as the runtime of all your Drools project that have not selected a project-specific runtime. You can add as many Drools runtimes as you need. For example, the screenshot below shows a configuration where three runtimes have been defined: a Drools 4.0.7 runtime, a Drools 5.0.0 runtime and a Drools 5.0.0.SNAPSHOT runtime. The Drools 5.0.0 runtime is selected as the default one. Note that you will need to restart Eclipse if you changed the default runtime and you want to make sure that all the projects that are using the default runtime update their classpath accordingly. Whenever you create a Drools project (using the New Drools Project wizard or by converting an existing Java project to a Drools project using the "Convert to Drools Project" action that is shown when you are in the Drools perspective and you right-click an existing Java project), the plugin will automatically add all the required jars to the classpath of your project. When creating a new Drools project, the plugin will automatically use the default Drools runtime for that project, unless you specify a project-specific one. You can do this in the final step of the New Drools Project wizard, as shown below, by deselecting the "Use default Drools runtime" checkbox and selecting the appropriate runtime in the drop-down box. If you click the "Configure workspace settings ..." link, the workspace preferences showing the currently installed Drools runtimes will be opened, so you can add new runtimes there. You can change the runtime of a Drools project at any time by opening the project properties (right-click the project and select Properties) and selecting the Drools category, as shown below. Check the "Enable project specific settings" checkbox and select the appropriate runtime from the drop-down box. If you click the "Configure workspace settings ..." link, the workspace preferences showing the currently installed Drools runtimes will be opened, so you can add new runtimes there. If you deselect the "Enable project specific settings" checkbox, it will use the default runtime as defined in your global preferences. As Drools is an open source project, instructions for building from source are part of the manual ! Building from source means you can stay on top with the latest features. Whilst aspects of Drools are quite complicated, many users have found ways to become contributors. Drools works with JDK1.5 and above. you will need also need to have the following tools installed. Minimum requirement version numbers provided. Now that we have the source the next step is to build and install the source. Since version 3.1 Drools uses Maven 2 to build the system. There are two profiles available which enable the associated modules "documentation" and "Eclipse"; this enables quicker building of the core modules for developers. The Eclipse profile will download Eclipse into the drools-Eclipse folder, which is over 100MB download (It depends on your operating system), however this only needs to be done once; if you wish you can move that Eclipse download into another location and specify it with -DlocalEclipseDrop=/folder/jboss-drools/local-Eclipse-drop-mirror. The following builds all the jars, the documentation and the Eclipse zip with a local folder specified to avoid downloading Eclipse: The NYS Department of Motor Vehicles (DMV) may issue a commercial driver license (CDL) to applicants who are New York residents and already have a Class D, Class E. Drivers license & ID card information - find information on obtaining a driver's license or a state ID card, listed by state. N E W Y O R K S T A T E D E P A R T M E N T O F M O T O R V E H I C L E S Driver’s Manual PART ONE - Information for Drivers and Vehicle Owners Chapter 1 - Driver Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6 Types of License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6 When You Apply for Your First License . . . . . . . . . . . . . . . . . . . . . . . . .8 Non-Resident and New Resident Drivers . . . . . . . . . . . . . . . . . . . . . .15 License Renewal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15 Change of Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16 Learner Permit and Junior Operator Restrictions . . . . . . . . . . . . . .16 Driver Education . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20 TABLE OF CONTENTS Chapter 2 – How to Keep Your License . . . . . . . . . . . . . . . . . . . . .21 Special Rules for Drivers with Junior Permits & Licenses . . . . . . .21 Probation Period for All Other New Licensed Drivers . . . . . . . . . .22 If You Receive A Traffic Ticket . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22 Traffic Tickets Received Out of State . . . . . . . . . . . . . . . . . . . . . . . . . .23 Mandatory Suspension or Revocation . . . . . . . . . . . . . . . . . . . . . . . .23 The Point System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25 Traffic Crashes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26 Fees and Civil Penalties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27 Driver Responsibility Assessments . . . . . . . . . . . . . . . . . . . . . . . . . . . .27 Driving While Suspended or Revoked . . . . . . . . . . . . . . . . . . . . . . . . .28 Chapter 3 – Owning a Vehicle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 Registration and Title . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 Registration Renewal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32 Resident and Non-Resident Responsibility . . . . . . . . . . . . . . . . . . . .34 Inspection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34 Complaints Against Businesses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35 PART TWO - Rules of the Road Chapter 4 - Traffic Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37 Signs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37 Traffic Signals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39 Pavement Markings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41 Traffic Officers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43 Chapter 5 - Intersections and Turns . . . . . . . . . . . . . . . . . . . . . . . .45 Right-of-Way . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Emergency Vehicles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46 Blue, Green and Amber Lights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47 Turns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47 U-Turns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49 Chapter 6 – How to Pass . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52 How to Pass on the Left . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52 How to Pass on the Right . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53 Being Passed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54 School Buses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54 Chapter 7 - Parallel Parking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56 How to Park . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56 How to Park on a Hill . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57 How to Pull Out From Parallel Parking . . . . . . . . . . . . . . . . . . . . . . . .57 Parking Regulations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58 Reserved Parking for the Disabled . . . . . . . . . . . . . . . . . . . . . . . . . . . .59 PART THREE - Safe Driving Tips Chapter 8 - Defensive Driving . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61 Be Prepared and Look Ahead . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61 Aggressive Drivers and Road Rage . . . . . . . . . . . . . . . . . . . . . . . . . . . .62 Road Rage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .63 Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64 Allow Yourself Space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64 Seat Belts, Child Safety Seats, and Air Bags . . . . . . . . . . . . . . . . . . . .65 How to Drive Safely in Work Zones . . . . . . . . . . . . . . . . . . . . . . . . . . .67 How to Drive Through a Roundabout . . . . . . . . . . . . . . . . . . . . . . . . .67 Drowsy and Fatigued Driving . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68 Using a Cellular or Mobile Telephone . . . . . . . . . . . . . . . . . . . . . . . . .70 Vehicle Condition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70 TABLE OF CONTENTS Chapter 9 - Alcohol and Other Drugs . . . . . . . . . . . . . . . . . . . . . . .72 What Alcohol Does . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72 Other Drugs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73 Alcohol, Other Drugs and the Law . . . . . . . . . . . . . . . . . . . . . . . . . . . .74 Your BAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .74 Chemical Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75 The Consequences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77 A Few Important Reminders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79 How to Avoid Trouble . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80 Chapter 10 - Special Driving Conditions . . . . . . . . . . . . . . . . . . . .81 Expressway Driving . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81 Night Driving . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82 Driving in Rain, Fog, or Snow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83 How to Drive in Winter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84 How to Avoid Collisions With Deer . . . . . . . . . . . . . . . . . . . . . . . . . . .85 Driving Emergencies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86 Chapter 11 – Sharing the Road . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89 Pedestrians and Skateboarders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89 Bicyclists and In-line Skaters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90 Motorcyclists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .91 Moped Operators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92 Large Vehicles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92 Slow-Moving Vehicles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96 All-Terrain Vehicles and Snowmobiles . . . . . . . . . . . . . . . . . . . . . . . .96 Horse Riders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96 Chapter 12 - If You Are in a Traffic Crash . . . . . . . . . . . . . . . . . . .98 At the Scene . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98 Emergency First-Aid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99 Reports to DMV . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100 DMV Consumer Directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101 State DMV Offices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101 County DMV Offices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102 DMV Call Centers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .104 Important DMV Addresses and Telephone Numbers . . . . . . . . .104 Road Signs (Back Cover) PART 1 INFORMATION FOR DRIVERS AND VEHICLE OWNERS CHAPTER 1 Driver Licenses You must have a valid driver license to drive legally in New York State. If you reside in and hold a valid license from another state or nation, you can drive legally in New York State. Even if you are licensed somewhere else, people under age 16 can not drive in New York State. Drivers who have moved here must turn in their out-of-state driver license and get a New York State license within 30 days after you become a permanent resident. In most cases, it is illegal to hold a New York State driver license and a driver license from another state. It is also a violation of Federal law to hold more than one commercial driver license (CDL). It is a crime to alter or forge any motor vehicle document, including a driver license. This may cause suspension or revocation of the driver license and criminal prosecution resulting in a fine or imprisonment. ■ TYPES OF LICENSES New York State recognizes six types of non-commercial driver licenses. The information in this chapter applies to passenger car and motorcycle licenses. Information about commercial driver licenses can be found in the Commercial Driver’s Manual (CDL-10). This is available from the DMV Internet Office, from a DMV Call Center or at any motor vehicle office. You must have a CDL if you drive any vehicle that: 4 Has a manufacturer’s gross vehicle weight rating (GVWR) or gross combination weight rating (GCWR) of more than 26,000 pounds (11,794 kg); or, 4 Pulls a trailer that has a GVWR of more than 10,000 pounds (4,536 kg) and the GCWR of the pulling vehicle plus the trailer is more than 26,000 lbs. (11,794 kg); or, 6 4 Is made or used to carry 15 or more persons, not including the driver; or, 4 Regardless of seating capacity, is defined as a bus by Article 19-A of the Vehicle and Traffic Law (including vehicles that carry school children or disabled people); or, 4 Carries hazardous materials required by federal law to contain a placard. The non-commercial driver licenses in this manual are: Operator, Class D - Minimum age is 18, or age 17 with driver education (see Driver Education). Allows you to drive a vehicle with a manufacturer’s gross vehicle weight rating (GVWR) of 26,000 lbs. (11,794 kg) or less, and a tow vehicle with a GVWR of 10,000 pounds. (4,536 kg) or less, if the gross combination weight rating (GCWR) of the two vehicles together is no more than 26,000 pounds. (11,794 kg). You can also operate Class B and C mopeds with this driver license. Limited Junior Operator/Junior Operator, Class DJ - Minimum age is 16. Allows you to drive the same vehicles as a Class D license with some restrictions. Non-CDL Class C - Minimum age is 18. Allows you to drive some vehicles with a GVWR and tow vehicle combinations up to 26,000 pounds (11,794 kg) that do not require a CDL endorsement. Taxi/Livery, Class E - Minimum age is 18. Allows you to drive the same vehicles as a Class D license, and transport passengers for hire in a vehicle designed or used to carry 1or fewer passengers. If the vehicle is defined as a bus under Article 19-A of the Vehicle and Traffic Law (e.g., a school car or a van that transports physically or mentally disabled persons), regardless of seating capacity, you must have a CDL. Motorcycle, Class M - Minimum age is 18, or age 17 with driver education (see Driver Education). Allows you to drive motorcycles and mopeds. Limited Junior Motorcycle/Junior Motorcycle, Class MJ - Minimum age is 16. Allows you to drive the same vehicles as a Class M license with some restrictions. Note: If you have a motorcycle license and another type of driver license, both classes will be listed on one document (e.g., “Class DM”). Enhanced Driver License - Can be used for land and sea border crossings to and from the U.S., Canada, Mexico, Bermuda and the Caribbean. This license can be used instead of a passport as an identity and Citizenship document at these crossings and for air travel within the U.S. This is an option for NYS residents who are U.S. citizens. Commercial driver licenses and motorcycle licenses can be issued as an EDL. Driver Education (To Change Your Class DJ or MJ License to Class D or M) You can apply to change your junior driver license to a full license at age 17 if you received a Student Certificate of Completion (MV-285) from an approved driver education course. Apply at any motor vehicle office. Otherwise, your junior license will automatically become a full license when you become 18 years old and you do not need to apply for a license change. 7 Recreational Vehicle or “R” endorsement - Recreational vehicles, with or without air brakes, are not defined as commercial vehicles. You can apply for an “R” endorsement for your Class D, Class E or non-CDL Class C driver license to allow you to operate a recreational vehicle (RV) with a Gross Vehicle Weight Rating of over 26,000 pounds (11,794 kg). An “R” endorsement also allows you to drive a rental vehicle with a length of more than 40 feet for the transportation of personal household products. To get an “R” endorsement: Submit a completed Application for Driver License or ID Card (MV-44), indicating a license amendment, to a state or county motor vehicle office; pay a permit fee, which is valid for a maximum of two road tests; and pass a road test in the size and type of vehicle you will drive. No written test is required. For the road test, a driver who is at least 21 with a license valid for the vehicle you will drive during the test must accompany you. (e.g., a driver license with an “R” endorsement or the correct Commercial Driver License). The road test will take approximately 15 minutes and will include turns, intersections and backing the vehicle to the curb. When you pass the road test, you must go to a motor vehicle office and pay the required fee to complete the license amendment process. ■ WHEN YOU APPLY FOR YOUR FIRST LICENSE The information and required application forms you need to apply for a learner permit or driver license are available at any motor vehicle office. You can also request them from a DMV Call Center, and from the DMV Internet Office. To apply for a learner permit or driver license you must complete an Application for Driver License (MV-44). You must pass a vision and written test and pay the application and license fees. Most drivers also must complete an approved 5-hour classroomtraining course and pass a road test. For more information about how to apply for and receive a license to drive a motorcycle or a commercial vehicle that requires a CDL, refer to the Motorcycle Operator’s Manual (MV-21MC) or the Commercial Driver’s Manual (CDL-10). You must bring your completed application to any motor vehicle office, show the required proof of name and date of birth, provide your Social Security card and pay the correct fee. Your first New York State driver license will be issued for a period not to exceed 5 years, on your month and day of birth. Your fee for a learner permit and license in Class D, DJ, M or MJ will be based on your age and date of birth. Proof of Identity and Age For your protection, DMV must be sure who you are. As part of the application, you must provide your Social Security card. You must present documents that prove your name and age. All proofs must be in English or accompanied by a certified 8 English translation. The list of acceptable documents and assigned point values, described below, are on forms License/Permit/ID Instructions (MV-44.1) and Proofs of Identity (ID-44) available from the DMV Internet Office, from a DMV Call Center by request or at any motor vehicle office. Proof of Name Documents that prove your name are assigned a point value. You must present proofs that total six points or more. At least one of the proofs must have your signature. Examples of common proofs and their point values are listed below. Each document below has a value of 6 points: 4 New York State Photo Driver License/Permit/Non-Driver ID Card The document below has a value of 4 points: 4 If Under Age 21 — Statement of Identity by Parent/Guardian (MV-45) (see special instructions and requirements on the DMV form). Proof of date of birth and an original Social Security card are required for the applicant. 4 U.S. Passport, must be valid Each document below has a value of 3 points: 4 Foreign passport - in English and with a U.S. Visa and valid I-9 or unexpired I-551 stamp or statement on visa. If the document is not in English, a certified translation by the embassy or consulate of the issuing country is required. See the publication Proofs of Identity (ID-44). 4 Valid U.S. Re-entry Permit (I-327) 4 Valid U.S. Refugee Travel Document (I-571) 4 Permanent Resident Identification Card (INS I-551) 4 Certificate of Citizenship or Certificate of Naturalization (N-550, N-560, N-561, N-570, N-578 or N-645) 4 Valid U.S. Employment Authorization Card (INS I-688B or I-766, with photo) 4 U.S. Military Photo Identification Card (issued to military personnel only) 4 NYS. Medicaid/Benefit/Food Stamp Card, with photo (or, 2 points without photo) Each document below has a value of 2 points: 4 Photo Driver License issued by another U.S. state, jurisdiction, territory or possession, or, a Canadian province or territory (must be in effect at least 6 months and not expired for more than 12 months) 4 U.S. Military Dependent Photo ID card 4 NYS DMV Non-Photo Interim License or Computer Generated Learner Permit 9 4 NYS Vehicle Certificate of Title 4 NYS Vehicle or Boat Registration Document 4 U.S. High School ID With Report Card 4 U.S. Social Security Card (must have your signature) 4 U.S. College ID With Photo and Transcript 4 NYS Professional License 4 U.S. Marriage or Divorce Record or Court-Issued Name Change Document 4 NYS or New York City Pistol Permit 4 St. Regis Mohawk Tribe identification card Each document below has a value of 1 point: 4 Valid U.S. Major Credit Card, or 4 U.S. Cash (ATM) Card (with pre-printed name and signature), or 4 U.S. Canceled Check (with your pre-printed name), or 4 U.S. Bank/Financial Institution Statement/Record 4 U.S. Employee Identification Card 4 U.S. Computerized Pay Stub (must include your name) 4 U.S. Supermarket Check Cashing Card (must have your pre-printed name and signature) 4 U.S. Insurance Policy (in effect at least two years) 4 U.S. Health Insurance Card/Prescription Card 4 U.S. Utility Bill (must have your name and address) 4 W-2 Form (must include Social Security Number) 4 U.S. Union Card 4 U.S. High School Diploma or General Equivalency Diploma (GED) 4 Veteran Universal Access Photo Identification Card Proof of Age You must prove your date of birth. The DMV will accept the original or certified copy of ANY ONE of these documents from the issuing agency: 4 Birth Certificate issued and certified by the U.S. Department of State or a Board of Health or Bureau of Vital Statistics in the U.S., its territories or possessions 4 Certificate of Birth Registration issued by the Department of Health of New York State or New York City 4 St. Regis Mohawk Tribe identification card plus a birth certificate issued by Canada 10 4 U.S. Military Photo Identification Card 4 U.S. Passport 4 Foreign Passport (with INS documentation) or Immigration Documents See the publication Proofs of Identity (ID-44) for details 4 Certification of Citizenship or Certificate of Naturalization Vision and Written Tests To pass the vision test, you must have 20/40 vision in at least one eye with or without corrective lenses. If you cannot pass this test or if you wear special lenses, contact a DMV Call Center for additional instruction. The written test for a Class D, M, DJ, MJ or E license examines knowledge of the rules of the road, safe driving techniques, road signs and the laws about alcohol and drug use while driving. To pass the written test, you must correctly answer at least 14 of the 20 questions asked, but you must correctly answer two of the four questions about road signs. You can practice for the written test with the questions included in this Driver’s Manual and you can take practice quizzes on-line at the DMV Web site. (dmv.ny.gov) If you require a motorcycle license, also study the Motorcycle Operator’s Manual (MV-21MC). There is a separate commercial driver license written test for a CDL Class A, B, or C. If you want to apply for a commercial driver license, also study the Commercial Driver Manual (CDL-10). Online Knowledge Test Application Before they apply for a learner permit, students who are at least age 15 can take the written test through the DMV Online Knowledge Test Application (OKTA) program. The test is given at participating high schools across New York State. The test is given in an easy-to-use format and is offered in English and Spanish. It is not necessary for schools that participate to have a driver education program. They must provide a personal computer with Internet access, a printer and at least one staff person to monitor the tests. The OKTA program automatically scores each test and displays the results for the student on the computer screen. Students who pass the test online will receive a receipt, instructions and all required forms to apply for a learner permit. Students who are at least age 16 can bring their receipt and completed forms to any state or county motor vehicle office to apply for a learner permit. Students who fail the test can take it again online as many times as the school allows. The Learner Permit When you pass the vision and written tests and pay your fees, your learner permit will be issued and you can start to learn to drive. When you practice, a 11 licensed driver at least 21 must accompany you. That driver must have a license valid for the type of vehicle. In Long Island and New York City, this person must be a parent or guardian or an instructor. There are special restrictions for a driver less than 18 years old (see the publication, Learner Permits and Junior Licenses (C-41), available from the DMV Web site dmv.ny.gov, from a DMV Call Center or at any motor vehicle office. When you apply, your permit will be valid for three to five years, depending on your age. When you pass the road test, your new driver license will expire on the same date as your permit would have expired. If you have a license or permit and want to apply for a permit for a different class of license, the new permit will be valid for one year only. When you submit your permit application, make sure to ask about special procedures you must follow. Preparing for the Road Test Safe drivers often find their amount of practice before the road test made a positive difference. Before you take the test, it is important that you have had at least 50 hours of practice, with at least 15 hours after sunset It is recommended that at least 10 hours of the supervised practice be in moderate to heavy traffic. Road tests are given on city streets, but you should practice on expressways and other types of highways as well. DMV suggests you take a high school or college driver education course or lessons from a DMV-licensed driving school. If you cannot take a course or lessons, have the person who teaches you read Parts 2 and 3 of this manual. You can not practice in a DMV road test area or on any restricted roads. In New York City, these areas include any street within a park and all bridges and tunnels under the jurisdiction of the Triborough Bridge and Tunnel Authority. In Westchester County, the streets and roadways you can not practice on include these parkways: Cross County, Hutchinson River, Saw Mill River and Taconic State. Safe Driving Course Requirement Before you can make a road test appointment, you must first complete an approved safe driver course. This requirement is automatically fulfilled as part of every high school or college driver education course. All other drivers can complete this requirement when they take a special five-hour course available at most professional driving schools. To find where this course is offered, look in the Yellow Pages of your local telephone directory under “Driving Instruction.” When you complete the course, you will receive a certificate to show when you make your road test appointment. The certificate is valid for one year. Note: A defensive driving course taught through the DMV-certified Point/Insurance Reduction Program and/or completion of any online driver training program do NOT qualify as the required 5-hour classroom course. 12 The Road Test In most areas of the state, you must make your road test appointment by telephone at 1-(518)-402-2100. You must have your Pre-licensing Course Completion Certificate (MV-278) or driver education course Student Certificate Of Completion (MV-285) before you schedule your appointment. During your call, you will be informed whether your local motor vehicle office participates in the road test telephone-appointment program. An office that does not participate can schedule your appointment in person or by mail. In that case, bring or mail your permit and course completion certificate to your local motor vehicle office. You can schedule your road test through the DMV Web site dmv.ny.gov/roadtest. If you can not be at the road test site at the assigned time for a non-commercial driver license, you can request to a different road test appointment. You must make this request at least 24 hours before the scheduled test date – call the road test appointment telephone number, 1-(518)-402-2100, visit the DMV Web site dmv.ny.gov or contact the office where you made the original appointment. The DMV can cancel road tests because of bad weather. You may call the road test appointment telephone number, or contact the office where you made your original appointment for announcements of road test cancellations. For Junior Drivers With Permits Your permit must be held, in valid status, for a minimum of six months in order to take the road test, unless you are 17 and hold a valid Student Certificate of Completion (MV-285). When you pass the road test, you will be issued a Junior License (Class DJ or MJP. See the chart “Regional Restrictions for a Junior License.” A DMV motor vehicle license examiner will conduct the road test. You must give the license examiner your photo learner permit, your 5-hour pre-licensing course completion certificate (MV-278) or your Student Certificate of Completion (MV-285) and a completed Certification of Supervised Driving (MV-262). All junior drivers with permits are required to present a completed MV-262 at the time of the road test. The Certification of Supervised Driving (MV-262) is available from the DMV Web site dmv.ny.gov, from a DMV Call Center and at any motor vehicle office. With this statement, your parent or guardian certifies that you completed at least 50 hours of practice driving, including at least 15 hours after sunset, with an appropriate supervising driver (See chart “Regional Restrictions for a Junior Permit”). You must bring a vehicle to drive during the road test. The vehicle must be correctly registered, inspected, insured and equipped, and in good working order. This includes doors and seat belts. The passenger side seat belt must be available and clean for use by the examiner. If you drive to the road test site, you must also bring a supervising driver who is at least 21 and holds a license valid for the vehicle you will drive during the road test. Motorcycle applicants must bring a car or truck and a licensed driver to transport the license examiner during the test. 13 For All Other Drivers With Permits When you take your road test, you must give the license examiner your photo learner permit, your 5-hour pre-licensing course completion certificate (MV-278) or your Student Certificate of Completion (MV-285). As described for “Junior Drivers With Permits,” you must also provide a vehicle to drive during the road test and a correctly licensed driver. When you qualify for a non-commercial license Class D, DJ, E, M or MJ, the examiner will issue you a printed receipt. This receipt plus your photo learner permit will be a temporary driver license valid for 90 days. Your new photo license will arrive in the mail within three to five weeks. NOTE TO MOTORCYCLISTS: If you have another class of driver license and a motorcycle operator’s learner permit, the DMV will waive your motorcycle road test if you complete a Motorcycle Safety Foundation Motorcycle Rider Course. If you add an M or MJ endorsement to a license issued before by New York State, you must go to a state or county motor vehicle office and amend your previous driver license at least five business days after you pass the road test. If you did not have a previous NYS driver license, your new Class M or MJ driver license will arrive in the mail within three to five weeks. If you qualify for a Commercial Driver License (CDL), the DMV will issue a printed receipt. This receipt plus your current photo license will serve as a temporary license valid for 10 days. This license is only issued to applicants who meet the medical certification requirements (if required) and all other requirements. Those requirements include checks of the National Driver Registry (NDR) and Commercial Driver License Information System (SDLIS). You must amend you original license in person at any state of county DMV office. Wait at least five business days after passing the road test before you make the amendment. If you did not pass your CDL road test, you may continue to practice driving until the date the permit expires. There is a fee for scheduling each additional road test. When you take a CDL test (Class A, B or C), if you are required to meet the federal medical requirements in 49 CFR Part 391 you must present a valid Medical Examiner’s Certificate to the DMV license examiner at the time of the skills test. This requirement applies if your document does not have an A3 restriction, or, if you are over 21, a K restriction. If you qualify for a Commercial Driver License (CDL Class A, B or C), you must correct your original license in person at any state or county motor vehicle office. Wait until at least five business days after you pass the road test before you make the amendment. If you did not pass your CDL road test, you can continue to practice until the date the permit expires. There is a fee to schedule each additional road test. When you qualify for a license, you must continue to be careful and obey the traffic laws to gain experience as a capable driver. Many motorists enroll in a DMV- 14 certified Point and Insurance Reduction Program (PIRP) for more training. The PIRP is available through private companies or corporations in New York State. This program reviews time-tested safe driving tips and provides a summary of the vehicle and traffic laws. If you are eligible for point reduction, as many as four (4) points can be reduced from your record. You can complete this course every 18 months for the purpose of point reduction. Participants who complete the program will receive a minimum 10% reduction in the base rate of liability and collision insurance premiums each year for three years. For more information, see the DMV publication Point and Insurance Reduction Program (C-32A), available from the DMV Web site dmv.ny.gov, from a DMV Call Center or at any motor vehicle office. ■ NON-RESIDENT AND NEW RESIDENT DRIVERS If you are a resident of another state or country and hold a valid driver license there, you can legally drive in New York State. You should not apply for a New York driver license. Apply for a New York license only after you become a resident of this state. Then, to remain legally licensed, you must apply for a New York State driver license within 30 days after you establish you are a New York State resident. If you are a new resident with a valid driver license issued by a U.S. state, territory or possession, or a Canadian province or territory, you must turn in your out-of-state license to get a New York driver license. You must show additional proof of name and date of birth (see “Applying for your First License”), and provide your Social Security card. You must pass the vision test. If your out-of-state license has been valid for less than six months or had expired more than one year ago, you must also pass the written and road tests and complete the safe driving course. If you are a new resident licensed in a country other than Canada, you must pass the vision test, complete the safe driving course, turn in your foreign license, and you must pass a written and road test. When you pass the road test, you must give your foreign license to the DMV motor vehicle license examiner who conducted the test. Your foreign driver license will be destroyed unless you provide the examiner a written request to hold your foreign license on file at a New York State office of the Department of Motor Vehicles. The license examiner will tell you which DMV District Office will hold your foreign license. Your foreign license will be returned at your request, but only after you return your New York State license. ■ LICENSE RENEWAL You are responsible to know when your driver license expires and to renew it on time. If the DMV has your current address, you should receive a renewal notice 15 and instructions in the mail approximately 45 days before your license expires. If you do not receive the notice, you can apply for renewal at a motor vehicle office. You can renew your license up to one year before its printed expiration date. Most driver licenses can be renewed through the mail or through the DMV Internet Office. For either renewal process, you must prove you have passed an eye test within six months or within one year as determined by a licensed health care professional before the date you renew your license. To renew by mail, you must return to the DMV your renewal application and a completed Eye Test Report (MV-619) that which documents that you passed the vision test. If you renew through the DMV Web site dmv.ny.gov, you will need information from a completed Eye Test Report by your health care professional. An Eye Test Report form is available from the DMV Web site dmv.ny.gov, from a DMV Call Center or at any motor vehicle office. You can bring the driver license renewal form and the Eye Test Report to any motor vehicle office and renew in person. If you apply for a renewal in person, you will be allowed to take the vision test at the motor vehicle office. When renewing in person, you must present your current license or six points of identification and, if needed, your Social Security card. You can renew your driver license up to one year before your current license expires. Make sure to renew early if your license will expire while you are out of state. If you cannot renew early or a serious illness prevents you from doing so, contact a DMV Call Center. If you enter military service, your license can be automatically extended throughout your active service and for six months after discharge. You must notify the department within 60 days of the entry date into service. You must submit the form, Notification of Military Service (MV-75), available from the DMV Internet Office, from a DMV Call Center or at any motor vehicle office. ■ CHANGE OF ADDRESS ■ LEARNER PERMIT AND JUNIOR OPERATOR RESTRICTIONS If you change your address you must notify DMV within 10 days by mail or on a Change-of-Address Form (MV-232). You must write the new address in the space provided on the back of your driver license. Learner permits, limited junior driver licenses (Limited Class DJ or MJ) and full junior driver licenses (Class DJ or MJ) allow limited driving privileges for people new drivers. These documents restrict where, and under which circumstances, you can drive. If you are under age 18, these restrictions depend on where you drive in New York State and the time of day. These restrictions also apply to drivers less than 18 years old who are licensed outside New York State. 16 The restrictions for drivers with learner permits and junior licenses are also presented in the publication Learner Permits & Junior Licenses (C-41), available from the DMV Web site dmv.ny.gov. Definitions “PROPERLY LICENSED” means the supervising driver has a license valid to drive the type of vehicle being driven by the new or junior driver. “GUARDIAN” means a person who has, on a regular and extended basis, assumed the character of a parent and discharges parental duties because of the death, disability or absence of the real parent. “IN LOCO PARENTIS” means a person who has, on a regular and extended basis, assumed the character of a parent and discharges parental duties because of the death, disability or absence of the real parent. “SCHOOL COURSE” means instruction that is licensed or approved by a state agency or department, or training conducted by the U.S. Armed Forces. The term “school course” does NOT include activities or events for which no scholastic credits are given. “EMPLOYMENT” means a place of business at which you are paid to work on a scheduled basis. You can NOT drive during work or as part of your work duties. “WORK STUDY PROGRAM” means a state-approved work-study program. For example, a Board of Cooperative Educational Services (BOCES) course for which academic credit is granted for work experience. “MEDICAL APPOINTMENT” means medical treatment that is necessary for you or a member of your household. “DAYCARE” applies to travel to and from child care if the attendance of the child is necessary for a family member to maintain employment or attend a school course. General Rules for All Drivers with Learner Permits If you hold a learner permit, you can not drive: 4 Unless you are accompanied by a supervising driver at least age 21 who has a license to operate the vehicle you are driving. In Long Island and New York City, this person must be a parent, guardian or driving instructor. For example, a person with a motorcycle license can supervise a motorcycle learner. 4 In a DMV road test area. 4 On any street within a park in New York City or any bridge or tunnel under the jurisdiction of the Triborough Bridge and Tunnel Authority. 4 On the Cross County, Hutchinson River, Saw Mill River, or Taconic State parkways in Westchester County. 17 Drivers from Outside New York State If you are under age 18 and hold a learner permit, junior permit or junior driver license from outside New York State, you must obey the restrictions described in this publication as well as the restrictions from your home state. Make sure your permit or license is valid to drive outside your home state before you operate a vehicle in New York. If you are less than 16, you can not drive in New York State even if you have an out-of-state license. NYS Drivers Visiting Other States You can drive outside New York State with your learner permit, junior learner permit or junior license if it is allowed by the laws of the other state. You must obey that state’s permit, junior permit and driver license restrictions that may apply. Ask the police or motor vehicle authorities in the state you are visiting. Motorcyclists and Moped Operators The restrictions in this publication also apply to operating a motorcycle or moped. Your learner permit or limited junior license (Class M or MJ, or Limited REGIONAL RESTRICTIONS FOR A JUNIOR PERMIT New York City (5 Boroughs) 5 AM – 9 PM You must drive only under the immediate supervision of your: 1. Parent 2. Guardian 3. Person “in loco parentis” 4. Driver Education Teacher 5. Driving School Instructor The person above must be at least age 21 and have a license valid for the vehicle being driven. Vehicle must have dual controls (dual brakes). 9 PM – 5 AM You must NOT drive. Long Island (Nassau & Suffolk) 5 AM – 9 PM You must drive only under the immediate supervision of: 1. Your Parent 2. Your Guardian 3. Your Person “in loco parentis” 4. Your Driver Education Teacher 5. Your Driving School Instructor 6. Anyone who has been designated in writing by the parent, guardian or person “in loco parentis” The person above must be age 21 or older and have a license valid for the vehicle being driven. 9 PM – 5 AM You must NOT drive. 9 PM – 5 AM You must drive only under the immediate supervision of your: 1. Parent 2. Guardian 3. Person “ in loco parentis” 4. Driver Education Teacher 5. Driving School Instructor The person above must be at least age 21 and have a license valid for the vehicle being driven. Upstate (All Other Counties) 5 AM – 9 PM You must drive only under the immediate supervision of: A person who is age 21 or older and has a license valid for the vehicle being driven. 18 Class MJ) does not allow you to carry any passenger except your supervising driver. Your supervising driver must have a driver license valid to operate the same class motorcycle or moped you are driving, and must exercise general supervision and control by remaining within one-quarter mile. It is strongly recommended that your supervising driver be able to see you at all times. Driving with a Junior Learner Permit or Junior License 4 You can not drive with more than two passengers less than 21 unless they are members of your immediate family or if your supervising driver is your licensed parent, guardian, person “in loco parentis,” driver education teacher or driving school instructor. 4 You and each passenger must wear a seat belt: one per person. Every child passenger must use a correct child restraint. (See: Chapter 8, “Seat Belts, Child Safety Seats, and Air Bags”) 4 If you hold a junior permit or a limited junior license, the only passenger allowed in the front seat is your supervising driver. 4 Also see “Special Rules for Drivers with Junior Permits and Licenses,” Chapter 2. REGIONAL RESTRICTIONS FOR A JUNIOR LICENSE* New York City (5 Boroughs) 5 AM – 9 PM You must NOT drive. Long Island (Nassau & Suffolk) 5 AM – 9 PM You may drive alone only directly between your home and employment, a work-study program, a course at a college, university, or registered evening high school, a driver education course, or while engaged in farm employment. You may drive when accompanied by your licensed parent, guardian, person “in loco parentis,” driver education teacher, or driving school instructor. 9 PM – 5 AM You must NOT drive. 9 PM – 5 AM You may drive alone only directly between your home and a workstudy program, a course at a college, university, or registered evening high school, a driver education course, or while engaged in farm employment. 9 PM – 5 AM You may drive alone only when traveling directly between your home and employment or a school course. All other driving must be accompanied by your licensed parent, guardian, or person “in loco parentis.” Upstate (All Other Counties) 5 AM – 9 PM You may drive without being accompanied. *See “Driving Alone with a Junior License 19 Driving Alone with a Junior License or Limited Junior License Important information if you hold a Junior License in the counties of Nassau or Suffolk, or a Limited Junior License in the upstate counties (except Westchester, Rockland and Putnam): You can drive by yourself between home and your employment, which can include farm work, if you carry the correct proof of employment. Your employer can complete a Certificate of Employment (MV-58A), available from the DMV Internet Office, from a DMV Call Center and at local motor vehicle offices. In the upstate counties only, instead of an employment certificate, you can carry a letter from your employer. The letter must be marked with a date and signed by your employer, and must show the business name, address and telephone number where you work. It also must list your name, date of birth, client ID number, job description, and days, hours and location of employment. The address and telephone number at which the employer can be contacted must be included for verification by a magistrate or police officer. When you drive by yourself between your home and a qualified school course or approved work-study program, you must carry proof of enrollment. This must be a letter, marked with a date and signed by an appropriate school or program official, on the school or program letterhead. It must include the address and telephone number of the official for verification by a magistrate or police officer. The letter also must include the date(s), hour(s) and location(s) of the school course or program activity, your name, date of birth, and client ID number. ■ DRIVER EDUCATION If you are 17, you are eligible for a senior driver license (Class D or M) if you have a junior driver license or limited junior driver license and have completed a state-approved high school or college driver education course. To change your junior license to a senior license, bring your junior license and the Student Certificate of Completion (MV-285) that you received from your instructor to any motor vehicle office. You must return your certificate and junior license to receive the senior license. If you do not change your junior license to a senior license, you are subject to the restrictions for junior drivers until you are age 18, even if you carry the completion certificate with you. You can also give your certificate with your junior permit to the license examiner at your road test. You will automatically receive a senior license when you become eligible. 20 CHAPTER 2 How to Keep Your License If you commit a serious traffic violation or several violations that are less serious, you can lose your driving privilege through suspension or revocation of your license. “Suspension” means your license (or privilege to drive) is taken away for a period of time before it is returned. You may be required to pay a suspension termination fee. “Revocation” means your license (or privilege to drive) is cancelled. To get a new license, you must re-apply to the Department of Motor Vehicles (DMV) once the revocation period is over. You may be required to pay a license re-application fee. Your application may be denied if you have a poor driving record or refuse to meet DMV requirements. Revocation periods may be longer than the minimum periods listed in this publication. “Driving privilege” means the courtesy extended to out-of-state-drivers that allows them to drive a motor vehicle in New York State. It also refers to permission from New York State for a person without a license to get a New York State driver license. A driving privilege can be suspended or revoked for the same reasons as are New York State driver licenses. Driving with a suspended or revoked privilege carries the same penalties as driving with a suspended or revoked license. ■ SPECIAL RULES FOR DRIVERS WITH JUNIOR PERMITS AND LICENSES Every driver with a limited or full junior permit or driver license is could face sanctions and other penalties. For example, your permit, license or privileges will be suspended for 60 days if you are convicted of a serious traffic violation (three points or more) or two other violations. Your junior permit, license or privileges will be revoked for 60 days if you are convicted of a serious violation (three points or more), or two other violations 21 within the first six months after you receive your license or privileges back following suspension or revocation. In addition, your junior permit, license or privileges will be suspended for 120 days when you are convicted of a texting or cell phone violation. A junior permit must be held for a minimum of six months, excluding any time the permit is suspended or revoked, before a road test can be scheduled. ■ PROBATION PERIOD FOR ALL OTHER NEW LICENSED DRIVERS If you are 18 or older when you pass your road test for a driver license, or obtain a license following revocation, you will be on probation for six months. If you are convicted of speeding, reckless driving, following too closely, participating in a speed contest, or two other traffic violations while on probation, your license will be suspended for 60 days. If you are found guilty of one of the above violations or two other moving violations during this second probation period, your license will be revoked for at least six months. When the revocation or suspension ends, you will be on probation for another six months. If you are convicted of a texting or cell phone violation, your probationary license will be suspended for 120 days. ■ IF YOU RECEIVE A TRAFFIC TICKET If you receive a traffic ticket, do not delay – follow the instructions on the ticket for the plea you want to make. Your driver license will be suspended indefinitely if you do not answer the ticket in the time allowed, or pay a fine (other than parking tickets and fines), surcharge, crime victim assistance fee or suspension-termination fee. If you do not respond that you have received the ticket, you could be found guilty by default conviction. If you are convicted by default, your license will be suspended for not paying the fine and a judgment will be entered against you. The DMV Traffic Violations Bureau (TVB) processes the tickets for non-criminal moving traffic violations issued in the five boroughs of New York City and Rochester. The TVB system allows the other courts in these areas to concentrate on criminal cases. This includes driving offenses like Driving While Intoxicated (DWI) and driving while suspended or revoked. In other areas of the state, traffic violations are processed in the criminal and traffic court of the city, county, town or village where the alleged offense occurred. No matter what court system is involved, every motorist who receives a traffic ticket can present a defense and be represented by a lawyer. 22 ■ TRAFFIC TICKETS RECEIVED OUT OF STATE The New York State Department of Motor Vehicles does not record convictions of moving traffic violations by NYS non-commercial licensed drivers in other jurisdictions, except traffic offenses committed in the provinces of Ontario and Quebec in Canada. Out-of-state traffic convictions, except for Ontario and Quebec, are not added to your New York State “violation point” driving record. However, your New York State driver license will be suspended if you fail to answer a ticket for a moving violation in any state except Alaska, California, Michigan, Montana, Oregon or Wisconsin. Your license will remain suspended until you answer the ticket. Drivers from any state, except from the six states listed above, will have their driver licenses suspended in their own state if they fail to answer a moving violation summons in New York State. If you are over 21 and are convicted of an alcohol- or drug-related driving violation (e.g., DUI) in another state or the provinces of Ontario and Quebec in Canada, your New York State driver license will be revoked for at least 90 days. Out-of-state drivers who get tickets in New York State can contact the motor vehicle department of their own state or province about how a conviction affects them. If you are under 21 years old and convicted of any alcohol or drug-related violation that occurred out of state on or after November 1, 2000, your New York State driver license will be revoked for at least one year. If you have any alcohol conviction, even if the violation occurred before November 1, 2000, your license will be revoked for at least one year or until the age of 21, whichever is longer. The New York State Department of Motor Vehicles records the conviction of any New York driver for criminal negligence, homicide, or assault that arises from the operation of a motor vehicle and which results in death. The driver license or privilege to drive and all vehicle registrations can be suspended. It does not matter if the conviction occurred in this state or another state. ■ MANDATORY SUSPENSION OR REVOCATION Your driver license or driving privilege can be suspended or revoked for many reasons. NOTE: Motorboat and snowmobile operators less than 21 years old who drink alcohol face similar penalties and sanctions against their privileges to operate a motorboat or snowmobile. Examples of revocations and suspensions that are required by law: Alcohol and Drug Violations (Also see Chapter 9: Alcohol and Other Drugs) 4 Aggravated driving while intoxicated (Agg-DWI), with .18 of one percent blood alcohol content (.18 BAC): minimum one-year revocation. 23 4 Driving while intoxicated (DWI), with .08 of one percent blood alcohol content (.08 BAC): minimum six-month revocation 4 Driving while ability impaired by alcohol (DWAI): 90-day suspension. 4 Driving while ability impaired by drugs (DWAI-drug): minimum six-month suspension 4 Driving under the influence of alcohol or drugs out-of-state (DUI): minimum 90-day to six-month revocation, depending on conviction Chemical Test Refusals (Also see Chapter 9: Alcohol and Other Drugs) 4 Chemical test refusal, drivers over age 21: minimum one-year revocation 4 Chemical test refusal, drivers over age 21, within five years of a prior refusal revocation or any alcohol or drug-related violation: minimum 18-month revocation 4 Chemical test refusal, drivers under age 21, first time: minimum one-year revocation 4 Chemical test refusal, drivers less than 21, second time: Minimum revocation until age 21 or one year, whichever is longer 4 Zero Tolerance test refusal: Minimum one-year revocation Drivers Less Than 21 If you are under 21 when arrested, conviction for any of the alcohol or drugrelated violations listed above will result in a minimum one-year revocation. A second violation while less than 21 requires a revocation for one year or until you reach 21, whichever is longer. These penalties apply to youthful offenders, or if you were arrested or convicted out of state (see Traffic Tickets Received Out Of State). Under the state’s “Zero Tolerance Law,” a driver less than 21 will have his license suspended for six months if found to have a BAC from .02 to .07. A .02 BAC could occur from only one drink. For a second Zero Tolerance violation, the driver license will be revoked for one year or until the driver turns 21, whichever is longer. Speeding and Other Violations Your driver license will be revoked for at least six months if you are found guilty of: 4 Three speeding and/or misdemeanor traffic violations within 18 months (based on date of violation, not date of conviction). 4 Three “passing a stopped school bus” violations within three years. 4 One violation of “leaving the scene of a personal injury or fatal accident.” 4 One “participating in a speed contest” violation. Conviction of a second speed contest violation within 12 months results in a revocation of at least one year. 24 No Insurance Your driver license will be revoked for at least one year if you operate or allow another person to operate your uninsured vehicle, or if the DMV receives evidence that you were involved in a traffic crash without being insured. If the insurance coverage for your vehicle has expired, you must turn in the license plates and registration to a motor vehicle office. If the vehicle is removed from the road and not being driven, you must return the plates or you can face civil penalties or registration suspension and/or license suspension. Indefinite Suspensions/Revocations Your driver license will also be suspended indefinitely if you fail to file an accident report, submit a bad check for DMV fees, fail to pay child support, fail to pay taxes or fail to fulfill a court judgment that results from a traffic accident. This suspension will be in effect until you correct the condition that led to the suspension. Commercial Drivers It is a felony to drive a school bus that carries one or more students while you are impaired or intoxicated. If you are found guilty of an alcohol or drug-related violation while driving a school bus, taxi or livery vehicle a passenger inside, your driver license will be revoked for at least one year. If found guilty of a second violation within 10 years, you could be permanently prohibited from holding a Class CDL license. For more information about the commercial driver penalties, see the Commercial Driver’s Manual (CDL-10). ■ THE POINT SYSTEM The DMV point system identifies “persistent violators”; that is, drivers who commit a series of violations in a short time period. The table in this chapter lists the point values assigned to various moving traffic violations. Note that traffic laws that must be obeyed on public highways, roads and streets also apply to parking lots open to the public. While each violation listed alone is not serious enough to require license suspension or revocation, the accumulation of several violations on your driving record can indicate that action must be taken. The point values charged against your record are from the date you commit the violation, not the date you are convicted. If you get 11 or more points within 18 months, you will be notified by mail that your driver license will be suspended. You can request a DMV hearing only to show that the convictions in question were not 25 Violation Speeding MPH not specified Speeding MPH over posted limit: 1 to 10 11 to 20 21 to 30 31 to 40 More than 40 Reckless driving Failing to stop for school bus Inadequate brakes Following too closely (tailgating) 4 Points 3 3 4 6 8 11 5 5 4 Violation Improper passing, unsafe lane change, drove left of center, or drove wrong direction Violation involving a traffic signal, stop sign or yield sign Failing to yield right-of-way Railroad crossing violation Leaving scene of incident involving property damage or injury to domestic animal Safety restraint violation involving person under 16 Inadequate brakes (while driving employer’s vehicle) Any other moving violation Points 3 3 3 3 3 3 2 2 yours. You can not re-argue the convictions or request the suspension be waived based on special circumstances. You can reduce your point total by up to four points and save up to 10 percent on your auto liability and collision insurance premiums by taking a DMV-approved “Motor Vehicle Accident Prevention Course.” Completion of a point reduction course cannot prevent a mandatory suspension or revocation or be applied as a “credit” against future points, or prevent or reduce a Driver Responsibility Assessment by the DMV. For more information, see the publication Point And Insurance Reduction (C-32A), available from the DMV Internet Office. Note: Insurance companies can have their own point systems. These have no relationship to and should not be confused with the DMV point system. ■ TRAFFIC CRASHES At this time, except where required by law, the term “accident” is frequently replaced by “crash.” This is because a “crash” can normally be prevented. If you are involved in a traffic crash in which another person is killed, your license can suspended or revoked after a DMV hearing even if you were not charged with a violation when the incident occurred. 26 ■ FEES AND CIVIL PENALTIES If your driver license has been suspended for an exact period, like 30 days or 90 days, your license will not be returned until you pay a non-refundable $50 suspension termination fee. In most cases, if your driver license has been revoked, you can not apply for a new license until you pay a non-refundable $100 fee to reapply for the license. This fee is not required if your license was revoked for operating without insurance or if you were issued a license with conditions or restricted uses. After the following revocations, you must pay a civil penalty to DMV before your application for a new license can be accepted: 4 Operating without insurance or accident without insurance: $750 civil penalty. 4 Chemical test refusal: $500 civil penalty($550 if while driving a commercial motor vehicle). 4 Chemical test refusal within five years of an earlier alcohol, drug or refusal-related revocation: $750 civil penalty. 4 Zero Tolerance Law suspension: $125 civil penalty and $100 suspension termination fee. ■ DRIVER RESPONSIBILITY ASSESSMENTS In addition to any fines, fees, penalties and surcharges authorized by law, you may have to pay a “Driver Responsibility Assessment” for some violations that occur on or after November 18, 2004, that result in a conviction or administrative finding. Your learner permit, driver license or driving privileges will be suspended if you do not make these payments. If you are convicted of Aggravated Driving While Intoxicated (Agg-DWI), Driving While Intoxicated (DWI), Driving While Ability Impaired (DWAI), Driving While Ability Impaired by Drugs, DWAI-alcohol combined with drugs, or if you refused to submit to a chemical test, you will be required to pay a driver responsibility assessment of $250 each year for the next three years. If you are convicted of one or more traffic violations resulting in six points in any 18-month period, you will be required to pay $100 each year for the next three years. For each additional point you receive during that period, you will be required to pay another $25 per point every year for three years. For information about how points are assessed, see “The Point System” in this chapter. This assessment applies to motorists convicted of violations while driving motor vehicles, motorboats and 27 snowmobiles. Completion of a DMV-approved “Motor Vehicle Accident Prevention Course” will not prevent or reduce the calculation of points that affect the Driver Responsibility Assessment. ■ DRIVING WHILE SUSPENDED OR REVOKED It is a criminal violation to drive while your license is suspended or revoked, and there are mandatory fines from $200 to $5,000. You can face mandatory imprisonment or probation. The vehicle being driven could be seized and forfeited. More severe penalties apply to drivers who drive while intoxicated or impaired by alcohol or drugs while their licenses or privileges are already under suspension or revocation for a previous alcohol or drug-related incident. Drivers with 10 or more suspensions for failure to answer traffic tickets or pay fines are also subject to severe penalties. Drivers with 20 or more suspensions for failure to answer tickets or pay fines face a criminal charge, even if they are not driving when arrested. The penalties for driving while suspended or revoked are described in the publication Suppose Your License Were Taken Away (C-12) available from the DMV Web site dmv.ny.gov. 28 CHAPTER 3 Owning a Vehicle Whether you are a vehicle owner or registrant, or a driver of a vehicle owned or registered by someone else, it is your responsibility to make sure it is registered, insured and inspected before the vehicle operates on a public roadway. ■ REGISTRATION AND TITLE A registration allows a vehicle to be driven on public roads and highways. A title certificate proves who owns the vehicle. In New York, only 1973 and newer model vehicles receive titles. For 1972 and older models, the registration is also the proof of ownership. You must be at least 16 to register a vehicle. You can register a vehicle at any age. A new resident of the state must get a New York registration within 30 days of establishing residence. To Register a Vehicle To register a vehicle, you must prove you own the vehicle or that the owner authorizes you to register it, that the vehicle is insured, that the state and county sales taxes are paid and provide any required odometer reading and/or damage disclosure statement. If the ownership proofs listed below are not available from the seller, contact any motor vehicle office or a DMV Call Center before you purchase the vehicle. To apply for registration, you must complete a Vehicle Registration/Title Application (MV-82). You must also present proof of name (6 points) and proof of date of birth. For additional information see Registering A Vehicle In New York State (MV-82.1), available from the DMV Internet Office, from a DMV Call Center, and at any motor vehicle office. When your vehicle is registered, you will get vehicle plates, 29 a registration document and a registration sticker for the windshield or vehicle plates. If you purchased the vehicle from someone other than a New York State registered dealership, you will also receive a 10-day inspection extension sticker on request when you register the vehicle. You must then have the vehicle inspected within 10 days from the date of registration. It should have a valid inspection sticker if you purchased the vehicle from a New York State registered dealer. The dealer must have the vehicle inspected within 30 days before it sells the vehicle to you. When you purchase a new or used vehicle from a dealer registered with the DMV, the dealer can register the vehicle for you and give you a temporary registration and, if you need them, new vehicle plates. The dealer can charge a processing fee for this service. It can also charge registration, vehicle plate and title fees. If your vehicle is a 1973 or newer model, your title certificate will be mailed to you from Albany several weeks after the vehicle is registered. Proof of Ownership If you purchase your vehicle from a New York State registered dealer, the proof of ownership for a new vehicle will be a Manufacturer’s Certificate of Origin (MCO) and a dealer’s Certificate of Sale (MV-50). For a used 1973 or newer vehicle, proof of ownership is the previous owner’s Certificate of Title (MV-999), the correct odometer and salvage disclosure statement and the dealer’s Certificate of Sale (MV-50). For a used 1972 or older vehicle, proof of ownership is the dealer’s Certificate of Sale (MV-50) and the previous owner’s transferable registration signed over to the dealer. If the dealership does not register the vehicle for you, make sure it gives you the ownership documents listed above and a completed Application for Registration/Title (MV-82) signed by the dealer’s representative. Examine the ownership documents carefully before closing the sale. If you purchase a used vehicle from a dealer registered outside New York State – the proof of ownership is the title certificate or transferable registration signed over to the dealer by the previous owner, plus the bill of sale and/or invoice from the dealer and other proofs from the dealer. For a used vehicle purchased from a private seller – the proof of ownership is the “Certificate of Title” (MV-999), or a transferable registration for 1972 or older models, signed over to you. The seller must complete and you must acknowledge with your signature, the correct odometer and damage disclosure statements. Before you accept the title certificate from any seller, check the front of the title for the names and addresses of “lien” holders. A lien indicates the current owner owes money on a loan for the vehicle. If a lien is listed on the title, ask the seller to give you proof the lien has been paid – in most cases, it is an official lien release from the lender. If proof is not provided and the loan has not been paid, the lien holder could repossess the vehicle. 30 A motor vehicle office will not accept a title certificate if the correct odometer or damage disclosure statement is not completed, or if information on the title is adjusted, erased or canceled. This includes any name or signature. Disclosure Statements • If you purchase a vehicle eight model years old or newer, the DMV will NOT register your vehicle or issue you a new title certificate unless the seller has completed, and you have signed, both the odometer and the damage disclosure statements on the Certificate of Title (MV-999). These statements indicate whether the new title certificate should be described as “Rebuilt Salvage.” This is explained in the DMV publications Let The Buyer Be Aware (C-18) and Q & A About Your Vehicle Title (C-19). • If you purchase a vehicle 10 model years old or newer, make sure the private seller has completed the odometer statement on the back of the Certificate of Title (MV-999). The damage disclosure statement is not required for vehicles nine model years old or older. As buyer, you must confirm the odometer statement as shown on the title certificate by writing your initials next to the odometer box on the title certificate. Compare the odometer statement on the title certificate with the odometer reading in the vehicle. IMPORTANT: The DMV must examine every vehicle described as “Rebuilt Salvage” , OR SIMILAR WORDS, for stolen parts before the vehicle can be registered or titled. If you are to purchase a vehicle that is registered or titled out-of-state, contact a DMV Call Center for more information. Proof of Sales Tax Payment When you purchase a vehicle from a New York State registered dealer, the dealer collects the sales tax. If you are to purchase a vehicle from someone besides a NYS registered dealer, get a Statement of Transaction - Sale or Gift of Motor Vehicle (DTF-802), available at any motor vehicle office, from a DMV Call Center and from the DMV Web site dmv.ny.gov. This form certifies the purchase price and determines the sales tax you must pay when you register the vehicle. One side of the form must be completed and signed by the buyer. The other side must be signed by the seller if the selling price is below fair market value or if the vehicle is being given as a gift from someone who is not a family member. If the form is not completed by the seller, you will be charged sales tax based on the current fair market value of the vehicle. Bring the completed form to a state or county motor vehicle office when you register your vehicle. Proof of Insurance When you purchase vehicle liability insurance, the insurance agent or broker gives you two insurance identification cards. The name(s) and vehicle identification 31 number (VIN) on these cards must exactly match the information on the registration application. You must present one card when you register your vehicle. Keep the second card with the vehicle. “No-fault” auto insurance is issued in New York State. For information about no-fault insurance contact the NYS Department of Insurance, Agency Building 1, Empire State Plaza, Albany, NY 12257. Fees Registrations for most vehicles less than 18,000 pounds (8,165 kg) maximum gross weight are valid for two years, and fees are based on vehicle weight. There are also vehicle plate and title fees. By law, registration fees can not be refunded if you use the vehicle plates or registration sticker on your vehicle even for one day. However, if your vehicle plates and registration sticker are returned not used within 60 days after you register your vehicle, you can receive a full refund, minus a processing fee. You may receive a refund of the fee for the second year of a two-year registration, minus a processing fee, if you use the plates and registration only during the first year. Make sure to get a DMV Universal Receipt (FS6T) to turn in your plates. If you transfer a registration from one vehicle to a replacement vehicle, you will receive credit for the remaining part of your current registration. This credit can not be applied to other vehicles registered to you. Trading In or Selling Your Old Car Before you trade in or sell your old vehicle, make sure to remove the vehicle plates and the windshield registration sticker, which shows your plate number. This can prevent you from being charged with parking tickets that are not yours. ■ REGISTRATION RENEWAL Most registrations are renewed every two years. Approximately 45 to 60 days before your registration will expire, you should receive a renewal reminder in the mail. If you changed your address and did not notify the DMV, you will not receive the reminder. If you did not answer three or more parking tickets, or if your registration is suspended or revoked, you will not receive the reminder. Allow two weeks to process and deliver the registration. You are responsible to know when your registration expires and to renew it on time. This is true even if you do not get a reminder in the mail. If the expiration date falls on a weekend or legal state holiday, your registration is automatically extended to midnight of the next business day. Make sure you maintain liability insurance on your vehicle during the extension period. 32 If you have not received a renewal notice, you may be able to renew your registration – By mail: Complete a Vehicle Registration/Title Application (MV-82), available at any motor vehicle office, from a DMV Call Center and from the DMV Web site dmv.ny.gov. If your registration must be sent to an address that is not the mailing address you entered on the application form (MV-82), enclose a separate note that requests the DMV to mail your registration to the other address. Do not put this mailing address on form MV-82 unless you want it to appear on the registration and your DMV registration record. Reminder – if you indicate a change of address on your registration, it will affect ONLY that registration. Use a Change of Address Form (MV-232) to change all your DMV records. This form is available at any motor vehicle office, from a DMV Call Center, and from the DMV Internet Office. Enclose a check or money order for the correct fee, payable to the “Commissioner of Motor Vehicles.” If you do not know the exact fee you must pay, you can determine the fee through a work page at the DMV Web site or contact a DMV Call Center. Make sure to include your insurance card with your renewal application if your insurance company has changed and you have not responded to a DMV Insurance Inquiry Letter. Mail your completed Vehicle Registration/Title Application and other documents to: NYS DMV Utica Renewal Center, 207 Genessee Street, Utica, NY 13501 Allow two weeks to receive your registration renewal. If you do not receive it after two weeks, contact a DMV Call Center or visit any state or county motor vehicle office. Allow more time for overseas mail. If your name has changed and you have not notified the DMV, you must visit a DMV office and show proofs of your identity. For more information, contact a DMV Call Center. Online at the DMV Web site dmv.ny.gov. Online registration renewal requires that you have not changed your address or insurance company, and that the registration is for a passenger car, small commercial truck or a motorcycle that is not off the road. Your registration fee, and any related fees, will be displayed on the computer screen. In three quick steps, you can renew your registration online and use your credit card for payment. Your renewal will be automatically processed and mailed to you. Allow two weeks for delivery. In person at a state or county motor vehicle office: You must complete and submit a Vehicle Registration/Title Application (MV-82). Note: An application brought into an office by a second party (someone who is not the registrant) must be accompanied by the original New York State license/permit/non-driver identification card for the second party and either the original or a photocopy for the registrant. This includes spouses (husbands and wives). The application must be signed by the registrant, not the person who brings the form into the office. 33 Insurance Your vehicle must be covered by liability insurance as long as it is registered, even if you do not drive it. Minimum liability coverage is required of $50,000 against the death of one person and $100,000 against the death of two or more persons, $25,000 against injury to one person and $50,000 against injury to two or more persons and $10,000 against property damage. Insurance coverage limits refer to death, injury or damage related to any one incident. Before your liability insurance expires or is discontinued, return vehicle plates at any state or county motor vehicle office. Be sure to obtain a DMV Universal Receipt (FS6T) to turn in your vehicle plates. If you do not do this, you may have to pay a civil penalty for each day the vehicle was not insured or your vehicle registration can be suspended. If your vehicle is not insured for 90 days, unless you have turned in your vehicle plates, your driver license will also be suspended. If you receive a letter from DMV that asks about your vehicle insurance, read it carefully and respond as directed in the letter. Motorcycles must be insured, but you are not required to turn in the vehicle plate when your motorcycle insurance is discontinued or expires. ■ RESIDENT AND NON-RESIDENT RESPONSIBILITY Anyone who drives or permits a vehicle to be driven in New York State, this includes people who are not New York residents, must be able to prove the vehicle has acceptable liability insurance. (See “Insurance,” above, for minimum insurance coverage required.) If you are convicted of driving an uninsured vehicle or if you allow another person to drive your uninsured vehicle, your license or privilege to drive in New York State will be revoked for at least one year. The same penalty applies if the DMV receives evidence that you were involved in a traffic crash without insurance. ■ INSPECTION Most vehicles sold in New York State must be inspected within 30 days of the date of transfer or sale and must have a certificate of inspection before delivery. If you purchase a vehicle from someone who is not a NYS dealer, you must have the vehicle inspected within 10 days after you register it. Make sure to request a “TenDay Time Extension for Motor Vehicle Inspection” (VS-1077). If a person moves to NYS, an inspection certificate that was issued before is valid until it expires or one year from the date of it was issued, whichever occurs first. 34 Under some conditions, vehicles sold at retail are exempt from the inspection requirement. These conditions are: transfer to a “welfare to work” program; transfer of a chassis; transfer of a vehicle through factory direct delivery; transfer of a vehicle for registration in another state or country; transfer of a scrap vehicle; and transfer of a vehicle to a long-term lessee (lease buyout). After the first inspection of your vehicle, it must be inspected at an official state-licensed inspection station before the expiration date on the current inspection certificate. An inspection is also required on change of registrant. Inspection stations have yellow and black “Official Motor Vehicle Inspection Station” signs. Heavy trucks, buses, tractors and semi-trailers must be inspected at special “Heavy Vehicle” Inspection Stations and motorcycles at special Motorcycle Inspection Stations. Putting your signature on a registration renewal form certifies that the vehicle was inspected as required by law. Keep track of when your annual inspection is. Schedule a new inspection early, so you will have time to repair your vehicle if it does not pass. After inspection, the vehicle inspector will issue a sticker for the vehicle to prove it has passed inspection. If your vehicle did not pass, the inspector will give you a rejection notice. In most cases, your vehicle must be repaired to meet standards and must be inspected again. A vehicle that is subject to a high enhanced or OBD II emissions inspection that fails a first inspection can qualify for a waiver. An attempt must be made to repair the malfunction and the cost for repairs must be at least $450. Many gasoline-powered vehicles (except motorcycles) must be inspected for exhaust emissions during the safety inspection. Exceptions are gasoline-powered vehicles that are 26 or more model years old, or less than two model years old, or registered as historic. Those vehicles are subject to a safety inspection only. Diesel-powered vehicles that operate in NYS, even if registered elsewhere, are subject to random roadside safety tests by the NYS Police and the NYS Department of Transportation. Vehicles with a gross vehicle weight rating (GVWR) more than 8,500 pounds are subject to a Diesel fuel emissions inspection. For information, see the DMV publication New York State Vehicle Safety/Emissions Inspection Program for Cars and Light Trucks (C-50), and A Consumer Guide to Readiness Monitor Failures as Part of the New York State Vehicle Inspection Program (C-114), available from the DMV Web site dmv.ny.gov. ■ COMPLAINTS AGAINST BUSINESSES The DMV regulates motor vehicle dealers, inspection stations and auto repair shops. These businesses should be identified by registration or license certificates and outside signs. Make sure you are dealing with a registered or licensed business. 35 If you have a complaint against one of these businesses, first try to resolve it with the management. If that fails, call (518) 474-8943 between 8:30 a.m. and 4:15 p.m. weekdays. You can also write to Vehicle Safety Services, DMV, Bureau of Consumer and Facility Services, Box 2700-ESP, Albany, N.Y., 12220-0700. By Law, the DMV can receive a repair shop complaint only within 90 days or 3,000 miles (4,828 km) of the vehicle repairs, whichever comes first. For more information, see publications Know Your Rights in Auto Repair (C-17) and Let the Buyer Be Aware (C-18) and New York State Vehicle Safety/Emissions Inspections Program for Cars and Light Trucks (C-50), available from the DMV Web site dmv.ny.gov. 36 PART 2 RULES OF THE ROAD ■ SIGNS CHAPTER 4 Traffic Control Traffic signs tell you about traffic rules, special hazards, where you are, how to get where you are going and where services are available. The shape and color of traffic signs give indications to the type of information they provide: REGULATION SIGNS normally are white rectangles with black letters or symbols, but some are different shapes, and some can use red letters or symbols. WARNING SIGNS normally are yellow and diamond-shaped, with black letters or symbols. DESTINATION SIGNS are green with white letters and symbols. SERVICE SIGNS are blue with white letters and symbols. Know the signs shown below and what they indicate. You will be asked about them on your written test. Here are descriptions of common traffic signs and what they indicate. REGULATION SIGNS: Stop Sign COLOR: Red, with white letters. MEANING: Come to a full stop, yield the right-of-way to vehicles and pedestrians in or heading toward the intersection. Go when it is safe. You must come to a stop before the stop line, if there is one. If not, you must stop before you enter the crosswalk. (See “Stop and 37 Crosswalk Lines” under the “Pavement Markings” section of this chapter.) If there is no stop line or crosswalk, you must stop before you enter the intersection, at the point nearest the intersection that gives you a view of traffic on the intersecting roadway. Yield Sign COLOR: Red and white, with red letters. MEANING: Decrease speed as you reach the intersection. Prepare to stop and yield the right-of-way to vehicles and pedestrians in or heading toward the intersection. You must come to a full stop at a YIELD sign if traffic conditions require it. When you approach a YIELD sign, check carefully for traffic and be prepared to stop. Other Regulation Signs COLOR: White, with black and/or red letters or symbols. MEANING: These signs give information about rules for traffic direction, lane use, turns, speed, parking and other special requirements. Some regulation signs have a red circle with a slash over a symbol. This indicates that an action, like a right turn, is not allowed or that some vehicles are restricted from the road. Rectangular white signs with black or red letters or symbols are indications to be alert for special rules. WARNING SIGNS: COLOR: Yellow, with black letters or symbols. MEANING: You are approaching a hazardous location or a location where there is a special rule, as shown in the sample signs. Sometimes a warning sign is joined with a yellow and black “recommended speed” sign. This indicates reduced speed is advised in that area. Railroad Crossing Warning Sign COLOR: Yellow with black letters “RR” and “X” symbol. MEANING: There is a railroad crossing ahead. Use caution, and be prepared to stop. If you are following a bus or truck approaching a railroad crossing, be careful. Most buses and some trucks must stop at railroad crossings. (See “Railroad Crossing Signals” later in this chapter.) 38 Work Area Signs COLOR: Orange, with black letters or symbols. MEANING: People are at work on or near the roadway and traffic can be controlled by a flag person. A work area speed limit as low as 25 MPH (40 km/h) can be posted. Even if no speed limit is provided, you must drive at a reduced speed through the work zone and you must always obey the flag persons. These illustrations show some signals a flag person will use. Know and obey them. STOP PROCEED SLOW DESTINATION SIGNS: COLOR: Green, with white letters. MEANING: Show the direction and distance to locations. Route Signs COLOR: Varied. MEANING: Indicate interstate, U.S., state or county routes. The shape tells you the type of route you are on. The sample signs, left to right, are for state, U.S., and interstate routes. When you plan a trip, use a highway map to decide which routes to take. During the trip, watch for destination signs so you will not get lost, or have to turn or stop suddenly. SERVICE SIGNS: COLOR: Blue, with white letters or symbols. MEANING: Show the location of services, like rest areas, gas stations, camping or medical facilities. ■ TRAFFIC SIGNALS Traffic Lights Traffic lights are normally red, yellow and green from the top to bottom or left to right. At some intersections, there are lone red, yellow or green lights. Some traffic lights are steady, others flash. Some are 39 round, and some are arrows. State law requires that if the traffic lights or controls are out of service or does not operate correctly when you approach an intersection, you must come to a stop as you would for a stop sign. You must then continue according to the rules of right-of-way, unless you are told to continue by a traffic officer. Here is what different traffic lights indicate: STEADY RED: Stop. Do not go until the light is green. If a green arrow is shown with the red light, you can go only toward the arrow and only if the intersection is clear. You can make a right turn at a steady red light after you come to a full stop and yield the right-of-way to oncoming traffic and pedestrians. You can make a left turn at a steady red light when you turn from a one-way road into another one-way road after you come to a full stop and yield the right-of-way to oncoming traffic and pedestrians. You can not make a turn at a red light if there is a NO TURN ON RED sign posted or another sign, signal or pavement marking prevents the turn. You are not allowed to turn on a red light in New York City unless a sign that permits it is posted. The driver of a school bus containing pupils can not turn right on any red light. FLASHING RED: Means the same as a STOP sign: Stop, yield the right-of-way, and go when it is safe. RED ARROW: Do not go in the direction of the arrow until the red arrow light is off and a green light or arrow light goes on. A right or left turn on red is not permitted at a red arrow. STEADY YELLOW: The light will change from green to red. Be prepared to stop for the red light. FLASHING YELLOW: Drive with caution. YELLOW ARROW: The protection of a green arrow will end. If you intend to turn in the direction of the arrow, be prepared to stop. STEADY GREEN: Go, but yield the right-of-way to other traffic at the intersection as required by law (see Chapter 5). GREEN ARROW: You can go in the direction of the arrow, but you must yield the right-of-way to other traffic at the intersection as required by law (see Chapter 5) . Lane Use Control Lights Special above the pavement lights are sometimes used to indicate which lanes of a highway can be used at certain times: 40 STEADY RED “X”: Do not drive in this lane. STEADY YELLOW “X”: Move from this lane. FLASHING YELLOW “X”: This lane can only be used for a left turn. GREEN ARROW: You can use this lane. Railroad Crossing Signals Flashing red lights, lowered crossing gates and/or a bell at a railroad crossing indicate that you must stop, at least 15 feet (5 m) from the tracks. Do not go across the tracks until the lights and bell have stopped and the crossing gates are completely up. Do not drive around or under a gate that is moving up or down. Look and listen for trains before crossing any railroad tracks. If an approaching train is near enough or going fast enough to be a danger, you can not go across the tracks, even if they have no signals or the signals are not working. You can not go across any railroad tracks unless there is room for your vehicle on the other side. If other traffic prevents you from going fully across, wait and go across when there is room. School buses with or without passengers, other buses with passengers on board and vehicles with explosives or flammable cargo must stop at all railroad crossings. Remember those rules if you are following one of these vehicles. ■ PAVEMENT MARKINGS Lines and symbols on the roadway divide lanes and tell you when you can pass other vehicles or change lanes. They also tell you which lanes to use for turns and where you must stop for signs or traffic signals. The arrows on these illustrations show the direction of traffic. Edge and Lane Lines Solid lines along the side of the road tell you where its edge is – where the travel lane ends and the shoulder begins. It is illegal to drive across the edge line, except when told to by a police officer or other authorized official or when allowed by an official sign. An edge line that angles toward the center of the road shows that the road is narrower ahead. 41 Lines that separate lanes of traffic that moves in the same direction are white. Lines that separate traffic that moves in opposite directions are yellow. There may be two lines between lanes and lines can be solid or broken. Read Chapter 6 for the rules on how to pass other vehicles. What some lane lines indicate: One broken line: You can pass other vehicles or change lanes if you can safely and not interfere with traffic. Solid line with broken line: If you are on the side with the solid line, you can not pass other vehicles or go across the line except to make a left turn into a driveway. If you are on the side with the broken line, you can pass if it is safe to and you will not interfere with traffic. Double solid lines: You can not pass or change lanes. You can not go across the lines except to turn left to enter or leave the highway (e.g., to or from a driveway or to do a U-turn see Chapter 5). One solid line: You can pass other vehicles or change lanes, but you can only do so when obstructions in the road or traffic conditions make it necessary. Stop and Crosswalk Lines: At an intersection controlled by a STOP sign, YIELD sign or traffic light, there can be a white stop line painted across the lane, and/or two parallel lines painted across the road. This is a crosswalk. When required to stop because of a sign or light, you must stop before you reach the stop line, if there is one, or the crosswalk. You need only stop at a stop line or crosswalk if required to by a light, sign or 42 traffic officer, or to yield to a pedestrian, in-line skater or scooter at a marked or unmarked crosswalk. (See “Pedestrians” in Chapter 11). Arrows: Arrows show which lanes you must use. In this illustration, for example, you can turn right only from the right lane. To go straight, you must use the left lane. You must be in the correct lane before you reach the solid line that separates the lanes. Diamond Symbol: This symbol indicates reserved lanes for buses, HOV (HighOccupancy Vehicles) like car-pools and van-pools, bicycles or other special vehicles. You can not enter and use these lanes unless your vehicle complies with the occupancy or other requirements indicated by signs for the times the special conditions are in effect. When used to designate reserved lanes on city streets, sections of the solid white line that separates the diamond lanes from the normal lanes can be replaced by broken white lines. In these locations, non-HOV can enter the HOV lane if they make a right turn at the next intersection. Bus lanes and HOV lanes are to promote the most efficient use of limited street and highway capacity. They assure that vehicles with the highest importance move the fastest. ■ TRAFFIC OFFICERS Directions given by traffic officers take precedence over signs, signals or pavement markings. If a traffic officer signals you to stop at a green light, for example, you must stop. If an officer signals you to drive through a red light or stop sign, you must do it. Among the persons authorized to direct traffic are police officers, fire police, highway work area flag persons and school crossing persons. ■ QUESTIONS Before you move on to Chapter 5, make sure you can identify the signs in this chapter and know what they mean. Also, make sure you can answer these questions: 4 A regulation sign is normally what shape? 4 What is the normal color and shape of a warning sign? 4 What color and shape is a destination sign? 43 4 What must you do at a STOP sign? 4 What color and shape is a railroad crossing warning sign? 4 What must you do when you encounter each of the following: a flashing red light, flashing yellow light, steady yellow light, a red light with a green arrow? 4 What does it indicate if an edge line angles in toward the center of the road? 4 What do each of these lines indicate: one broken, one solid, double solid, solid and broken together? 4 If an intersection has crosswalk lines but no STOP line, where must you stop for a red light at that intersection? 4 What type of pavement marking shows you which lane you must use for a turn? 4 Which of the following must you obey over the other three: red light, flashing red light, STOP sign, police officer? 44 CHAPTER 5 Intersections and Turns Most traffic crashes occur at intersections when a driver makes a turn. Many occur in large parking lots that are open to public use, like at shopping centers. To prevent this type of crash, you must understand the right-of-way rules and how to make correct turns. ■ RIGHT-OF-WAY Traffic signs, signals and pavement markings do not always resolve traffic conflicts. A green light, for example, does not resolve the conflict of when a car turns left at an intersection while an approaching car goes straight through the intersection. The right-of-way rules help resolve these conflicts. They tell you who goes first and who must wait in different conditions. Here are examples of right-of-way rules: 4 A driver who approaches an intersection must yield the right-of-way to traffic that is in the intersection. Example: You approach an intersection. The traffic light is green and you want to drive straight through. Another vehicle is already in the intersection making a left turn. You must let that vehicle complete its turn before you enter the intersection. 4 If drivers approaching from opposite directions reach an intersection at about the same time, a driver that turns left must yield to traffic that moves straight or turns right. Example: You want to turn left at an intersection ahead. A vehicle reaches the intersection from the opposite direction and moves straight ahead. You must wait for approaching traffic to go through before you turn. You may enter the intersection to prepare for your left turn if the light is green and no other vehicle ahead of you 45 plans to make a left turn (see “Turns” later in this chapter). When you enter the intersection, keep to the right of the center line. Keep your wheels straight to prevent a push into oncoming traffic if a rear-end collision occurs. When traffic headed toward you clears or stops for a red light, complete your turn. You must also yield to traffic headed toward you when you turn left into a driveway, parking lot or other area, even if there are no signs or signals that control the turn. For any left turn, the law requires you to yield to any traffic headed toward you that is close enough to be a hazard. The decision about when traffic is too close takes experience and judgment. If you have any concern, wait for traffic to pass before you turn left. 4 At intersections not controlled by signs or signals, or where two or more drivers stop at STOP signs at the same time and they are at right angles, the driver on the left must yield the right-of-way to the driver on the right. Example: You are stopped at a stop sign and you are going to go straight through the intersection. A driver on the cross road has stopped at a stop sign on your right and is going to go straight. You must yield the right-of-way to the other driver. 4 A vehicle that enters a roadway from a driveway, private road or another put that is not a roadway, must stop and yield the right-of-way to traffic on the roadway and to pedestrians. Example: You leave a parking lot and turn right when you enter a street. A vehicle approaches from your left. You must stop and wait for the vehicle to pass before you enter the street. If you were to turn left, you would have to yield to vehicles that approach from both directions. If a pedestrian walked across the parking lot exit, you would have to wait for that person to go across. 4 Drivers must yield to pedestrians who legally use marked or unmarked crosswalks. This means you must slow down or stop if necessary. Example: You are stopped at a red light. A pedestrian steps into the crosswalk, and then the light turns green. You must wait for the pedestrian to go across. You must also yield to pedestrians in crosswalks on your left or right before you turn. 4 You can not enter an intersection if traffic is backed up on the other side and you can not get completely through the intersection. Wait until traffic ahead clears, so you do not block the intersection. 4 A driver who enters a traffic circle or rotary must yield the right-of-way to drivers already in the circle. ■ EMERGENCY VEHICLES You must yield the right-of-way to fire, ambulance, police and other authorized emergency vehicles when they respond to emergencies. They will display lights that are flashing red, red and blue or red and white and sound a siren or air-horn. When 46 you hear or see an emergency vehicle heading toward your vehicle from any direction, safely pull over immediately to the right edge of the road and stop. Wait until the emergency vehicle passes before you drive on. If you are in an intersection, drive out of it before you pull over. You must pull over and stop for an emergency vehicle even if it is headed toward you in the opposite lane of a two-lane roadway. If you hear a siren or air-horn close by but do not know exactly where the emergency vehicle is, you can safely pull over to the right-side edge of the road and stop until you are sure it is not headed toward you. Common driving manuals include those for a standard driver's license. including driver's handbooks for teen drivers. of your state's driver's manual is. PART TWO - Rules of the Road Driver’s Manual (CDL-10). out-of-state license. NYS Drivers Visiting Other States You can drive outside New York State with your learner permit, junior learner.Drivers License; Records & Reports; Tickets & DUI;. Reviews of Commercial Driver's Manual in New York. Submitted by rayruiz on Fri, 2009-05-08 21:07. free handbook? Commercial Driver's License (CDL) Manual. How Parents Can Help Their Teens Become Safe Drivers. The State of Connecticut Driver's Manuals The DMV provides. Nyc Dmv Manual Pdf We provide the very latest version, directly from the New York State DMV, so you can feel. the New York CDL (commercial drivers license) Manual. Nyc Dmv Learners Permit Manual New York road rules & regulations handbook - View, download, or order a You can study this DMV handbook to prepare for the New York's. |
АвторНапишите что-нибудь о себе. Не надо ничего особенного, просто общие данные. АрхивыКатегории |