× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  • Subject: Re: AS/400 Security FAQs
  • From: John Earl <johnearl@xxxxxxxxxxx>
  • Date: Mon, 03 Aug 1998 19:39:00 -0700
  • Organization: PowerTech Toolworks



Subba Rao wrote:

> Thanks to everyone who replied. AS/400 seems to be simple and hard at the same
> time.
> Too many commands. Terminology is a lot different from other systems. AS/400 
>uses
> pretty much the same concepts as in Unix (I am a Unixite).

Isn't that spelled eunuch?   :)

>
>
> How can I get a list of user profiles on AS/400?

DSPUSRPRF *ALL OUTPUT(*PRINT)

> What commands are used to get auditing turned on?
> What commands are used to check audit logs?

You must create the security auditing journal QAUDJRN if it doesn't already 
exist.
If it does exist, then you can turn auditing on for specific profiles twith the
CHGAUD command, or for specific object using the CHGOBJAUD command.  You'll 
need more
detail than I've provided here, so refer to the manual Security - Basic V4Rx
(SC41-5301) and/or the Tips and Tools for Securing your AS/400.

> What is the command to list the applications and their security level?

The WRKOBJ command will allow you to see (option 5) and change authority to 
specific
objects.  Use the WRKOBJ on the application library itself to determine who can 
even
see an application (assuming that for your system 'An Application' means some 
small
number of say (less than 5) libraries.  If the *PUBLIC authority on the library 
is
set to *EXCLUDE, then only those User Profiles or Group Profiles that are
specifically authorized to the library will be able to use the application.   Be
aware that this is where the similarity to UNIX directory structure ends.  If 
*PUBLIC
authority to a library is *USE (read only), this does not mean that the public 
is
restricted to read only access for objects in the library.  Once someone has a
minimum of *USE to a library, authority to objects in the library is governed 
by the
authority of each individual object (Some could be *EXCLUDE, some could be 
*USE, and
others could be *CHANGE, etc.)

>
>
> I am connecting to the AS/400 using an emulator (RALLY) from Win95. How do I
> capture the output of  a command to a file and download it to the PC?

Many commands support rerouting their output to a database file.  Look for the 
OUTPUT
parameter on the command and set it to the name of a file (the command will 
create
the file if it does not already exist).  Then use Rally! to FTP the file to your
desktop.


--
John Earl
PowerTech Toolworks
johne@toolnet.com
253-858-7388

Riley Nichole Earl, Born 7/6/98 - 8lb 11oz.  Already an AS/400 fan!
--




+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.