× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. July 2001

Re: OUTQ Security

  • Subject: Re: OUTQ Security
  • From: "Jim Franz" <franz400@xxxxxxxxxxxx>
  • Date: Thu, 26 Jul 2001 23:57:44 -0400
from a previous answer in '99
The splctl is part of your problem. Were the outqs created w/default
parameters? There are a couple variations on the parms. To have an outq
where only the user/group that created a report can see its content, try
CRTOUTQ outq(xxx) dspdta(*owner) oprctl(*yes) autchk(*owner) aut(*use).
Users w/ *jobctl can manage the queue, but not see inside the reports.
Remove operator control with oprctl = *no. Could also change aut =
*exclude.  User w/ *allobj can only view their own spool files in a
queue w/ dspdta = *owner. The  exception is *splctl. It overrides all
outq parameters. Only Qsecofr needs this. See the book from Duke Press
'Implementing AS/400 Security' by Wayne Madden & Carol Woodbury. They
have a detailed explanation.
jim franz
----- Original Message -----
Sent: Thursday, July 26, 2001 7:27 PM
Subject: OUTQ Security


I have a client that somewhere in the past has given the majority of the users *SPLCTL authority so they can control there own outqs/writers etc. Now they have a new app that they want to secure the output to only 6 or so users. From what I can read *SPLCTL trumps most if not all security placed on the outq.

The 1st step appears to remove *SPLCTL and to change *PUBLIC to *EXCLUDE but then what is the best way to allow users to control selected outqs?

Grant each user specific authority to the outq, AuthorityList?  ??

---------------------------------
Kirk Goins
IBM Certified AS/400 Technical Solutions
DataMirror High Availability Certified
Pacific Information Systems - An IBM Premier Business Partner
503-674-2985             kirkg@pacinfosys.com
"WE KNOW TECHNOLOGY"
---------------------------------

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.