Re: Prevent user from changing authorisation list usingedtobjautandass. commands

Hello Loek,

- That's because WRKMBRPDM option 3 defaults to MBROPT(*REPLACE) on the
CPYSRCF command, which implicitely clears the target member. Clearing a
member requires the object management right.

If you create a user-defined option specifying MBROPT(*ADD) on the copy
command you should be able to copy a member without having object management
rights.

- If copying to an existing member could occur, you could also write your
own command, testing for the existence of the target member and prompting
the user for an appropriate action - or cancel the copy command - in case
that member already exists.

Best regards,
Carsten Flensburg

----- Original Message ----- 
From: "L. Maartens" <l.maartens@xxxxxxxxx>
To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
Sent: Friday, February 27, 2004 10:47 AM
Subject: Re: Prevent user from changing authorisation list
usingedtobjautandass. commands


> Hello Carsten,
>
> The correct change is indeed to remove the object management rights from
the
> user within the authorisation list.
>
> I did try that initially, but then option 3 within wrkmbrpdm on such a
> source file would not run. However, F6 combined with F15 to copy the
> contents of another member does work, and is therefore an acceptable
> workaround to a straight member copy operation.
>
> Kind regards,
>
> Loek Maartens,
> Veracity Software Consultancy BV
>
> ----- Original Message -----
> From: "Carsten Flensburg" <flensburg@xxxxxxxxxx>
> To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
> Sent: Friday, February 27, 2004 8:37 AM
> Subject: Re: Prevent user from changing authorisation list using
> edtobjautandass. commands
>
>
> > Hello Loek,
> >
> > - Remove Object Management rights from the user's authorization list
entry
> > if you do not want that user to change security settings for the objects
> > controlled by that authorization list.
> >
> > Best regards,
> > Carsten Flensburg
> >
> > ----- Original Message -----
> > From: "L. Maartens" <l.maartens@xxxxxxxxx>
> > To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
> > Sent: Friday, February 27, 2004 12:43 AM
> > Subject: Prevent user from changing authorisation list using edtobjaut
> > andass. commands
> >
> >
> > > Hello list,
> > >
> > > Does anyone have any idea how to prevent a user with *all authority to
a
> > > source file to change/remove the authorisation list attached to that
> file
> > ?
> > >
> > > The said *all access to the source file is obtained by the user's name
> > > inserted in the authorisation list with *all capability.
> > >
> > > The *all capability is required for adding/changing/deleting members
in
> > the
> > > source file.
> > >
> > > The user does not have any special authorities.
> >
>
>
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
> ###########################################
> This message has been scanned by F-Secure Anti-Virus for Internet Mail.
> For more information, connect to http://www.F-Secure.com/


###########################################
This message has been scanned by F-Secure Anti-Virus for Internet Mail.
For more information, connect to http://www.F-Secure.com/