× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. June 2006

Re: Application administration for security control?

Thanks, Rob. I am afraid I didn't make my point clear.

The reasons why IBM doesn't recommend it as a security tool is
"Application Administration uses the Windows registry to cache restrictions
on the client PC. A skilled user who is restricted from a function by
Application Administration could obtain access to the function by editing
the registry.
If multiple interfaces exist to the same OS/400 resource, restricting a
single interface through Application Administration does not restrict the
other interfaces to the same resource. For example, you can restrict a user
from accessing the database function of iSeries Navigator through
Application Administration. However, the user can still access database
files by using other database interfaces, such as Open Database
Connectivity (ODBC) or database control language (CL) commands." (IBM info
center)
What is you idea about it?

Best Regards.

James Fu

TDL Group Corp. (Tim Hortons)
Oakville, Ontario
Direct: 905-339-5798
fu_james@xxxxxxxxxxxxxx
Web: http://www.timhortons.com


                                                                           
             rob@xxxxxxxxx                                                 
             Sent by:                                                      
             midrange-l-bounce                                          To 
             s@xxxxxxxxxxxx            Midrange Systems Technical          
                                       Discussion                          
                                       <midrange-l@xxxxxxxxxxxx>           
             06/08/2006 04:31                                           cc 
             PM                                                            
                                                                   Subject 
                                       Re: Application administration for  
             Please respond to         security control?                   
             Midrange Systems                                              
                 Technical                                                 
                Discussion                                                 
             <midrange-l@midra                                             
                 nge.com>                                                  
                                                                           
                                                                           




How does it work?  You go into iSeries Navigator. (Do you know how to do
that?)  Right click on the system name and select Application
Administration.  Now, don't be confused by the screen and think that
checking the one option gives the users All Object.  No, it is saying,
that users with All Object can do that.  There was a little confusion on
the list about this earlier.  You can use this to do all sorts of things
like:
- Not allow any user to use iSeries access to upload data to the i5.
- Whether users can ftp from or to or both with your i5.
- and lots more.

Pretty cool actually.  The makers of exit point tools, however, can
honestly say they can give you more granularity with their products.  Like
only allow ftp from one directory and to another directory.  This prevents
users from ftping up music and downloading it from the same directory and
sharing their password with the world and thus getting you into a WHOLE
LOT OF HOT WATER.


Rob Berendt
--
Group Dekko Services, LLC
Dept 01.073
PO Box 2000
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





fu_james@xxxxxxxxxxxxxx
Sent by: midrange-l-bounces@xxxxxxxxxxxx
06/08/2006 04:20 PM
Please respond to
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>


To
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
cc

Subject
Application administration for security control?






According to IBM,  users should not use Application Administration for
administering security.
Just wondering is there anyone using application administration for
security control? How does it work?
Thanks in advance.


Best Regards.

James Fu

TDL Group Corp. (Tim Hortons)
Oakville, Ontario
Direct: 905-339-5798
fu_james@xxxxxxxxxxxxxx
Web: http://www.timhortons.com


The information contained in this message is confidential and may be
legally privileged. The message is intended solely for the addressee(s).
If you are not the intended recipient, you are hereby notified that any
use, dissemination, or reproduction is strictly prohibited and may be
unlawful. If you are not the intended recipient, please contact the sender
by return e-mail and destroy all copies of the original message.

L'information contenue dans ce  message est de nature confidentielle et
peut etre de nature privilegiee. Ce  message est strictement reserve a
l'usage de son ou ses destinataires. Si vous  n'etes pas le destinataire
prevu, prenez avis, par la presente, que tout usage,  distribution, ou
copie de ce message est strictement interdit et peut etre  illicite. Si
vous n'etes pas le destinataire prevu, veuillez en aviser  l'expediteur
par
courriel et detruire tous les exemplaires du message original.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.





The information contained in this message is confidential and may be
legally privileged. The message is intended solely for the addressee(s).
If you are not the intended recipient, you are hereby notified that any
use, dissemination, or reproduction is strictly prohibited and may be
unlawful. If you are not the intended recipient, please contact the sender
by return e-mail and destroy all copies of the original message.

L'information contenue dans ce  message est de nature confidentielle et
peut etre de nature privilegiee. Ce  message est strictement reserve a
l'usage de son ou ses destinataires. Si vous  n'etes pas le destinataire
prevu, prenez avis, par la presente, que tout usage,  distribution, ou
copie de ce message est strictement interdit et peut etre  illicite. Si
vous n'etes pas le destinataire prevu, veuillez en aviser  l'expediteur par
courriel et detruire tous les exemplaires du message original.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.