Thanks everyone for all the links, keep um coming.

Define security - all of what Rob mentioned, plus much more.
The sad thing is some of the things I need to change and fix are denied.
3rd party vendor claims their job(s) must run as QSECOFR, I tested and made it work in R&D without QSECOFR.
All programmers and all of one of our 3rd party support accounts (100+) are QSECOFR equivalent and *ALLOBJ.

We have done a lot in the last 2 years.
Convert as many FTP to SFTP via SSH.
Eliminate shared accounts, setup individual service accounts.

Much more to do.
Now that I have my guest LPAR playground setup, I can make and test security changes, hopefully without breaking anything.


-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Thursday, May 01, 2014 12:10 PM
To: Midrange Systems Technical Discussion
Subject: RE: i5 Security info and training

What is the definition of security?
- User security?
- Object security?
- Proper security setup of your Domino environment?
- How to implement kerberos?
- Proper http configuration?
- Proper WAS administration?
- How to implement Tivoli Identity Manager?
- How to roll out RCAC in your 7.2 environment (Row and Column Access)?
- Little obscure stuff to set up in TCP/IP?

80% of that would blow away our BOFH.

Basically, what is the OP targeting on?

Rob Berendt
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755

This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at

This thread ...


Return to Archive home page | Return to MIDRANGE.COM home page