On 16-May-2014 15:02 -0500, Buck Calabro wrote:
On 5/16/2014 3:19 PM, Rob wrote:
On 16-May-2014 14:01 -0500, Buck Calabro wrote:

<<SNIP>> other stuff comes with option 31. Now I need to do what
looks like a boatload of research. There's no single reference
point for 'Planning for installing Option 31'. I see the TCP/IP
applications, protocols and services -> Domain Name System topic
in the Knowledge Center and that's where I've started. Any other
advice for reading material?

Just wing it and sling it.
Put the option on and reinstall the cume and groups.

There's a difference between
- just installing it
- installing it and using some of the stuff it provides (DIG, etc)
- installing it and actually using it to be another of your
companies DNS servers.

Thanks guys!


IMO your original alluded concerns are worth consideration; esp. for a production system. Of course with any new software comes new security considerations, for whatever that newly installed feature provides. For example, maybe not every user profile with *IOSYSCFG should be allowed to CHGDNSA or perhaps all of *PUBLIC should not be able to perform NSLOOKUP [aka Start DNS Query (STRDNSQRY)] activity.? Beyond *CMD objects, publicly authorized User-Domain programs may also require authority controls. Beyond simply authorities, there may be /function usage/ settings [Work with Function Usage (WRKFCNUSG)] or /registration information/ [Work with Registration Information (WRKREGINF)] for which exit programs might best be implemented. Then for any customization, be sure to implement them in the System Change Management to ensure the modifications are re-applied after an upgrade [and possibly after maintenance to the sfw feature\LPP]. A "wing it and sling it" may not be the best approach for a production system.?





Return to Archive home page | Return to MIDRANGE.COM home page