On 16-May-2014 15:02 -0500, Buck Calabro wrote:
On 5/16/2014 3:19 PM, Rob wrote:
On 16-May-2014 14:01 -0500, Buck Calabro wrote:
<<SNIP>> other stuff comes with option 31. Now I need to do what
looks like a boatload of research. There's no single reference
point for 'Planning for installing Option 31'. I see the TCP/IP
applications, protocols and services -> Domain Name System topic
in the Knowledge Center and that's where I've started. Any other
advice for reading material?
Just wing it and sling it.
Put the option on and reinstall the cume and groups.
There's a difference between
- just installing it
- installing it and using some of the stuff it provides (DIG, etc)
- installing it and actually using it to be another of your
companies DNS servers.
IMO your original alluded concerns are worth consideration; esp. for
a production system. Of course with any new software comes new security
considerations, for whatever that newly installed feature provides. For
example, maybe not every user profile with *IOSYSCFG should be allowed
to CHGDNSA or perhaps all of *PUBLIC should not be able to perform
NSLOOKUP [aka Start DNS Query (STRDNSQRY)] activity.? Beyond *CMD
objects, publicly authorized User-Domain programs may also require
authority controls. Beyond simply authorities, there may be /function
usage/ settings [Work with Function Usage (WRKFCNUSG)] or /registration
information/ [Work with Registration Information (WRKREGINF)] for which
exit programs might best be implemented. Then for any customization, be
sure to implement them in the System Change Management to ensure the
modifications are re-applied after an upgrade [and possibly after
maintenance to the sfw feature\LPP]. A "wing it and sling it" may not
be the best approach for a production system.?