× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. May 2016

RE: SBMJOB adopted authority...

I must disagree. Job descriptions that allow adopted authority jobs need to
be secured to allow only those profiles that would ordinarily have access to
the data/programs that are protected by the adopted authority. Otherwise
you have allowed any user profile access to the objects that are ordinarily
secured.

It's the equivalent to making every user a member of the group profile that
holds the adopted authority. Put another way you nearly achieve the give
everyone *ALLOBJ authority.

--
Jim Oberholtzer
Agile Technology Architects


-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Denis
Robitaille
Sent: Friday, May 20, 2016 7:34 AM
To: Midrange Systems Technical Discussion
Subject: RE: SBMJOB adopted authority...

Hello,

I dont know who told you that *public *use was bad for JOBD but, in my mind,
that is perfectly acceptable.


Denis Robitaille
Chef de service TI - Solution Entreprise Infrastructure et Opérations
Cascades Centre des technologies,
412 Marie Victorin
Kingsey falls(Québec) Canada J0A 1B0
T : 819 363 6130




-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of
Gerald Magnuson
Sent: 19 mai 2016 17:27
To: midrange-l@xxxxxxxxxxxx
Subject: SBMJOB adopted authority...

ok, we do run adoptive authority, but we do have our *jobd's as *public
*use....

I am told that is bad.

I read stuff about adoptive authority and a submitted job, and a new call
stack....
but that doesn't address the CPF1411 error I am getting on the SBMJOB
command "not authorized to job description" when I change the *JOBDs to
*PUBLIC *EXCLUDE


I also read stuff about creating a different SBMJOB command, or adding
routing entries to our batch subsystems...

Is my only recourse, to create a *AUTL, to put on my *JOBD's, to only allow
those users I want to use those *JOBDs?
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe,
or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related questions.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.