|
I would not give users command line authority.
I would change the service menu SYS099 to have commands the user need to have.
Examples.
?WRKOUTQ - Lets user see spool file in the outq needed
?WRKSPLF - Lets user see someone else report
CHGPWD - Lets user change there password.
The question mark in front of commands prompt the command.
SYS099 already does issue commands to the QCMDEXC.
Best Regards,
Roger Wolf
-----Original Message-----
From: MacWheel99@aol.com [SMTP:MacWheel99@aol.com]
Sent: Friday, February 18, 2000 2:47 PM
To: BPCS-L@midrange.com
Subject: Re: User profile SSA
> From: rhamberg@mother-parkers.com
>
> Can anyone explain why BPCS profile SSA has *ALLOBJ authority?
> We are AS/400 running BPCS 6.0.02 mixed mode.
We are 400 BPCS 405 CD mixed mode ... which was also shipped to us with SSA
as a MASTER SECURITY OFFICER which was unacceptable to us when 100% users are
members of the SSA user group & we have other stuff on our system than just
BPCS, and management & project team insisted that most BPCS users needed to
have command line authority, and 405 CD won't work above IBM security level
30, so we lowered SSA to ordinary user able to mess with all spool files &
not much more in IBM terms. It works, except we cannot use XRF, and security
once again has some rationality.
Al Macintyre ©¿©
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.