|
midrange.com
Authority for Query/400 users using MAPICS files
1. First thing is remove command line capability from the users!
(security via OS/400 & MAPICS)
2. Create the base queries they need.
3. Create a CL program to run the query, compile with AMAPICS authority;
PGM
RUNQRY QRY(MYLIB/MISCVENDOR) OUTTYPE(*DISPLAY) RCDSLT(*YES)
ENDPGM
4. Tip, type RUNQRY then F4, then F9 for more options than imaginable!
(The one above only allows for record selection)
5. Add it to their custom MAPICS menu.
I may be restrictive, but I can't fathom giving ANY user a command line or
file level access.
The advantage is you don't have to worry about authority issues.
Hope your system is at QSECURITY is at least 30 or above.
(WRKSYSVAL QSECURITY)
Have Fun.....james
"Shaw, David"
<dshaw@spartan.co To: "'MAPICS-L'"
<MAPICS-L@midrange.com>
m> cc:
Sent by: Subject: Authority for
Query/400 users using
owner-mapics-l@mi MAPICS files
drange.com
05/10/2000 12:59
PM
Please respond to
MAPICS-L
Forwarded by the moderator on behalf of Jacqueline Morgan:
----------------------------------------------------------
All;
We would like to allow a few of our 'power users' to create queries using
Query/400. We have been struggling for some time as to how to secure
MAPICS files, such that the users cannot get to files they should not see.
One thought is to put these users in a group and GRTOBJAUT AMFLIB/*ALL (our
group) *EXCLUDE, then individually by file, change the authority to allow
access by the group profile.
Another idea is to create special logicals over the sensitive files, and
allow the group access to these but not to the physical. Either of these
solutions requires us to individually pick and choose each file to secure.
It sounds like a maintenance nightmare. Particularly, we are concerned
with
Payroll. This means we would have to secure at a minimum, EMPMAS, EMPDED,
PRHSTS, PRHSTD and all the related logicals. And of course, there is one
person in this group who NEEDS access to the payroll files, so she would
have to be an exception.
It seems no matter what we do, there is some loophole. We have had to
temporarily secure the WRKQRY command so that they cannot run it from the
MAPICS command line, which would them give them access to the entire MAPICS
database.
I am looking for ideas as to how others have handled this situation. We
were given a directive to let these users create and run queries, so to
prevent them from doing so is NOT an option.
Any help is greatly appreciated. Thank you.
_______________________________
Jacqueline Morgan
+---
| This is the MAPICS Mailing List!
| To submit a new message, send your mail to MAPICS-L@midrange.com.
| To subscribe to this list send email to MAPICS-L-SUB@midrange.com.
| To unsubscribe from this list send email to MAPICS-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator:
dshaw@spartan.com
+---
+---
| This is the MAPICS Mailing List!
| To submit a new message, send your mail to MAPICS-L@midrange.com.
| To subscribe to this list send email to MAPICS-L-SUB@midrange.com.
| To unsubscribe from this list send email to MAPICS-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: dshaw@spartan.com
+---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
