Too much capability? *PUBLIC has *CHANGE to all our AMAPICS files! The
purpose of *USE for ODBCUSER is that when users perform ODBC through the
*SQLSRV server, our exit point security program will see to it that it switches
to ODBCUSER profile to perform SQL statements. Thus they will be excluded from
altering or deleting AMFLIBE files.
No SOX here.
Bryan
-----Original Message-----
From: mapics-l-bounces@xxxxxxxxxxxx
[
mailto:mapics-l-bounces@xxxxxxxxxxxx]On Behalf Of LeLeux@xxxxxxxxxxxx
Sent: Friday, June 08, 2007 9:43 AM
To: MAPICS ERP System Discussion
Cc: mapics-l-bounces@xxxxxxxxxxxx; MAPICS-L@xxxxxxxxxxxx
Subject: Re: [MAPICS-L] MAPICS file authorities
The only thing that concerns me is granting too much
capability to a group called ODBCUSER - sets off alarms!!
To achieve a similar goal here, we granted read & execute
to the AMFLIBA, then only to specific files necessary was the
group given access.
And this was all before SOX!
"Burns, Bryan" <Bryan_Burns@xxxxxxxxxxxx>
Sent by: mapics-l-bounces@xxxxxxxxxxxx
06/08/2007 06:34 AM
Please respond to
MAPICS ERP System Discussion <mapics-l@xxxxxxxxxxxx>
To
<MAPICS-L@xxxxxxxxxxxx>
cc
Subject
[MAPICS-L] MAPICS file authorities
1. I'd like to change the ownership of 1,300 files in AMFLIBE from the
current owners to user AMAPICS.
2. I need to perform a GRTOBJAUT AUT *USE for user ODBCUSER for 6,000
files in AMFLIBE.
If anyone has done this type of thing, I'd appreciate any pointers. It's a
whole lot more problematic than I envisioned.
Bryan Burns
IBM Certified Specialist - iSeries System Command Operations V5R2
M.I.S. Department
ECHO, Incorporated
www.echo-usa.com
midrange.com
