× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  • Subject: Re: Lvl 20 to 40
  • From: DAsmussen@xxxxxxx
  • Date: Thu, 21 Aug 1997 23:38:35 -0400 (EDT)

Matthias,

In a message dated 97-08-21 10:31:43 EDT, you write:

<<snip>>
> To change security levels from 20 to 40 I assume it is safer to take it
>  in steps, first to 30, then to 40.
>  Would anyone have any hints or tips about going from 20 to 30? Are
>  there any traps to avoid?
>  The security reference is a bit vague on the subject.

Your first assumption is correct, although I'm sure that you'll hear from
others on the subject.  When going from 20 to 30, you need to make sure that
all of your users for a given application appear under the same group profile
ID.  You then need to assure that all objects under said application are
owned by the group profile that you have just placed all of the users under.

Prior to implementing level 40, you need to know your application!  Is
anything using MI code?  Use CHKOBJITG to determine if you have any obvious
violators, then remove any MI code (you can replace it w/API's for authorized
users, see the "API Reference").

For both levels, use planning, planning, planning.  The AS/400 "Security
Reference", while incomplete, offers several "first strike" suggestions for
analyses and changes to be made...

JMHO,

Dean Asmussen
Enterprise Systems Consulting, Inc.
Fuquay-Varina, NC  USA
E-Mail:  DAsmussen@AOL.COM

"A problem is a chance for you to do your best." -- Anonymous
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to "MIDRANGE-L@midrange.com".
| To unsubscribe from this list send email to MAJORDOMO@midrange.com
|    and specify 'unsubscribe MIDRANGE-L' in the body of your message.
| Questions should be directed to the list owner/operator: david@midrange.com
+---


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.