|
Tim At 07:50 PM 7/9/1998 -0400, you wrote: >Hi folks; >I got a question concerning my current programming job. Here's the >scenario: I am assigned a program that requires fixing, and this >program is maybe 4 CLP's and 5 RPG programs deep into CALL's, therefore >knowing exactly (dspjob info) the files it is accessing and any >variables in a program *ENTRY PLIST is very helpful and a valuable time >saver as well as an error preventer. Normally what I would do is this: >a) Have production user sign on to the system. >b) Identify the name the AS400 has assigned to this users job. >c) Then I would do the STRSRVJOB command on this job. >d) Then a STRDBG on the specific program I wanted processing to stop on, >for my brief (information) collection. >e) I would then allow the user to progress to the program area I wanted >to look into. >e) At program stop time I would view the PARMS in the *ENTRY PLIST of >the program and the actual files the program was pointed at. >Well guess what! Programmers at this company are not AUTHORIZED to do >this on a production machine, this has me floored! > >I would appreciate any suggestions my fellow-list-people would offer me >to somehow circumvent this perplexing problem. >Thanks very much in advance. It doesn't sound like you're going after production data—although you could while in a debug session. We have a system in place (similar to what Dean mentioned) whereby a programmer must call help desk, who log the request for extra authority. Help desk executes a command called Authorize Programmer (AUTPGMR). Then the programmer signs on and executes a command called Log Command (LOGCMD). The programmer ends up at a command line (QCMD) with full authority until he/she exits from said command line. Should they not do so, the next morning (IPL in our case—don't ask), that user is removed from the authorization list for the LOGCMD command. Security auditing is activated for the user. Of course, someone needs to LOOK at the security audit journal! :-( The code is based on an article in NEWS/400. I can get it to you if you want. Contact me privately, please. I think you could get the authority you need to do your job, if you can present a way to create an audit trail of any activities performed under extraordinary circumstances. Good luck Vernon Hamberg Systems Software Programmer Old Republic National Title Insurance Company 400 Second Avenue South Minneapolis, MN 55401-2499 (612) 371-1111 x480 +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.