|
>Just for grins, how about granting *USE authority to the QSECOFR user >profile for the job's user and seeing if that makes a difference? Maybe the >profile handle API has a problem with adopted authority. This should work. Whenever a profile becomes a member of a group, the profile is granted authority to the group. If you mess with this, then some things begin not working. Getting a profile handle is one of them. One of the authority checks is to ensure that the current profile has authority to the profile being swapped to. No check is done to check authority of the current profile to the "swap to" profile's groups. Another check is if profile you are swapping to has authority to all of its groups. Special authority is adopted (it was stated earlier that it wasn't). You do not adopt a profile's groups however. Patrick Botz Senior Technical Staff Member eServer Security Architect email: botz@xxxxxxxxxx
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
