Re: Going to level 30 Security

[Qsrvbas <qsrvbas@xxxxxxxxxxxx>]

Kirk:

I've never tried this but I've used variations for more limited 
circumstances. Maybe something like this:

1. Create group profile GLVL20 and assign it as the group (or 
supplemental) to the user profiles.
2. Set QSECURITY to level 30.
3. After IPL, give GLVL20 special authority *ALLOBJ.

This should give a close approximation of  what the level 20 environment 
was with two general exceptions: Any new profile will need to be 
assigned to GLVL20 group or have all necessary authorities set. And 
you'll have the ability to set *EXCLUDE private authorities for 
individual users -- since private authorities are checked before group, 
this can help ease into a "real" level 30 or higher environment. 
Ideally, GLVL20 can eventually be phased out entirely.

YMMV. No guarantees.

Tom Liotta

midrange-l-request@xxxxxxxxxxxx wrote:

>   3. Going to level 30 Security (kirkg)
>  
>
> I thought I remembered there was a way to use the audit journals to test 
> what will happen when you move from security level 20 to 30 or higher. 
> I've been able to find a tip that says basically going 20 to 30 is by 
> setting up test profiles. I've also found a tip of going from 30 to 40 
> that does use the audit journal using the *PGMFAIL option.
>
> Is there a better way to get from 20  to 30 other than by trial and error?
>