Re: Adopted authority vs profile switching -- MIDRANGE-L

× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.

At 09:57 7/16/2004, Rob Brendt wrote:

At one time IBM decided that using adopted authority should not work in
certain situations, like creating certain group profiles, etc.  Perhaps
they thought this was a security enhancement.
Then they allowed a workaround with profile switching.

So then, does this not allowing adopted authority in these situations now
go into the realm of 'security by obscurity' and should they just open
these up to adopted authority?  Or do you see a value into making people
use these api's to do profile switching, - in this situation - ?

Now, I am not arguing that profile switching may not be useful in some
client serving or web based applications.  I am just arguing about it in
the first situations.

Yeah, I'm a little uncomfortable with it too. We've found it useful for getting around the netserver password synchronization issue though. We have a service profile that can't really do much of anything except transfer data back and forth between the AS400 and NT shares. We switch to it, do the deed, and switch right back again. It's used by batch, client server, and interface applications. Much more reliable than cpyto/frmpcb

Pete Hall http://www.pbhall.us

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.