× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. March 2006

Re: Remnants of group profiles...

The *ADD authority relates to your ability to add/restore an object owned 
by some other user profile (adding to that user's owned object list).

A simple solution would be to make all your users have a group profile or 
supplemental group profile of something innocuous, such as QUSER and then, 
one time, unpack those save files, change the owner of the files (in your 
QTEMP library) to QUSER and then re-save them to the save files.  That 
way, each of your regular users would have sufficient authority to *ADD 
those objects when s/he needs them.

Dave Schnee,
Barsa Consulting Group, LLC

---------------  Rob Berendt wrote  ----------------

message: 6
date: Wed, 29 Mar 2006 09:21:32 -0500
from: rob@xxxxxxxxx
subject: Remnants of group profiles...

We are moving from group profiles to authorization lists.

We have several files that are stored in save files.  They are restored 
into QTEMP for processing.  It's a way of creating some empty shell 
physical files and several logical files.

However, when I remove a user from the group profile and just have it in 
the authorization list assigned to that object I am getting the following 
error when they restore the data from the save files into QTEMP:

 Message ID . . . . . . :   CPF3757       Severity . . . . . . . :   20 
 Message type . . . . . :   Diagnostic 
 Date sent  . . . . . . :   03/29/06      Time sent  . . . . . . : 
08:45:23 
 
 Message . . . . :   FILE SD855D01 not restored to QTEMP. 
 Cause . . . . . :   The user profile under which the restore operation is 

 
   running does not have *ADD authority to user profile SSA13. 
 Recovery  . . . :   Do one of the following and try the request again: 
     -- Have the security officer grant you *ADD authority to user profile 

 
   SSA13 using the Grant Object Authority (GRTOBJAUT) command. 
     -- Sign on under a user profile which has save system (*SAVSYS) 
special 
   authority. 
 Technical description . . . . . . . . :   User profile SSA13 is either 
the 
   owner of the object or the system default owner QDFTOWN.  If the owner 
of 
   the object does not exist on the system, the system will attempt to 
transfer 
   the ownership of the object to QDFTOWN.


1 - What the blazes is *ADD authority?  I suspect it is some mythical 
authority made up in the IBM lab that in reality means the proper 
combination of Object authority and User authority on EDTOBJAUT 
groupprofile.  If so, then what combination is required to restore an 
object owned by someone else?
2 - Other workarounds include:
2a - Giving lots of users *SAVSYS authority.
2b - Dropping the save file technique and coming up with some other 
technique for creating the shells and logicals
2c - Adopting authority on every program that restores these shells.

Rob Berendt

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.