× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Timothy -

Delete the file and turn on security audit journaling.

The next time it happens you will be able to determine for certain which
user id created the file.

The instructions (at least for V5R4) are in the link I posted earlier (and
again here).
https://publib.boulder.ibm.com/infocenter/iseries/v5r4/index.jsp?topic=%2Frzamv%2Frzamvsetsecaudit.htm

- sjl


Timothy wrote:
Thank you to all who have responded.
I appreciate any and all thoughts on this.

QAUDJRN definitely doesn't exist on our system so while that could help in
the future, it's no help with this situation. I have full authority of
the
system (*SECOFR, *ALLOBJ, *JOBCTL, *SECADM, etc.), and even if I didn't,
there are ways... (but don't quote me on that :-) ).

I checked QSYSOPR msg queue and there were no msgs anywhere near the
creation timestamp.

The only thing that I can find that's even a remote possibility is a
name-brand utility on our system that was running its Update process when
the file creation occurred. It runs an X-Ref refresh of the libraries
that
have been setup to be monitored. It refreshes the cross reference
libraries
with any changed source/object information in the designated libraries. I
would prefer not to mention the name of the product.




As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.