× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. December 2011

Re: CLP to apply authority to objects a user has authority to after a restore

On 08-Dec-2011 15:07 , fbocch2595@xxxxxxx wrote:
I have a user who's been assigned to several hundred objects in
several libraries on our iSeries and from time when we restore
libraries the authority is changed and the user loses authority. I
want to create a clp to record the authorities b4 the restores then
apply them after the restores. Should I use the report from from
PRTPVTAUT to generate the list of objects as the input to my pgm or
is there a way I can write to an outfile to create the input to my
pgm?

Why not instead, do one of the following:

Save and restore the authority with the objects. Refer to the PVTAUT parameter; PVTAUT(*YES) on both the SAVxxx and RSTxxx commands.

Use authorization list(s) so the authority is maintained in the *AUTL and the object is reconnected at restore.

Avoid the effective DR scenario whereby the object being restored does not exist [because by disaster or delete, the object does no longer exist]; i.e. restore over the existing object which already has the assigned authorities, instead of restoring anew.

Script or otherwise record in a manner enabling automation, each individual granting of the authorities [part of a quality System Change Management process] such that they can be applied again after restore.

Save the security data before deleting what will be restored anew, then after the restore of the objects, restore the user profile then RSTAUT the authorities saved with\for that user; i.e. accept that the scenario mimics DR, and perform the R-portion just like in DR.

Use authority from a [primary] group profile to establish access to the objects; I would have to mull this one over a bit, but I recall this can be an option in some cases.

Before any deletions, one option to get the current specifically granted private authority for the user to /QSYS.LIB objects:

DSPUSRPRF USRPRF(the_user) TYPE(*OBJAUT) OUTPUT(*OUTFILE) OUTFILE(QTEMP/UPObjAut) OUTMBR(*FIRST *REPLACE)

Regards, Chuck

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.