×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
As an interim step which should satisfy the auditors if they understand
the IBM i OS, you should change the account password to *NONE, set it to
*DISABLED and initial menu to *SIGNOFF. That way, the only way the
profile can be used is by reference from an existing application. It
cannot be used to sign on from anywhere.
Rich Loeber - @richloeber
Kisco Information Systems
[1]
http://www.kisco.com
--------------------------------------------------------------------------
On 10/20/2014 10:29 AM, Jim Franz wrote:
This is more of a discussion than a question.
Auditors are requiring we remove profiles for former employees, and we
recently lost our Sys Admin of ten years... and she owned "almost"
everything.
I already knew it was not a healthy setup, but the question is what form to
change to.
The removal of the profile has the option to reassign the ownership.
There are several package apps and inhouse apps.
The "Q" profiles do not own stuff except where the IBM product has a
profile (like IBM Content Manager). Most of the products do have a
profile.
We can create a profile to install/upgrade and own.
Also finding her profile in products using ftp..
Best practice?
Jim Franz
References
Visible links
1.
http://www.kisco.com/
midrange.com
