Just have the system administrator give *JOBCTL special authority to user QPGMR and you'll be able to do WRKSYSACT and WRKACTJOB. You will also have a lot of control over other users jobs and the system in general, so proceed with caution...


*JOBCTL special authority

The Job control (*JOBCTL) special authority allows a user to change the priority of jobs and of printing, end a job before it has finished, or delete output before it has printed. *JOBCTL special authority can also give a user access to confidential spooled output, if output queues are specified OPRCTL(*YES).

Job control (*JOBCTL) special authority allows the user to perform the following actions:

Change, delete, hold, and release all files on any output queues specified as OPRCTL(*YES).
Display, send, and copy all files on any output queues specified as DSPDTA(*YES or *NO) and OPRCTL(*YES).
Hold, release, and clear job queues specified as OPRCTL(*YES).
Hold, release, and clear output queues specified as OPRCTL(*YES).
Hold, release, change, and cancel other users’ jobs.
Start, change, end, hold, and release writers, if the output queue is specified as OPRCTL(*YES).
Change the running attributes of a job, such as the printer for a job.
Stop subsystems.
Perform an initial program load (IPL).

Kenneth E. Graap
Systems Administrator
NW Natural
503.226.4211 x5537

________________________________________
From: MIDRANGE-L [midrange-l-bounces@xxxxxxxxxxxx] on behalf of Steinmetz, Paul [PSteinmetz@xxxxxxxxxx]
Sent: Saturday, September 12, 2015 3:10 PM
To: 'Midrange Systems Technical Discussion'
Subject: [External]RE: Why can't a member of QPGMR change their password or run WRKSYSACT?

Do a WRKOBJ, for both CHGPWD and WRKSYSACT, then 5=Display authority
Confirm the authorities for both commands.

Paul

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Justin Dearing
Sent: Friday, September 11, 2015 11:38 PM
To: Midrange Systems Technical Discussion
Subject: Why can't a member of QPGMR change their password or run WRKSYSACT?

I guess this is a little bit philosophical.

So I have a client that gave me greenscreen access. I have greenscreen and PASE access. I can start and stop mysql, I can run wrkactjob. I can ssh into PASE and do my unix things. I'm not qsysopr, qsecopr, or anything like that.

I can't change my user profile password. This seems to be the default way of things according to google. That makes no sense to me. On windows, linux, most RDBMSes I use, and most web apps, one can change their own password, and is encouraged to weekly. What is rhe wisdom in not letting a programmer change his own password?

Secondly, and this is actually no surprise to me since I learned this when I was an operator circa 2003, why can't a programmer run WRKSYSACT? Its the equivalent of taskmanager on windows or top on linux. I know its a little bit of a heavier command (and I'm ignorant of OS/400 internals to understand why, but I accept it). However, I have access to wrkactjob, so I could write a program that does what wrksysact does, but more inefficiently. Also, I could tie up the CPU through other methods as well.

So why?

Justin
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].