I not sure that will do the job. Remember the QSYS objects that are being
referenced in the current system/OS Level do not exist on the new system.
There are objects with the same name but they are different and will have
different digital signatures. I think you are going to have to find them
and set them up with a CL.
A call to IBM support might be in order to confirm my fear, or prove it
not worrisome.
Then again the software vendor should have a script that sets that up in
the first place, so I'd use that.
--
Jim Oberholtzer
Agile Technology Architects
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of
Winchester Terry
Sent: Friday, May 25, 2018 10:46 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Subject: RE: RE: Authority Restoration During an Upgrade (6.1 -> 7.2)
Agreed...its a stoopid way to setup a software package. Too bad its our
main ERP system! There is a move afoot to get to another package but I
won't speculate on when that will happen based on the money already spent
to get 1/2 way there ;-)
I think we will save the security data using SAVSECDTA (probably to a
SAVF) just prior to doing the upgrade and then once we have 7.2 installed
we'll restore all the profiles and run RSTAUT - just like we would have to
do during a recovery. It should bring us back to "normal"
Thanks for the feedback.
Have a nice holiday weekend!
Terry
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Jim
Oberholtzer
Sent: Friday, May 25, 2018 11:35 AM
To: 'Midrange Systems Technical Discussion'
Subject: [EXTERNAL] RE: Authority Restoration During an Upgrade (6.1 ->
7.2)
Since you did not RSTUSRPRF *ALL the RSTAUT would not have done anything
anyway, I suspect you problem lies elsewhere. The method of upgrade is
irrelevant in this case.
It sounds like a profile has private authorities to commands in QSYS.
Since those objects are replaced during the upgrade the private
authorities clearly would not be there any longer since the object is gone
(replaced).
You'll need to get the script used in the installation to set those
authorities and re-run that part of the installation.
I won't even start on the lack of wisdom in doing what the vendor
apparently did. I was taught a phrase long ago: "Ignorance can be fixed,
stupid is forever". The vendor was stupid, therefore assuming the ability
to do so, find another vendor.
--
Jim Oberholtzer
Agile Technology Architects
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of
Winchester Terry
Sent: Friday, May 25, 2018 10:11 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Subject: Authority Restoration During an Upgrade (6.1 -> 7.2)
We recently upgraded our Test system LPAR from V6R1 to V7R2.
Everything seemed to have worked fine with the exception of one software
package. It was failing for security reasons...then we discovered that a
generic profile it uses had access to many QSYS objects/commands.
We didn't see anything in the upgrade guide indicating that a RSTAUT was
needed nor could we find anything security-related that was missed during
the upgrade. We performed the upgrade using the DVD optical
drive...disk-by-disk.
I am thinking that if we had done a RSTAUT at the end of the upgrade (but
before a SAVSYS) that we might have avoided this problem. OTOH, I'm not
sure where the RSTAUT would get its information from if we didn't restore
user profiles from a prior backup.
Dummy me...I thought we might be able to do a SAVSECDTA to a *SAVF and
then use that to do a RSTAUT...but that does not appear to be a viable
method.
Anyway, before we begin to think about upgrading our Production LPAR...I
was hoping someone might have some thoughts about where we went wrong -or-
what we should have done different.
Thanks for any input :)
----------------------------------------------------------------------
Confidentiality Notice: The preceding e-mail message (including any
attachments) contains information that may be confidential, protected by
applicable legal privileges, or constitute non-public information. It is
intended to be conveyed only to the designated recipient(s). If you are
not an intended recipient of this message, please notify the sender by
replying to this message and then delete it from your system. Use,
dissemination, distribution or reproduction of this message by unintended
recipients is not authorized and may be unlawful.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit:
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.midrange.com_ma
ilman_listinfo_midrange-2Dl&d=DwICAg&c=usKnhNfiA3SpEGkR2TubeV6I5jE5rze8vzZ
E7OpWXXY&r=LD1savGZ6Gc4gIcG9yLPnyfe5Wy5IgPnRmF3qDwpJN4&m=n9fVUKwcbO9rVaMlE
_W4OjS4zVDcUk1PSZQ3QXzksqk&s=_GG7yl5fjb_q7VHu_T4Nu4BoPFqvw0MIA3tYuRZl5iQ&e
=
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at
https://urldefense.proofpoint.com/v2/url?u=https-3A__archive.midrange.com_
midrange-2Dl&d=DwICAg&c=usKnhNfiA3SpEGkR2TubeV6I5jE5rze8vzZE7OpWXXY&r=LD1s
avGZ6Gc4gIcG9yLPnyfe5Wy5IgPnRmF3qDwpJN4&m=n9fVUKwcbO9rVaMlE_W4OjS4zVDcUk1P
SZQ3QXzksqk&s=kzvSk_NEHurDVZydVI9uT4_veaj1LM6plVz9YJ9TjII&e=.
Please contact support@xxxxxxxxxxxx for any subscription related
questions.
Help support midrange.com by shopping at amazon.com with our affiliate
link:
https://urldefense.proofpoint.com/v2/url?u=http-3A__amzn.to_2dEadiD&d=DwIC
Ag&c=usKnhNfiA3SpEGkR2TubeV6I5jE5rze8vzZE7OpWXXY&r=LD1savGZ6Gc4gIcG9yLPnyf
e5Wy5IgPnRmF3qDwpJN4&m=n9fVUKwcbO9rVaMlE_W4OjS4zVDcUk1PSZQ3QXzksqk&s=pdpOB
ENhrIbQrLC6tL2abyOWmAyC6_NltZiDuexPBpc&e=
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit:
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.midrange.com_ma
ilman_listinfo_midrange-2Dl&d=DwICAg&c=usKnhNfiA3SpEGkR2TubeV6I5jE5rze8vzZ
E7OpWXXY&r=LD1savGZ6Gc4gIcG9yLPnyfe5Wy5IgPnRmF3qDwpJN4&m=n9fVUKwcbO9rVaMlE
_W4OjS4zVDcUk1PSZQ3QXzksqk&s=_GG7yl5fjb_q7VHu_T4Nu4BoPFqvw0MIA3tYuRZl5iQ&e
=
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at
https://urldefense.proofpoint.com/v2/url?u=https-3A__archive.midrange.com_
midrange-2Dl&d=DwICAg&c=usKnhNfiA3SpEGkR2TubeV6I5jE5rze8vzZE7OpWXXY&r=LD1s
avGZ6Gc4gIcG9yLPnyfe5Wy5IgPnRmF3qDwpJN4&m=n9fVUKwcbO9rVaMlE_W4OjS4zVDcUk1P
SZQ3QXzksqk&s=kzvSk_NEHurDVZydVI9uT4_veaj1LM6plVz9YJ9TjII&e=.
Please contact support@xxxxxxxxxxxx for any subscription related
questions.
Help support midrange.com by shopping at amazon.com with our affiliate
link:
https://urldefense.proofpoint.com/v2/url?u=http-3A__amzn.to_2dEadiD&d=DwIC
Ag&c=usKnhNfiA3SpEGkR2TubeV6I5jE5rze8vzZE7OpWXXY&r=LD1savGZ6Gc4gIcG9yLPnyf
e5Wy5IgPnRmF3qDwpJN4&m=n9fVUKwcbO9rVaMlE_W4OjS4zVDcUk1PSZQ3QXzksqk&s=pdpOB
ENhrIbQrLC6tL2abyOWmAyC6_NltZiDuexPBpc&e=
----------------------------------------------------------------------
Confidentiality Notice: The preceding e-mail message (including any
attachments) contains information that may be confidential, protected by
applicable legal privileges, or constitute non-public information. It is
intended to be conveyed only to the designated recipient(s). If you are
not an intended recipient of this message, please notify the sender by
replying to this message and then delete it from your system. Use,
dissemination, distribution or reproduction of this message by unintended
recipients is not authorized and may be unlawful.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit:
https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at
https://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related
questions.
Help support midrange.com by shopping at amazon.com with our affiliate
link:
http://amzn.to/2dEadiD
As an Amazon Associate we earn from qualifying purchases.