To join this event, click the following link:
https://common.webex.com/common/onstage/g.php?d=928383451&t=a
After you click on the link, here are some additional instructions:
1. Click the Join button
2. Enter your Enrollment ID
3. Enter the password: Virtual123
4. Click Submit to join the event
Kirk Hamilton
Manager IT Operations
Aurora Parts & Accessories, LLC.
Office (765) 483-5622
Khamilton@xxxxxxxxxxxxxxx
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Steinmetz, Paul
Sent: Thursday, July 19, 2018 9:58 AM
To: 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxx>
Subject: RE: ACS central location deployment for all users - securing ACS options
How does one access the Virtual Conference, I signed up, but I don't have an access URL.
Paul
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Paul Fenstermacher
Sent: Wednesday, July 18, 2018 5:26 PM
To: Midrange Systems Technical Discussion
Subject: RE: ACS central location deployment for all users - securing ACS options
Not sure this applies in any way but I'll throw it out there anyway. There is a COMMON Virtual Conference going on today and tomorrow and attendance is FREE. The first session at 9 a.m. tomorrow(Thursday) is with Wayne Bowers on IBMi Access Client Solutions Deployment Best Practices.
Paul Fenstermacher | Sys Admin, Sr | Technology Operations | Jack Henry & Associates, Inc.
2135 E. Primrose | Springfield, MO 65804 | 417-235-4114 x177389 | pfenstermacher@xxxxxxxxxxxxx
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Steinmetz, Paul
Sent: Wednesday, July 18, 2018 2:27 PM
To: 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxx>
Subject: ACS central location deployment for all users - securing ACS options
The e-mail below is from an external source. Please do not open attachments or click links from an unknown or suspicious origin.
I'm testing ACS central location deployment for all users.
AcsConfig.properties was changed/updated to install to Users\public.
com.ibm.iaccess.AcsBaseDirectory=C:\Users\Public\Documents\ACS
Install was done initially with install_acs_64_allusers.js /AdminConfig.
All options were answered with 'Y', full access.
I created a single .hod session, which will be stored on the local PC.
Generate option, use computer name, Truncate ending, Avoid duplicate names on this workstation.
SSL and EIM enabled.
Then created a public desktop shortcut to this .hod saved session.
All working fine for any user, multiple sessions.
The nice thing here is only one session had to be created for all users/all PCs.
This will be included in the PC image when rolled out.
The issue I have now is I need to secure the ACS options for the normal user.
They should NOT have:
Data Transfer
IFS
Navigator for i
Manage DB2
SQL scripts.
When using ACS central location, a big negative is the capability of picking/choosing which options to give a user.
I could create a 2nd ACS central location deployment, with all options set to "N".
Possibly will do this.
But some users may only need one or two options.
Or, do I only use central location for base ACS, no options, and use local location for any user with ACS+ options.
How are others managing the ACS options when central location deployment is used?
Thank You
_____
Paul Steinmetz
IBM i Systems Administrator
Pencor Services, Inc.
462 Delaware Ave
Palmerton Pa 18071
610-826-9117 work
610-826-9188 fax
610-349-0913 cell
610-377-6012 home
psteinmetz@xxxxxxxxxx
http://www.pencor.com/
midrange.com
