× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.




Helluva topic to discuss over a long cup of coffee and all valid points!

Very Respectfully,
Michael Mayer
IBM i on Power System Admin.
IT Operations.
The Florida Bar
651 E. Jefferson St
Tallahassee, Florida 32399-2300
mmayer@xxxxxxxxxxxxxx
https://www.floridabar.org
Office: 850.561.5761
Cell: 518.641.8906
IBM i Reference blog page: http://ibmireference.blogspot.com/




1. RE: Has authority changed on QUSRBRM/QA1AAU with 7.5?
(Rob Berendt)


----------------------------------------------------------------------

message: 1
date: Tue, 27 Sep 2022 16:53:29 +0000
from: Rob Berendt <rob@xxxxxxxxx>
subject: RE: Has authority changed on QUSRBRM/QA1AAU with 7.5?

I have a "best practices" question when it comes to IBM i 7.5 and BRMS. In the MTU for 7.5 IBM notes that they changed the *PUBLIC authority for the BRMS files from *USE to *EXCLUDE. This causes an issue when someone without *ALLOBJ authority tries to restore using RSTLIBBRM as it cannot read the files. I noticed this on a 'remote' restore RSTLIBBRM FROMSYS(...). So how do you resolve this?
1: Have someone with *ALLOBJ do your restores?
2: Submit "idea" to change it back?
3: Change *PUBLIC back to *USE and put that in your IPL program to fix it after each ptf, release upgrade, etc?
4: Change *PUBLIC from *EXCLUDE to *AUTL and put an authorization list on it?
5: Write wrapper programs to do restores which adopt authority?
6: Give *ALLOBJ to everyone who does restores?
7: Write the password for QSECOFR on your whiteboard?
I could not find an "idea" which requested that they change the authority.
What problem does it cause to have people read these files with only *USE? Find what tapes hold certain objects and make sure you grab those tapes too after you maliciously scrambled the objects?

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail to: 7310 Innovation Blvd, Suite 104
Ft. Wayne, IN 46818
Ship to: 7310 Innovation Blvd, Dock 9C
Ft. Wayne, IN 46818
http://www.dekko.com

-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Rob Berendt
Sent: Tuesday, September 27, 2022 11:04 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: RE: Has authority changed on QUSRBRM/QA1AAU with 7.5?

My bad:
https://www.ibm.com/docs/en/i/7.5?topic=programs-backup-recovery-media-services-5770-br1
BRMS database
The default for the BRMS shipped database is changing from *PUBLIC *USE authority to *PUBLIC *EXCLUDE.

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail to: 7310 Innovation Blvd, Suite 104
Ft. Wayne, IN 46818
Ship to: 7310 Innovation Blvd, Dock 9C
Ft. Wayne, IN 46818
http://www.dekko.com

-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Rob Berendt
Sent: Tuesday, September 27, 2022 11:00 AM
To: midrange400 midrange400 midrange400 <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: Has authority changed on QUSRBRM/QA1AAU with 7.5?

I'm trying to determine if the authority changed on QUSRBRM/QA1AAU with the upgrade to IBM i 7.5 or if we had lowered it on IBM i 7.4.
Basically if you do a RSTLIBBRM from a remote system and you do not have *ALLOBJ it is starting to fail as the file QUSRBRM/QA1AAU is *PUBLIC *EXCLUDE. I'm trying to determine if it was that way and we simply changed the authority back when we upgraded to 7.4 or if this is new at 7.5.
So, on your 7.4 systems if you do a DSPOBJAUT OBJ(QUSRBRM/QA1AAU) OBJTYPE(*FILE) do you *PUBLIC at *USE or *EXCLUDE?

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail to: 7310 Innovation Blvd, Suite 104
Ft. Wayne, IN 46818
Ship to: 7310 Innovation Blvd, Dock 9C
Ft. Wayne, IN 46818
http://www.dekko.com

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com


------------------------------

Subject: Digest Footer

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) digest list To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com


------------------------------

End of MIDRANGE-L Digest, Vol 21, Issue 1153
********************************************

________________________________
Please note: Florida has very broad public records laws. Many written communications to or from The Florida Bar regarding Bar business may be considered public records, which must be made available to anyone upon request. Your e-mail communications may therefore be subject to public disclosure.

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.