|
I have a "best practices" question when it comes to IBM i 7.5 and BRMS. In the MTU for 7.5 IBM notes that they changed the *PUBLIC authority for the BRMS files from *USE to *EXCLUDE. This causes an issue when someone without *ALLOBJ authority tries to restore using RSTLIBBRM as it cannot read the files. I noticed this on a 'remote' restore RSTLIBBRM FROMSYS(...). So how do you resolve this?
1: Have someone with *ALLOBJ do your restores?
2: Submit "idea" to change it back?
3: Change *PUBLIC back to *USE and put that in your IPL program to fix it after each ptf, release upgrade, etc?
4: Change *PUBLIC from *EXCLUDE to *AUTL and put an authorization list on it?
5: Write wrapper programs to do restores which adopt authority?
6: Give *ALLOBJ to everyone who does restores?
7: Write the password for QSECOFR on your whiteboard?
I could not find an "idea" which requested that they change the authority.
What problem does it cause to have people read these files with only *USE? Find what tapes hold certain objects and make sure you grab those tapes too after you maliciously scrambled the objects?
Rob Berendt
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.