× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. SECURITY400
  3. August 2001

RE: Authority annoyances, continued...

What I do is ensure the job has all the authorities it needs.  Not the user
submitting the job.  So I use adopted authority *owner, and make the owner
of the object a user profile with adequate authority (a non-system user that
is not allowed to signon).  I always submit these jobs to batch so the user
won't wind up with the adopted authority.

Phil



> -----Original Message-----
> From: security400-admin@midrange.com
> [mailto:security400-admin@midrange.com]On Behalf Of Bale, Dan
> Sent: Tuesday, August 21, 2001 11:26 AM
> To: security400@midrange.com
> Subject: [Security400] Authority annoyances, continued...
>
>
> Here's a situation I find myself in on a regular basis.  My current task
> has been getting the backups up to snuff.  In my backup app, I am
> running commands that require more authorities than what the typical
> user has.  I have a five-hour window for my backups.  Five of our
> systems are at remote locations.  If the backup app stops for a "user
> doesn't have required authority" message that I did not anticipate, I'm
> screwed because the nightly FTP of orders from the mainframe can't start
> until after the backup finishes.  This has a big impact on our
> warehouses when they can't begin processing orders first thing in the
> morning.  I've gotten hammered once for this and don't intend to go
> through it again.
>
> Thinking this through just a bit...  I wonder if there's a way to "test"
> a program object (or its source code?) before executing it to see if a
> given user has all the necessary authorities to run it from start to
> finish.  Has anybody written this utility?
>
> - Dan
> Dan Bale says "BAN DALE!"
> IT - AS/400
> Handleman Company
> 248-362-4400  Ext. 4952
> D.Bale@Handleman.com
>   Quiquid latine dictum sit altum viditur.
>   (Whatever is said in Latin seems profound.)
>
> _______________________________________________
> This is the Security Administration on the AS400 / iSeries
> (Security400) mailing list
> To post a message email: Security400@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/cgi-bin/listinfo/security400
> or email: Security400-request@midrange.com
>


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.