× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. SECURITY400
  3. August 2001

RE: user profile question

Honestly, I don't think it really matters who owns the user profiles.

In a strict security situation, it would be the one profile you create to do
security officer functions.  It has been advised to create a new user
profile with QSECOFR authority and use that user profile for security
issues, only using QSECOFR when you have to, and to create this account.

I think the biggest reason behind this is because if you only have QSECOFR
authorized to administer accounts and you hose the QSECOFR account you're
going to wind up booting to DST to get the profile back.  If you have 2
profiles if one gets hosed you can fix it with the other.

When you create a new user and a new user profile, you own the account.

As for QSTRUP, I'm not sure.  I just know in the company I administered my
account owned it, since it was my account that modified and maintained it.
Never considered any ownership implications on it.

I would think that QSTRUP must be running with QSECOFR authority since it
tends to do a lot of things QPGMR normally doesn't have access to.  But
that's just a guess.

As for what to read, there should of been a book that came with your AS/400
or your OS, don't' remember which, called "Securing your AS/400" or
something very similar.  That's a good starting point and I had read it
cover to cover, although admittedly I didn't do 100% of the things in it,
just 90% or so.

Regards,

Jim Langston
Programmer/Analyst
Cels Enterprises, Inc.

-----Original Message-----
From: security400-admin@midrange.com
[mailto:security400-admin@midrange.com]On Behalf Of
gcrane@johansonmfg.com
Sent: Tuesday, August 21, 2001 3:21 AM
To: security400@midrange.com
Subject: [Security400] user profile question


I am here and certainly no guru.  I need all the help I can get.  :-)

I have a couple of questions:

1.   regarding user profiles......who should own them?   The administrator
of
our company or QSECOFR?

2.  QSTRUP - who should own this?  and who is running it at IPL time - QPGMR
or
QSECOFR?

Thanks for any direction on this.  Where/what should I be reading?

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.