RE: [Security400] QINACTITV does not appear to be working

["Jim Langston" <jlangston@xxxxxxxxxxx>]

>From an interactive job, yes.  From a batch job, no.

I tried so many different ways to do this from a batch job,
so I wouldn't have to wait til 7:00 when everyone logged out of the
system to end it to a restricted stand, and run the job that
ran the backup.  Couldn't do it in a batch job, but I could do it
from a CL running in an interactive job.

If you are asking what command is behind the save-21 on the menu,
I don't know.

Regards,

Jim Langston
Programmer/Analyst
Cels Enterprises, Inc.

-----Original Message-----
From: security400-admin@midrange.com
[mailto:security400-admin@midrange.com]On Behalf Of Bale, Dan
Sent: Thursday, August 30, 2001 1:09 PM
To: security400@midrange.com
Subject: RE: [Security400] QINACTITV does not appear to be working


This is a multi-part message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
Now that you've expanded my horizons here, I have to ask.  I'm wondering
(but not too optimistic, since I've never heard this done before) about
whether you can take the system to a restricted state after you've done
a TFRJOB QCTL and do a Save-21 or other restricted-system stuff.

I'm sure the answer's no, but I'd be wondering at 3 a.m. tonight if I
didn't ask.  What a life, eh? <g>

Dan Bale
IT - AS/400
Handleman Company
248-362-4400  Ext. 4952
D.Bale@Handleman.com

> -----Original Message-----
> From: Buck Calabro [SMTP:Buck.Calabro@commsoft.net]
> Sent: Thursday, August 30, 2001 3:51 PM
> To:   security400@midrange.com
> Subject:      RE: [Security400] QINACTITV does not appear to be
> working
>
> >A good idea, but I was under the impression
> >that TFRJOB was strictly a batch function.
>
> Nope.
>
> >You even mention the QCTL jobq.  So, presuming
> >you've done this <g>, can you give more details on this?
>
> It's easier to do than to explain.  Get to a command line and TFRJOB
> QCTL.
> Your job will re-route through the QCTL job queue which, presumably is
> connected to subsystem QCTL.  Do a WRKACTJOB SBS(QCTL) and you should
> see
> yourself there.  Easy as can be!
>
> >Am I correct to assume that this method wouldn't
> >help me if I'm not already signed on when QINTER is ended?
>
> Right.  It requires a bit of planning.
>
> >Sounds like Evan's method would allow
> >me to sign on even if QINTER is ended.
>
> Right again.  I was just looking at things from the security angle,
> that's
> all.  I haven't tried, but I strongly suspect that you could readily
> create
> a second subsystem (Evan's method) and secure the job queue from all
> but
> your authorised users.  Forget about the specific workstation entries;
> let
> any device in.
>
> I'll tinker in a moment and let you know how it turns out.
>
> Buck
_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400) 
mailing list
To post a message email: Security400@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/security400
or email: Security400-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.