× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. SECURITY400
  3. October 2001

RE: OpsNav security

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
--
[ Picked text/plain from multipart/alternative ]
Number 1, Don't install it. In the Express version, you can specify which
components to install or nothing at all.

Number 2, If you get a smartie that knows how to install, Use the
Application Administrator in OpsNav to restrict users access to the
components in OpsNav.

Application Administration support allows system administrators to control
the functions or applications available to users on a specific AS/400.  This
includes controlling the functions available to users accessing the AS/400
through clients.

Several Operations Navigator functions can be controlled through Application
Administration.  Application Administration can also be used to control the
use of functions in other applications, if those applications have defined
functions that can be managed through Application Administration.

To manage AS/400 functions using Application Administration, follow these
steps:

1       In the tree hierarchy, right-click the AS/400 you want and select
Application Administration.
2       Select the function you want from the list.

To manage AS/400 functions using Management Central, follow these steps:

1       In the tree hierarchy, right-click Management Central and select
Application Administration.
2       Select the function you want from the list.
-----Original Message-----
From: Sean Porterfield [mailto:sporter@bestdist.com]
Sent: Thursday, October 04, 2001 2:35 PM
To: Security400
Subject: [Security400] OpsNav security


Is there an easy reference anywhere about securing the AS/400 against all
these users on PCs?  I just signed on through Operations Navigator as a user
with no authority (no command line access, limit capabilities=*YES) and it
lets me into all kinds of things that I don't think it should allow.

For example, I can browse through all the hardware on the system.  It lets
me into Backup-->Policies, but won't actually let me change them (thank
goodness for small favors, I guess.)  It will display Security-->Policies
also.

I can see which servers (TCP/IP and Client Access) are running.

It shows all installed software products.

I really don't want "normal users" to have OpsNav, but you know there will
be some clever, curious users who will get it one way or another.
Naturally, I don't want to protect the AS/400 by not installing software on
a PC.  I need to protect the AS/400 with configurations on the AS/400.

Any ideas where to start?

Thanks!

_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400)
mailing list
To post a message email: Security400@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/security400
or email: Security400-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.