You've never had a CSR/CE/whatever take down a system without asking ? ;-)
I think it's a good idea they don't have authority to PWRDWNSYS.

Object . . . . . . . :   PWRDWNSYS       Owner  . . . . . . . :   QSYS
  Library  . . . . . :     QSYS          Primary group  . . . :   *NONE
Object type  . . . . :   *CMD

Object secured by authorization list  . . . . . . . . . . . . :   *NONE

                         Object
User        Group       Authority
QSYS                    *ALL
QSYSOPR                 *USE
*PUBLIC                 *EXCLUDE


...Neil





Dan wrote:

<Should not the QSRV profile be able to issue the PWRDWNSYS command?  It
was my
understanding that the QSRV profile was one that gave IBM service reps
every authority
they would need to perform their job.  Certainly PWRDWNSYS falls into that
category?  We
had IBM service in yesterday to replace a tape drive which necessitated
this, and I was
surprised to get a call saying that the QSRV profile could not issue the
PWRDWNSYS
command.>

Not sure, but QSECOFR and QSRV for instance, very WIDELY in authority. Not
so much so
between QPGMR and QSRV. One difference in QSRV is the Special authority of
*SERVICE and
maybe there is something in there that keeps CE from accidentally taking a
(potential)
production system down ?

Not sure, anyone know ?

Chuck





This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].