I assume other profiles reference TSTOWNER as the group they belong to.
If no other profile references it, it may not be considered a "group".
At the last screen of chgusrprf is a parm GID (group id). System auto gens
a number in this field when another profile references this profile. Does
TSTOWNER have a GID value?
jim
----- Original Message -----
From: "Nilda Mejias" <nmejias@collectcorp.com>
To: <security400@midrange.com>
Sent: Wednesday, April 03, 2002 11:08 PM
Subject: RE: [Security400] Authorities after a restore.


> Jim,
>
> I just restored one library, actually, I cleared the library first and
then
> I restored it allow object differences was set to *all. I didn't restore
any
> profiles and I run RSTAUT after the restore.
>
> I think you are right when you say that TSTOWNER is no longer a group
> profile. This profile has been in the system for ever, and to make it
worst
> there are other library where TSTOWNER acting as a group profile. There is
> only two objects in the system with this name, the group profile and the
> message queue.
>
> How can I know if TSTOWNER is a group profile?. I compared this profile
> against other group profile we have in the system and seems to be fine.
>
> Thanks.
>
> Nilda Mejias.
> System Development
> Collectcorp Inc.
> -----Original Message-----
> From: Jim Franz [mailto:franz400@triad.rr.com]
> Sent: Wednesday, April 03, 2002 8:41 PM
> To: security400@midrange.com
> Subject: Re: [Security400] Authorities after a restore.
>
>
> it appears TSTOWNER is no longer a group profile?
> Did you restore a lib where the saved lib had diff authorities than lib
> already on the system?
> and not use restore option to allow object differences?
> You job log of the restore should explain exactly what & why it did this.
> Did you restore more than just the lib but also profiles? and restore the
> profiles first?
> Have you run RSTAUT after restore to restore private authorities? (check
> logs above
> before doing this).
> jim
>
> ----- Original Message -----
> From: "Nilda Mejias" <nmejias@collectcorp.com>
> To: "Midrange Security 400 List (E-mail)" <security400@midrange.com>
> Sent: Wednesday, April 03, 2002 6:19 PM
> Subject: [Security400] Authorities after a restore.
>
>
> > Hello everyone,
> >
> > I restored a library from a tape backup, after the restore the group
> profile
> > TSTOWNER lost all the authorities over the library and the objects in
this
> > library.
> >
> > Could somebody, please, tell me how can I give a group profile its
> > authorities back ? I've tried everything I know and I can't get it done.
> >
> > I tried with WRKOBJ command, then F6 to add a new user, this allow me to
> add
> > the user TSTOWNER but all users in the group profile still without
> authority
> > over the library and the objects. I've tried EDTOBJAUT and it is the
> > something, I tried GRTOBJAUT and doesn't work either.
> >
> > I solved the problem, temporary, giving authority over all objects in
the
> > library to one of the users in that group using GRTOBJAUT command, but I
> > can't believe I have to do this for each user in the group.
> >
> > This is what I have for the library I restored:
> >
> >             Object
> >  User        Group       Authority
> >  *GROUP      CCPOWNER    *ALL
> >  *GROUP      QPGMR       *ALL
> >  *PUBLIC                 *EXCLUDE
> >
> > If I add the user TSTOWNER I get:
> >
> >
> >                          Object
> > User        Group       Authority
> > *GROUP      CCPOWNER    *ALL
> > *GROUP      QPGMR       *ALL
> > TSTOWNER                *USE
> > *PUBLIC                 *EXCLUDE
> >
> > I think my problem will be solved if I get:
> >
> >                         Object
> > User        Group       Authority
> > *GROUP      CCPOWNER    *ALL
> > *GROUP      QPGMR       *ALL
> > *GROUP      TSTOWNER *USE
> > *PUBLIC                 *EXCLUDE
> >
> > How can I get the list above ? or Do I am hallucinating and this can't
be
> > done?.
> >
> > Our security guy have left the company and my boss want me to take the
> > challenger, I am reading the Basic System Security and planning book and
I
> > haven't found anything that help me with this problem and other issues I
> > have found in our system security. There is another book that you
> recommend
> > ?.
> >
> > Please, any help will be great appreciated.
> >
> > Nilda Mejias.
> > System Development
> > Collectcorp Inc.
> > _______________________________________________
> > This is the Security Administration on the AS400 / iSeries (Security400)
> mailing list
> > To post a message email: Security400@midrange.com
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/cgi-bin/listinfo/security400
> > or email: Security400-request@midrange.com
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/security400.
> >
>
>
> _______________________________________________
> This is the Security Administration on the AS400 / iSeries (Security400)
> mailing list
> To post a message email: Security400@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/cgi-bin/listinfo/security400
> or email: Security400-request@midrange.com
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/security400.
> _______________________________________________
> This is the Security Administration on the AS400 / iSeries (Security400)
mailing list
> To post a message email: Security400@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/cgi-bin/listinfo/security400
> or email: Security400-request@midrange.com
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/security400.
>




This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].