Hi Ed, I saw that however I interpreted it to mean the user inclusive of authorities gained via the group on both sides of the submit. Where did you find the reference that says the group profiles are not used when checking the profile this will run under? Do you have any insight on why this is the case? Thanks, David Morris >>> edfishel@xxxxxxxxxx 6/16/2004 7:07:13 AM >>> David Morris asked: > Can anyone tell me why authority to a job description used on a submit > job cannot be derived from a group profile? It appears that a jobd owned > by USERA with a primary group of USERB *USE cannot be submitted by a > USERC, which has a group profile of USERA. The job description is public > *EXCLUDE. The job description does not have a profile and the message > indicates that USERC must have *USE rights to the job description. One of the footnotes for the Job description on the SBMJOB command in Appendix D of the Security Reference manual is: "(9) Both the user submitting the job and the user profile under which the job will run are checked for authority to the referenced object." When authority of the user submitting the job is checked adopted authority and any authority from their current group profiles are used. But when the authority of the user profile under which the job will run is checked adopted authority and authority from their group profiles is not used. So USERC will need authority to the job description when it is the user profile under which the submitted job will run. I hope this helps. Ed Fishel,
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.