Exit point or object security I think are your two options. In some cases where we do allow ODBC connections we created a library for that purpose, but LFs (views) in this library built over the production files (let us do some field level security also) and then revoked authority to everything except that one library to the userid used in the ODBC connection.

-----Original Message-----
From: security400-bounces@xxxxxxxxxxxx [mailto:security400-bounces@xxxxxxxxxxxx] On Behalf Of Mike
Sent: Thursday, July 10, 2008 11:33 AM
To: Security Administration on the AS400 / iSeries
Subject: Re: [Security400] Is it possible to lock down ODBC connections?

We want to allow some files, but not not all at this time.

--
Mike Wills
Midrange Programmer/Analyst

Sick of corporate radio and hungry for something new?
http://thenextgenerationofradio.com
Stalking me? http://twitter.com/MikeWills | http://friendfeed.com/mikewills

On Thu, Jul 10, 2008 at 10:25 AM, Mike Cunningham <mcunning@xxxxxxx> wrote:

Do you want to block them completely or just block them from some? I think
you can turn off ODBC access for a user completely using iSeries Navigator
Application Administration

-----Original Message-----
From: security400-bounces@xxxxxxxxxxxx [mailto:
security400-bounces@xxxxxxxxxxxx] On Behalf Of Mike
Sent: Thursday, July 10, 2008 11:15 AM
To: Security Administration on the AS400 / iSeries
Subject: [Security400] Is it possible to lock down ODBC connections?

We have a user browsing through the files on the system through Crystal
Reports. Is there a way to lock down what they see through that connection?
I know object security can fix the problem, but we are looking to see if we
can apply a bandaid until we can setup a proper security scheme.

--
Mike Wills
Midrange Programmer/Analyst

Sick of corporate radio and hungry for something new?
http://thenextgenerationofradio.com
Stalking me? http://twitter.com/MikeWills |
http://friendfeed.com/mikewills
_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400)
mailing list
To post a message email: Security400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/security400
or email: Security400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.

_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400)
mailing list
To post a message email: Security400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/security400
or email: Security400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.


_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400) mailing list
To post a message email: Security400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/security400
or email: Security400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2021 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.