|
midrange.com
Using a specific library is a good way to go, you can control all
the authorities within the library.
I also would not recommend changing users to OWNER(*GRPPRF).
The answer lies in the Query. When you designate the file name
and library for output you should have a parameter that will
control the authority of the created file...
For a new file:
Authority . . . . . *LIBCRTAUT *LIBCRTAUT, authorization list name,
*CHANGE, *ALL, *EXCLUDE, *USE
You could have the users control this by keying the desired value on
every query that they create...
OR
if you use the QRYTEMP library idea, use the CRTAUT(*ALL) parameter
on the CRTLIB or CHGLIB command. Then *LIBRCRTAUT above will default
all new objects to *ALL when placed in QRYTEMP library.
NOTE** The QCRTAUT system value is likely *CHANGE and I would not
recommend changing the system value.
Jack
_______________________________________________
Jack Welch ARIS, Inc.
welchj@xxxxxxxx 4116 W. Faidley Ave.
(308) 395-8708 Grand Island, NE 68803
iSeries consulting and programming
_______________________________________________
> Mona,
>
> 1. If you use AS/400 Group profiles and your users all belong to one
> group, you could specify OWNER(*GRPPRF) and as their objects are created,
> they would be owned by the group profile. For all but very small
> companies, this generally isn't acceptable for business process/security
> reasons. And, ALL objects, not just query outfiles, would be owned by the
> group profile - you might not want that!
>
> 2. You could create a library (named something like "QRYTEMP") specific
> for the creation of outfiles, have queries create their output to this
> library using unique file names, and have a scheduled job that would, once
> a day (i.e. when no one "should" be on the system), clear the library.
> This would resolve the problem and limit your storage exposure to one day.
> It wouldn't work if they way the users download the files is from some
> command or function that needs a generic file name.
>
> 3. You could even get a little fancier (as we've done) with the QRYTEMP
> idea and allow files to exist for a certain number of days (we allow 7
> days) before they are purged from QRYTEMP. This takes a program (I'd be
> willing to share the code), but it allows for the possibility that a user
> may not download the file immediately. We use this approach and have
> users store both their ad-hoc queries and their outfiles in the QRYTEMP
> library - and they are automatically removed after 7 days.
>
> ==Kevin Brunk
> The Butler Company
>
> -----Original Message-----
> From: Mona Ferriols [mailto:mon.ferriols@xxxxxxxxxxxxxx]
> Sent: Friday, July 25, 2003 12:04 AM
> To: Jbausers-L (E-mail)
> Subject: [SYSTEM21] object authority
>
>
> We do a lot of data downloading to file here. To save on storage we use 1
> generic outfile that is saved in QGPL, and that in turn is downloaded by
> users. My problem is, Whenever a user runs a query, his authority for the
> file becomes *all and PUBLIC becomes *change. If a second user runs
> another
> query using the same outfile, he gets a message saying he's not authorized
> to use the file. If i grant him *all authority to the file, the next user
> after him experiences the same error. I've also used GRTOBJAUT command but
> no dice
>
> Mon Ferriols
> Data Management and Control
> Ionics EMS, Inc. Plant 7
> Tel: (049) 545-9751
> Email: mon.ferriols@xxxxxxxxxxxxxx
> Web: www.ionicsgroup.com
>
> "ERP is not just computers and software, but PEOPLE, PROCESSES and
> FUNCTIONS."
>
>
> ###########################################
>
> This message has been scanned by F-Secure Anti-Virus for Microsoft
> Exchange.
> For more information, connect to http://www.F-Secure.com/
> _______________________________________________
> This is the System 21 Users (SYSTEM21) mailing list
> To post a message email: SYSTEM21@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/system21
> or email: SYSTEM21-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/system21.
>
>
>
> **********************************************************************
> CONFIDENTIALITY NOTICE: The information transmitted in this message is
> intended only for the person or entity to which it is addressed and may
> contain confidential and/or privileged material. Any review,
> retransmission, dissemination or other use of this information by persons
> or entities other than the intended recipient is prohibited. If you
> received this in error, please contact the sender and destroy all copies
> of this document. Thank you.
> The Butler Company
> **********************************************************************
>
>
> _______________________________________________
> This is the System 21 Users (SYSTEM21) mailing list
> To post a message email: SYSTEM21@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/system21
> or email: SYSTEM21-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/system21.
>
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
