Can we prevent users from modifying the source file and data selection parameters in a DTF.

1,160 pts.
Tags:
Client Access Express
DTF
System i
DTF's are created by our team and given to users for execution. Can we prevent users from modifying the source file and data selection parameters in a client access DTF?

Software/Hardware used:
as400,
ASKED: January 18, 2010  7:15 AM
UPDATED: January 20, 2010  7:01 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

AFAIK, a .DTF can only work where Client Access is installed/licensed. I suppose you could manually delete the upload executable if it’s separate from the download executable (and I’m not sure that they’re separate). That is, if the .DTF (From) capability is installed, then the .DTT (To) capability is also installed.

However, there is some control that is fairly easily accessible through Client Access Navigator that could be useful to you.

Open Navigator and right-click on your system under My Connections. Select ‘Application Administration’. Select the ‘Client Applications’ tab. Expand the Access for Windows item down through Data Transfer and Upload to System.

From there, start making your choices. The green-screen WRKFCNUSG command can also be used, as well as the commands that it uses.

But be aware that this <b>does not</b> protect your system. It only tells some of the Client Access functions not to honor requests. Any other ODBC or JDBC (or any of the various remote database access functions) drivers, etc., that are available to Windows. Linux and most PC operating systems, can still be used.

Protection needs to be through object-level security if you really want control.

There are intermediate degrees of control such as the “function usage” facility above. Exit programs are examples. But any security professional will tell you that object-level security is the way to go if you need to plug the holes in your system.

As for modifying an existing .DTF, I’m not sure if that’s reasonably possible. I’m sure that permissions on the .DTF object could stop any permanent changes, but I suspect that temporary changes will still be possible as well as saving new versions under different names.

Tom

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Rajgoaj
    Try using RTOPCB DOS command to transfer files using .DTF. This does not actually provide a security but the user will not require to open .DTF file and click on 'Transfer' button, instead a .bat file will do the job.
    280 pointsBadges:
    report
  • PSMurray
    We have a public shared folder in the IFS root to contain the "Standard" transfers. The .DTF are secured by Object Authority. All the users have a mapped drive to this folder. It's just a click away. That easy.
    530 pointsBadges:
    report
  • JohnsonMumbai
    The application here is designed such that users have *Use access on all datafiles of the application. This can lead to users downloading data which we would like to prevent. Hence the need to prevent users from changing the source file and selection file parameters currently available via dtf.
    1,160 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following