15 pts.
 DDM Security – Where Are Security Parms Stored For updating Files on another box without a user profile.
Currently on our development Iseries, our programs that use DDM have the ability to update files on production even though our development user profiles do not exist on the production box. Where on the Iseries is the information/parameters stored that allow our development box to do this? In production, if the user tries to update the files on another production box via the program, they are not able to if their user profile is not defined on both boxes.

Software/Hardware used:
ASKED: February 21, 2008  5:21 PM
UPDATED: March 12, 2010  10:14 AM

Answer Wiki:
You are most likely using Server Authentication Entries. See <a href="http://publib.boulder.ibm.com/infocenter/iseries/v5r4/topic/cl/addsvraute.htm">ADDSVRAUTE</a> and <a href="http://publib.boulder.ibm.com/infocenter/iseries/v5r4/topic/cl/dspsvraute.htm">DSPSVRAUTE</a>. Bruce Vining <a href="http://www.brucevining.com/"> http://www.brucevining.com/</a>
Last Wiki Answer Submitted:  February 21, 2008  9:44 pm  by  bvining   6,055 pts.
All Answer Wiki Contributors:  bvining   6,055 pts.
To see all answers submitted to the Answer Wiki: View Answer History.


Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _


 

The feature is the SECURLOC feature.

 15 pts.

 

The feature is the SECURLOC feature.

For a development to production environment, they should hope not. That would conceivably allow anyone on the development system to have unrestricted access to the production environment. Powerful profiles (e.g., QSECOFR) are often less controlled on development.

If developers gain access, it is likely through authentication entries… unless the connection doesn’t require passwords (which is even worse than SECURELOC because it opens production to anyone who can find a route to the box.)

Tom

 108,360 pts.