How to restrict required libraries and through error message when tried to access. in as/400

15 pts.
Tags:
AS/400 Administrator
AS/400 Security Data
Remove production libraries from system value QUSRLIBL.  Having these libraries in the library list when a user signs on it effect gives them authority to the libraries.  Ssecurity enhancements have to be implemented to users who do not have specific authority to these libraries and should experience errors when trying to sign on
ASKED: November 26, 2009  12:31 PM
UPDATED: November 30, 2009  9:37 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Having libraries in a library list does nothing that “gives them authority”. If a user <i>doesn’t have authority</i> to a library in QUSRLIBL and QUSRLIBL is assigned as that user’s library list, then the user will not be able to signon. An authority failure will stop the logon. The user must already have authority to the library in order to signon when the library is part of the user’s library list.

However, <i>if the user has authority</i> to the library, then the authority will be available whether the library is in the library list or not. The only difference is that the library can’t be accessed through the library list. It can still be accessed by name.

Regardless, “production” libraries should not be listed in QUSRLIBL. There is no reason to make libraries automatically available when the libraries contain objects that don’t need to be advertised.

Further, the libraries should have PUBLIC *EXCLUDE which should make them unusable in QUSRLIBL.

But, what as Philpl1jb asked, what is the question?

Tom

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • philpl1jb
    Is there a question here?
    48,575 pointsBadges:
    report
  • philpl1jb
    I think the key point here is that security on the AS/400 includes OBJECT authority restrictions. You can restrict a user or group of users from libraries or from specific files or restrict how they can use these or anyother objects. Phil
    48,575 pointsBadges:
    report
  • Teandy
    Are you asking how to restrict users form certain libraries? If so, this can be done through a variety of means. Object authority, group profiles and authorization list are just a few that come to mind.
    5,860 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following