MCH4429 error message

10 pts.
Tags:
CLP
MCH4429 error
QSYS
STRDFU
I'm attempting to restrict DFU to inquiry only for specific users. I renamed STRDFU in QSYS to something else, then wrote my own STRDFU command & CLP. The CLP restricts various users as necessary. All 'qualified' users still get full blown DFU, the others get inquiry only. The problem is that I get an MCH4429 error (storage overflow). Does anyone know of a way to get around the message?

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta
    First, renaming a command in QSYS generally shouldn't be done at all. If you don't want it used, then restrict authority to it. Second, in order to replace a command with one that you wrote yourself, you need to know everything about the command's parameters. Many IBM commands have constant parameters that aren't displayed when you prompt the command. If you have no way to examine the compiled *CMD object to extract all of the "hidden" parameters, the only thing you can do is to keep adding random parameter definitions until you get a match on all of them. You need to match the number of parameters, the data types, the order of them and the values that each one allows. If you must do it this way, change your QSYSLIBL system value to add a library ahead of QSYS in the list. Use that library to hold objects that you want to use in place of the QSYS objects. You might create a library named OVRSYS for example, and that's where your new STRDFU command would go. Then exclude *PUBLIC from STRDFU in QSYS. When someone runs STRDFU, it should get the one in your higher level library because that library will be first in the system portion of every job's library list. And if they try to access the one in QSYS directly, they should get an authority failure. Create a new user profile that you can grant *USE authority for STRDFU in QSYS. This new profile should have no special authorities. The only authority it needs is to access the QSYS version of STRDFU. The CPP for your command can take the parameters and pass them into the STRDFU command in QSYS. It may decide which parameter values to pass and which to reject. Have the CPP compiled with the USRPRF(*OWNER) attribute. And make the new user profile be the owner. Of course, you might also want to look at the UPDDTA command and a number of others that can update database files. Controlling STRDFU is going to be tricky and require maintenance. Controlling all of the different possibilities will be much more tricky and require much more maintenance. Proving that your controls actually work as controls will be very difficult. Users who shouldn't update database files shouldn't have been given the authority to update those files to start with. Take away the authority and the need for custom programming goes away. Tom
    125,585 pointsBadges:
    report
  • TomLiotta
    The problem is that I get an MCH4429 error (storage overflow). When do you get it? At what point? What program gets the message? Tom
    125,585 pointsBadges:
    report
  • WoodEngineer
    A DFU application consists of two objects with the same name - this is the name you assigned when creating the DFU app. One is type *PGM, the other *FILE. The attribute on both is DFU. You may be able to achieve the security you need by restricting access to the DFU objects instead of "rolling you own" DFU command.
    6,765 pointsBadges:
    report
  • Dws400
    Maybe change the authority on the files to *read for the users. This way you also lock down the UPDDTA command.
    25 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following