security for iSeries client access data transfer

5 pts.
Tags:
iSeries Access
I like to know how we can block user from using client access data transfer?

Answer Wiki

Thanks. We'll let you know when a new response is added.

As part of the Client Access install on the pc you can take the option to customize, and in there you can select or not select the data transfer option.
Ted

A really good article written by Ron Turull explains how to use the registration facility on the iSeries to limit data transfer requests. You can totally block a user or limit them to download to a PC but not upload to the iSeries. It is in two parts and the URLs are listed below.

Part 1: The registration facility helps you tailor your system

Part 2. The registration facility helps you tailor your system

Discuss This Question: 6  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • auwakart
    You remove CWBTF.EXE from your computer. If your application would like to use PC Support, you can use rtopcb.exe from dos command. Bee
    0 pointsBadges:
    report
  • Vatchy
    Restrict the user from the data file in the first place using the built-in AS/400 security (EDTOBJAUT command).
    1,410 pointsBadges:
    report
  • CHL
    I cannot control from the PC configuration. I cannot control at the file level either. I need to control strictly on the user ID level. If the user logon with a specific ID, the file transfer function cannot be run either within client access or Excel.
    5 pointsBadges:
    report
  • TomLiotta
    If the user logon with a specific ID, the file transfer function cannot be run either within client access or Excel. But it's okay if they use ODBC or FTP or Windows networking. Essentially any client access user can execute RMTCMD from a DOS prompt to copy any file they have authority to to anywhere they have authority to, without using file transfer. But your best bet is to use Application Administration in iSeries Navigator. Right-click your connection to select it. Take the Client Applications tab and expand Data Transfer under iSeries Access for Windows. If you have the authority to make such associations, you can restrict any or all users from using file transfer uploads and/or downloads. Be aware that this only affects iSeries Access functions. Only applications that query the functions facility will honor it. However, there is no good alternative except significant programming effort (on-going) or 3rd-party products. And only a few users will ever find the various ways around it. Proper object authority, of course, would make it all mostly unnecessary. Tom
    125,585 pointsBadges:
    report
  • WoodEngineer
    We had a very similar issue. One of the security experts at IBM recommended controlling this by setting the proper file authority instead of trying to restrict Client Access, Excel, etc.
    6,305 pointsBadges:
    report
  • WoodEngineer
    There are examples of exit point programs which can control this.  We also use this technique.  Works well.
    6,305 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following