SQL/400
Hi friends, I have on my System many Users with the userclass *SECOFR, How can I determine only one user to use the command STRSQL ?,
Answer Question
| October 17, 2009 12:02 PM
*SECOFR, AS/400 security, AS/400 user profiles, SQL/400, Start Structured Query Language, STRSQL
Hi friends, I have on my System many Users with the userclass *SECOFR, How can I determine only one user to use the command STRSQL ?,
Answer Question
| October 17, 2009 12:02 PM
*SECOFR, AS/400 security, AS/400 user profiles, SQL/400, Start Structured Query Language, STRSQL
Source code review on RPG for regulatory compliance — resources
We are required by a local regulatory body to perform source code review on RPG programs to identify insecure coding practices, security vulnerability, deficiencies, gaps and mistakes. We have searched through the net to look for tips on how to perform the review, and there does not seem to be much available. Are you aware [...]
Answer Question
| November 11, 2008 5:38 PM
AS/400 compliance, AS/400 security, RPG debugging
We are required by a local regulatory body to perform source code review on RPG programs to identify insecure coding practices, security vulnerability, deficiencies, gaps and mistakes. We have searched through the net to look for tips on how to perform the review, and there does not seem to be much available. Are you aware [...]
Answer Question
| November 11, 2008 5:38 PM
AS/400 compliance, AS/400 security, RPG debugging
Can anyone provide a list of “Best Practices” or recommended commands to secure from command line users…???
For Security and auditing purposes we need to secure potential harmful commands frok the few profiles which have command line access. I’m looking for a base list of commands or recommended best practices or a starting point / list. All insight is welcome
Answer Question
| August 10, 2010 5:16 PM
AS/400 command functions, AS/400 security
For Security and auditing purposes we need to secure potential harmful commands frok the few profiles which have command line access. I’m looking for a base list of commands or recommended best practices or a starting point / list. All insight is welcome
Answer Question
| August 10, 2010 5:16 PM
AS/400 command functions, AS/400 security
Encrypting fields in the AS/400
Greetings, We are required to encrypt credit card fields in the AS/400 files. I am looking for something convenient to encrypt/decrypt field while in the RPG ILE program. Do we need to buy a software? Does As/400 has its own APIs? Please advise. Thanks Gary Liberman
Answer Question
| October 19, 2009 2:19 AM
AS/400 security, Decryption, Encryption, Encryption Software, RPG, RPGILE
Greetings, We are required to encrypt credit card fields in the AS/400 files. I am looking for something convenient to encrypt/decrypt field while in the RPG ILE program. Do we need to buy a software? Does As/400 has its own APIs? Please advise. Thanks Gary Liberman
Answer Question
| October 19, 2009 2:19 AM
AS/400 security, Decryption, Encryption, Encryption Software, RPG, RPGILE
Authority Failure Events
Can someone tell me what is “Authority Failure Events” in AS400 security monitoring. How can I solve this problem?
Answer Question
| August 27, 2008 8:31 AM
AS/400 security, Authority Failure Events
Can someone tell me what is “Authority Failure Events” in AS400 security monitoring. How can I solve this problem?
Answer Question
| August 27, 2008 8:31 AM
AS/400 security, Authority Failure Events
COGNOS/ AS400
One of our technicians is trying to install COGNOS on a PC with I-series driver asking for username and password. No one in the organization remembers the password. Is there a way to query a physical file? If so which file might that be?
Answer Question
| November 4, 2009 11:23 PM
AS/400 security, Cognos
One of our technicians is trying to install COGNOS on a PC with I-series driver asking for username and password. No one in the organization remembers the password. Is there a way to query a physical file? If so which file might that be?
Answer Question
| November 4, 2009 11:23 PM
AS/400 security, Cognos
AS400 Security Matters
Just like to check-out with you. If the IBM Supplied user profiles default password is not changed but password set to *NONE, will it be possible that these user profiles be used by login on to the AS400 system, taking into consideration that the QSECOFR and DST are properly controlled?
Answer Question
| August 13, 2008 6:28 AM
AS/400 security, DST, QSECOFR
Just like to check-out with you. If the IBM Supplied user profiles default password is not changed but password set to *NONE, will it be possible that these user profiles be used by login on to the AS400 system, taking into consideration that the QSECOFR and DST are properly controlled?
Answer Question
| August 13, 2008 6:28 AM
AS/400 security, DST, QSECOFR
Resetting the DST QSECOFR password
I am building a Partition as part of a DR test on a 570. The partition I am building is running at V5R3 and I do not remember the DST QSECOFR password. How can I reset this, as I am not on a command line and so cannot use the CHGDSTPWD, and am not using [...]
Answer Question
| August 7, 2008 9:40 PM
AS/400 security, AS/400 system administration
I am building a Partition as part of a DR test on a 570. The partition I am building is running at V5R3 and I do not remember the DST QSECOFR password. How can I reset this, as I am not on a command line and so cannot use the CHGDSTPWD, and am not using [...]
Answer Question
| August 7, 2008 9:40 PM
AS/400 security, AS/400 system administration
Controlling access to WRKJOBSCDE
Our users need command-line access for a number of commands, but I don’t want them to have access to the WRKJOBSCDE command. What is the best way to restrict access to a specific command like this? Thanks in advance…
Answer Question
| May 7, 2010 9:02 PM
AS/400 job scheduler, AS/400 security, WRKJOBSCDE
Our users need command-line access for a number of commands, but I don’t want them to have access to the WRKJOBSCDE command. What is the best way to restrict access to a specific command like this? Thanks in advance…
Answer Question
| May 7, 2010 9:02 PM
AS/400 job scheduler, AS/400 security, WRKJOBSCDE
WRKQRY Security Flaw / Users can Alter/ Replace Data in Production Files
Can a user change or replace data, members, or the file itself (a prodcution file in a production lib) using WRKQRY…??? I have an auditor who believes in the “Define the Query” display, 2nd to last option (“Select output type and output form”) you can specify 3 in the output type (3 = datafile file) [...]
Answer Question
| October 21, 2009 7:03 PM
AS/400 security, Query, WRKQRY
Can a user change or replace data, members, or the file itself (a prodcution file in a production lib) using WRKQRY…??? I have an auditor who believes in the “Define the Query” display, 2nd to last option (“Select output type and output form”) you can specify 3 in the output type (3 = datafile file) [...]
Answer Question
| October 21, 2009 7:03 PM
AS/400 security, Query, WRKQRY
AS400 Sign on
When you take “Run the same” to open a new session you have to retpe the user id twice on in a window and then on the green screen. Does anyone know of a way to bypass one of the signons? Thanks
Answer Question
| October 16, 2009 8:22 PM
AS/400 security, AS/400 user permissions
When you take “Run the same” to open a new session you have to retpe the user id twice on in a window and then on the green screen. Does anyone know of a way to bypass one of the signons? Thanks
Answer Question
| October 16, 2009 8:22 PM
AS/400 security, AS/400 user permissions
iSeries audit log protection
How are iSeries audit logs protected (e.g., who can access them? Can they be changed?)
Answer Question
| November 3, 2009 6:49 PM
AS/400 compliance, AS/400 security, Audit Journal, iSeries
How are iSeries audit logs protected (e.g., who can access them? Can they be changed?)
Answer Question
| November 3, 2009 6:49 PM
AS/400 compliance, AS/400 security, Audit Journal, iSeries
User profiles
How can a person without *ALLOBJ authority display ALL user profiles? Thanks
Answer Question
| November 3, 2009 12:15 PM
AS/400 security, AS/400 user profiles
How can a person without *ALLOBJ authority display ALL user profiles? Thanks
Answer Question
| November 3, 2009 12:15 PM
AS/400 security, AS/400 user profiles
Force user signoff after a time limt (AS/400)
Is there some way to force users to signoff (endjob) after a specified time limit has expired. For example if I have been signed on for more than 8 hours this interactive job should end.
Answer Question
| May 10, 2010 2:07 AM
AS/400 security
Is there some way to force users to signoff (endjob) after a specified time limit has expired. For example if I have been signed on for more than 8 hours this interactive job should end.
Answer Question
| May 10, 2010 2:07 AM
AS/400 security
QSECOFR password
Hi, i forgot my qsecofr password.any possiable way to know that password..please help me.. Thanks in advance, Regards, baskar
Answer Question
| November 3, 2009 11:46 AM
AS/400 Password Recovery, AS/400 security, QSECOFR
Hi, i forgot my qsecofr password.any possiable way to know that password..please help me.. Thanks in advance, Regards, baskar
Answer Question
| November 3, 2009 11:46 AM
AS/400 Password Recovery, AS/400 security, QSECOFR
iSeries Object Authority vs. Menu Security
Hello, I am new to iSeries and OS/400. Here is my question: Let’s say in a level 30 security environment, user access is controlled through a menu, which does not alow them to access any sensitive objects. But a number of sensitive objects have been assigned *ALL authority for *PUBLIC. Can these users somehow still [...]
Answer Question
| November 4, 2009 6:25 PM
AS/400 security, iSeries security, OS/400 and iSeries
Hello, I am new to iSeries and OS/400. Here is my question: Let’s say in a level 30 security environment, user access is controlled through a menu, which does not alow them to access any sensitive objects. But a number of sensitive objects have been assigned *ALL authority for *PUBLIC. Can these users somehow still [...]
Answer Question
| November 4, 2009 6:25 PM
AS/400 security, iSeries security, OS/400 and iSeries
IFS Security
How do I secure my IFS on the AS400?
Answer Question
| April 30, 2008 8:26 PM
AS/400 security, IFS, Integrated File System (IFS)
How do I secure my IFS on the AS400?
Answer Question
| April 30, 2008 8:26 PM
AS/400 security, IFS, Integrated File System (IFS)
How Do I Move From AS400 Security Level 30 To 40?
I have reviewed system values for QAUDLVL and found the we have the appropriate values running. I have reviewed the journals that contain over 3 months of information and determined that we have no AF or J entries. Is this all I need to verify before I recommend that we move to level 40? I [...]
Answer Question
| April 25, 2008 3:43 PM
AS/400 security, QAUDLVL, Security
I have reviewed system values for QAUDLVL and found the we have the appropriate values running. I have reviewed the journals that contain over 3 months of information and determined that we have no AF or J entries. Is this all I need to verify before I recommend that we move to level 40? I [...]
Answer Question
| April 25, 2008 3:43 PM
AS/400 security, QAUDLVL, Security
User Signed on Notification
Hi. If a user profile already has a CL in the initial program to call parameter and that CL can’t be modified to add a sndbrkmsg, is there another way to have a message sent to the admin that a specific user has just signed on to the iseries?
Answer Question
| April 19, 2010 8:30 PM
AS/400, AS/400 security, CL, iSeries, SNDBRKMSG
Hi. If a user profile already has a CL in the initial program to call parameter and that CL can’t be modified to add a sndbrkmsg, is there another way to have a message sent to the admin that a specific user has just signed on to the iseries?
Answer Question
| April 19, 2010 8:30 PM
AS/400, AS/400 security, CL, iSeries, SNDBRKMSG
how to prevent users from pc to use odbc
Hello, how can we stop a user say from a windows to use odbc to connect to the as400 server. I am looking more for setting up a block on the as400 machine rather than on the pc itself. thanks
Answer Question
| November 4, 2009 3:37 AM
AS/400 security, ODBC
Hello, how can we stop a user say from a windows to use odbc to connect to the as400 server. I am looking more for setting up a block on the as400 machine rather than on the pc itself. thanks
Answer Question
| November 4, 2009 3:37 AM
AS/400 security, ODBC
