How to restrict required libraries and through error message when tried to access. in as/400

AS/400 administration
AS/400 Security Data
Remove production libraries from system value QUSRLIBL.  Having these libraries in the library list when a user signs on it effect gives them authority to the libraries.  Ssecurity enhancements have to be implemented to users who do not have specific authority to these libraries and should experience errors when trying to sign on

Answer Wiki

Thanks. We'll let you know when a new response is added.

Having libraries in a library list does nothing that “gives them authority”. If a user <i>doesn’t have authority</i> to a library in QUSRLIBL and QUSRLIBL is assigned as that user’s library list, then the user will not be able to signon. An authority failure will stop the logon. The user must already have authority to the library in order to signon when the library is part of the user’s library list.

However, <i>if the user has authority</i> to the library, then the authority will be available whether the library is in the library list or not. The only difference is that the library can’t be accessed through the library list. It can still be accessed by name.

Regardless, “production” libraries should not be listed in QUSRLIBL. There is no reason to make libraries automatically available when the libraries contain objects that don’t need to be advertised.

Further, the libraries should have PUBLIC *EXCLUDE which should make them unusable in QUSRLIBL.

But, what as Philpl1jb asked, what is the question?


Discuss This Question: 3  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • philpl1jb
    Is there a question here?
    54,090 pointsBadges:
  • philpl1jb
    I think the key point here is that security on the AS/400 includes OBJECT authority restrictions. You can restrict a user or group of users from libraries or from specific files or restrict how they can use these or anyother objects. Phil
    54,090 pointsBadges:
  • Teandy
    Are you asking how to restrict users form certain libraries? If so, this can be done through a variety of means. Object authority, group profiles and authorization list are just a few that come to mind.
    5,860 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: