When a user creates a new file in an IFS directory they become the owner of the file and therefore have all DATA rights, but the OBJECT authority assigned to the file is based on the authority of the directory it is placed in. Here are the rules:
1. The owner for the new object has the same object authorities that the owner of the parent directory has to the parent directory.
2. The primary group for the new object has the same object authorities that the primary group of the parent directory has to the parent directory.
3. *PUBLIC has the same object authorities to the new object that it has to the parent directory.
In your word processing example, the word processing program creates a temporary file when a file is created or opened for edit. When the user finally saves the document and exits, the PC program attempts to rename the most current temporary file to the original file name. If the user's objects didn't get sufficient private authority from the parent directory (which I suspect they aren't) then this operation can't be completed.
So, check to see who the OWNER of the parent directory is and what authority they have to it because this will be the authority assigned to any new object created in that directory.
If the OWNER of the directory is different than the user creating the object in the directory (which is probably the case) then the *PUBLIC authority setting comes into play.
The simplest fix to your problem may be to assign *PUBLIC authority like this:
Data --Object Authorities-- User Authority Exist Mgt Alter Ref *PUBLIC *RX X
Here is IBM's explanation of "mgt object authority":
The object authorities that the user has to the object. An "X" in the column indicates that the user has the specified object authority to the object named. The specific object authorities are:
Mgt Object management authority provides authority to specify security, to move or rename the object, and to add members if the object is a database file. Good Luck! Let me know if this solved your issue.
Related Q&A from Ken Graap
The BRMS Network feature allows a BRMS system to connect to other BRMS systems via a network, and enables a user to consolidate media such as backup ...continue reading
The only option to correct damage preventing file journaling is to use the RCLSTG command.continue reading
Find out if log files can be omitted during a save without causing problems in a full restore.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.