I don't want to give *SECADM to help-desk people to create regular users, I want to use authority adoption instead of giving. them *SECADM authority. Via a menu & program I know I can do it. Right now, they are using Ops Nav. to create those users (with *SECADM in their profiles).
Do I have to return to green screen to implement this or can I somehow still have the creation of users by help desk people through Ops Nav. (but without *SECADM special auth.) but behind the scene I am adopting the authority of a user with *SECADM?
Yes, unfortunately you have to return to green screen to be able to give users the ability to perform some function without actually giving them that authority. Adopted authority doesn't work through Ops Nav and neither does customization of commands. For example, some people front-end OS/400's CRTUSRPRF command with their own version that allows operators to only specify a few parameters. Then they put that customized CRTUSRPRF on a customized menu for operators.
Keep asking IBM for this function to be added to Operations Navigator. They have heard the request before. They just need to hear it enough to keep it in their plans and get it implemented. Let your opinions be known!
Corrected answer: I have been reminded of something by my friend, Pat Botz, from IBM. While you still cannot customize OpsNav itself, you do NOT need to return to the green screen to run a customized command. I had forgotten that if you are running Client Access Express VR1 and you are connected through OpsNav to a V5R1 iSeries, you can use the command prompter in OpsNav to run your customized command. One way to access the command prompter in OpsNav is to right-click on the system you're connecting to, choose Run Command, type in the name of the command and either run the command or hit Prompt for help in filling out the parameters (similar to typing in the command on a command line and hitting F4.)
MORE INFORMATION ON THIS TOPIC
The Best Web Links: tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Dig Deeper on iSeries system and application security
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ... Continue Reading
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ... Continue Reading
The UPPWEI field corresponds to the password expiration interval field, and its values "0" and "-1" represent the *SYSVAL and *NOXMAX commands. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.