If the user has *SPLCTL, you cannot prevent them from printing or viewing any spooled file. You should think of *SPLCTL as the "*ALLOBJ" of spooled files. Next, you need to look at the settings of the Display data (DSPDTA), Operator Control (OPRCTL) and the Authority to Check (AUTCHK) attributes of the outq. Chapter 6 of the iSeries Security Reference manual (available from the Information Center), as well as Chapter 9 in my book, Experts' Guide to OS/400 and i5/OS Security) provide charts explaining how these parameters work together as well as what happens if the user has *JOBCTL special authority.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Check out this Search400.com Featured Topic: Top ten security tips
Visit the ITKnowledge Exchange and get answers to your security questions fast.
Dig Deeper on Printing on iSeries
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ... Continue Reading
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ... Continue Reading
The UPPWEI field corresponds to the password expiration interval field, and its values "0" and "-1" represent the *SYSVAL and *NOXMAX commands. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.