Problem solve Get help with specific problems with your technologies, process and projects.

Implementing a security model on your system

I am new to the AS/400. I would like to remove the *ALLOBJ to some users, but these users need to access some files/objects. What is the best way for me to handle this? Should I create a program so the users can access the objects they need? How would I write such a program?

If you want to limit access to system objects, you have to limit the use of *ALLOBJ special authority. It sounds like what you eventually want to do is implement a security model for your system. There are many different ways to approach this.

I have spent the past six months working on implementing a security model for our production AS/400. We decided to use a combination of adopted authority and authorization lists. However, what you decide to use may be completely different. When it comes to security implementation on the AS/400 there isn't a "one size fits all" solution.

I recommend you take a look at the following resources before doing anything:

1. Tips and Tools for Securing your AS/400 - SC41-5300-04
This is an IBM AS/400 manual that comes with every system. Here is an online version.

2. There is also a wonderful book called "Implementing AS/400 Security" by Carol Woodbury and Wayne Madden.
This book is available through NEWS/400 Books a division of Duke Communications.

What you want to do is very important, especially if you are using your system to support production applications. Do some research up front, decide what method(s) you want to use and then go for it. Good luck!

Dig Deeper on iSeries CL programming

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.