I am new to the AS/400. I would like to remove the *ALLOBJ to some users, but these users need to access some files/objects. What is the best way for me to handle this? Should I create a program so the users can access the objects they need? How would I write such a program?
If you want to limit access to system objects, you have to limit the use of *ALLOBJ special authority. It sounds like what you eventually want to do is implement a security model for your system. There are many different ways to approach this.
I have spent the past six months working on implementing a security model for our production AS/400. We decided to use a combination of adopted authority and authorization lists. However, what you decide to use may be completely different. When it comes to security implementation on the AS/400 there isn't a "one size fits all" solution.
I recommend you take a look at the following resources before doing anything:
1. Tips and Tools for Securing your AS/400 - SC41-5300-04
This is an IBM AS/400 manual that comes with every system. Here is an online version.
2. There is also a wonderful book called "Implementing AS/400 Security" by Carol Woodbury and Wayne Madden.
This book is available through NEWS/400 Books a division of Duke Communications.
What you want to do is very important, especially if you are using your system to support production applications. Do some research up front, decide what method(s) you want to use and then go for it. Good luck!
Dig Deeper on iSeries CL programming
Related Q&A from Ken Graap
The BRMS Network feature allows a BRMS system to connect to other BRMS systems via a network, and enables a user to consolidate media such as backup ... Continue Reading
The only option to correct damage preventing file journaling is to use the RCLSTG command. Continue Reading
IBM's iSeries Backup and Recovery manual answers many questions related to system backup and disaster recovery. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.