Moving files to new libraries allows access to only groups or users that are authorized
If you have a file in AS/400 that needs to be replaced in a library, but get an error message indicating that a user cannot access a library, the best option is to create a new library and give access only to the group that needs access.
I prefer moving the file to another library. That way, it's easier to control who can see the results of running the queries. You can set the *PUBLIC authority of the library to *EXCLUDE and have the owner of the library be the group to which the user(s) belong. Then, I'd set the CRTAUT (Create authority) value for this library to *ALL. That will cause any file that gets created into the library to be set to *PUBLIC *ALL. Then, regardless of who is running the query, they will be able to delete and re-create the file. This method allows you to separate out who can use the results of the query. I like to create a query library for each role (or group) on the system – one for accounting, another on for HR, etc. That way, each role's information can only be viewed by other users in that role.
Dig Deeper on iSeries system and application security
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.
Meet all of our AS/400 experts
View all AS/400 questions and answers
Start the conversation
0 comments